macapps.ufile.io Open in urlscan Pro
2606:4700:3036::ac43:9b51  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fufile.io%2F&domain=macapps.ufile.io&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=PsztYXxzY3pMdlhCTGdMUnMzYjM4THEzaEl3NlZRblpyenFDK2kxTmRyMEU5ZFV1MndOTHVSOUVBc2EwMlFtZGY0WVBJdHpYaXZUdmdQTXFYbFVPWDdWV013cUNLeXNYeFIzM1B5cXRFZmswRk5JMjM3aHdQdWFFamI2WTNTaE1LWEpoTUdaeDBtK2dwYTFtNVFEL3ByMi9sWnAwUXRBWmxJemNVYitaKzRoQU5mMGE1WmJoMnpyeStMT3N1MXQwdkdMSzFHU2gyNzBXM3BmZzFBRC9Ib3JsZnMyNFNhL1ZTaDNBWFBOTDZIc1UySVFzPXw&cppv=2

Request Chain 64

• https://oajs.openx.net/esp?url=https%3A%2F%2Fmacapps.ufile.io%2F5x11nkd9&rid=esp HTTP 302
• https://oajs.openx.net/esp?url=https%3A%2F%2Fmacapps.ufile.io%2F5x11nkd9&rid=esp&cc=1

Request Chain 83

• https://gum.criteo.com/sid/json?origin=publishertagids&domain=ufile.io&sn=ChromeSyncframe&so=0&topUrl=macapps.ufile.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=XnCSkXxreUlXTC8zNkNmU3dVVDh5alVVbng2TDBQSnZsYU9NSjQ4K3R5MEdxc2VIYlJhZ1JtVWZkMnhYczBkaVJSbVVSVEFOWUxRYllqaUlKY2pNcjEzWnBWSHFEUzMzeDFZaEl0VUhMMk1OVlhHOWZIYVUyQ3RQY1FLeXBpK0xWc3RyY1dHWUYxemM2WU0wZE9iN0gwelJvak96Um5GNDZFRGNSbFhJVUNCZEJid3JkaS9GdmZ6K3Q0V3hTZjlFblpWbU9udkIzSmtva093L25VQjBBTmRtbys0bVJsQ3o5V0FRUkllVHdCWGpYVjRuRlhQd3lpRjdxNU9jSTB4dFh0NTd6c2FJR0VrckdDb3VMUEN0RjVNY2lodz09fA&cppv=2

Request Chain 85

• https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX46rmbxCwCRiwCTIITaHmrOAouvw HTTP 301
• https://tpc.googlesyndication.com/simgad/14975070640828899377

Request Chain 86

• https://redirector.gvt1.com/videoplayback?id=694cbd2233cf6360&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1661751815&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=8073428D2627F31F0FE051CBCC21C9CE986CD262.88FA6AC04595DB9FB1F9D444B71F359E2BD7118B&key=ck2 HTTP 302
• https://r3---sn-quxapm-3c2l.gvt1.com/videoplayback?id=694cbd2233cf6360&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1661751815&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=440F1C6E870B912E2953CCF520762854AF2CD706.0286E51290D362E5582260C245A30C3ACDFF5129&key=cms1&cms_redirect=yes&mh=LR&mip=2607:5300:60:7867::12&mm=28&mn=sn-quxapm-3c2l&ms=nvh&mt=1661744185&mv=m&mvi=3&pl=32

Request Chain 90

• https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Yww16AAJ5UjwowBC HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yww16AAJ5UjwowBC&_test=Yww16AAJ5UjwowBC

Request Chain 92

• https://match.adsrvr.org/track/cmf/openx?oxid=b34c59a9-5902-73f6-f51a-e6a89b983911&gdpr=0 HTTP 302
• https://match.adsrvr.org/track/cmb/openx?oxid=b34c59a9-5902-73f6-f51a-e6a89b983911&gdpr=0 HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072971&val=e3d12b54-87bf-40de-80af-8c52931fb3ce&ttd_puid=b34c59a9-5902-73f6-f51a-e6a89b983911&gdpr=0&gdpr_consent=

Request Chain 94

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEODD133ZS2imnN2aZTsPrJM&google_cver=1

Request Chain 106

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnSN3C_mnhWxDDX43O0yZA&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnSN3C_mnhWxDDX43O0yZA&google_cver=1&C=1

Request Chain 107

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yww16VuML6xQFDt6xrlc0QAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMezfJDGvElWu2dmPqO-qt8&google_cver=1

Request Chain 108

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEJm2onqzOuDwFq8n86X46kw&google_cver=1

Request Chain 109

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4MDQ5MDc4MzI3OTM0ODQzNA%3D%3D

Request Chain 117

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEIFcJuR1lyJ2Ln54wUE3OtQ&google_cver=1&google_push=AehlK4Cr6z5alnW0c5F5CvRFF22bybjmiskER0hezIFB_DB-PrEos1lxuD8SwdoevZ9IpdXCPwdpF9aL1Hm0G8Ceg3rx0iIe7K2D&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Cr6z5alnW0c5F5CvRFF22bybjmiskER0hezIFB_DB-PrEos1lxuD8SwdoevZ9IpdXCPwdpF9aL1Hm0G8Ceg3rx0iIe7K2D%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIFcJuR1lyJ2Ln54wUE3OtQ&google_cver=1&google_push=AehlK4Cr6z5alnW0c5F5CvRFF22bybjmiskER0hezIFB_DB-PrEos1lxuD8SwdoevZ9IpdXCPwdpF9aL1Hm0G8Ceg3rx0iIe7K2D&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Cr6z5alnW0c5F5CvRFF22bybjmiskER0hezIFB_DB-PrEos1lxuD8SwdoevZ9IpdXCPwdpF9aL1Hm0G8Ceg3rx0iIe7K2D%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 118

• https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEA-gIhwUfXhemojo4GMPsng&google_cver=1&google_push=AehlK4CTDwAkihQgyqjkrCpcQjiKqB7m5pladOr-WROCU4mNuCQzh15KL_k7NSmnehecaQwqpKUSeh85yaCkh0IO-lnRuAtaVIvE HTTP 302
• https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEA-gIhwUfXhemojo4GMPsng&google_cver=1&google_push=AehlK4CTDwAkihQgyqjkrCpcQjiKqB7m5pladOr-WROCU4mNuCQzh15KL_k7NSmnehecaQwqpKUSeh85yaCkh0IO-lnRuAtaVIvE&prevuid=03030002_630c35e9585ab&knw= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CTDwAkihQgyqjkrCpcQjiKqB7m5pladOr-WROCU4mNuCQzh15KL_k7NSmnehecaQwqpKUSeh85yaCkh0IO-lnRuAtaVIvE&google_hm=MDMwMzAwMDJfNjMwYzM1ZTk1ODVhYg%3D%3D

Request Chain 119

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH8ziFgVWC1PfvIj_ZmZagU&google_cver=1&google_push=AehlK4DGqD2AcThLKubZgPp1jrMgWszhLAtRY2k4ZXzYh0TwGUsHcQtqU022kVq49AErGC5pjdhUulM_lKDOLDjIrfuzEh5L7j9Z HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH8ziFgVWC1PfvIj_ZmZagU&google_cver=1&google_push=AehlK4DGqD2AcThLKubZgPp1jrMgWszhLAtRY2k4ZXzYh0TwGUsHcQtqU022kVq49AErGC5pjdhUulM_lKDOLDjIrfuzEh5L7j9Z&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xsQWxpLFQ-WVsWzYPwpOuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4DGqD2AcThLKubZgPp1jrMgWszhLAtRY2k4ZXzYh0TwGUsHcQtqU022kVq49AErGC5pjdhUulM_lKDOLDjIrfuzEh5L7j9Z

Request Chain 120

• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEIDRLzRedGJGfo-Th40pjI&google_cver=1&google_push=AehlK4DJ4e1ozA3w_4q-RWxnn8lu2hY_O_H-Vo0j1LoUSbHcX4tRhpRRnv5fst2dB4a2hu98Q4MWSXvkHJAa-5PrIZoyqBzngVX9 HTTP 307
• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEIDRLzRedGJGfo-Th40pjI&google_cver=1&google_push=AehlK4DJ4e1ozA3w_4q-RWxnn8lu2hY_O_H-Vo0j1LoUSbHcX4tRhpRRnv5fst2dB4a2hu98Q4MWSXvkHJAa-5PrIZoyqBzngVX9&sovrn_retry=true HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4DJ4e1ozA3w_4q-RWxnn8lu2hY_O_H-Vo0j1LoUSbHcX4tRhpRRnv5fst2dB4a2hu98Q4MWSXvkHJAa-5PrIZoyqBzngVX9&google_hm=FOY_cGZHODx4AzQXR4CqGyI9

Request Chain 121

• https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEONCLcQQyiFee8mj4KxMvHQ&google_cver=1&google_push=AehlK4CppeKlKg5TasnW3456Byx_zJcBs0IHFbTdWgmM9mmpxLzPQyzsDJFl7rw8UmmQfgPvhFUeTJ3fRKjWEiUQO625oSfWyJVU HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=44658001&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4CppeKlKg5TasnW3456Byx_zJcBs0IHFbTdWgmM9mmpxLzPQyzsDJFl7rw8UmmQfgPvhFUeTJ3fRKjWEiUQO625oSfWyJVU

Request Chain 122

• https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEK0HeexvyeF_rSSJY8qLaLA&google_cver=1&google_push=AehlK4A3xWPR20wn9kXNvrh2T7JQoScMfwWf23zPu9JYXTFmaBqW3oOFWzBU7u7IKQZmAlVabVmsK8TEL9TAvMon0UOJJO-kdTk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZjZmNDQ5ODZhMmExNDRiODY4NDgyZWZhN2FmMjMxYWU=&google_push=AehlK4A3xWPR20wn9kXNvrh2T7JQoScMfwWf23zPu9JYXTFmaBqW3oOFWzBU7u7IKQZmAlVabVmsK8TEL9TAvMon0UOJJO-kdTk

Request Chain 123

• https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEECy-YscOzZk5Y-qYpqGmw4&google_cver=1&google_push=AehlK4ACsPWpsjJ4OgW0yw5QdkqX6mxEvSUaBxzTyL8n7vYbzW2_EBDdkjr43z3UPmuhaZiPd96ZhgY5EB6wCkKPj4DNHR5TjV4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4ACsPWpsjJ4OgW0yw5QdkqX6mxEvSUaBxzTyL8n7vYbzW2_EBDdkjr43z3UPmuhaZiPd96ZhgY5EB6wCkKPj4DNHR5TjV4&google_hm=NDU5MTg5MDE5MjM5NTU4MzI5Ng%3D%3D

Request Chain 146

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 5x11nkd9 Show response macapps.ufile.io/	82 KB 21 KB	731ms 677ms	Document text/html	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.24 Resource Hash b5899bcf90d62566b12177529100c6ee65db9593ddb4e9948845947d9df4064a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 74224881593eece6-YUL content-encoding br content-type text/html; charset=UTF-8 date Mon, 29 Aug 2022 03:43:35 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrawO%2FqhkYtVkxfnYz6zeapAuF486Hty3RkB%2BUL9LTgAHC5PYyipsTz2fl8NcSiWgG1yFhuJLoL6L5oUT%2BgAcFLMVuqHDLMXqoiTnZUP3vbQj9yyJTykzAphtuotRMu3k6cVIDbnuknQl3o8Z0M%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-powered-by PHP/7.2.24
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	83 KB 29 KB	94ms 40ms	Script text/javascript	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software sffe / Resource Hash e16552de44e7d43a96249d6c94b2749b41fe55b94e22a124cdccb98fc14208d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28641 x-xss-protection 0 server sffe etag "1317 / 401 of 1000 / last-modified: 1661551853" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 29 Aug 2022 03:43:35 GMT
GET H2	200	aaw.ufile.js Show response cdn.adapex.io/hb/	511 KB 143 KB	81ms 43ms	Script application/javascript	2606:4700:3030::6815:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adapex.io/hb/aaw.ufile.js Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 413990730017c272c4228dd1b7099583b244f49dcd5bd30f4730b9e6cb1902a4 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 50689 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 25 Aug 2022 12:45:01 GMT server cloudflare etag W/"63076ecd-7fafe" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W20574YFSXmWSvUB8gVhmDVyC2qkvVBcEXetg6DefitumOPhXx3m%2F%2F9M2l2ZZ9KyEpeFRQ1Kq5U3cdM%2B3k7I9rlhCwCL8FqGyfH%2BQK6xuBuSQOFdDxbSKNq5um30glhvzuo6HQX8FFbqPUiH"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 cf-ray 74224885dd6d4bd1-YUL expires Mon, 29 Aug 2022 12:46:22 GMT
GET H2	200	roboto-v20-latin-100.woff2 macapps.ufile.io/assets/fonts/	15 KB 16 KB	26ms 24ms	Font font/woff2	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/assets/fonts/roboto-v20-latin-100.woff2 Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12823d585605238121554aff8bb060a235dc36f37efd9fb1e7e6ea1a9622bc35 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://macapps.ufile.io/5x11nkd9 Origin https://macapps.ufile.io accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 897698 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15808 last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag "3dc0-5e27de0365600" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFtgtO3whhwCy%2B35Uwlstr74fS%2FtD%2FAM4fPCBfhOeNTeDn3sDlbfn5Zg02UxQjAI%2BpTnz498zjJD7VZ2B%2B3QRB0KbijCRI%2FEitdsGDPl3SYUIXxPg1XoJavnMtTlYhKQh%2BriL70Btpi9trbHWMA%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 vary Accept-Encoding cache-control max-age=2678400 accept-ranges bytes cf-ray 74224885ae5aece6-YUL
GET H3	200	29.jpeg macapps.ufile.io/assets/img/backgrounds/	52 KB 52 KB	26ms 26ms	Image image/jpeg	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://macapps.ufile.io/assets/img/backgrounds/29.jpeg Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 567938de9bfe20d836e8ac6f318ddac109e454f382199e5669e6626729ce9719 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/5x11nkd9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 19763 cf-polished status=not_needed strict-transport-security max-age=15552000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 52841 last-modified Thu, 22 Jul 2021 13:17:29 GMT server cloudflare x-frame-options SAMEORIGIN etag "ce69-5c7b61bdd0c40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pf%2Bn3nFigDX2hO9Dhyu%2F%2F6xb%2BCB7tUWdhX6uxtecAVBSUx7SvdclTVRNfeVDnCUzQKaE48SD1Xr8ED9E%2FnLqQfO%2Bcq5Aw6zclyDPOfubfeo1r9gEA1xF93mFMNi6xfcN1mkYhlCybOs%2Fya9wfl8%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2678400 accept-ranges bytes cf-ray 74224885ced87136-YUL cf-bgj imgq:100,h2pri
GET H2	403	yfgvjtum-743838.jpg cdn.uimg.io/1000x500/0/	0 0	415ms 374ms	Image application/xml	2606:4700:20::681a:db4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.uimg.io/1000x500/0/yfgvjtum-743838.jpg Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:db4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H3	200	spacer.png macapps.ufile.io/assets/img/	34 B 713 B	79ms 78ms	Image image/webp	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://macapps.ufile.io/assets/img/spacer.png Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/5x11nkd9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 380038 cf-polished origFmt=png, origSize=152 content-disposition inline; filename="spacer.webp" strict-transport-security max-age=15552000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 34 last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag "98-5e27de0365600" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBmxdWUJdwEf9uRjsTNRxoLLKKjv9pSRPsBS%2BswkG4zXhPG%2BU6VSLBBxKIjPlZgfCdsxOR0p%2Bx0BJSJAtNFgKcmVIoJlv9p8vfQamVeW4H3PciJpWudxHY5ZU1z8uk09MHY8memR7YH%2B6XhKBag%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=2678400 accept-ranges bytes cf-ray 74224885ced97136-YUL cf-bgj imgq:100,h2pri
GET H2	200	download.js Show response macapps.ufile.io/assets/js/	5 KB 2 KB	30ms 28ms	Script application/javascript	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/assets/js/download.js?v=1563114509 Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b1d26389f36c06c51de5c2e21ff754189bed8f2ab99191c264db8fd3912e9a7 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/5x11nkd9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 897698 cf-polished origSize=10696 vary Accept-Encoding last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"29c8-5e27de0365600-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgMhdb5T%2FrAKRXcaeXfvhgFBnAhu80Z8mU2goYovV%2FM9KRwjNGFX2o1RILVhkQpxf%2FMvkQgVJrDbrf36Ef8%2BOK%2FsraSYZ%2BYqs32ER3eoe7klTH%2FCJZrE6QJUN%2FQvBzyQShunRHfeyWuOt1babqc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=2678400 cf-ray 74224885ae5dece6-YUL cf-bgj minify
GET H2	200	bootstrap.css macapps.ufile.io/assets/css/	31 KB 6 KB	28ms 27ms	Stylesheet text/css	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/assets/css/bootstrap.css?v=1563114509 Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d45581f99961212923b84cdf880b7b6d1afcb01350ab8961a1271d7ba795053 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/5x11nkd9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 897698 cf-polished origSize=41042 vary Accept-Encoding last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"a052-5e27de0365600-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DI%2Bj9mB%2BzLgkLh7WAY2IYtzQ6kcs8ri9%2FPzcOSHifLIpN37YNvldGoJUKJ0PS%2Bb2lMJ9DWtWfylCk%2BAqzVFDo9eAT5mtSIrZwZE5ND8h4201B%2BMu2AYd2v2asUI8VQKe15JMdx%2BMvfj0m%2F4N4TA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=2678400 cf-ray 74224885ae5fece6-YUL cf-bgj minify
GET H2	200	theme.css macapps.ufile.io/assets/css/	86 KB 18 KB	30ms 29ms	Stylesheet text/css	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/assets/css/theme.css?v=1563114509 Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 009c3d2ca8bbde159cb3bf6cd1c65bff8205f49f7723d8cd6cca97c15386ba07 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/5x11nkd9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 897698 cf-polished origSize=114399 vary Accept-Encoding last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"1bedf-5e27de0365600-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YarVddsv0Ae0mye5CWk8HN1OgT0XAeNof6dvKBQLpx8zQLBlSR02nJjoNUY%2BtOnbiHqD8OwjhBMsJCb9IzPN2ggrbr%2FqfIR2vPHu5A%2BvX0NrLmYLftNFfiCm720NeuwDKQo%2BFVX%2BgZ4BVa6G1ew%3D"}],"group":"cf-nel","max_age":604800} content-type text/css alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=2678400 cf-ray 74224885ae60ece6-YUL cf-bgj minify
GET H2	200	utils.css macapps.ufile.io/assets/css/	60 KB 14 KB	34ms 33ms	Stylesheet text/css	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/assets/css/utils.css?v=1563114509 Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f6486ad0481a073337fbfa0c22d2fe27e73f99874ca68702eb5c42e78f81677 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/5x11nkd9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 897698 cf-polished origSize=76432 vary Accept-Encoding last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"12a90-5e27de0365600-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6xrMz9cZKc%2F8ZFxc3GAHxdt4yG9ZcTfh1xxeXk9gcEZXGisKhErG3A82meFQIBHQqxhFejjyJ1BTRZ%2FEEhsDOY0Alf%2FmsijdVedKWgklArqgYAgXu0PQRzvsp3TeitrXaDVEXsvCNdDaQR2xu0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=2678400 cf-ray 74224885ae61ece6-YUL cf-bgj minify
GET H3	200	logo-dark.svg macapps.ufile.io/assets/img/	2 KB 1 KB	49ms 49ms	Image image/svg+xml	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://macapps.ufile.io/assets/img/logo-dark.svg Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ccbcf6d22ea0b761807062453a2acd95a34bb9b2603b2650b605df1af2f2960 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/5x11nkd9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 897697 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"850-5e27de0365600" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2Bz18c89gJTnECrviZdS0GFGxRzdhIts1NR6RZDlK6OHlHJ42JhcQTJI%2BuueET%2F7Pp5Cf7HZNKdVMgBkIY1uJx7yuK1fTe7jf%2B12B1oPr832IrTeYt2wOLv5tbsjdJHGxPerhtuMk4ddwH1C%2FTg%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml vary Accept-Encoding cache-control max-age=2678400 cf-ray 742248864f9a7136-YUL
GET H3	200	jquery.js Show response macapps.ufile.io/assets/js/	87 KB 32 KB	28ms 27ms	Script application/javascript	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/assets/js/jquery.js Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/5x11nkd9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 897698 cf-polished origSize=89500 vary Accept-Encoding last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"15d9c-5e27de0365600-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmiVfsZjfO1bi979R7ckpi4lrDLELIXmdHQ%2F1ORSrA7blwx6vIvIqQGd2SzjozW%2FuAMutnl4M3ADpFEuHcgOfaWqyjPJEuC%2Fik%2B1OQrDGvqh5iyEKwGjGnfo%2BEhKkBgAklsvl4rNO5rpkFvkMvw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=2678400 cf-ray 742248864f9b7136-YUL cf-bgj minify
GET H3	200	utils.js Show response macapps.ufile.io/assets/js/	33 KB 12 KB	58ms 58ms	Script application/javascript	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/assets/js/utils.js?v=1563114509 Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f768f129c2c71cdd195bc42f800c081e5d9804df4df180f851497957822151 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/5x11nkd9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 897698 cf-polished origSize=47601 vary Accept-Encoding last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"b9f1-5e27de0365600-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CS3oZt%2BzRxqGuMkhgOAkX2L4xcKgRDUM1NcewZtWXuSo6uN5ST3WQJA0TRPCww6RrWqeYtW0N5Qm3q9E9QFwx%2BHEeKtSKV18h%2B11D8Gjm7zucT%2BVb%2F7hAAaeyZPTuZtMleVTBUiJjp0LSjJwxDg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=2678400 cf-ray 742248864fa17136-YUL cf-bgj minify
GET H3	200	global.js Show response macapps.ufile.io/assets/js/	22 KB 6 KB	25ms 24ms	Script application/javascript	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/assets/js/global.js?v=1563114509 Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1837eaba66df0af328d947577dfe741293f471dd8e640cef4c6938c89e61abbf Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/5x11nkd9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 897698 cf-polished origSize=36623 vary Accept-Encoding last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"8f0f-5e27de0365600-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhcz3Op2tElq8%2BpCaUA2NNiWnpinMAjteugO7pCPaUQBGKTdC917b3k1ueux0wjzW7FSikxmuux%2Fs%2F4LutJCZCgeoudT2K3nLXl7OCJAUEL4tMT0ZDd7eANNtnFt%2B%2BbeAkwxfwxZCaZbHaufy8U%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=2678400 cf-ray 742248864fa57136-YUL cf-bgj minify
GET H3	200	ab.js Show response macapps.ufile.io/assets/js/	3 KB 2 KB	23ms 22ms	Script application/javascript	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/assets/js/ab.js Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fc795b42e6ad7232caa5faba5cb169a76cffbfe54c147346af1d923fcd3ca9c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/5x11nkd9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 897698 vary Accept-Encoding last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"a13-5e27de0365600-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PV2330z4loomnz%2F%2FByql7GDsVbA%2FJx%2FKcjzTiwA%2B6HKcMRX5xGmz5yFP2dvCqaxmsNyZwI%2FQfjgCeJyga5RCH31%2BludWZ8XBQsK%2Fcv%2FgGqurP09I14kCL6QCB5olfoKnvxFbhAB2xrchWIZsOv4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=2678400 cf-ray 742248864fa67136-YUL cf-bgj minify
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/	14 KB 5 KB	79ms 50ms	Script text/javascript	2606:4700:440e::ac40:9c1a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding gzip last-modified Thu, 09 Dec 2021 19:55:17 GMT server cloudflare etag W/2021.12.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 742248867851714b-YUL
GET H2	200	v652eace1692a40cfa3763df669d7439c1639079717194 Show response static.cloudflareinsights.com/beacon.min.js/	14 KB 5 KB	95ms 66ms	Script text/javascript	2606:4700:440e::ac40:9c1a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Request headers Referer https://macapps.ufile.io/ Origin https://macapps.ufile.io accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding gzip last-modified Thu, 09 Dec 2021 19:55:17 GMT server cloudflare etag W/2021.12.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 74224886781eca57-YUL
GET H3	200	pubads_impl_2022082202.js Show response securepubads.g.doubleclick.net/gpt/	384 KB 131 KB	61ms 20ms	Script text/javascript	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software sffe / Resource Hash 07572f31a00b1843fc6d9a1eb3155eaf2a46089213d6740f302cf34f83738040 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 06:13:17 GMT content-encoding gzip x-content-type-options nosniff age 163818 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133587 x-xss-protection 0 last-modified Tue, 23 Aug 2022 21:21:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sun, 27 Aug 2023 06:13:17 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	177 B 144 B	76ms 34ms	XHR application/json	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=macapps.ufile.io Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software cafe / Resource Hash 25411f54ad399aa5e93be9d037a8be83f5a5c20daa2efcfba769ce825d9a68b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Mon, 29 Aug 2022 03:43:35 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 119 x-xss-protection 0 expires Mon, 29 Aug 2022 03:43:35 GMT
POST H/1.1	200 OK	/ Show response cat.hbwrapper.com/	15 B 261 B	65ms 18ms	XHR text/html	192.241.157.60 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://cat.hbwrapper.com/ Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.ufile.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS capture.analytics.hbwrapper Software Apache / Resource Hash a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288 Request headers Referer https://macapps.ufile.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://macapps.ufile.io Date Mon, 29 Aug 2022 03:43:35 GMT Access-Control-Allow-Credentials true Server Apache Connection close Content-Length 15 Content-Type text/html; charset=UTF-8
GET H2	200	trace Show response cloudflare.com/cdn-cgi/	307 B 449 B	43ms 16ms	XHR text/plain	2606:4700::6810:85e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cloudflare.com/cdn-cgi/trace Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.ufile.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d04291e2f73579fb3385792b80542c36e7486d1cc86d4d7f8eb63ad61807b11 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://macapps.ufile.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY content-type text/plain access-control-allow-origin * cache-control no-cache cf-ray 74224886bf65ca53-YUL expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	tag.js Show response a.teads.tv/analytics/	19 KB 5 KB	113ms 19ms	Script text/javascript	173.223.57.118 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://a.teads.tv/analytics/tag.js Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.ufile.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.223.57.118 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-223-57-118.deploy.static.akamaitechnologies.com Software / Resource Hash f70a708909ea0e41d9ff70cc101e8ca4a5391ffb134ce3a98b0f5e42d7cb72b4 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-amz-server-side-encryption AES256 x-amz-version-id MY2axGObrvZwSiP12Z8xf0lYd1yv3MC2 content-encoding br last-modified Mon, 22 Aug 2022 09:28:26 GMT x-amz-request-id GP3DGGNSBKD71PC4 etag "b86fb801339e9f7d8ee05180f9a8320b" vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control private, max-age=3600 date Mon, 29 Aug 2022 03:43:35 GMT accept-ranges bytes content-length 4822 x-amz-id-2 lJgR9fP1s4FjFHVA5KKJRZAS99Z7ElfSqT4ucmMgLKSbnMNu4Sg8lGp3Km3KlElfhQmNT5/eoCk=
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	66ms 19ms	Script text/javascript	2607:f8b0:4006:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::200e Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 2474 date Mon, 29 Aug 2022 03:02:21 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 29 Aug 2022 05:02:21 GMT
GET H3	200	invisible.js Show response macapps.ufile.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 3AD5	37 KB 13 KB	18ms 17ms	Script application/javascript	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661731200 Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82c81c44721ada1797c9d24b8e93c5f8f09976098c31e40649e387421992f355 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding br x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVaGKOdFIbAv6ECttzCnWCPO5uNjAi2%2BmtARj5nw15gOv8i9rKXweFs5qAYOdeCEtoMUCL0fnz%2FuPfMUiouJz84FCrWCwqd3NCWPAV0TRBMUkohPV%2BDCodflJjRLAS8gCUbgtfiUH0ySQ3cIqPw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 7422488739117136-YUL vary accept-encoding
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	91ms 34ms	Script application/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=macapps.ufile.io Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Mon, 29 Aug 2022 03:43:35 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	174 KB 44 KB	409ms 409ms	XHR text/plain	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=317892420344778&correlator=1081521541812473&eid=31069189%2C44755509&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fif&iu_parts=22247219933%2Cufile_Vignette&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=812195063&sfv=1-0-38&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1661744615593&lmt=1661744615&dlt=1661744615291&idt=272&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmacapps.ufile.io%2F5x11nkd9&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=358390849.1661744616&ga_sid=1661744616&ga_hid=1839046988&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software cafe / Resource Hash 0e0f7d1bdfd3cdd31156d7ebadbbaf495061853cb4674c3e5e7b03b9a8329687 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45316 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://macapps.ufile.io cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D975	6 KB 4 KB	121ms 35ms	Document text/html	2607:f8b0:4006:822::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://macapps.ufile.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 29 Aug 2022 03:43:35 GMT expires Tue, 29 Aug 2023 03:43:35 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_page_level_ads_2022082202.js Show response securepubads.g.doubleclick.net/gpt/	36 KB 13 KB	21ms 20ms	Script text/javascript	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022082202.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software sffe / Resource Hash cd8f9294dc8264f23edbbf9fc14f376fa0d32a163ed3b494626c53ee8e98b7f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 23 Aug 2022 22:42:10 GMT content-encoding gzip x-content-type-options nosniff age 450085 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13577 x-xss-protection 0 last-modified Tue, 23 Aug 2022 21:21:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 23 Aug 2023 22:42:10 GMT
GET H3	200	fa-solid-900.woff2 macapps.ufile.io/assets/fonts/	74 KB 74 KB	39ms 39ms	Font font/woff2	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/assets/fonts/fa-solid-900.woff2 Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/assets/css/utils.css?v=1563114509 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://macapps.ufile.io/assets/css/utils.css?v=1563114509 Origin https://macapps.ufile.io accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 286976 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 75440 last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag "126b0-5e27de0365600" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IP1aTYUKp%2F7Cq8Erm8%2FSx9cBUNbDL%2Fm8W%2BFTHH6k%2F5HB%2FSSXC28WB6X1M2EJH58%2FkE5SoqnrhrxYlJ4IzYPPpggQO8YHipTjMX%2BUuiyVdV20EwEURGRsjEYZgy8Y8NJFTdbIIiB4H570o%2Fyb8go%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 vary Accept-Encoding cache-control max-age=2678400 accept-ranges bytes cf-ray 74224887999c7136-YUL
OPTIONS H2	200	bidRequest c2shb.pubgw.yahoo.com/ Frame	0 0	134ms 24ms	Preflight	34.236.83.94 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://c2shb.pubgw.yahoo.com/bidRequest Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-236-83-94.compute-1.amazonaws.com Software ATS/9.1.10.25 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-openrtb-version Access-Control-Request-Method POST Origin https://macapps.ufile.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Requested-With,Content-Type,X-Openrtb-Version access-control-allow-methods GET,POST,OPTIONS access-control-allow-origin https://macapps.ufile.io access-control-max-age 600 age 0 content-length 0 date Mon, 29 Aug 2022 03:43:35 GMT server ATS/9.1.10.25
OPTIONS H2	200	bidRequest c2shb.pubgw.yahoo.com/ Frame	0 0	134ms 25ms	Preflight	34.236.83.94 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://c2shb.pubgw.yahoo.com/bidRequest Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-236-83-94.compute-1.amazonaws.com Software ATS/9.1.10.25 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-openrtb-version Access-Control-Request-Method POST Origin https://macapps.ufile.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Requested-With,Content-Type,X-Openrtb-Version access-control-allow-methods GET,POST,OPTIONS access-control-allow-origin https://macapps.ufile.io access-control-max-age 600 age 0 content-length 0 date Mon, 29 Aug 2022 03:43:35 GMT server ATS/9.1.10.25
POST H/1.1	200 OK	auction Show response prebid.adnxs.com/pbs/v1/openrtb2/	371 B 727 B	230ms 167ms	XHR application/json	68.67.153.61 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://prebid.adnxs.com/pbs/v1/openrtb2/auction Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.ufile.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS prebid.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash bd9952cecc8284abd67696d5469c0f2b7b1b00cc687e3ff87ecf779835df0d2d Request headers Referer https://macapps.ufile.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 29 Aug 2022 03:43:35 GMT Content-Encoding gzip Server nginx/1.21.3 X-Prebid pbs-go/0.223.0 Vary Accept-Encoding, Origin Content-Type application/json Access-Control-Allow-Origin https://macapps.ufile.io Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Transfer-Encoding chunked Expires 0
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 116 B	160ms 103ms	XHR text/plain	104.36.115.111 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.ufile.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://macapps.ufile.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://macapps.ufile.io date Mon, 29 Aug 2022 03:43:35 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H2	204	mvo Show response tag.1rx.io/rmp/247939/0/	0 164 B	92ms 28ms	XHR text/plain	67.226.210.221 RHYTHMONE
General Check archive.org Show headers Download Go to Full URL https://tag.1rx.io/rmp/247939/0/mvo?z=1r&hbv=7.9,2.1 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.ufile.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.226.210.221 , United States, ASN26120 (RHYTHMONE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://macapps.ufile.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://macapps.ufile.io pragma no-cache date Mon, 29 Aug 2022 03:43:35 GMT cache-control private, max-age=0, no-cache, no-store access-control-allow-credentials true
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 712 B	63ms 19ms	XHR application/json	68.67.160.76 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.ufile.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://macapps.ufile.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 29 Aug 2022 03:43:35 GMT X-Proxy-Origin 149.56.153.181; 149.56.153.181; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com AN-X-Request-Uuid 32ce231c-4d91-40ab-8ba0-d8e08123a3a1 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://macapps.ufile.io Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	hbjson Show response grid.bidswitch.net/	23 B 366 B	196ms 104ms	XHR application/json	35.211.165.199 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://grid.bidswitch.net/hbjson Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.ufile.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.211.165.199 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 199.165.211.35.bc.googleusercontent.com Software nginx / Resource Hash 49e317f6c4284d898c7a443486a24c13b69f4586986a6e7e6cc46b8bab0615cf Request headers Referer https://macapps.ufile.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers Date Mon, 29 Aug 2022 03:43:35 GMT Content-Encoding gzip Server nginx Content-Type application/json access-control-allow-origin https://macapps.ufile.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true Connection keep-alive Content-Length 48
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 539 B	104ms 30ms	XHR application/json	3.208.117.239 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=7.9.0&referrer=https%3A%2F%2Fufile.io%2F5x11nkd9&tmax=2000 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.ufile.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.208.117.239 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-208-117-239.compute-1.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://macapps.ufile.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:35 GMT accept-ch sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch x-auction-status 12, 12 content-type application/json; charset=utf-8 access-control-allow-origin https://macapps.ufile.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 19 x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	410 B 1 KB	345ms 124ms	XHR application/json	2602:803:c002:200::62 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=413182&zone_id=2323466&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!adapex.io,s1650,1,,,&eid_pubcid.org=84fb7b90-1dd8-48f4-b2d4-742aed4a5bc3%5E1&rf=https%3A%2F%2Fufile.io%2F5x11nkd9&kw=uploadfiles%2Cfilehosting%2Cfilesharing%2Csendfiles&tg_i.page=https%3A%2F%2Fufile.io%2F5x11nkd9&tg_i.domain=ufile.io&tg_i.pbadslot=%2F22247219933%2Fufile_970x250_top&tg_i.gpid=%2F22247219933%2Fufile_970x250_top&tk_flint=pbjs_lite_v7.9.0&x_source.tid=85c0f4e2-77c8-4b56-bd1d-701df26c6e42&l_pb_bid_id=505db8bba81ff62&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.46487905332271806 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.ufile.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 519fcf296ab3f613e79adbf28aca3f9e0d667aaa711bc77b4c40f10c94023781 Request headers Referer https://macapps.ufile.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 29 Aug 2022 03:43:36 GMT Server nginx/1.21.4 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://macapps.ufile.io Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 410 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	414 B 1 KB	336ms 115ms	XHR application/json	2602:803:c002:200::62 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=413182&zone_id=2323468&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!adapex.io,s1650,1,,,&eid_pubcid.org=84fb7b90-1dd8-48f4-b2d4-742aed4a5bc3%5E1&rf=https%3A%2F%2Fufile.io%2F5x11nkd9&kw=uploadfiles%2Cfilehosting%2Cfilesharing%2Csendfiles&tg_i.page=https%3A%2F%2Fufile.io%2F5x11nkd9&tg_i.domain=ufile.io&tg_i.pbadslot=%2F22247219933%2Fufile_970x250_mid_1&tg_i.gpid=%2F22247219933%2Fufile_970x250_mid_1&tk_flint=pbjs_lite_v7.9.0&x_source.tid=ffba3902-88c1-4841-8acc-13ca4c2e444a&l_pb_bid_id=51172b7fb54d9c8&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.1858324432531986 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.ufile.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 337ed302436b18b41d6ab06b7835777346f63b22c8d0b7c8fe259f8c32494249 Request headers Referer https://macapps.ufile.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 29 Aug 2022 03:43:36 GMT Server nginx/1.21.4 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://macapps.ufile.io Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 414 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	200	bidRequest Show response c2shb.pubgw.yahoo.com/	66 B 265 B	177ms 126ms	XHR application/json	34.236.83.94 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://c2shb.pubgw.yahoo.com/bidRequest Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.ufile.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-236-83-94.compute-1.amazonaws.com Software ATS/9.1.10.25 / Resource Hash f36fb247290f82fe7dd726b1f95124f14eb7bef64d6df491f585d0e19389fc6b Request headers Referer https://macapps.ufile.io/ x-openrtb-version 2.5 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/json Response headers date Mon, 29 Aug 2022 03:43:35 GMT server ATS/9.1.10.25 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://macapps.ufile.io access-control-allow-credentials true content-length 66
POST H2	200	bidRequest Show response c2shb.pubgw.yahoo.com/	66 B 466 B	165ms 114ms	XHR application/json	34.236.83.94 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://c2shb.pubgw.yahoo.com/bidRequest Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.ufile.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-236-83-94.compute-1.amazonaws.com Software ATS/9.1.10.25 / Resource Hash 8d5fd56dde55f2cbde7c5198e4e6fbb54ef0c5124e19d0fe4892d34d0c8d508c Request headers Referer https://macapps.ufile.io/ x-openrtb-version 2.5 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/json Response headers date Mon, 29 Aug 2022 03:43:35 GMT server ATS/9.1.10.25 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://macapps.ufile.io access-control-allow-credentials true content-length 66
POST H2	200	prebid Show response prebid.media.net/rtb/	338 B 455 B	69ms 39ms	XHR application/json	34.107.148.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid?cid=8CUQWX43D Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.ufile.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 139.148.107.34.bc.googleusercontent.com Software nginx / Resource Hash bbde580c36f9c04feac8bff4fc0dfc57730a530d4f5d8dacd20da57ca31cab62 Request headers Referer https://macapps.ufile.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:35 GMT content-encoding gzip server nginx content-type application/json;charset=UTF-8 access-control-allow-origin https://macapps.ufile.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc clear via 1.1 google
GET H/1.1	200 OK	fpc Show response at.teads.tv/	56 B 396 B	157ms 31ms	XHR text/plain	104.77.9.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=4f65ebf& Requested by Host: a.teads.tv URL: https://a.teads.tv/analytics/tag.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.77.9.133 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-77-9-133.deploy.static.akamaitechnologies.com Software / Resource Hash 3c69dcecc96eed61b64edc798e5a290fd42b601eb6b22d54b35c312f3dae2a77 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Date Mon, 29 Aug 2022 03:43:35 GMT Content-Type text/plain; charset=UTF-8 Access-Control-Allow-Origin https://macapps.ufile.io Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 56 Expires Mon, 29 Aug 2022 03:43:35 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	74ms 32ms	XHR text/plain	2607:f8b0:4006:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1839046988&t=pageview&_s=1&dl=https%3A%2F%2Fmacapps.ufile.io%2F5x11nkd9&ul=en-us&de=UTF-8&dt=Cmacked%20Downloads%20-%20n-Track%20Studio%20Suite%209.1.5.4730%20%5BHCiSO%5D.dmg%20-%20ufile.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=656963010&gjid=40836329&cid=358390849.1661744616&tid=UA-73416834-1&_gid=1600437570.1661744616&_r=1&_slc=1&z=1895256775 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::200e Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://macapps.ufile.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:35 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://macapps.ufile.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pica.js macapps.ufile.io/cdn-cgi/challenge-platform/h/b/scripts/ Frame 3AD5	21 KB 8 KB	20ms 19ms	Other application/javascript	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/cdn-cgi/challenge-platform/h/b/scripts/pica.js Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f87ba5fcd2e9a51eda62b3128a63cd7c5a4eaea84506063f25edff499a474d3d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding br x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laQD187NdbrbLURKZlpSLz8HmgTsNDZmoGCeAEsE5FMbj6JljlU2UUPWZuZIZLihV8l8oxKlFmXMafllBveupwzCBnk%2FKJzPcMjXp6F9bMUd%2BP8qZLD%2FU%2F4rurSdxmXEzumQ%2FTWnJnLNAcE1wrc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 742248885aa57136-YUL vary accept-encoding
POST H3	200	/ Show response macapps.ufile.io/ajax/analytics/	0 741 B	386ms 385ms	XHR text/html	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/ajax/analytics/ Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/assets/js/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.24 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://macapps.ufile.io/5x11nkd9 X-Requested-With XMLHttpRequest accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Mon, 29 Aug 2022 03:43:36 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.24 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma no-cache server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XYfiML1WPeTEpuNJCcs2WRjqdTVzbOWmHbN8H55nuxcIkDbs%2BKCkoroL3mCSGDAJfKg1G5Vlqs3JOCtNMRtQZ7q9cprx2dVDxLJtGCDnuIJqlj053odhS2RMqf5Ip6hqfcu%2FevZzDAex6MuayA%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate cf-ray 742248887acf7136-YUL expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	94ms 43ms	XHR application/json	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082202&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c103a9b3df7d964d6b83e1678036aeb746c395f779f69108c5a7ad2a2a8a00f9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Mon, 29 Aug 2022 03:43:35 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11107 x-xss-protection 0
OPTIONS H2	200	rum cloudflareinsights.com/cdn-cgi/ Frame	0 0	26ms 12ms	Preflight text/plain	2606:4700:440e::ac40:9c1a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cloudflareinsights.com/cdn-cgi/rum Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://macapps.ufile.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type access-control-allow-methods POST,OPTIONS access-control-allow-origin https://macapps.ufile.io access-control-max-age 86400 cf-ray 742248888a33ca57-YUL content-encoding gzip content-type text/plain date Mon, 29 Aug 2022 03:43:35 GMT server cloudflare vary Origin x-content-type-options nosniff x-frame-options DENY
POST H2	200	rum Show response cloudflareinsights.com/cdn-cgi/	0 77 B	16ms 15ms	XHR text/plain	2606:4700:440e::ac40:9c1a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cloudflareinsights.com/cdn-cgi/rum Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://macapps.ufile.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 content-type application/json Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://macapps.ufile.io access-control-max-age 86400 access-control-allow-credentials true cf-ray 74224888aa43ca57-YUL vary Origin
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 439 B	84ms 32ms	XHR text/plain	2607:f8b0:4004:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-73416834-1&cid=358390849.1661744616&jid=656963010&gjid=40836329&_gid=1600437570.1661744616&_u=IAhAAEAAAAAAAC~&z=572417294 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://macapps.ufile.io/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 29 Aug 2022 03:43:35 GMT content-type text/plain access-control-allow-origin https://macapps.ufile.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	115ms 58ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:35 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 29 Aug 2022 03:43:35 GMT
POST H3	200	74224881593eece6 Show response macapps.ufile.io/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 3AD5	2 B 755 B	38ms 37ms	XHR text/plain	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://macapps.ufile.io/cdn-cgi/challenge-platform/h/b/cv/result/74224881593eece6 Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661731200 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/json Response headers date Mon, 29 Aug 2022 03:43:36 GMT content-encoding br x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjmC5wGud8HjitRjwMe93EqlXxIlaI7co0ctNgskUTbr9qmIyryrW%2BJPPIxQ5jRz0ZaFvPb6bCd8D0tRMCslOMFnYqgUVdgPJiVGXYMT27jV8TiDad7xaNau7FWK2APuxJ%2BRhmO%2B1NsPtm1MWZ0%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 7422488bcfb97136-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	esp.js Show response oa.openxcdn.net/	24 KB 8 KB	80ms 12ms	Script application/javascript	34.102.146.192 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://oa.openxcdn.net/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 192.146.102.34.bc.googleusercontent.com Software UploadServer / Resource Hash 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 06 Aug 2022 03:47:01 GMT content-encoding gzip age 1986995 x-guploader-uploadid ADPycduPwty4srVjCLv-APObPZSbMhsLirnZm4hq5qKXVJFyucPOw77bfUSdQpKezf4YyKzI32mMeIfAMaN6hqBeQJplog x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7927 last-modified Thu, 27 May 2021 18:30:51 GMT server UploadServer etag "df5542b88bc0e368c6999754a5b9e2ba" x-goog-hash crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug== x-goog-generation 1622140251693895 cache-control no-transform x-goog-stored-content-length 7927 accept-ranges bytes content-type application/javascript expires Sun, 06 Aug 2023 03:47:01 GMT
GET H2	200	pubcid.min.js Show response id.sharedid.org/lib/	732 B 904 B	264ms 76ms	Script application/javascript	34.209.30.241 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.sharedid.org/lib/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.209.30.241 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-209-30-241.us-west-2.compute.amazonaws.com Software / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:36 GMT cache-control public, max-age=86400 last-modified Sun, 28 Aug 2022 12:07:55 GMT accept-ranges bytes content-length 732 vary accept-encoding content-type application/javascript
GET H2	200	uid2-sdk-0.0.1b.js Show response prod.uidapi.com/static/js/	4 KB 5 KB	132ms 35ms	Script application/javascript	3.143.73.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.143.73.72 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-143-73-72.us-east-2.compute.amazonaws.com Software / Resource Hash 2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:36 GMT cache-control public, max-age=86400 last-modified Tue, 17 May 2022 17:30:07 GMT accept-ranges bytes content-length 4559 vary accept-encoding content-type application/javascript
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	39 KB 13 KB	81ms 32ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash afa1d5bcfbc58ede9d71fd9eb2c5b53c369f05f3255ea4a36398be35b52979b9 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:36 GMT content-encoding gzip last-modified Tue, 16 Aug 2022 07:20:46 GMT server nginx etag W/"62fb454e-9dbd" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 30 Aug 2022 03:43:36 GMT
GET H3	200	container.html Show response 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D8D	6 KB 3 KB	75ms 33ms	Document text/html	2607:f8b0:4006:822::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://macapps.ufile.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 29 Aug 2022 03:43:36 GMT expires Tue, 29 Aug 2023 03:43:36 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	73ms 24ms	Preflight application/json	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fufile.io%2F&domain=macapps.ufile.io&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://macapps.ufile.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://macapps.ufile.io cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Mon, 29 Aug 2022 03:43:35 GMT expires 0 pragma no-cache server-processing-duration-in-ticks 1514 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fufile.io%2F&domain=macapps.ufile.io&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=PsztYXxzY3pMdlhCTGdMUnMzYjM4THEzaEl3NlZRblpyenFDK2kxTmRyMEU5ZFV1MndOTHVSOUVBc2EwMlFtZGY0WVBJdHpYaXZUdmdQTXFYbFVPWDdWV013cUNLeXNYeFIzM1B5cXRFZmswRk5JMjM3aHdQdWFFamI2WT...	353 B 618 B	64ms 25ms	XHR application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=PsztYXxzY3pMdlhCTGdMUnMzYjM4THEzaEl3NlZRblpyenFDK2kxTmRyMEU5ZFV1MndOTHVSOUVBc2EwMlFtZGY0WVBJdHpYaXZUdmdQTXFYbFVPWDdWV013cUNLeXNYeFIzM1B5cXRFZmswRk5JMjM3aHdQdWFFamI2WTNTaE1LWEpoTUdaeDBtK2dwYTFtNVFEL3ByMi9sWnAwUXRBWmxJemNVYitaKzRoQU5mMGE1WmJoMnpyeStMT3N1MXQwdkdMSzFHU2gyNzBXM3BmZzFBRC9Ib3JsZnMyNFNhL1ZTaDNBWFBOTDZIc1UySVFzPXw&cppv=2 Protocol H2 Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash 4d70e1879ef77c5ca52f5f4558830761687749e7677549f5b1bf9a2e15851c8e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:36 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2861 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Mon, 29 Aug 2022 03:43:35 GMT location https://mug.criteo.com/sid?cpp=PsztYXxzY3pMdlhCTGdMUnMzYjM4THEzaEl3NlZRblpyenFDK2kxTmRyMEU5ZFV1MndOTHVSOUVBc2EwMlFtZGY0WVBJdHpYaXZUdmdQTXFYbFVPWDdWV013cUNLeXNYeFIzM1B5cXRFZmswRk5JMjM3aHdQdWFFamI2WTNTaE1LWEpoTUdaeDBtK2dwYTFtNVFEL3ByMi9sWnAwUXRBWmxJemNVYitaKzRoQU5mMGE1WmJoMnpyeStMT3N1MXQwdkdMSzFHU2gyNzBXM3BmZzFBRC9Ib3JsZnMyNFNhL1ZTaDNBWFBOTDZIc1UySVFzPXw&cppv=2 strict-transport-security max-age=31536000; preload; access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://macapps.ufile.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1358 content-length 482 expires 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	74ms 34ms	Script application/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=macapps.ufile.io Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Mon, 29 Aug 2022 03:43:36 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	50 KB 12 KB	802ms 801ms	XHR text/plain	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=317892420344778&correlator=1081521541812473&eid=31069189%2C44755509&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fif&iu_parts=22247219933%3A21797503078%2Cufile_970x250_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C728x250&ifi=2&adks=2426367938&sfv=1-0-38&fsapi=false&prev_scp=refresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D100%26wrap_l%3D900%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D7%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D200%26waae%3D600%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D0s&sc=1&cookie=ID%3Dfef86aa2ad08072d-223afe86ad7c00f6%3AT%3D1661744615%3AS%3DALNI_MaBijMr_IUiQwvHzS6YQ9CGYihAJg&gpic=UID%3D00000905a83b8d9d%3AT%3D1661744615%3ART%3D1661744615%3AS%3DALNI_MYOPPEaDhSL10cOh8Pp6EkMAgP-5Q&abxe=1&dt=1661744616327&lmt=1661744616&dlt=1661744615291&idt=272&adxs=230&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmacapps.ufile.io%2F5x11nkd9&frm=20&vis=1&psz=1140x90&msz=1140x0&fws=0&ohw=0&ga_vid=358390849.1661744616&ga_sid=1661744616&ga_hid=1839046988&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software cafe / Resource Hash c503f2f69e9f58a9807b7f6463d52b05776fb13ecddf24c686a1b0b419bbc64c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12072 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://macapps.ufile.io access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	18 KB 10 KB	490ms 490ms	XHR text/plain	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=317892420344778&correlator=1081521541812473&eid=31069189%2C44755509&output=ldjh&gdfp_req=1&vrg=2022082202&ptt=17&impl=fif&iu_parts=22247219933%3A21797503078%2Cufile_970x250_mid_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C728x250&ifi=3&adks=377883425&sfv=1-0-38&fsapi=false&prev_scp=refresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D100%26wrap_l%3D900%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D7%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D200%26waae%3D600%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D0s&sc=1&cookie=ID%3Dfef86aa2ad08072d-223afe86ad7c00f6%3AT%3D1661744615%3AS%3DALNI_MaBijMr_IUiQwvHzS6YQ9CGYihAJg&gpic=UID%3D00000905a83b8d9d%3AT%3D1661744615%3ART%3D1661744615%3AS%3DALNI_MYOPPEaDhSL10cOh8Pp6EkMAgP-5Q&abxe=1&dt=1661744616330&lmt=1661744616&dlt=1661744615291&idt=272&adxs=230&adys=736&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmacapps.ufile.io%2F5x11nkd9&frm=20&vis=1&psz=1140x90&msz=1140x0&fws=0&ohw=0&ga_vid=358390849.1661744616&ga_sid=1661744616&ga_hid=1839046988&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software cafe / Resource Hash a63da3fa2cdb14f41e071700925146479ae7acb2e75ffbea716d0c78b07ac122 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:36 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10002 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://macapps.ufile.io cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame DC37	13 KB 5 KB	65ms 21ms	Document text/html	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://macapps.ufile.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 72290 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 07:38:46 GMT expires Mon, 28 Aug 2023 07:38:46 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame D3EF	783 B 1 KB	89ms 41ms	Document text/html	2607:f8b0:4006:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9a2862441a420d8baa99e5742f3b80f4923d3cbf7eb5dd953366de13f7ecc6aa Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Ek7VBduK8x2M5zEUUm5gCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://macapps.ufile.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 515 content-security-policy script-src 'report-sample' 'nonce-Ek7VBduK8x2M5zEUUm5gCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 29 Aug 2022 03:43:36 GMT expires Mon, 29 Aug 2022 03:43:36 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	esp Show response oajs.openx.net/ Redirect Chain https://oajs.openx.net/esp?url=https%3A%2F%2Fmacapps.ufile.io%2F5x11nkd9&rid=esp https://oajs.openx.net/esp?url=https%3A%2F%2Fmacapps.ufile.io%2F5x11nkd9&rid=esp&cc=1	85 B 103 B	56ms 42ms	Fetch application/json	34.120.135.53 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://oajs.openx.net/esp?url=https%3A%2F%2Fmacapps.ufile.io%2F5x11nkd9&rid=esp&cc=1 Protocol H3 Server 34.120.135.53 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 53.135.120.34.bc.googleusercontent.com Software / Express Resource Hash a656be5fb0276cf03114ee84aab99be1f48d7273fb4db722493d7fcd436815da Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:36 GMT via 1.1 google etag W/"55-XdE0jR3DPFhuDGNwLOJ+vJhNOE4" x-powered-by Express vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://macapps.ufile.io access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85 Redirect headers date Mon, 29 Aug 2022 03:43:36 GMT via 1.1 google access-control-allow-origin https://macapps.ufile.io x-powered-by Express vary Origin location /esp?url=https%3A%2F%2Fmacapps.ufile.io%2F5x11nkd9&rid=esp&cc=1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	css2 fonts.googleapis.com/ Frame 3D8D	4 KB 1 KB	85ms 36ms	Stylesheet text/css	2607:f8b0:4006:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:806::200a Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 29 Aug 2022 03:40:14 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 29 Aug 2022 03:43:36 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 29 Aug 2022 03:43:36 GMT
GET H2	200	11ba241b9597ec96a8a9e01db4cce1e1.js Show response www.gstatic.com/mysidia/ Frame E281	10 KB 5 KB	67ms 19ms	Script text/javascript	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/11ba241b9597ec96a8a9e01db4cce1e1.js?tag=client_fast_engine_2019 Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 06:06:40 GMT content-encoding gzip x-content-type-options nosniff age 77816 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4562 x-xss-protection 0 last-modified Mon, 22 Aug 2022 19:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sat, 26 Nov 2022 06:06:40 GMT
GET H2	200	120dba6b59d2f966bd44cf141203e8a0.js Show response www.gstatic.com/mysidia/ Frame E281	150 KB 56 KB	84ms 36ms	Script text/javascript	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2 Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8d644294233adb479cce7d6390b93dc5ae6fe97f8cad88596d5208942aee6b3e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 00:11:24 GMT content-encoding gzip x-content-type-options nosniff age 358332 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57108 x-xss-protection 0 last-modified Mon, 22 Aug 2022 19:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 23 Nov 2022 00:11:24 GMT
GET H2	200	css fonts.googleapis.com/ Frame E281	6 KB 989 B	71ms 36ms	Stylesheet text/css	2607:f8b0:4006:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400 Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:806::200a Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3eb5b671ae37248c1f6efc99b1b671eae1026344cf7ba799fd7e07764f1ab2c4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 29 Aug 2022 03:22:59 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 29 Aug 2022 03:43:36 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 29 Aug 2022 03:43:36 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame E281	2 KB 902 B	21ms 19ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:26:46 GMT content-encoding gzip x-content-type-options nosniff age 1010 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 875 x-xss-protection 0 server cafe etag 16974406330603315520 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 12 Sep 2022 03:26:46 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame E281	23 KB 9 KB	22ms 20ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:32:44 GMT content-encoding gzip x-content-type-options nosniff age 652 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9668 x-xss-protection 0 server cafe etag 3250940068065303693 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 12 Sep 2022 03:32:44 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame E281	3 KB 1 KB	25ms 20ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:38:38 GMT content-encoding gzip x-content-type-options nosniff age 298 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 12 Sep 2022 03:38:38 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame E281	140 KB 44 KB	99ms 39ms	Script text/javascript	2607:f8b0:4006:816::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:36 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44079 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1661341966742178" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 29 Aug 2022 03:43:36 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame E281	17 KB 7 KB	26ms 21ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:31:09 GMT content-encoding gzip x-content-type-options nosniff age 747 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7599 x-xss-protection 0 server cafe etag 9215437806027971270 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 12 Sep 2022 03:31:09 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame E281	0 0	43ms 36ms	Image text/html	2607:f8b0:4006:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDtzdLnXpK43uQIqggdoqgRQqB-oaxmkug7LKFCsKKNOxuQvi3nGJOxtuDmUtICiYPzt6tXgjSBr0yopz4oA4LxjZBwQ Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H2	200	e3ca5db921b3b46420ba257a4c2f6b26.js Show response www.gstatic.com/mysidia/ Frame E281	33 KB 13 KB	66ms 21ms	Script text/javascript	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 07:36:54 GMT content-encoding gzip x-content-type-options nosniff age 72402 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13683 x-xss-protection 0 last-modified Mon, 22 Aug 2022 19:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sat, 26 Nov 2022 07:36:54 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 3D8D	19 KB 8 KB	26ms 23ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 02:20:57 GMT content-encoding gzip x-content-type-options nosniff age 4959 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8368 x-xss-protection 0 server cafe etag 5162546928090487746 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 12 Sep 2022 02:20:57 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 3D8D	205 B 296 B	76ms 36ms	Image image/png	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 22:40:56 GMT x-content-type-options nosniff age 536560 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 22 Aug 2023 22:40:56 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 3D8D	604 B 919 B	61ms 21ms	Image image/png	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 00:11:42 GMT x-content-type-options nosniff age 99114 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 28 Aug 2023 00:11:42 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame 87D3	15 KB 6 KB	44ms 25ms	Document text/html	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=macapps.ufile.io Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash 17b6c419a7f65afd0e75266dcace486b79ceae9242177feaa960dda92816c4cb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://macapps.ufile.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-length 6144 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 29 Aug 2022 03:43:35 GMT server-processing-duration-in-ticks 2166 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H3	200	932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response pagead2.googlesyndication.com/bg/ Frame DC37	36 KB 14 KB	63ms 19ms	Script text/javascript	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 06:06:41 GMT content-encoding br x-content-type-options nosniff age 77815 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14036 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 28 Aug 2023 06:06:41 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame D3EF	0 0	72ms 37ms	Image text/html	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082202&jk=317892420344778&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	85ms 27ms	Preflight application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=PsztYXxzY3pMdlhCTGdMUnMzYjM4THEzaEl3NlZRblpyenFDK2kxTmRyMEU5ZFV1MndOTHVSOUVBc2EwMlFtZGY0WVBJdHpYaXZUdmdQTXFYbFVPWDdWV013cUNLeXNYeFIzM1B5cXRFZmswRk5JMjM3aHdQdWFFamI2WTNTaE1LWEpoTUdaeDBtK2dwYTFtNVFEL3ByMi9sWnAwUXRBWmxJemNVYitaKzRoQU5mMGE1WmJoMnpyeStMT3N1MXQwdkdMSzFHU2gyNzBXM3BmZzFBRC9Ib3JsZnMyNFNhL1ZTaDNBWFBOTDZIc1UySVFzPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin null cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Mon, 29 Aug 2022 03:43:35 GMT expires 0 pragma no-cache server-processing-duration-in-ticks 1304 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Frame 87D3 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertagids&domain=ufile.io&sn=ChromeSyncframe&so=0&topUrl=macapps.ufile.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=XnCSkXxreUlXTC8zNkNmU3dVVDh5alVVbng2TDBQSnZsYU9NSjQ4K3R5MEdxc2VIYlJhZ1JtVWZkMnhYczBkaVJSbVVSVEFOWUxRYllqaUlKY2pNcjEzWnBWSHFEUzMzeDFZaEl0VUhMMk1OVlhHOWZIYVUyQ3RQY1FLeX...	420 B 628 B	75ms 26ms	Fetch application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=XnCSkXxreUlXTC8zNkNmU3dVVDh5alVVbng2TDBQSnZsYU9NSjQ4K3R5MEdxc2VIYlJhZ1JtVWZkMnhYczBkaVJSbVVSVEFOWUxRYllqaUlKY2pNcjEzWnBWSHFEUzMzeDFZaEl0VUhMMk1OVlhHOWZIYVUyQ3RQY1FLeXBpK0xWc3RyY1dHWUYxemM2WU0wZE9iN0gwelJvak96Um5GNDZFRGNSbFhJVUNCZEJid3JkaS9GdmZ6K3Q0V3hTZjlFblpWbU9udkIzSmtva093L25VQjBBTmRtbys0bVJsQ3o5V0FRUkllVHdCWGpYVjRuRlhQd3lpRjdxNU9jSTB4dFh0NTd6c2FJR0VrckdDb3VMUEN0RjVNY2lodz09fA&cppv=2 Protocol H2 Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash b948f86595bf6eee90a306d7f359442d60e958115677cfe1475a56584507bdc0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:35 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 4513 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Mon, 29 Aug 2022 03:43:36 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=XnCSkXxreUlXTC8zNkNmU3dVVDh5alVVbng2TDBQSnZsYU9NSjQ4K3R5MEdxc2VIYlJhZ1JtVWZkMnhYczBkaVJSbVVSVEFOWUxRYllqaUlKY2pNcjEzWnBWSHFEUzMzeDFZaEl0VUhMMk1OVlhHOWZIYVUyQ3RQY1FLeXBpK0xWc3RyY1dHWUYxemM2WU0wZE9iN0gwelJvak96Um5GNDZFRGNSbFhJVUNCZEJid3JkaS9GdmZ6K3Q0V3hTZjlFblpWbU9udkIzSmtva093L25VQjBBTmRtbys0bVJsQ3o5V0FRUkllVHdCWGpYVjRuRlhQd3lpRjdxNU9jSTB4dFh0NTd6c2FJR0VrckdDb3VMUEN0RjVNY2lodz09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1443 content-length 541 expires 0
POST H2	204	csi csi.gstatic.com/ Frame E281	0 327 B	602ms 208ms	Ping image/gif	2404:6800:400a:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l7e7u89c&c=4636644454679&slotId=2318322227339.5&qqid=CJrll4yR6_kCFdfFhwodrBYMVw&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:400a:80b::2003 Osaka, Japan, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	14975070640828899377 tpc.googlesyndication.com/simgad/ Frame E281 Redirect Chain https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX46rmbxCwCRiwCTIITaHmrOAouvw https://tpc.googlesyndication.com/simgad/14975070640828899377	185 KB 185 KB	22ms 22ms	Image image/jpeg	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/14975070640828899377 Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4eb94147462190f239c562d66a0c1ac7368989d3dd730fdf911335eeb2498877 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 24 Aug 2022 20:31:14 GMT x-content-type-options nosniff age 371542 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 189823 x-xss-protection 0 last-modified Mon, 13 Jul 2020 20:59:35 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 24 Aug 2023 20:31:14 GMT Redirect headers date Sun, 28 Aug 2022 20:57:00 GMT x-content-type-options nosniff server cafe age 24396 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/html; charset=UTF-8 location https://tpc.googlesyndication.com/simgad/14975070640828899377 cache-control public, max-age=2592000 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Tue, 27 Sep 2022 20:57:00 GMT
GET H3	206	videoplayback r3---sn-quxapm-3c2l.gvt1.com/ Frame E281 Redirect Chain https://redirector.gvt1.com/videoplayback?id=694cbd2233cf6360&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1661751815&sparams=ip,ipbits,expire,id,... https://r3---sn-quxapm-3c2l.gvt1.com/videoplayback?id=694cbd2233cf6360&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1661751815&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,m...	2 MB 2 MB	490ms 295ms	Media video/mp4	2a00:1588:d802::e YOUTUBE
General Check archive.org Show headers Download Go to Full URL https://r3---sn-quxapm-3c2l.gvt1.com/videoplayback?id=694cbd2233cf6360&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1661751815&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=440F1C6E870B912E2953CCF520762854AF2CD706.0286E51290D362E5582260C245A30C3ACDFF5129&key=cms1&cms_redirect=yes&mh=LR&mip=2607:5300:60:7867::12&mm=28&mn=sn-quxapm-3c2l&ms=nvh&mt=1661744185&mv=m&mvi=3&pl=32 Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 2a00:1588:d802::e , Ukraine, ASN36040 (YOUTUBE, US), Reverse DNS Software gvs 1.0 / Resource Hash 3917800c05a75f0c7afd01d3aaf1ab6fd897798127d6893000833e5068b4359d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:37 GMT x-content-type-options nosniff last-modified Thu, 25 Aug 2022 21:28:46 GMT server gvs 1.0 vary Origin content-type video/mp4 Content-Range bytes 0-2215180/2215181 client-protocol quic cache-control private, max-age=6898 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 2215181 expires Mon, 29 Aug 2022 03:43:37 GMT Redirect headers pragma no-cache date Mon, 29 Aug 2022 03:43:36 GMT x-content-type-options nosniff server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://r3---sn-quxapm-3c2l.gvt1.com/videoplayback?id=694cbd2233cf6360&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1661751815&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=440F1C6E870B912E2953CCF520762854AF2CD706.0286E51290D362E5582260C245A30C3ACDFF5129&key=cms1&cms_redirect=yes&mh=LR&mip=2607:5300:60:7867::12&mm=28&mn=sn-quxapm-3c2l&ms=nvh&mt=1661744185&mv=m&mvi=3&pl=32 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 714 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pd Show response google-bidout-d.openx.net/w/1.0/ Frame EDFC	623 B 835 B	119ms 50ms	Document text/html	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Requested by Host: oa.openxcdn.net URL: https://oa.openxcdn.net/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash dfed0c4955b024e79dfb53430880d1912f440f2d774c4a9a3a3b7353d58521c8 Request headers Referer https://macapps.ufile.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 409 content-type text/html date Mon, 29 Aug 2022 03:43:36 GMT p3p CP="CUR ADM OUR NOR STA NID" server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E281	0 20 B	41ms 41ms	Image image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?zx=94k904dsw1a1&sap=t&cf=playback_controller Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:36 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame DC37	0 10 B	23ms 22ms	Image text/plain	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?c5zUog Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:36 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H2	200	sd us-u.openx.net/w/1.0/ Frame EDFC Redirect Chain https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Yww16AAJ5UjwowBC https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yww16AAJ5UjwowBC&_test=Yww16AAJ5UjwowBC	43 B 106 B	61ms 40ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yww16AAJ5UjwowBC&_test=Yww16AAJ5UjwowBC Requested by Host: google-bidout-d.openx.net URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-CA,en;q=0.9 Referer https://google-bidout-d.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:36 GMT via 1.1 google server OXGW/0.0.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Mon, 29 Aug 2022 03:43:36 GMT via 1.1 varnish server Varnish x-timer S1661744617.816423,VS0,VE0 x-served-by cache-yul12820-YUL x-cache HIT location https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yww16AAJ5UjwowBC&_test=Yww16AAJ5UjwowBC cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	278b3fed-c9ae-e1bf-c4cd-f05d64cff458 pr-bh.ybp.yahoo.com/sync/openx/ Frame EDFC	43 B 1003 B	89ms 27ms	Image image/gif	2600:1f18:4e9:5a07:b400:569d:ed48:e656 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pr-bh.ybp.yahoo.com/sync/openx/278b3fed-c9ae-e1bf-c4cd-f05d64cff458?gdpr=0 Requested by Host: google-bidout-d.openx.net URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:4e9:5a07:b400:569d:ed48:e656 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software ATS / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://google-bidout-d.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:36 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 content-type image/gif x-xss-protection 1; mode=block content-length 43 x-content-type-options nosniff
GET H2	200	sd us-u.openx.net/w/1.0/ Frame EDFC Redirect Chain https://match.adsrvr.org/track/cmf/openx?oxid=b34c59a9-5902-73f6-f51a-e6a89b983911&gdpr=0 https://match.adsrvr.org/track/cmb/openx?oxid=b34c59a9-5902-73f6-f51a-e6a89b983911&gdpr=0 https://us-u.openx.net/w/1.0/sd?id=537072971&val=e3d12b54-87bf-40de-80af-8c52931fb3ce&ttd_puid=b34c59a9-5902-73f6-f51a-e6a89b983911&gdpr=0&gdpr_consent=	43 B 323 B	44ms 39ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072971&val=e3d12b54-87bf-40de-80af-8c52931fb3ce&ttd_puid=b34c59a9-5902-73f6-f51a-e6a89b983911&gdpr=0&gdpr_consent= Requested by Host: google-bidout-d.openx.net URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-CA,en;q=0.9 Referer https://google-bidout-d.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:36 GMT via 1.1 google server OXGW/0.0.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Mon, 29 Aug 2022 03:43:36 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://us-u.openx.net/w/1.0/sd?id=537072971&val=e3d12b54-87bf-40de-80af-8c52931fb3ce&ttd_puid=b34c59a9-5902-73f6-f51a-e6a89b983911&gdpr=0&gdpr_consent= cache-control private,no-cache, must-revalidate content-type text/html content-length 335
GET H2	200	pixel cm.g.doubleclick.net/ Frame EDFC	170 B 502 B	94ms 37ms	Image image/png	142.251.40.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWYyMzhhNjMtOTA3NS0yZDUyLWUwZmEtYmMxMTUxN2FmNzcx Requested by Host: google-bidout-d.openx.net URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://google-bidout-d.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:36 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame EDFC Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEODD133ZS2imnN2aZTsPrJM&google_cver=1	43 B 106 B	63ms 40ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEODD133ZS2imnN2aZTsPrJM&google_cver=1 Requested by Host: google-bidout-d.openx.net URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-CA,en;q=0.9 Referer https://google-bidout-d.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:36 GMT via 1.1 google server OXGW/0.0.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Mon, 29 Aug 2022 03:43:36 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEODD133ZS2imnN2aZTsPrJM&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	payment-options.png macapps.ufile.io/assets/img/	26 KB 26 KB	45ms 45ms	Image image/webp	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://macapps.ufile.io/assets/img/payment-options.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e862fc5d714f846abe07835f3d34b263059f79d12112cd728399a52ccdb18a0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/5x11nkd9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:36 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 897691 cf-polished origFmt=png, origSize=32805 content-disposition inline; filename="payment-options.webp" strict-transport-security max-age=15552000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 26398 last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag "8025-5e27de0365600" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4o2fLNTKILYl4%2BcLKyu6lkZyZfvNhSqQ%2BzyUjgrBQLcdMwu3b5Uw6vwMIesNXEyxmulH4bZZE%2B%2Br6cnWCgG9LLnYetexkzYXX%2Fw1ungXtbGLThILo%2BWSN0LykrYEaI0IASuJ9GiVA7E8q9InvwA%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=2678400 accept-ranges bytes cf-ray 7422488efc5c7136-YUL cf-bgj imgq:100,h2pri
GET H3	200	banner.svg macapps.ufile.io/assets/img/	17 KB 13 KB	25ms 24ms	Image image/svg+xml	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://macapps.ufile.io/assets/img/banner.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a50fb9ae1b5262d504366decc64cb6e262be51a9f07bacc82d698e08e4eb9b1f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/5x11nkd9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:36 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 897691 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"431c-5e27de0365600" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XeFc2gk2rz83rxn0sIsd4jLyuspjU9UYIcB3JxURQss5LO%2Fee7eUYNtnk%2FnFIw1nQOwXvuO6NQtCjPwF5IjXJsAl6zip6H0SD4hMGa61%2BJ%2FzKC3F4g1OSt91gWvy4x8g4NOkw6mjLXEVmqjpAk%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml vary Accept-Encoding cache-control max-age=2678400 cf-ray 7422488efc5f7136-YUL
GET H3	200	container.html Show response 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3BB4	6 KB 3 KB	19ms 19ms	Document text/html	2607:f8b0:4006:822::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:822::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://macapps.ufile.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 29 Aug 2022 03:43:36 GMT expires Tue, 29 Aug 2023 03:43:36 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 3A22	624 B 733 B	89ms 37ms	Document text/html	2607:f8b0:4006:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWi9OwCEPO5mu8CGJKq_80BMAE&v=APEucNXeOh8u46xApxZ63GazogrlDKxUqYvyV73DoDoXyzcQHiiQSMb3gkKmgMbt2-eaicWzpGD-SOXcsj79N2ArpTmCrTvr_Q Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding gzip content-length 276 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 29 Aug 2022 03:43:36 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 3BB4	79 KB 33 KB	115ms 65ms	Script text/javascript	2607:f8b0:4006:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFZtwlyr01iBLv1wTYLVm5gHco2_iIo4zj1yOKeglLslbJ1Bd3Boa980zdsDHT4W9svbmeettVP13TxStYuQiQQ8TykeobQ0v4VfwFvCaj7x1fXoettBMPYsvy4OxvejZgQyDJ0SFQur5Kt2fCl5WyBLHUPMAAGVNmqYE2FhxOyKHDofw&cry=1&dbm_d=AKAmf-A7YZCQplJlYRadhNWN-DlaAJt8yRYdQBiqf2eoiEQF1HwHaJDCc9TCfrHn6Vrs0pZVPU1gmbItADEOl2ceK5WP457SjT_0t-cQAvfny3yRrkUpf67bl1EeUwQATmNqInoxJS74iaq0eS9axC7_y1P9eo5mdG2nMD9Kc5dVsWtCBbLwCDcJ3y7_n9MKVtQMtWbGXMmyaOema7ZogZswrXGmOtTVQLq5iAjKQJJDAQp6ydhdPWtMyKf0BgX3J0IhMx6k6lqGuUyPS9FpZI3EX_B_AjOjsLV7MQFGUd8dPTndoXlzOdVuuBha4-oikDzstGcq4_rY7Q2QY2Hm9bhrRFq2dmvLCruCuRcAdxiWu6Upu0cJKfFQEGfrjHw9GF4W4hfIPaDdYpsa5Pq1q6GCmpiDyigHfqT4MZmNEmsxZn_qu8dafBCjtuNSItB4UroRvqjUxzaEj_xfjMh4uvn8Xv09lgirhbFBaUd6STlSuvpf7UoMaxTgz7B01-JzZmn2Y1w2O0zBlcuZAJlNWpwcrbqIZlzp8tmIUCsXlDsnmc7-Is-6NOinkjCAypxCE1rsw4XOAsA_vfUl3dVEN_g8OGZItbMBJTCD3q_EvA2ORU0_QEOBkruIm5SsO6M9NcMFXvwAmBsKBM8N7D86rUXR2N6adTvgZjMIyEACSvi8rVEUAgjtzqeF1YhzS79fYE5cdwVolyvNWTetR1aHPGiF5FsMItL2LDbc0YCpmHWjORIvvnuSRhWbc2oMiYWtpSj_SYz4fYL5lowoc6qF2fPpKiAW77c7cKlnwm8bipMjYMty7vWf4CfmaWLYTw6FJWOgLCIhifDsgcEJdqFbmLAyB_KCWj4PCA-k629Q83DcwhcA7tg3WFPfd5EG3v0UvI7t2KCPJI2S1xmgXkxIb2u9qsZgFIuOyzmMKk7rSRgxZnXo4WGXzJaysbVoSGZpVNDlxqf43rYqO3AlXW9DIq63HYsh18U9apzbgzX1OOyjcAl5q7UdDJVA3T31pbjlTA1-SEtrYzdSVOSmYiOrAWqTn0EDUcy7BmpfQvMFnrZ_f7Zjr6hc8VGW_ULQYymULghZ1Jsx7syAvRvt-uJlSGNN0JDftvJeBoxYofb-9q-VhZyrsdwTTLZXjoEGgMOlA5XHmbZOZ2PIb3EvXME3wOmTOz8MZujq4Xlp5oyw5HqiSPu9IIfRSUl-3lEbgqebsUSJv7aA6msLi6amWPbK5rmzGzY8eTWbaJps8UGqKY14pnw-q7KvNxUEjDwB9yKizMna_BYCbCiN20XF67xQjC5aiIceqXIlaKR6vrpsAh1tsqx4JswfGz5HQeHGlL5MblLxL-2H8ySP_Jgg5BQrcDcCSf9zzh4JIB7o1SvNqWQp_VysLkOilQu_sWS-vOesqko01me4AJIflQ7QELCfrsa6zpg121zdTnFmUdxItXhZvrD5e1tD_0kqsOfXeahNKRs2Rn_ZCRJ_XywErn1scaJ0FXTFzT4dPKDZm37n6Z43lLItIMvPywKLYGaMPear4qMvoD1jOdg2fsXWi_t37r5V0vzh0Lp99-B7xtZp1prPgvLEHbnkTRh9jS4ddtvM46gy9CnEj1-LvX26z5IgDmcBGKMV1SuaLyBLtnIUQWoYvjzPKE4irqBpXoDf1ilgkpkQV0gi8S5toe9lgEUB8qH9OGMRvAlBYRd295tmr0-lcJDkYHS4Cgi5BO078vj3wxkhI7QXWwUvC45PgLZg-V8uaWHzYdgZsY7nck4QFOot-T7Pv7Hg-mwO_oSnavNUA0WE5ESmKIHfGZriKcCF8CUS-Ijp4GaWDdngu3-g-B1PMxhNeRH_ln8nokdLKpd7zqNZUi1dOllcnEgm6LLY49YbeJsC622aUH7nqNRsLLvK4LmJorAbN4_Y5sPmbb_poCE3S4dl8tq_7KevXOCF4-cAmMguwfgqu6XWMfvMyL5dwk7zhfz1cYgnio3raz7jlbkMav-eW1yi7O8PNATmyfzztN55imzFU0ds57sA5vI3lOEs9ip9MgnpkAwl4Ef9yNoivuusbqzqXQ92LFxgKD7Jqxo3YsVfUvCZLJdDn5XRdXoBGlMVb4Gjky4xCepJPiJX8MqRGJW93Eb9ecuWIyyzQM4xRvVRMFJqTvFn9xzxOb4WL9Zu9acFDXG8lu43LUmyrvMFRtsMZEBEXsydAZOe9jW8vlVlGTC8fYaSQjBKcAFq1RDZUflW2T-h21DucH1eaZ0stHhpN7Hotahbp-6m6xh1-XgiUqHbtYTQJIHcuN2jJsFbwa_T3EZW_2Ifo9lJ2_dSPUNoecQmrcUzQM_Qkm-EIACbY8yy4vGcCKxYEb91cJkjDeKEJNBhSYI9o6KRt5XMOorYxgvwZvECOkBpZZWzpri1OcCxl-vzg3s9RLFtlCPo1UXe38HHlM-TmiAeyhqVK9FD6bnJ8QfTrOMvwRY_uUQoCcTYUEsodnUmsJoZkOt6vE7Sb4FNl8HyFa2cWTw5G_n4OzZnIt_fW6fXi-GH5ZNNSSCmyy4MKCuCIS2QEMK4fAiziIuOq2V6Za6Quxa_mk4c9x_FILKYo5XJ7Xy2vcEZIulmF2lMyBBfaa86sSIREmVbUdaO-Al_2Jijpwto_Tw8FduPp8jcFO2hk-mZAgHFCDeVgQR-ODEPqRCFHvqsVHQXAHgxxKvJ_NzPTMK41oM01cfq44sYSbrEynGP_0UPpdxroScvsHtvH8aR2E9rufayJGyDqFSEGNJ3LVKcIAtAjvhR-1hwNr8KnSNkacS8tb9RoW2twa85rKa3ZLr3POTT2fFEcW_Jrv1FY56wWYGqZF_-6QisVPCjrQFp9BLae4xzRXgkq8Z2-zq3xm6zSEhSCy7GwrpRHTC0SDsCL_h4IJHzliltlpRlQ9YciLEDV1T_Ya-DXv5PbNmAFD8VKMZqsU7MhV_r5zWWzxjh7eQ1Lnc8NRV6HvQhYuc0dPxK6rw19Nx2UUDXYRdCCpK0c3I5dywqM1wipAvpO_qpxz417tbvuRvLbQzsYZqES3NJHOtZrkVaulohECOI3K3z_y2Dy_4eFLIfoiOlbtzJBWN3EqP0CSkIMLHbwznBI9yTwVjzBc_kKio4t-Q6dG4K_LSWLsyTHGjv5tl2YOspf4pw6JosV22ShJ9QlyCvAZHh24Jzh3fsKfrAL8D9Xvj5Wmjxv8QHava8WBCa5XKdY3roJXPeP67E0HIVPM6OV3qfxu8e5wDMd0EJGAoMxCT86cIy_xAlqq1dz1nkR4_ictr4&cid=CAASJeRoduPKe58RDJ4lSW0fMsmBT1QUCQRzRtFpATc_O4-q5G90mCc&rfl=1%2Chttps%253A%252F%252Fmacapps.ufile.io%252F%240 Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash be2f1b2fcacf5fade6178f4d4412ca25487363256d6f217fa129949ec298b336 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:36 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33827 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3BB4	42 B 63 B	42ms 39ms	Image image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CTjJvuPWl5wKRMC-eWd6nvF28_wRvfSo29OusFeyxj0v28EB-_B4fLBsEMePn1C-vDMEWjQ8uUogDvtlp7nNVvB7jj6GVKjIpbc9m8Mu1VrBwhB7Q Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:36 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 3BB4	3 KB 1 KB	22ms 19ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:38:38 GMT content-encoding gzip x-content-type-options nosniff age 298 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 12 Sep 2022 03:38:38 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 3BB4	140 KB 43 KB	84ms 38ms	Script text/javascript	2607:f8b0:4006:816::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:816::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:36 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44079 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1661341966742178" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 29 Aug 2022 03:43:36 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 3BB4	17 KB 7 KB	23ms 20ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:31:09 GMT content-encoding gzip x-content-type-options nosniff age 747 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7599 x-xss-protection 0 server cafe etag 9215437806027971270 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 12 Sep 2022 03:31:09 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 3BB4	0 0	84ms 38ms	Image text/html	2607:f8b0:4006:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbRRJWH8b3rdYttMSTGGirkG0q_QytN8Fc-q4qybzOFNh80hvQqrPgxcPJ_lpyO4tzGUFT3bLZ3l4sukJRzRlwKnoImA Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H3	200	file-types.svg macapps.ufile.io/assets/img/icons/	29 KB 12 KB	26ms 25ms	Image image/svg+xml	2606:4700:3036::ac43:9b51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://macapps.ufile.io/assets/img/icons/file-types.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9b51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d28cb356bfe09c34dd67189ce84e733e47ffc1ab0813bf23696228e146524f34 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/5x11nkd9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:36 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 887351 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 28 Jun 2022 08:32:24 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"74b8-5e27de0365600" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QN3TFQITIYPFg7OsYXfmFTvqmii%2BlRMxZZQjXpg7V45uJvnrQqUJvfdtrkMm5kVV3Doz8XTmDJSt11tM4aISbu1G3Lfh15EyEQU8pqOeQ0jyZlM2tm%2B17SVIFIUYE%2BVxTPncKwAlJ5dOzBtWGwo%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml vary Accept-Encoding cache-control max-age=2678400 cf-ray 7422488fdd947136-YUL
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 3A22 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnSN3C_mnhWxDDX43O0yZA&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnSN3C_mnhWxDDX43O0yZA&google_cver=1&C=1	43 B 908 B	60ms 59ms	Image image/gif	104.18.19.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnSN3C_mnhWxDDX43O0yZA&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWi9OwCEPO5mu8CGJKq_80BMAE&v=APEucNXeOh8u46xApxZ63GazogrlDKxUqYvyV73DoDoXyzcQHiiQSMb3gkKmgMbt2-eaicWzpGD-SOXcsj79N2ArpTmCrTvr_Q Protocol H3 Server 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers cf-ray 7422489109e054b5-YYZ pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GmDCqBYCBiYSReUSssTQ5QaDb2ioId4GlWuM0Lngqsx%2BO6GJy4CV%2B2H6CvFawcvSAgGJxsp%2FqLlUtNSmKT3zNy8RE5YED0dGAYFGOT0TOlyu2XLxR0wmScaOOnogvNmYTlhnHJpZbn6HA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFJQqFemHHWkEUzbLQDOjfJhFH9%2Bk5CjA8167KOKFXFHIiWsqgY8TREs93fPhQw%2Fk07MxQZIgJLmrjfE0T21opNFXm76htE5VpLoSPYaZ4s0%2BsdBHGXP0Im4TshuKj5DV%2B724PMHkVCLZQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=45&external_user_id=CAESEJnSN3C_mnhWxDDX43O0yZA&google_cver=1&C=1 cache-control no-cache cf-ray 74224890bda4a1f8-YYZ alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expires 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 3A22 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yww16VuML6xQFDt6xrlc0QAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMezfJDGvElWu2dmPqO-qt8&google_cver=1	43 B 912 B	58ms 58ms	Image image/gif	104.18.19.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMezfJDGvElWu2dmPqO-qt8&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWi9OwCEPO5mu8CGJKq_80BMAE&v=APEucNXeOh8u46xApxZ63GazogrlDKxUqYvyV73DoDoXyzcQHiiQSMb3gkKmgMbt2-eaicWzpGD-SOXcsj79N2ArpTmCrTvr_Q Protocol H3 Server 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers cf-ray 74224891bab654b5-YYZ pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ad1qtA2ScFsOuVZjicN571FoMX5jea9uElf1iFAu5WmrMrDWEKM9YwhqUAJ%2BOt2PI5ufiXKGB7qO%2B%2BuEVKt%2FJ7WyQc7%2BqQGTBjoehzJzR1v%2FEDcLPtZKoLDLei9PdgbjcfiuCnYy%2BVNCeA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMezfJDGvElWu2dmPqO-qt8&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 3A22 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEJm2onqzOuDwFq8n86X46kw&google_cver=1	43 B 1018 B	23ms 20ms	Image image/gif	68.67.160.76 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEJm2onqzOuDwFq8n86X46kw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWi9OwCEPO5mu8CGJKq_80BMAE&v=APEucNXeOh8u46xApxZ63GazogrlDKxUqYvyV73DoDoXyzcQHiiQSMb3gkKmgMbt2-eaicWzpGD-SOXcsj79N2ArpTmCrTvr_Q Protocol HTTP/1.1 Server 68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Date Mon, 29 Aug 2022 03:43:37 GMT X-Proxy-Origin 149.56.153.181; 149.56.153.181; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com AN-X-Request-Uuid 5ace8abf-5996-4275-badb-90a9f8113755 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEJm2onqzOuDwFq8n86X46kw&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3A22 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4MDQ5MDc4MzI3OTM0ODQzNA%3D%3D	170 B 188 B	37ms 37ms	Image image/png	142.251.40.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4MDQ5MDc4MzI3OTM0ODQzNA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMWi9OwCEPO5mu8CGJKq_80BMAE&v=APEucNXeOh8u46xApxZ63GazogrlDKxUqYvyV73DoDoXyzcQHiiQSMb3gkKmgMbt2-eaicWzpGD-SOXcsj79N2ArpTmCrTvr_Q Protocol H3 Server 142.251.40.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 29 Aug 2022 03:43:37 GMT X-Proxy-Origin 149.56.153.181; 149.56.153.181; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com AN-X-Request-Uuid 7a5aee0f-ebb6-46ee-9bc7-ea50ccc3108c Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4MDQ5MDc4MzI3OTM0ODQzNA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	express_html_inpage_rendering_lib_200_276.js Show response s0.2mdn.net/879366/ Frame 3BB4	106 KB 38 KB	85ms 20ms	Script text/javascript	2607:f8b0:4006:81e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ Origin https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 17:48:30 GMT content-encoding gzip x-content-type-options nosniff age 35707 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37872 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:07:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 29 Aug 2022 17:48:30 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 3BB4	8 KB 3 KB	20ms 19ms	Script text/javascript	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFZtwlyr01iBLv1wTYLVm5gHco2_iIo4zj1yOKeglLslbJ1Bd3Boa980zdsDHT4W9svbmeettVP13TxStYuQiQQ8TykeobQ0v4VfwFvCaj7x1fXoettBMPYsvy4OxvejZgQyDJ0SFQur5Kt2fCl5WyBLHUPMAAGVNmqYE2FhxOyKHDofw&cry=1&dbm_d=AKAmf-A7YZCQplJlYRadhNWN-DlaAJt8yRYdQBiqf2eoiEQF1HwHaJDCc9TCfrHn6Vrs0pZVPU1gmbItADEOl2ceK5WP457SjT_0t-cQAvfny3yRrkUpf67bl1EeUwQATmNqInoxJS74iaq0eS9axC7_y1P9eo5mdG2nMD9Kc5dVsWtCBbLwCDcJ3y7_n9MKVtQMtWbGXMmyaOema7ZogZswrXGmOtTVQLq5iAjKQJJDAQp6ydhdPWtMyKf0BgX3J0IhMx6k6lqGuUyPS9FpZI3EX_B_AjOjsLV7MQFGUd8dPTndoXlzOdVuuBha4-oikDzstGcq4_rY7Q2QY2Hm9bhrRFq2dmvLCruCuRcAdxiWu6Upu0cJKfFQEGfrjHw9GF4W4hfIPaDdYpsa5Pq1q6GCmpiDyigHfqT4MZmNEmsxZn_qu8dafBCjtuNSItB4UroRvqjUxzaEj_xfjMh4uvn8Xv09lgirhbFBaUd6STlSuvpf7UoMaxTgz7B01-JzZmn2Y1w2O0zBlcuZAJlNWpwcrbqIZlzp8tmIUCsXlDsnmc7-Is-6NOinkjCAypxCE1rsw4XOAsA_vfUl3dVEN_g8OGZItbMBJTCD3q_EvA2ORU0_QEOBkruIm5SsO6M9NcMFXvwAmBsKBM8N7D86rUXR2N6adTvgZjMIyEACSvi8rVEUAgjtzqeF1YhzS79fYE5cdwVolyvNWTetR1aHPGiF5FsMItL2LDbc0YCpmHWjORIvvnuSRhWbc2oMiYWtpSj_SYz4fYL5lowoc6qF2fPpKiAW77c7cKlnwm8bipMjYMty7vWf4CfmaWLYTw6FJWOgLCIhifDsgcEJdqFbmLAyB_KCWj4PCA-k629Q83DcwhcA7tg3WFPfd5EG3v0UvI7t2KCPJI2S1xmgXkxIb2u9qsZgFIuOyzmMKk7rSRgxZnXo4WGXzJaysbVoSGZpVNDlxqf43rYqO3AlXW9DIq63HYsh18U9apzbgzX1OOyjcAl5q7UdDJVA3T31pbjlTA1-SEtrYzdSVOSmYiOrAWqTn0EDUcy7BmpfQvMFnrZ_f7Zjr6hc8VGW_ULQYymULghZ1Jsx7syAvRvt-uJlSGNN0JDftvJeBoxYofb-9q-VhZyrsdwTTLZXjoEGgMOlA5XHmbZOZ2PIb3EvXME3wOmTOz8MZujq4Xlp5oyw5HqiSPu9IIfRSUl-3lEbgqebsUSJv7aA6msLi6amWPbK5rmzGzY8eTWbaJps8UGqKY14pnw-q7KvNxUEjDwB9yKizMna_BYCbCiN20XF67xQjC5aiIceqXIlaKR6vrpsAh1tsqx4JswfGz5HQeHGlL5MblLxL-2H8ySP_Jgg5BQrcDcCSf9zzh4JIB7o1SvNqWQp_VysLkOilQu_sWS-vOesqko01me4AJIflQ7QELCfrsa6zpg121zdTnFmUdxItXhZvrD5e1tD_0kqsOfXeahNKRs2Rn_ZCRJ_XywErn1scaJ0FXTFzT4dPKDZm37n6Z43lLItIMvPywKLYGaMPear4qMvoD1jOdg2fsXWi_t37r5V0vzh0Lp99-B7xtZp1prPgvLEHbnkTRh9jS4ddtvM46gy9CnEj1-LvX26z5IgDmcBGKMV1SuaLyBLtnIUQWoYvjzPKE4irqBpXoDf1ilgkpkQV0gi8S5toe9lgEUB8qH9OGMRvAlBYRd295tmr0-lcJDkYHS4Cgi5BO078vj3wxkhI7QXWwUvC45PgLZg-V8uaWHzYdgZsY7nck4QFOot-T7Pv7Hg-mwO_oSnavNUA0WE5ESmKIHfGZriKcCF8CUS-Ijp4GaWDdngu3-g-B1PMxhNeRH_ln8nokdLKpd7zqNZUi1dOllcnEgm6LLY49YbeJsC622aUH7nqNRsLLvK4LmJorAbN4_Y5sPmbb_poCE3S4dl8tq_7KevXOCF4-cAmMguwfgqu6XWMfvMyL5dwk7zhfz1cYgnio3raz7jlbkMav-eW1yi7O8PNATmyfzztN55imzFU0ds57sA5vI3lOEs9ip9MgnpkAwl4Ef9yNoivuusbqzqXQ92LFxgKD7Jqxo3YsVfUvCZLJdDn5XRdXoBGlMVb4Gjky4xCepJPiJX8MqRGJW93Eb9ecuWIyyzQM4xRvVRMFJqTvFn9xzxOb4WL9Zu9acFDXG8lu43LUmyrvMFRtsMZEBEXsydAZOe9jW8vlVlGTC8fYaSQjBKcAFq1RDZUflW2T-h21DucH1eaZ0stHhpN7Hotahbp-6m6xh1-XgiUqHbtYTQJIHcuN2jJsFbwa_T3EZW_2Ifo9lJ2_dSPUNoecQmrcUzQM_Qkm-EIACbY8yy4vGcCKxYEb91cJkjDeKEJNBhSYI9o6KRt5XMOorYxgvwZvECOkBpZZWzpri1OcCxl-vzg3s9RLFtlCPo1UXe38HHlM-TmiAeyhqVK9FD6bnJ8QfTrOMvwRY_uUQoCcTYUEsodnUmsJoZkOt6vE7Sb4FNl8HyFa2cWTw5G_n4OzZnIt_fW6fXi-GH5ZNNSSCmyy4MKCuCIS2QEMK4fAiziIuOq2V6Za6Quxa_mk4c9x_FILKYo5XJ7Xy2vcEZIulmF2lMyBBfaa86sSIREmVbUdaO-Al_2Jijpwto_Tw8FduPp8jcFO2hk-mZAgHFCDeVgQR-ODEPqRCFHvqsVHQXAHgxxKvJ_NzPTMK41oM01cfq44sYSbrEynGP_0UPpdxroScvsHtvH8aR2E9rufayJGyDqFSEGNJ3LVKcIAtAjvhR-1hwNr8KnSNkacS8tb9RoW2twa85rKa3ZLr3POTT2fFEcW_Jrv1FY56wWYGqZF_-6QisVPCjrQFp9BLae4xzRXgkq8Z2-zq3xm6zSEhSCy7GwrpRHTC0SDsCL_h4IJHzliltlpRlQ9YciLEDV1T_Ya-DXv5PbNmAFD8VKMZqsU7MhV_r5zWWzxjh7eQ1Lnc8NRV6HvQhYuc0dPxK6rw19Nx2UUDXYRdCCpK0c3I5dywqM1wipAvpO_qpxz417tbvuRvLbQzsYZqES3NJHOtZrkVaulohECOI3K3z_y2Dy_4eFLIfoiOlbtzJBWN3EqP0CSkIMLHbwznBI9yTwVjzBc_kKio4t-Q6dG4K_LSWLsyTHGjv5tl2YOspf4pw6JosV22ShJ9QlyCvAZHh24Jzh3fsKfrAL8D9Xvj5Wmjxv8QHava8WBCa5XKdY3roJXPeP67E0HIVPM6OV3qfxu8e5wDMd0EJGAoMxCT86cIy_xAlqq1dz1nkR4_ictr4&cid=CAASJeRoduPKe58RDJ4lSW0fMsmBT1QUCQRzRtFpATc_O4-q5G90mCc&rfl=1%2Chttps%253A%252F%252Fmacapps.ufile.io%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:41:09 GMT content-encoding gzip x-content-type-options nosniff age 148 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3181 x-xss-protection 0 server cafe etag 18418590997839133011 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 12 Sep 2022 03:41:09 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 3BB4	30 KB 12 KB	20ms 19ms	Script text/javascript	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFZtwlyr01iBLv1wTYLVm5gHco2_iIo4zj1yOKeglLslbJ1Bd3Boa980zdsDHT4W9svbmeettVP13TxStYuQiQQ8TykeobQ0v4VfwFvCaj7x1fXoettBMPYsvy4OxvejZgQyDJ0SFQur5Kt2fCl5WyBLHUPMAAGVNmqYE2FhxOyKHDofw&cry=1&dbm_d=AKAmf-A7YZCQplJlYRadhNWN-DlaAJt8yRYdQBiqf2eoiEQF1HwHaJDCc9TCfrHn6Vrs0pZVPU1gmbItADEOl2ceK5WP457SjT_0t-cQAvfny3yRrkUpf67bl1EeUwQATmNqInoxJS74iaq0eS9axC7_y1P9eo5mdG2nMD9Kc5dVsWtCBbLwCDcJ3y7_n9MKVtQMtWbGXMmyaOema7ZogZswrXGmOtTVQLq5iAjKQJJDAQp6ydhdPWtMyKf0BgX3J0IhMx6k6lqGuUyPS9FpZI3EX_B_AjOjsLV7MQFGUd8dPTndoXlzOdVuuBha4-oikDzstGcq4_rY7Q2QY2Hm9bhrRFq2dmvLCruCuRcAdxiWu6Upu0cJKfFQEGfrjHw9GF4W4hfIPaDdYpsa5Pq1q6GCmpiDyigHfqT4MZmNEmsxZn_qu8dafBCjtuNSItB4UroRvqjUxzaEj_xfjMh4uvn8Xv09lgirhbFBaUd6STlSuvpf7UoMaxTgz7B01-JzZmn2Y1w2O0zBlcuZAJlNWpwcrbqIZlzp8tmIUCsXlDsnmc7-Is-6NOinkjCAypxCE1rsw4XOAsA_vfUl3dVEN_g8OGZItbMBJTCD3q_EvA2ORU0_QEOBkruIm5SsO6M9NcMFXvwAmBsKBM8N7D86rUXR2N6adTvgZjMIyEACSvi8rVEUAgjtzqeF1YhzS79fYE5cdwVolyvNWTetR1aHPGiF5FsMItL2LDbc0YCpmHWjORIvvnuSRhWbc2oMiYWtpSj_SYz4fYL5lowoc6qF2fPpKiAW77c7cKlnwm8bipMjYMty7vWf4CfmaWLYTw6FJWOgLCIhifDsgcEJdqFbmLAyB_KCWj4PCA-k629Q83DcwhcA7tg3WFPfd5EG3v0UvI7t2KCPJI2S1xmgXkxIb2u9qsZgFIuOyzmMKk7rSRgxZnXo4WGXzJaysbVoSGZpVNDlxqf43rYqO3AlXW9DIq63HYsh18U9apzbgzX1OOyjcAl5q7UdDJVA3T31pbjlTA1-SEtrYzdSVOSmYiOrAWqTn0EDUcy7BmpfQvMFnrZ_f7Zjr6hc8VGW_ULQYymULghZ1Jsx7syAvRvt-uJlSGNN0JDftvJeBoxYofb-9q-VhZyrsdwTTLZXjoEGgMOlA5XHmbZOZ2PIb3EvXME3wOmTOz8MZujq4Xlp5oyw5HqiSPu9IIfRSUl-3lEbgqebsUSJv7aA6msLi6amWPbK5rmzGzY8eTWbaJps8UGqKY14pnw-q7KvNxUEjDwB9yKizMna_BYCbCiN20XF67xQjC5aiIceqXIlaKR6vrpsAh1tsqx4JswfGz5HQeHGlL5MblLxL-2H8ySP_Jgg5BQrcDcCSf9zzh4JIB7o1SvNqWQp_VysLkOilQu_sWS-vOesqko01me4AJIflQ7QELCfrsa6zpg121zdTnFmUdxItXhZvrD5e1tD_0kqsOfXeahNKRs2Rn_ZCRJ_XywErn1scaJ0FXTFzT4dPKDZm37n6Z43lLItIMvPywKLYGaMPear4qMvoD1jOdg2fsXWi_t37r5V0vzh0Lp99-B7xtZp1prPgvLEHbnkTRh9jS4ddtvM46gy9CnEj1-LvX26z5IgDmcBGKMV1SuaLyBLtnIUQWoYvjzPKE4irqBpXoDf1ilgkpkQV0gi8S5toe9lgEUB8qH9OGMRvAlBYRd295tmr0-lcJDkYHS4Cgi5BO078vj3wxkhI7QXWwUvC45PgLZg-V8uaWHzYdgZsY7nck4QFOot-T7Pv7Hg-mwO_oSnavNUA0WE5ESmKIHfGZriKcCF8CUS-Ijp4GaWDdngu3-g-B1PMxhNeRH_ln8nokdLKpd7zqNZUi1dOllcnEgm6LLY49YbeJsC622aUH7nqNRsLLvK4LmJorAbN4_Y5sPmbb_poCE3S4dl8tq_7KevXOCF4-cAmMguwfgqu6XWMfvMyL5dwk7zhfz1cYgnio3raz7jlbkMav-eW1yi7O8PNATmyfzztN55imzFU0ds57sA5vI3lOEs9ip9MgnpkAwl4Ef9yNoivuusbqzqXQ92LFxgKD7Jqxo3YsVfUvCZLJdDn5XRdXoBGlMVb4Gjky4xCepJPiJX8MqRGJW93Eb9ecuWIyyzQM4xRvVRMFJqTvFn9xzxOb4WL9Zu9acFDXG8lu43LUmyrvMFRtsMZEBEXsydAZOe9jW8vlVlGTC8fYaSQjBKcAFq1RDZUflW2T-h21DucH1eaZ0stHhpN7Hotahbp-6m6xh1-XgiUqHbtYTQJIHcuN2jJsFbwa_T3EZW_2Ifo9lJ2_dSPUNoecQmrcUzQM_Qkm-EIACbY8yy4vGcCKxYEb91cJkjDeKEJNBhSYI9o6KRt5XMOorYxgvwZvECOkBpZZWzpri1OcCxl-vzg3s9RLFtlCPo1UXe38HHlM-TmiAeyhqVK9FD6bnJ8QfTrOMvwRY_uUQoCcTYUEsodnUmsJoZkOt6vE7Sb4FNl8HyFa2cWTw5G_n4OzZnIt_fW6fXi-GH5ZNNSSCmyy4MKCuCIS2QEMK4fAiziIuOq2V6Za6Quxa_mk4c9x_FILKYo5XJ7Xy2vcEZIulmF2lMyBBfaa86sSIREmVbUdaO-Al_2Jijpwto_Tw8FduPp8jcFO2hk-mZAgHFCDeVgQR-ODEPqRCFHvqsVHQXAHgxxKvJ_NzPTMK41oM01cfq44sYSbrEynGP_0UPpdxroScvsHtvH8aR2E9rufayJGyDqFSEGNJ3LVKcIAtAjvhR-1hwNr8KnSNkacS8tb9RoW2twa85rKa3ZLr3POTT2fFEcW_Jrv1FY56wWYGqZF_-6QisVPCjrQFp9BLae4xzRXgkq8Z2-zq3xm6zSEhSCy7GwrpRHTC0SDsCL_h4IJHzliltlpRlQ9YciLEDV1T_Ya-DXv5PbNmAFD8VKMZqsU7MhV_r5zWWzxjh7eQ1Lnc8NRV6HvQhYuc0dPxK6rw19Nx2UUDXYRdCCpK0c3I5dywqM1wipAvpO_qpxz417tbvuRvLbQzsYZqES3NJHOtZrkVaulohECOI3K3z_y2Dy_4eFLIfoiOlbtzJBWN3EqP0CSkIMLHbwznBI9yTwVjzBc_kKio4t-Q6dG4K_LSWLsyTHGjv5tl2YOspf4pw6JosV22ShJ9QlyCvAZHh24Jzh3fsKfrAL8D9Xvj5Wmjxv8QHava8WBCa5XKdY3roJXPeP67E0HIVPM6OV3qfxu8e5wDMd0EJGAoMxCT86cIy_xAlqq1dz1nkR4_ictr4&cid=CAASJeRoduPKe58RDJ4lSW0fMsmBT1QUCQRzRtFpATc_O4-q5G90mCc&rfl=1%2Chttps%253A%252F%252Fmacapps.ufile.io%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:29:08 GMT content-encoding gzip x-content-type-options nosniff age 869 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11819 x-xss-protection 0 server cafe etag 10563440404697844360 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 12 Sep 2022 03:29:08 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 3BB4	41 KB 15 KB	22ms 21ms	Script text/javascript	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 22:01:11 GMT content-encoding gzip x-content-type-options nosniff age 106946 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 27 Aug 2023 22:01:11 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 5C0B	1 KB 749 B	21ms 20ms	Document text/html	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 77817 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding gzip content-length 724 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 28 Aug 2022 06:06:40 GMT etag 48472445140208031 expires Mon, 29 Aug 2022 06:06:40 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 3BB4	220 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 21d25aa58f888caa6c47bbf3e4d78c238f2082faa3957c1d205f7f7d7f27ccdd Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 2793	22 KB 8 KB	21ms 19ms	Document text/html	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 328210 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 25 Aug 2022 08:33:27 GMT expires Fri, 25 Aug 2023 08:33:27 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	i.match s.tribalfusion.com/z/ Frame 5C0B Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEIFcJuR1lyJ2Ln54wUE3OtQ&google_cver=1&google_push=AehlK4Cr6z5alnW0c5F5CvRFF22bybjmiskER0hezIFB_DB-PrEos1lxuD8SwdoevZ9IpdXCPwdpF9aL1Hm0G8Ceg3rx0iIe7K2D&... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIFcJuR1lyJ2Ln54wUE3OtQ&google_cver=1&google_push=AehlK4Cr6z5alnW0c5F5CvRFF22bybjmiskER0hezIFB_DB-PrEos1lxuD8SwdoevZ9IpdXCPwdpF9aL1Hm0G8Ceg3rx0iIe7K2...	43 B 421 B	92ms 81ms	Image image/gif	2606:4700:4400::ac40:98f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIFcJuR1lyJ2Ln54wUE3OtQ&google_cver=1&google_push=AehlK4Cr6z5alnW0c5F5CvRFF22bybjmiskER0hezIFB_DB-PrEos1lxuD8SwdoevZ9IpdXCPwdpF9aL1Hm0G8Ceg3rx0iIe7K2D&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Cr6z5alnW0c5F5CvRFF22bybjmiskER0hezIFB_DB-PrEos1lxuD8SwdoevZ9IpdXCPwdpF9aL1Hm0G8Ceg3rx0iIe7K2D%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Server 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 74224891c9447154-YUL p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 4726 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 7422489108437154-YUL p3p CP="NOI DEVo TAIa OUR BUS" location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIFcJuR1lyJ2Ln54wUE3OtQ&google_cver=1&google_push=AehlK4Cr6z5alnW0c5F5CvRFF22bybjmiskER0hezIFB_DB-PrEos1lxuD8SwdoevZ9IpdXCPwdpF9aL1Hm0G8Ceg3rx0iIe7K2D&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Cr6z5alnW0c5F5CvRFF22bybjmiskER0hezIFB_DB-PrEos1lxuD8SwdoevZ9IpdXCPwdpF9aL1Hm0G8Ceg3rx0iIe7K2D%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 cache-control no-cache, private content-type text/html alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5C0B Redirect Chain https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEA-gIhwUfXhemojo4GMPsng&google_cver=1&google_push=AehlK4CTDwAkihQgyqjkrCpcQjiKqB7m5pladOr-WROCU4mNuCQzh15KL_k7NSmnehecaQwqpKUSeh85ya... https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEA-gIhwUfXhemojo4GMPsng&google_cver=1&google_push=AehlK4CTDwAkihQgyqjkrCpcQjiKqB7m5pladOr-WROCU4mNuCQzh15KL_k7NSmnehecaQwqpKUSeh85ya... https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CTDwAkihQgyqjkrCpcQjiKqB7m5pladOr-WROCU4mNuCQzh15KL_k7NSmnehecaQwqpKUSeh85yaCkh0IO-lnRuAtaVIvE&google_hm=MDMwMzAwMDJfNjMwYzM...	170 B 188 B	37ms 36ms	Image image/png	142.251.40.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CTDwAkihQgyqjkrCpcQjiKqB7m5pladOr-WROCU4mNuCQzh15KL_k7NSmnehecaQwqpKUSeh85yaCkh0IO-lnRuAtaVIvE&google_hm=MDMwMzAwMDJfNjMwYzM1ZTk1ODVhYg%3D%3D Protocol H3 Server 142.251.40.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Mon, 29 Aug 2022 03:43:37 GMT server nginx access-control-allow-origin * transfer-encoding chunked access-control-allow-methods POST, GET, OPTIONS p3p CP="NOI DEV OUR BUS UNI" location https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CTDwAkihQgyqjkrCpcQjiKqB7m5pladOr-WROCU4mNuCQzh15KL_k7NSmnehecaQwqpKUSeh85yaCkh0IO-lnRuAtaVIvE&google_hm=MDMwMzAwMDJfNjMwYzM1ZTk1ODVhYg%3D%3D cache-control no-cache content-type text/html; charset=UTF-8 access-control-allow-headers Origin keep-alive timeout=10
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5C0B Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xsQWxpLFQ-WVsWzYPwpOuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	37ms 37ms	Image image/png	142.251.40.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xsQWxpLFQ-WVsWzYPwpOuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4DGqD2AcThLKubZgPp1jrMgWszhLAtRY2k4ZXzYh0TwGUsHcQtqU022kVq49AErGC5pjdhUulM_lKDOLDjIrfuzEh5L7j9Z Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.251.40.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xsQWxpLFQ-WVsWzYPwpOuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4DGqD2AcThLKubZgPp1jrMgWszhLAtRY2k4ZXzYh0TwGUsHcQtqU022kVq49AErGC5pjdhUulM_lKDOLDjIrfuzEh5L7j9Z date Mon, 29 Aug 2022 03:43:36 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5C0B Redirect Chain https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEIDRLzRedGJGfo-Th40pjI&google_cver=1&google_push=AehlK4DJ4e1ozA3w_4q-RWxnn8lu2hY_O_H-Vo0j1LoUSbHcX4tRhpRRnv5fst2dB4a2hu98Q4MWSXvkHJAa-5PrI... https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEIDRLzRedGJGfo-Th40pjI&google_cver=1&google_push=AehlK4DJ4e1ozA3w_4q-RWxnn8lu2hY_O_H-Vo0j1LoUSbHcX4tRhpRRnv5fst2dB4a2hu98Q4MWSXvkHJAa-5PrI... https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4DJ4e1ozA3w_4q-RWxnn8lu2hY_O_H-Vo0j1LoUSbHcX4tRhpRRnv5fst2dB4a2hu98Q4MWSXvkHJAa-5PrIZoyqBzngVX9&google_hm=FOY_cGZHODx4AzQXR4CqGyI9	170 B 188 B	39ms 38ms	Image image/png	142.251.40.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4DJ4e1ozA3w_4q-RWxnn8lu2hY_O_H-Vo0j1LoUSbHcX4tRhpRRnv5fst2dB4a2hu98Q4MWSXvkHJAa-5PrIZoyqBzngVX9&google_hm=FOY_cGZHODx4AzQXR4CqGyI9 Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.251.40.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Mon, 29 Aug 2022 03:43:37 GMT Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4DJ4e1ozA3w_4q-RWxnn8lu2hY_O_H-Vo0j1LoUSbHcX4tRhpRRnv5fst2dB4a2hu98Q4MWSXvkHJAa-5PrIZoyqBzngVX9&google_hm=FOY_cGZHODx4AzQXR4CqGyI9 Access-Control-Allow-Credentials true Connection close X-Sovrn-Pod ad_ap4ewr1 Access-Control-Allow-Headers X-Requested-With, Content-Type
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5C0B Redirect Chain https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEONCLcQQyiFee8mj4KxMvHQ&google_cver=1&google_push=AehlK4CppeKlKg5TasnW3456Byx_zJcBs0IHFbTdWgmM9mmpxLzPQyzsDJFl7rw8UmmQfgPvhFUeTJ3fRKjWEiUQ... https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=44658001&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4CppeKlKg5TasnW3456Byx_zJcBs0IHFbTdWgmM9mmp...	170 B 188 B	37ms 37ms	Image image/png	142.251.40.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=44658001&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4CppeKlKg5TasnW3456Byx_zJcBs0IHFbTdWgmM9mmpxLzPQyzsDJFl7rw8UmmQfgPvhFUeTJ3fRKjWEiUQO625oSfWyJVU Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.251.40.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Mon, 29 Aug 2022 03:43:37 GMT via 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop EWR53-P1 x-cache FunctionGeneratedResponse from cloudfront p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=44658001&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4CppeKlKg5TasnW3456Byx_zJcBs0IHFbTdWgmM9mmpxLzPQyzsDJFl7rw8UmmQfgPvhFUeTJ3fRKjWEiUQO625oSfWyJVU cache-control no-cache, must-revalidate content-length 0 x-amz-cf-id HWILqtfTjjaooPzl05p-0PaqY1NC6KxS5uqaDT5X8544fpFosZ9Nwg==
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5C0B Redirect Chain https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEK0HeexvyeF_rSSJY8qLaLA&google_cver=1&google_push=AehlK4A3xWPR20wn9kXNvrh2T7JQoScMfwWf23zPu9JYXTFmaBqW3oOFWzBU7u7IKQZmAlVabVmsK8TEL9TAvM... https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZjZmNDQ5ODZhMmExNDRiODY4NDgyZWZhN2FmMjMxYWU=&google_push=AehlK4A3xWPR20wn9kXNvrh2T7JQoScMfwWf23zPu9JYXTFmaBqW3oOFWzBU7u...	170 B 188 B	37ms 37ms	Image image/png	142.251.40.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZjZmNDQ5ODZhMmExNDRiODY4NDgyZWZhN2FmMjMxYWU=&google_push=AehlK4A3xWPR20wn9kXNvrh2T7JQoScMfwWf23zPu9JYXTFmaBqW3oOFWzBU7u7IKQZmAlVabVmsK8TEL9TAvMon0UOJJO-kdTk Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.251.40.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtZjZmNDQ5ODZhMmExNDRiODY4NDgyZWZhN2FmMjMxYWU=&google_push=AehlK4A3xWPR20wn9kXNvrh2T7JQoScMfwWf23zPu9JYXTFmaBqW3oOFWzBU7u7IKQZmAlVabVmsK8TEL9TAvMon0UOJJO-kdTk date Mon, 29 Aug 2022 03:43:36 GMT server Chocolate Cookie Sync Powered by Vdopia content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5C0B Redirect Chain https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEECy-YscOzZk5Y-qYpqGmw4&google_cver=1&google_push=AehlK4ACsPWpsjJ4OgW0yw5QdkqX6mxEvSUaBxzTyL8n7vYbzW2_EBDdkjr43z3UPmuhaZiPd96Zhg... https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4ACsPWpsjJ4OgW0yw5QdkqX6mxEvSUaBxzTyL8n7vYbzW2_EBDdkjr43z3UPmuhaZiPd96ZhgY5EB6wCkKPj4DNHR5TjV4&google_hm=NDU5MTg5MDE...	170 B 188 B	38ms 38ms	Image image/png	142.251.40.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4ACsPWpsjJ4OgW0yw5QdkqX6mxEvSUaBxzTyL8n7vYbzW2_EBDdkjr43z3UPmuhaZiPd96ZhgY5EB6wCkKPj4DNHR5TjV4&google_hm=NDU5MTg5MDE5MjM5NTU4MzI5Ng%3D%3D Protocol H3 Server 142.251.40.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4ACsPWpsjJ4OgW0yw5QdkqX6mxEvSUaBxzTyL8n7vYbzW2_EBDdkjr43z3UPmuhaZiPd96ZhgY5EB6wCkKPj4DNHR5TjV4&google_hm=NDU5MTg5MDE5MjM5NTU4MzI5Ng%3D%3D date Mon, 29 Aug 2022 03:43:37 GMT content-length 0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 5C0B	0 12 B	37ms 35ms	Image text/html	142.251.40.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IrOOy7EAK0onm7-8kBGILVgeyfEAHGMrjLc3W2ig_CQIePbLwXgK4kbdfJByN8vCqxuK91 Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:37 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response pagead2.googlesyndication.com/bg/ Frame 2793	36 KB 14 KB	19ms 19ms	Script text/javascript	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 06:06:41 GMT content-encoding br x-content-type-options nosniff age 77816 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14036 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 28 Aug 2023 06:06:41 GMT
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/ Frame EB62	32 KB 11 KB	63ms 21ms	Document text/html	2607:f8b0:4006:81e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d5d2ec3bfe4eb7337c77e4e85bfc8f3ba7e076101755c64198c948d415fb5179 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 552763 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 11245 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Mon, 22 Aug 2022 18:10:54 GMT expires Tue, 22 Aug 2023 18:10:54 GMT last-modified Thu, 23 Jun 2022 17:46:58 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 3BB4	0 622 B	101ms 45ms	Ping image/gif	142.251.40.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgwjkz4aLd4soNf84QqXcePriTQ57mS2FUkD2_vSW6ACqULWb2GtWt1LXnbOTxMPiMYSqEBlW5aRwOW2uyYKeoXlnAo7o1oNDrK022iek3-Xqv00WZ_NaRhgdnA-Wlr0khW-pHPOpz7joK0T6fXtp0sMW1kREPS6sHyay8cPrLFj3K9RQ993ypiABkegnrpRpFxHOjBtnl-kTEmCvku9Yy0jQ-crnjHbbkhQrK4v5Qe5Q4CEkgBbyosthe6-1cZnE2p6fAfLdZ37-_CQvUEpgxsskZm6jizU8-91evPqW3j-UiL5qy1OF5b0x4XwgA_-afB9fx9-LHiU6axuDygvJSPpPTF283FL3mpw8sOxFsw1vAfvD2owvOoio041syd-bzTUMokwgvMW6poOC4qQjTvVNERMpC5hPuliWAH2mT-JOpk-9UjHYQk42fPjdwHIIPYB_GvGVvnrYvfOu3-4a0jyAvwGD8RbWQ3KiYrKK7oQPcnPY64GtGe6gHqhy2wU_t8JNCpPHqOiRqKShHaIcRakQtyxcJOtRUfneWmQ4fe4I0Ls6WBEWVYfGjjDsqUWYeLWtIWIn2QsJzW0v_EreQ5UdFOR_6Wja2_vJu1kkNBXhWA6T85IGmrwk3yBQcKeCMrMRZ-5el8k5uNfHu9Xb3pj5hg2e2vlFKCNwcNUouWkxjFtEMJRrBapRkk2cInwBNk-muF3Jk7mA00aFEjOAClw_yDxtXwooF79utgnZdIKzMjq_4ZE3PvZW88dG6HI6KB4PiKvuM3IxtVZwPu0YEAEd7gxrv263-GvaB20Lr77q833HQAFqtaJ_gcphq5GbrKq6LXZsrGX__V6mv2YCjFHpe9RM6nmoVCuWVrf2LHJugYRGm6xCOB8fktGdzessZitiWviFQBZjPy3vKw5TsHUJVyM_V4yIqZ47iokBNGlTi38XaTSSqy3hIOIjhLv8cVw6icpt6iusQpMl0PZ0-KSlS2oBFzPEp-9KlaH8p34JMkiZpV8clfllSSeEOzlEfP6OcHJqODZNyvljF2VGC8gCKnVJupbLLqtFqZ9UulFx5rvvqPVs7BOwPXD81ZlnN_7On0hOyILdXCAxP8s23mAjcPddjQwKykl73pEA5xlcbydG-TYmlAXzxL_oko4Daz3-MZtwv5dz113aFkSMWuFMe1vHLUmguze_jFuuz0tknDB8&sai=AMfl-YRmPntefw-ai9sEtkazOEW5HxdnW89bqFmuLeXC3ZEyIa5NZ1d6IbAdXG0NDlLRtr8Y9pWktJ1Wp_4NUi4ZZKs1kGdGQ0BnT7F2LNXS9nsjPamQeaNhe3xioDY27rDsMKt2EbWBNY0lVOIPan4XmncQ-6AvqTxtqVb322rEORmlFslq5i5n5yw99WIzlznu_pqs6OHx5NuJGGUSN4gfaQPG&sig=Cg0ArKJSzInQ7hh8jlAcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=119&cbvp=1&cstd=116&cisv=r20220822.72318&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl= Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s38-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 date Mon, 29 Aug 2022 03:43:37 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012208081650000/ Frame 77E1	220 KB 61 KB	102ms 19ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 292033 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61502 x-xss-protection 0 server sffe date Thu, 25 Aug 2022 18:36:24 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "df13b0b17adb5918" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 25 Aug 2023 18:36:24 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012208081650000/v0/ Frame 77E1	14 KB 5 KB	134ms 52ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 292033 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5197 x-xss-protection 0 server sffe date Thu, 25 Aug 2022 18:36:24 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "aca8368210f82021" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 25 Aug 2023 18:36:24 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012208081650000/v0/ Frame 77E1	94 KB 28 KB	137ms 54ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 292033 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28794 x-xss-protection 0 server sffe date Thu, 25 Aug 2022 18:36:24 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "cc093c4134ec5f1e" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 25 Aug 2023 18:36:24 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012208081650000/v0/ Frame 77E1	5 KB 2 KB	144ms 62ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 292033 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1913 x-xss-protection 0 server sffe date Thu, 25 Aug 2022 18:36:24 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "ef17e6cba96d5668" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 25 Aug 2023 18:36:24 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012208081650000/v0/ Frame 77E1	40 KB 13 KB	145ms 63ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 292033 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12948 x-xss-protection 0 server sffe date Thu, 25 Aug 2022 18:36:24 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "08e07a681963ea9f" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 25 Aug 2023 18:36:24 GMT
GET H3	200	css fonts.googleapis.com/ Frame 77E1	8 KB 893 B	76ms 35ms	Stylesheet text/css	2607:f8b0:4006:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082202.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:806::200a Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 29 Aug 2022 02:12:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 29 Aug 2022 03:43:37 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 29 Aug 2022 03:43:37 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 77E1	2 KB 2 KB	20ms 19ms	Image image/png	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 19:18:34 GMT x-content-type-options nosniff server cafe age 30303 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 14819457070020093239 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2502 x-xss-protection 0 expires Mon, 29 Aug 2022 19:18:34 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 77E1	295 B 324 B	21ms 19ms	Image image/png	2607:f8b0:4006:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 19:18:34 GMT x-content-type-options nosniff server cafe age 30303 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 426692510519060060 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Mon, 29 Aug 2022 19:18:34 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 77E1	0 0	38ms 37ms	Image text/html	2607:f8b0:4006:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSu4jDfcCDMU38jfquSZMrOAJqg7DzUrXmRX3Z7ICjBJnnV8JL5WlvidIw7q4Up8JA0zSjHwMvccrGYRqGqu9ndIFHbmw Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 77E1	0 0	45ms 44ms	Image text/html	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CtdkK6DUMY6HQMJeqnQSg-I_gCY3DiJhmsPOdr5sOz6rB75sLEAEgtejSgAFgycaHiPCj7BKgAcCPupIByAEG4AIAqAMBqgTwAU_Qlnv5IJ1SfZoU44wAxu7yJtzQER1A7VTNvkxZZu0TEJqjivCKQkNyGw8P6rktJy8Og0xkmAy2CIOEUsF37xkoLkJGIo8yNWKmGP_CIEyNyqjanARC8HntpCWCSpVhRjHVsxtA-5Sx-07KEqfxBOQJ4LC0fTwSamIghbiIeB56O9wUuePROXRkeYC6W-jgvYHq8dYZpsaF7illXufNyM1VzjBg8hmM8EYe-mM3LdrZY8o5-rRApaovLZb25GUFzg0aVHWa34qt8-m9oSXxYbSRPZsNGC-Jf3LhuBcNvfPR5v_pybBJys5T3DT1S0smYMAEru6Pkc4D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB6jwxe0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQn-Eq0ggPCIBhEAEYHTICigI6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTg3ODc5MjM5MzA0Nzg2MTgYqLx4&sigh=TJo4Qyp2jEk&uach_m=[UACH]&template_id=492 Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame 77E1	208 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ed7f72a2bd925bbc88595fd51ea5ad48fe8a3a4ae9b1f4afd7ac863866ec0644 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
GET H3	200	gsap_3.5.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame EB62	60 KB 24 KB	35ms 34ms	Script text/javascript	2607:f8b0:4006:81e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 03:43:37 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24155 x-xss-protection 0 last-modified Mon, 31 Aug 2020 21:23:17 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 29 Aug 2022 03:43:37 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	40ms 39ms	Image text/html	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082202&jk=317892420344778&bg=!dnWldTHNAAYUOm8VNDo7ACkAdvg8Wlppc81n-KUW-M0xjlXyVfQb9V_R4v4pA7WmV7qMBHD-wZTV-gIAAACJUgAAAANoAQeZAtUeVZq-DAHfmXNEXF64H4r0019NvQlBiUIZXXR33WvOEjuMv1zeaetBw1su8HLoWq95nNLWYzXW0Ca5TIl-Wlo1PFqKOhchATFqXrDy6Fkz0efnPUNW_vdcyA5PNHO_zYy8i_vVMgcYmSbF0FZtRo4E60eEr6Jy8aDMFvzAJrjQqgrUsT7g2jZzgJIUagldP1oq4P7WBGs9GSb2XlnWlrzcqxQgH12qxCM4ZPkYKuTXy_zLV6oLLt5SEDQjbHE35psXlnMthnS3EINOh6LCosjS4F6Q-yS6EmuA9zYOjZS8TM6zVLFrMHQolm9beIwsF0uPmwo2zjusNN5kM71p4v20c1gzm8uAQMh7AXQvtqNQLyZHN_XONvE0WtEhIO6H-a_O_WP4SdK91TaWqo6C2l5EymlTl6BVYznbGEnH3AzGpJsPWABkP3CjL1c0bF0ZATUXn8xzj5-GdwtNw6BsUJLPNS3fVn98GkgD2PQh1EDjA-rvjmEkMmiGWRyhWm-pdmFkcXVAtjpJzbEInbfjhKQ4rvL0KV4Ow8sja1pLTATxuScJGefe0gw062RyzN3NS5tTn9VRuEOeTK8GavY3Cc3imRir4tjWPJofF8OtYfqaYhGB4Ljd4TcFBzUmzK3zai5dK1qx3bP06uiEWSg9Ot0HSkkpY10-4vjX4qBjzNQErSm3KbtYuKORnrBFW90zT6ll4JPPn324aJwWqPzoMiMtrQuDR6kjO0p5JdrMf4AZrV4tXZxXzg19SKpUBP4OhSscNWOgwP2aHqPyDZ2YPJRaGiSkV5ostuhv0Hu8Iqs7OGPRTlYdcNWqng1dfKRs-qwRfR3h3JO-gxAnXOwkoxbvl17shf3TYuGGufj6eWFuTQaGLSORuCc3tqqPcxlW_eUAzdaIFLj48dOTYDRvhmOMBU5JJxe8a7pRkjoYXkBc3r4LHrvf8Mxmvjd95twxBzi-KpKVGA Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v45/ Frame 77E1	28 KB 28 KB	68ms 21ms	Font font/woff2	2607:f8b0:4006:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://macapps.ufile.io accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 10:24:40 GMT x-content-type-options nosniff age 235137 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28288 x-xss-protection 0 last-modified Wed, 01 Jun 2022 19:05:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 26 Aug 2023 10:24:40 GMT
GET H3	200	build.bundle.js Show response s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/ Frame EB62	23 KB 8 KB	23ms 23ms	Script application/x-javascript	2607:f8b0:4006:81e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/build.bundle.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 402a72511979c0e61b7d75c2df66fe3b05639c8fbda5ac4a0e980eef5e4ca25c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 18:10:54 GMT content-encoding gzip x-content-type-options nosniff age 552763 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8141 x-xss-protection 0 last-modified Thu, 23 Jun 2022 17:46:58 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 22 Aug 2023 18:10:54 GMT
GET H3	200	fba-payload.png Show response s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/ Frame EB62	82 KB 82 KB	24ms 24ms	XHR image/png	2607:f8b0:4006:81e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/fba-payload.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 563afa92d4bb64cb576cfe38abab8ccd66bf8886ad635caaab7e6d17da9d3551 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 18:00:02 GMT x-content-type-options nosniff age 553415 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 83984 x-xss-protection 0 last-modified Thu, 23 Jun 2022 17:46:58 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 22 Aug 2023 18:00:02 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 3BB4	0 26 B	82ms 37ms	Ping image/gif	142.251.40.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgwjkz4aLd4soNf84QqXcePriTQ57mS2FUkD2_vSW6ACqULWb2GtWt1LXnbOTxMPiMYSqEBlW5aRwOW2uyYKeoXlnAo7o1oNDrK022iek3-Xqv00WZ_NaRhgdnA-Wlr0khW-pHPOpz7joK0T6fXtp0sMW1kREPS6sHyay8cPrLFj3K9RQ993ypiABkegnrpRpFxHOjBtnl-kTEmCvku9Yy0jQ-crnjHbbkhQrK4v5Qe5Q4CEkgBbyosthe6-1cZnE2p6fAfLdZ37-_CQvUEpgxsskZm6jizU8-91evPqW3j-UiL5qy1OF5b0x4XwgA_-afB9fx9-LHiU6axuDygvJSPpPTF283FL3mpw8sOxFsw1vAfvD2owvOoio041syd-bzTUMokwgvMW6poOC4qQjTvVNERMpC5hPuliWAH2mT-JOpk-9UjHYQk42fPjdwHIIPYB_GvGVvnrYvfOu3-4a0jyAvwGD8RbWQ3KiYrKK7oQPcnPY64GtGe6gHqhy2wU_t8JNCpPHqOiRqKShHaIcRakQtyxcJOtRUfneWmQ4fe4I0Ls6WBEWVYfGjjDsqUWYeLWtIWIn2QsJzW0v_EreQ5UdFOR_6Wja2_vJu1kkNBXhWA6T85IGmrwk3yBQcKeCMrMRZ-5el8k5uNfHu9Xb3pj5hg2e2vlFKCNwcNUouWkxjFtEMJRrBapRkk2cInwBNk-muF3Jk7mA00aFEjOAClw_yDxtXwooF79utgnZdIKzMjq_4ZE3PvZW88dG6HI6KB4PiKvuM3IxtVZwPu0YEAEd7gxrv263-GvaB20Lr77q833HQAFqtaJ_gcphq5GbrKq6LXZsrGX__V6mv2YCjFHpe9RM6nmoVCuWVrf2LHJugYRGm6xCOB8fktGdzessZitiWviFQBZjPy3vKw5TsHUJVyM_V4yIqZ47iokBNGlTi38XaTSSqy3hIOIjhLv8cVw6icpt6iusQpMl0PZ0-KSlS2oBFzPEp-9KlaH8p34JMkiZpV8clfllSSeEOzlEfP6OcHJqODZNyvljF2VGC8gCKnVJupbLLqtFqZ9UulFx5rvvqPVs7BOwPXD81ZlnN_7On0hOyILdXCAxP8s23mAjcPddjQwKykl73pEA5xlcbydG-TYmlAXzxL_oko4Daz3-MZtwv5dz113aFkSMWuFMe1vHLUmguze_jFuuz0tknDB8&sai=AMfl-YRmPntefw-ai9sEtkazOEW5HxdnW89bqFmuLeXC3ZEyIa5NZ1d6IbAdXG0NDlLRtr8Y9pWktJ1Wp_4NUi4ZZKs1kGdGQ0BnT7F2LNXS9nsjPamQeaNhe3xioDY27rDsMKt2EbWBNY0lVOIPan4XmncQ-6AvqTxtqVb322rEORmlFslq5i5n5yw99WIzlznu_pqs6OHx5NuJGGUSN4gfaQPG&sig=Cg0ArKJSzInQ7hh8jlAcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=275&vt=11&dtpt=156&dett=3&cstd=116&cisv=r20220822.72318&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl= Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s38-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Mon, 29 Aug 2022 03:43:37 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2793	0 20 B	41ms 41ms	Image image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BChr76DUMY57hOcmI_gTT77uoCgAAAAA4AeAEAg&bg=!Hh2lHVnNAAYUOm8VNDo7ACkAdvg8WoAWHAM4_Hg-eMg3Loak_VSf1mAnt9tM2fjNP99mQm0rEHnu4QIAAACZUgAAAAJoAQeZAzBJGqIv-fryh-A4T8926m7Deu9g3fxoaxYuWO2AwxzXpkpOS-Y5oYscJ_mquBaX2bEXWookjESWzuEvIqGvbDG2r8ipemeu0S44NVI8GKF7ylqy7EogH_aT-pZebKVLohc-BFhNk9QyC1GRNLRnQkfmF2We-vPiTeRdURmqV1VgsGO3uXEeO31WY6bFVBhKBc8bovWNYGA-TZe-QEBReTp1pi5GlR04zNRq6zUTgVp_S6gA-1-UTahW7K9o9WmUr5VnS44zWBCtOeG7Oh87oS0QkcFk0jI1Fm7m9PDECpbVY6fdje_rR7pAKuYN1Cn8SQu8Ge9aX0_UHT0tlHNe9c0hOmqqGD2PWf2BDEOyV4pNbqlUjsYkJFMb1VPLuJCnqZGMSeTuvXZgca1MjA0fGKQUB1-xvLHoSMaBJ166sqdO47ba2mJjFSw29qKp7FHFzVhBMwnqiYjrfvov8DSoOtAa2qqVlyxNzNNOqA7loi0UGhkUPrbeyR1-sa6bRWDFzSYoSJYrWZ9-wS5yI1XuwAcdiY_vL_9PoU7U50gly2pALOuOBXHoUyZE070FWP6ZvekbCQRN5HHlALa3WqPMiT3rj1Zwq-jh3bkYEhdUUeXatwK5yiQs_dZkkT5JN1cRNuZ_EDvb5gtFAgCOiFa-Qgdr2WEhkEy8t5yEypohFdiSnj_pf-XsQ1sN0-ZiO6QYpsgqWI2S98BFefyEupzo-_Iqy_9OiYeHYJ0-lG4XNb3Z88eyQcV3gs3q_f3bB5PSIWOyn4doD2HVBKcqaZoomO2NfqY7kSDvY8gJ_Fn90CA03-f0paGbW1kcO5AvLLMP8HsWi2NuDtkKqGIcZT-ww41QruUjY4h99J69eXrbaIbGoTFSf_n0Wni0xNpgJGyuqfR3Sv0xUtHInrQ_EtDPzqZctTKafs2V6_lfbzAxFTRPAlB48b95otDmrk1nP6cy0UKGcqDz5VNo3TrvpZpFLnHaUE_qKNmLb-qZibHjQ0TuUQ2xiUhC5AfszuC2jUdX1oYGYWBjv-vCt3TWmIjmrwHEfyFtFJJXt-s3O3s9LiZjr6_4IWylbBHR7MmjV-ob2Ls Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:37 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 77E1 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	85ms 39ms	Image text/html	2607:f8b0:4006:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: macapps.ufile.io URL: https://macapps.ufile.io/5x11nkd9 Protocol H3 Server 2607:f8b0:4006:80d::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Redirect headers date Mon, 29 Aug 2022 03:43:37 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET BLOB	200 OK	99710ede-3d58-4f6b-b0d0-7dd23fed7d50 https://s0.2mdn.net/ Frame EB62	8 KB 0		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL blob:https://s0.2mdn.net/99710ede-3d58-4f6b-b0d0-7dd23fed7d50 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/index.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 1647127ef34e526b8452223bff0b84a176a5e4c436fba9449d32a31a5d935c24 Request headers Referer Origin https://s0.2mdn.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Length 7952 Content-Type application/font-woff
GET BLOB	200 OK	d614e338-ade0-4d71-a035-dbcf9a9fe688 https://s0.2mdn.net/ Frame EB62	12 KB 0		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL blob:https://s0.2mdn.net/d614e338-ade0-4d71-a035-dbcf9a9fe688 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/index.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8686045a74f755bca751aa4eb4709726259d96b878bb9e7e8f8a44cce98f8036 Request headers Referer Origin https://s0.2mdn.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Length 12276 Content-Type application/font-woff
GET BLOB	200 OK	6ddc564a-c1e0-4923-973a-7bcb9a9c6af1 https://s0.2mdn.net/ Frame EB62	17 KB 0		Image image/jpg
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/6ddc564a-c1e0-4923-973a-7bcb9a9c6af1 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash bec94cc0cf133c6ee4b36c18e1f003a749017dab75b02be761aaeaa122b7a082 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Length 17205 Content-Type image/jpg
GET BLOB	200 OK	fd2f6634-d577-4572-9ceb-e5aa4ca5dad0 https://s0.2mdn.net/ Frame EB62	16 KB 0		Image image/jpg
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/fd2f6634-d577-4572-9ceb-e5aa4ca5dad0 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 89d78da996afce5adfbbbdf9b63c95864696c41bb1ffe5ab0493cf22acf85110 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Length 16063 Content-Type image/jpg
GET BLOB	200 OK	9bf08c8c-5ca7-4811-afca-c2fe4f2a0581 https://s0.2mdn.net/ Frame EB62	22 KB 0		Image image/jpg
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/9bf08c8c-5ca7-4811-afca-c2fe4f2a0581 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash c81f28a8c9a35c849e4f39874c0e512e7626a3170c6ea12eb51fe89649d2a88d Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Length 22569 Content-Type image/jpg
GET BLOB	200 OK	efc2369c-69ab-4397-8412-4052fb61b2b3 https://s0.2mdn.net/ Frame EB62	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/efc2369c-69ab-4397-8412-4052fb61b2b3 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e5981d96b0f092ab707da4ef12512578d47a0e0ef0bcba8320db62cc0205472c Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Length 4516 Content-Type image/png
GET H3	200	oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response pagead2.googlesyndication.com/bg/ Frame 6B0F	36 KB 14 KB	20ms 19ms	Script text/javascript	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Requested by Host: 27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com URL: https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 06:11:41 GMT content-encoding br x-content-type-options nosniff age 163916 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14118 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 27 Aug 2023 06:11:41 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 3BB4	42 B 64 B	88ms 46ms	Fetch image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWQCEoKWck9ih7ZqmIUZ5AI9dsDMaZf5hVal6WeTkNH-HvyFjRKC1tV75dqxesWSGezKKtR0QTv2_QN-6QleluYHJ6vY-ywPDopfXQvKAAUfq99ZsRl27Ow68Ks4VZLIBtJrc&sai=AMfl-YRICUB2M3M8bsbBbEC1wO-_fRhMSR1YMAWsvGvIFQ1e1tueA9OcvHWtUJuzHwu144vgB8ouiL_ZfKqpg-YnuLzM0C9KH3K80fraROQKW2A0yiqORAxNzAUIWrru&sig=Cg0ArKJSzKCitQq0Tw22EAE&cid=CAASJeRoduPKe58RDJ4lSW0fMsmBT1QUCQRzRtFpATc_O4-q5G90mCc&id=lidar2&mcvt=1000&p=736,436,826,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=377883425&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661744616833&rpt=217&isd=0&lsd=0&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET BLOB	200 OK	6ddc564a-c1e0-4923-973a-7bcb9a9c6af1 https://s0.2mdn.net/ Frame EB62	17 KB 0		Image image/jpg
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/6ddc564a-c1e0-4923-973a-7bcb9a9c6af1 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/build.bundle.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash bec94cc0cf133c6ee4b36c18e1f003a749017dab75b02be761aaeaa122b7a082 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Length 17205 Content-Type image/jpg
GET BLOB	200 OK	fd2f6634-d577-4572-9ceb-e5aa4ca5dad0 https://s0.2mdn.net/ Frame EB62	16 KB 0		Image image/jpg
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/fd2f6634-d577-4572-9ceb-e5aa4ca5dad0 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/build.bundle.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 89d78da996afce5adfbbbdf9b63c95864696c41bb1ffe5ab0493cf22acf85110 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Length 16063 Content-Type image/jpg
GET BLOB	200 OK	9bf08c8c-5ca7-4811-afca-c2fe4f2a0581 https://s0.2mdn.net/ Frame EB62	22 KB 0		Image image/jpg
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/9bf08c8c-5ca7-4811-afca-c2fe4f2a0581 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/build.bundle.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash c81f28a8c9a35c849e4f39874c0e512e7626a3170c6ea12eb51fe89649d2a88d Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Length 22569 Content-Type image/jpg
GET BLOB	200 OK	efc2369c-69ab-4397-8412-4052fb61b2b3 https://s0.2mdn.net/ Frame EB62	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/efc2369c-69ab-4397-8412-4052fb61b2b3 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9995474508306352345/AZ_Wonder%203.0_Display_DV360_Biosphere_728x90/build.bundle.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e5981d96b0f092ab707da4ef12512578d47a0e0ef0bcba8320db62cc0205472c Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Length 4516 Content-Type image/png
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 77E1	42 B 64 B	45ms 44ms	Image image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdHFOOGXPIDsfz1N-GrQtKJioxLMTDyxMz4h_aWwiWQfrnQfvGUkIeUTcVXypKEKb5owrAkhaodlB3qZr0ES95_JWuS4D9VB8n-65CUa0OP4BsXI1cWI-p39mGPS2oaVKFC4M&sai=AMfl-YTtLvzXmhw4kPJjEPR9R3c7sQActCDt3jhCCHdkCR61QbsHfjKs8bNcSaAIly8S3c8i4sMBkE8CmZ-_0-jxSxKfkyhRvBmrBBZBjKoB_4jAh_eFxVt7HPJUQMU5&sig=Cg0ArKJSzCgDjdnURIHEEAE&cid=CAASFeRoSwMPpORzfmyDZ72A7LZdtWdULg&id=ampim&o=315,220&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=254&tls=1255&g=100&h=100&tt=1255&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=2426367938 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://macapps.ufile.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame E281	0 54 B	512ms 211ms	Ping image/gif	2404:6800:400a:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l7e7u89j&c=4636644454679&slotId=2318322227339.5&qqid=CJrll4yR6_kCFdfFhwodrBYMVw&umsem=0&ple=1&ape=1 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:400a:80b::2003 Osaka, Japan, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://27feba1e8948ea250391014dab566952.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 03:43:38 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT