www.downloads.xerifetech.com Open in urlscan Pro
158.69.181.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.downloads.xerifetech.com/
Effective URL:
https://www.downloads.xerifetech.com/
Submission: On February 09 via api (February 9th 2024, 12:15:42 am UTC) from US — Scanned from CA

Summary HTTP 152 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 35 IPs in 4 countries across 27 domains to perform 152 HTTP transactions. The main IP is 158.69.181.32, located in Montreal, Canada and belongs to OVH, FR. The main domain is www.downloads.xerifetech.com.
TLS certificate: Issued by R3 on December 23rd 2023. Valid for: 3 months.

This is the only time www.downloads.xerifetech.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	158.69.181.32 158.69.181.32	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4004:c1d::9d	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::ac43:b911	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c07::5e	15169 (GOOGLE) (GOOGLE)
22	2607:f8b0:400... 2607:f8b0:4004:c1b::9c	15169 (GOOGLE) (GOOGLE)
2	45.140.146.101 45.140.146.101	44477 (STARK-IND...) (STARK-INDUSTRIES)
4	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4004:c06::71	15169 (GOOGLE) (GOOGLE)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	3.162.3.84 3.162.3.84	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2607:f8b0:400... 2607:f8b0:4004:c1d::84	15169 (GOOGLE) (GOOGLE)
1	52.22.89.206 52.22.89.206	14618 (AMAZON-AES) (AMAZON-AES)
20	2607:f8b0:400... 2607:f8b0:4004:c09::94	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c19::9c	15169 (GOOGLE) (GOOGLE)
2	104.88.197.92 104.88.197.92	16625 (AKAMAI-AS) (AKAMAI-AS)
6 8	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
3 7	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:303... 2606:4700:3035::6815:5ba5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
4	70.42.32.127 70.42.32.127	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	146.75.30.132 146.75.30.132	54113 (FASTLY) (FASTLY)
6	104.88.197.161 104.88.197.161	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.251.163.149 142.251.163.149	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.167.157 142.251.167.157	15169 (GOOGLE) (GOOGLE)
1	2600:1405:740... 2600:1405:7400:6::17d7:dfd7	() ()
1	2a04:4e42:400... 2a04:4e42:400::485	() ()
152	35

11 158.69.181.32 (Montreal, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: business.bare-dns.com

www.downloads.xerifetech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c1d::9d (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:b911 (United States)

ASN13335 (CLOUDFLARENET, US)

near.flyspecialline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.140.146.101 (Chisinau, Moldova)

ASN44477 (STARK-INDUSTRIES, GB)
PTR: vm2027790.stark-industries.solutions

cdn.specialtaskevents.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gate.getmygateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4004:c06::71 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-84.yul62.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)

c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.89.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-89-206.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4004:c09::94 (Ashburn, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c19::9c (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.88.197.92 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-88-197-92.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.253.62.157 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.179.155 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:5ba5 (United States)

ASN13335 (CLOUDFLARENET, US)

post.plastformspecial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1t-nydc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1-nydc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.30.132 (Ashburn, United States)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.88.197.161 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-88-197-161.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.149 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f157.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1405:7400:6::17d7:dfd7 (None, )

ASN- ()

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	406 KB
24	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	350 KB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	289 KB
11	xerifetech.com 1 redirects www.downloads.xerifetech.com	277 KB
10	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com Failed	70 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	4 KB
6	moatads.com z.moatads.com — Cisco Umbrella Rank: 704 px.moatads.com — Cisco Umbrella Rank: 660	109 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	6 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	124 KB
4	zemanta.com b1t-nydc1.zemanta.com — Cisco Umbrella Rank: 5802 b1-nydc1.zemanta.com — Cisco Umbrella Rank: 6727	691 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	260 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	41 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
2	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1933	15 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	13 KB
1	jsdelivr.net cdn.jsdelivr.net	60 KB
1	createjs.com code.createjs.com	63 KB
1	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 3835	20 KB
1	plastformspecial.com post.plastformspecial.com	526 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 657	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1833	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1299	6 KB
1	getmygateway.com gate.getmygateway.com	17 KB
1	specialtaskevents.com cdn.specialtaskevents.com	5 KB
1	flyspecialline.com near.flyspecialline.com	5 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019	76 KB
152	27

	Domain	Requested by
22	pagead2.googlesyndication.com	www.downloads.xerifetech.com c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com securepubads.g.doubleclick.net cdn.jsdelivr.net
20	s0.2mdn.net	www.downloads.xerifetech.com s0.2mdn.net c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
18	tpc.googlesyndication.com	www.downloads.xerifetech.com c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
11	www.downloads.xerifetech.com	1 redirects www.downloads.xerifetech.com
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	securepubads.g.doubleclick.net	www.downloads.xerifetech.com securepubads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	px.moatads.com	c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
5	c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.googletagservices.com	c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com www.downloads.xerifetech.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
3	b1t-nydc1.zemanta.com	c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com widgets.outbrain.com
3	www.gstatic.com	www.downloads.xerifetech.com c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
3	fonts.gstatic.com	www.downloads.xerifetech.com
2	googleads4.g.doubleclick.net	www.downloads.xerifetech.com
2	cdnjs.cloudflare.com	s0.2mdn.net
2	ad.doubleclick.net	www.downloads.xerifetech.com
2	fonts.googleapis.com	c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com www.downloads.xerifetech.com
2	widgets.outbrain.com	c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
1	cdn.jsdelivr.net	www.downloads.xerifetech.com
1	code.createjs.com	s0.2mdn.net
1	b1-nydc1.zemanta.com	www.downloads.xerifetech.com
1	z.moatads.com	s0.2mdn.net
1	zem.outbrainimg.com	c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
1	post.plastformspecial.com	www.downloads.xerifetech.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	gate.getmygateway.com	cdn.specialtaskevents.com
1	cdn.specialtaskevents.com	near.flyspecialline.com
1	near.flyspecialline.com	www.downloads.xerifetech.com
1	maxcdn.bootstrapcdn.com	www.downloads.xerifetech.com
0	www.google.com Failed	tpc.googlesyndication.com
152	38

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
t.me
chpadblock.com

Subject Issuer	Validity	Valid
www.downloads.xerifetech.com R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
flyspecialline.com GTS CA 1P5	`2024-01-11` - `2024-04-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
cdn.specialtaskevents.com R3	`2024-01-15` - `2024-04-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
gate.getmygateway.com R3	`2024-01-15` - `2024-04-14`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
plastformspecial.com GTS CA 1P5	`2024-01-19` - `2024-04-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-05`	a year	crt.sh
*.outbrainimg.com R3	`2024-01-27` - `2024-04-26`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.downloads.xerifetech.com/
Frame ID: 31D5A1882B96FF32B1E23C471334E276
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html
Frame ID: A1C6EA86BD65CEF4A52DCB488991A328
Requests: 1 HTTP requests in this frame

Frame: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 72AD4BD90C30DA99487671610ADDDE0E
Requests: 1 HTTP requests in this frame

Frame: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 545052A4BCBFBBE115CB0FE6A51394CE
Requests: 20 HTTP requests in this frame

Frame: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3853B02A949F61882CF84226B6132219
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMSisJEEEOrUpJIEGKW6gIQCMAE&v=APEucNWeoXZlr39shol3ZNrMBMVlH0XRESJTPLUDVsDzw2Asn5DUv9DpP5HxEcaoR9VudI3T1T1eLqCpD4ovzqYIcDIqgQ3dmOa7xPgFoa-j5DHTQGHvXSQ
Frame ID: 4D8CE4229FC599D2650C84493251763C
Requests: 5 HTTP requests in this frame

Frame: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E037DB15AD35397F2A6EC54D8C6AAD73
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 29D727792EFAEA7E4394FCD325CA6B5F
Requests: 7 HTTP requests in this frame

Frame: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7BCDFFF5FFF064F1595C4051DDF07DC7
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ADC1643D31B6A8C2893F0AA195BDDEC7
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLpIxClo8_0BRi6ooGHAjAB&v=APEucNXtm-x7aze4vcdnMJGVugNqm415-Ji-p3dFErmwXMN6pWvyA7jh1JnGia_J23iY_EtuIEljXbM0345FW0M5wNE1XZW203FQM6MKHsf0fGrk8NBVQ3o
Frame ID: 645C6F4961065AB1B0692D769CE780C2
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/index.html?ev=01_250
Frame ID: 245528C74D7AD291C41E61070428E757
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Frame ID: E3C7C199CE3E3A84622544901AD14B94
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1BDBE560C9B0D1B1B6DA1F8662537E20
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9863652241792040960/ENGLISH_V2__300x250/index.html?ev=01_250
Frame ID: BA4B4DB8C00DB3BF4EEBBF1549CBDCEF
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 791FFE567C2AEC7BF5D35D9D0DAC2D96
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F96E1DC5E57F8547C5746E40AA1877E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PARTICIPE DO NOSSO CANAL NO TELEGRAM - Xerife Downloads

Page URL History Show full URLs

http://www.downloads.xerifetech.com/ HTTP 301
https://www.downloads.xerifetech.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Zepto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

zepto.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

152
Requests

93 %
HTTPS

53 %
IPv6

27
Domains

38
Subdomains

35
IPs

4
Countries

2236 kB
Transfer

5613 kB
Size

20
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/profile.php?id=100092730620336

Search URL Search Domain Scan URL

URL: https://twitter.com/XerifeTech

Search URL Search Domain Scan URL

URL: https://www.instagram.com/xerifetech/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC9GQjtuPpKSPd3-gZw-CWaA

Search URL Search Domain Scan URL

URL: https://t.me/xerifetechyoutube

Search URL Search Domain Scan URL

URL: https://chpadblock.com/
Title: Powered By

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.downloads.xerifetech.com/ HTTP 301
https://www.downloads.xerifetech.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1&gdpr=0

Request Chain 53

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcVuq9HM6FwAAAglAAPfNgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEETKUrvb7w8CKO7EuSdqmyQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEETKUrvb7w8CKO7EuSdqmyQ%26google_cver%3D1

Request Chain 55

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxOTA3MDk3MDQ0OTQzMzY0

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1&gdpr=0

Request Chain 94

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcVuq9HM6FwAAAglAAPfNgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEETKUrvb7w8CKO7EuSdqmyQ&google_cver=1

Request Chain 96

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ1Mzc1MDQzMDg1MjMxMzU2Mg%3D%3D

152 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.downloads.xerifetech.com/
Redirect Chain

http://www.downloads.xerifetech.com/
https://www.downloads.xerifetech.com/

274 KB
62 KB

433ms
142ms

Document
text/html

158.69.181.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.downloads.xerifetech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.181.32 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: business.bare-dns.com
Software: /
Resource Hash: d2e0fa3b1515fc66ccd9807a8edcf0e93132127943bb3a0bf5a7938be67b7284

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 63069
content-type: text/html; charset=UTF-8
date: Fri, 09 Feb 2024 00:15:35 GMT
etag: "629-1707422792;br"
link: <https://www.downloads.xerifetech.com/>; rel=shortlink
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Fri, 09 Feb 2024 00:15:35 GMT
location: https://www.downloads.xerifetech.com/

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 519ms
152ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.downloads.xerifetech.com/
Origin: https://www.downloads.xerifetech.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5c8382cb5288f2e64b14edda0a9c4bec
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8527eb3c6c6e53e3-YYZ
cdn-requestpullsuccess: True

GET
H2 200 js.min.js Show response
www.downloads.xerifetech.com/wp-content/themes/appyn/assets/js/ 17 KB
4 KB 119ms
117ms Script
application/javascript 158.69.181.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.downloads.xerifetech.com/wp-content/themes/appyn/assets/js/js.min.js?ver=1707422792
Requested by: Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.181.32 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: business.bare-dns.com
Software: /
Resource Hash: da2e81c1224c244d964a7d2724c706c8a5e48a5f19d36adab3688268a0180f82

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:36 GMT
content-encoding: br
last-modified: Tue, 24 Oct 2023 02:21:29 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4359
expires: Fri, 16 Feb 2024 00:15:36 GMT

GET
H2 200 style.min.css
www.downloads.xerifetech.com/wp-content/themes/appyn/ 64 KB
14 KB 115ms
112ms Stylesheet
text/css 158.69.181.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.downloads.xerifetech.com/wp-content/themes/appyn/style.min.css?ver=2.0.12
Requested by: Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.181.32 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: business.bare-dns.com
Software: /
Resource Hash: bd2f492259f55a75ef4be7968a66e330e1038cd9c62942644ab3c90fe5d627a6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:36 GMT
content-encoding: br
last-modified: Tue, 24 Oct 2023 02:21:29 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13843
expires: Fri, 16 Feb 2024 00:15:36 GMT

GET
H2 200 font-awesome.min.css Show response
www.downloads.xerifetech.com/wp-content/themes/appyn/assets/css/ 30 KB
6 KB 82ms
81ms XHR
text/css 158.69.181.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.downloads.xerifetech.com/wp-content/themes/appyn/assets/css/font-awesome.min.css
Requested by: Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.181.32 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: business.bare-dns.com
Software: /
Resource Hash: 7bb596ad9ef6bea1cd0ddd257a4aeca62e53852fb1ba98618eb36286f861eb61

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:36 GMT
content-encoding: br
last-modified: Tue, 24 Oct 2023 02:21:29 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6598
expires: Fri, 16 Feb 2024 00:15:36 GMT

GET
H2 200 jquery.min.js Show response
www.downloads.xerifetech.com/wp-includes/js/jquery/ 86 KB
29 KB 106ms
104ms Script
application/javascript 158.69.181.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.downloads.xerifetech.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.181.32 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: business.bare-dns.com
Software: /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:36 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 14:04:10 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Fri, 16 Feb 2024 00:15:36 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.downloads.xerifetech.com/wp-includes/js/jquery/ 13 KB
5 KB 105ms
104ms Script
application/javascript 158.69.181.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.downloads.xerifetech.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.181.32 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: business.bare-dns.com
Software: /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:36 GMT
content-encoding: br
last-modified: Fri, 09 Jun 2023 14:19:24 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Fri, 16 Feb 2024 00:15:36 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 574ms
156ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b262571da9247167d6eb83a97960c84422b90b9cae4bcb89c59a18b9a26ab5af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29799
x-xss-protection: 0
server: cafe
etag: 700 / 19762 / 31080924 / config-hash: 16746103079631119791
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 00:15:36 GMT

GET
H2 200 cropped-xerife-2-300x300.png
www.downloads.xerifetech.com/wp-content/uploads/2023/10/ 65 KB
66 KB 95ms
94ms Image
image/png 158.69.181.32
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.downloads.xerifetech.com/wp-content/uploads/2023/10/cropped-xerife-2-300x300.png
Requested by: Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.181.32 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: business.bare-dns.com
Software: /
Resource Hash: d08bf66a4021c2bcfc6e1ab9d52b9427a91cf6976e3a75af7a54f41ed0680de8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/png
date: Fri, 09 Feb 2024 00:15:36 GMT
cache-control: public, max-age=604800
last-modified: Tue, 24 Oct 2023 02:29:28 GMT
accept-ranges: bytes
content-length: 67023
expires: Fri, 16 Feb 2024 00:15:36 GMT

GET
H2 200 image.png
www.downloads.xerifetech.com/wp-content/uploads/2023/11/ 54 KB
54 KB 113ms
112ms Image
image/png 158.69.181.32
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.downloads.xerifetech.com/wp-content/uploads/2023/11/image.png
Requested by: Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.181.32 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: business.bare-dns.com
Software: /
Resource Hash: 15dccfe8f1e4fdbb12c4542b8d2fcea3407f7b6ea79e1ce9627da9f64ac50126

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/png
date: Fri, 09 Feb 2024 00:15:36 GMT
cache-control: public, max-age=604800
last-modified: Fri, 10 Nov 2023 01:01:57 GMT
accept-ranges: bytes
content-length: 55041
expires: Fri, 16 Feb 2024 00:15:36 GMT

GET
H2 200 icon.png
www.downloads.xerifetech.com/wp-content/plugins/chp-ads-block-detector/assets/img/ 15 KB
15 KB 139ms
139ms Image
image/png 158.69.181.32
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.downloads.xerifetech.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
Requested by: Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.181.32 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: business.bare-dns.com
Software: /
Resource Hash: 723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/png
date: Fri, 09 Feb 2024 00:15:36 GMT
cache-control: public, max-age=604800
last-modified: Sat, 03 Feb 2024 03:18:20 GMT
accept-ranges: bytes
content-length: 15671
expires: Fri, 16 Feb 2024 00:15:36 GMT

GET
H2 200 d.svg
www.downloads.xerifetech.com/wp-content/plugins/chp-ads-block-detector/assets/img/ 71 KB
22 KB 99ms
99ms Image
image/svg+xml 158.69.181.32
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.downloads.xerifetech.com/wp-content/plugins/chp-ads-block-detector/assets/img/d.svg
Requested by: Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.181.32 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: business.bare-dns.com
Software: /
Resource Hash: 51ed1f79aeb5a9c25435cb7b6d5335353448d2eefaac75fa24470d93a0d07fde

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:36 GMT
content-encoding: br
last-modified: Sat, 03 Feb 2024 03:18:20 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22296
expires: Fri, 16 Feb 2024 00:15:36 GMT

GET
H2 200 eGRHSERSW Show response
near.flyspecialline.com/ 10 KB
5 KB 607ms
248ms Script
application/javascript 2606:4700:3035::ac43:b911
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://near.flyspecialline.com/eGRHSERSW
Requested by: Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b911 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be94ab61751b7494ad15abe618c21824d31974ee0682c1470bf93236e01879f2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qEbhi%2B7UE%2Bp%2FxTOdN9eHpN6HUekbQiSVTDYym5yzn4QbANl6wHg8CQhTZBjska5aDAJKKqofBQ3JJ9mMYv5vSKNs9agMooxtJc8uLcsSqRdFC7LvbmaTOvnCHKl5DgljrbJYKu43XRZK7aruEeNEPTwFPjmtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 8527eb3dae2b53e9-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 542ms
136ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
Origin: https://www.downloads.xerifetech.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 05:16:18 GMT
x-content-type-options: nosniff
age: 68358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 05:16:18 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 551ms
148ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
Origin: https://www.downloads.xerifetech.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 23:56:30 GMT
x-content-type-options: nosniff
age: 1146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 23:56:30 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 77 KB
77 KB 603ms
200ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c702801fa3fee8f55c6dd59c5ed20c4277a439e8410e99cc883231a16863910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
Origin: https://www.downloads.xerifetech.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:04:21 GMT
x-content-type-options: nosniff
age: 675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78972
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 16:27:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 00:04:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 578ms
174ms XHR
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78cd2d9af2ba2db3f1fea9be3c28d559a644d4c1b2c951c2bbc36e8ef6d90aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51289
x-xss-protection: 0
server: cafe
etag: 3197921662853538568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 09 Feb 2024 00:15:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 582ms
176ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09284469fb462f2fe1909df5d20fdf5d239d3fd118221850cc67e410b99d3a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51282
x-xss-protection: 0
server: cafe
etag: 10399119219360205994
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 09 Feb 2024 00:15:36 GMT

GET
H2 200 JZFYbC Show response
cdn.specialtaskevents.com/ 12 KB
5 KB 916ms
315ms Script
application/javascript 45.140.146.101
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.specialtaskevents.com/JZFYbC
Requested by: Host: near.flyspecialline.com
URL: https://near.flyspecialline.com/eGRHSERSW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.140.146.101 Chisinau, Moldova, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: vm2027790.stark-industries.solutions
Software: nginx / PHP/7.4.33
Resource Hash: 54753bd05c9a14e23b2ecd6fb242faf57272cc3e1c12688fe1fb117b9f4d4f36

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:37 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 09 Feb 2024 00:15:37 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/ 436 KB
137 KB 116ms
115ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 13:17:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39493
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139580
x-xss-protection: 0
server: cafe
etag: 9278201123426970819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 07 Feb 2025 13:17:23 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/ Frame A1C6 9 KB
5 KB 562ms
141ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 76058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 03:07:59 GMT
etag: 3890843268177463596
expires: Thu, 22 Feb 2024 03:07:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 150684666 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 590ms
180ms Script
application/javascript 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/150684666?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9436eb946e30cd6c0fd12a90f211efd0966be105a84545c92cc68e5308be8f4d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xvk6nAZxrA4EQ-MzQ-bSTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-Xvk6nAZxrA4EQ-MzQ-bSTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj2sKoxSXF4KohxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99ecnE8_UlkwQQawDxO8lXTN-AeIePB8ub8OmsXBHTWePqprPmATHfuumsuuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWICD-nDmD9TcQ-9TPYI0B4rLb51jrgFiIh2Pl3anr2AQWXDm_mwkAT_RTzg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KQGrXb Show response
gate.getmygateway.com/ 41 KB
17 KB 1112ms
503ms Script
application/javascript 45.140.146.101
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: https://gate.getmygateway.com/KQGrXb?c=www.downloads.xerifetech.com
Requested by: Host: cdn.specialtaskevents.com
URL: https://cdn.specialtaskevents.com/JZFYbC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.140.146.101 Chisinau, Moldova, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: vm2027790.stark-industries.solutions
Software: nginx / PHP/7.4.33
Resource Hash: 85f4fe6b01478702a7c2581b25a81de3dfbfa871ee5ed0298fc44588f270720a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:38 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 09 Feb 2024 00:15:38 GMT

GET
H2 200 AGSKWxXdR2xRrDPioM2btWEj62QcdAJMyTti44eO73fhUKlNTRUYdReSxWp8IL-dB113LBkmedYBOGHXlX1OUIoltUm7NHU7rf7O4tksfWCoXa1he5Fsf10oAOkQSZf2nwXcLQpUmBCiAw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 147ms
146ms Script
application/javascript 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXdR2xRrDPioM2btWEj62QcdAJMyTti44eO73fhUKlNTRUYdReSxWp8IL-dB113LBkmedYBOGHXlX1OUIoltUm7NHU7rf7O4tksfWCoXa1he5Fsf10oAOkQSZf2nwXcLQpUmBCiAw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3NDM3NzM3LDg1NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZG93bmxvYWRzLnhlcmlmZXRlY2guY29tLyIsbnVsbCxbWzgsImpja0ZFTmdLQkZzIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jckFENgKBFs.es5.O/am=wA/d=1/rs=AJlcJMyOaDj6WQrQqPMlQyoi_v5YRvjdlQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b54f06762dd0a95d8adb60355f551e9667bec2492d3acebbe104f12cb41b67e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hZheBX5XFycTw_TXTqN2UA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-hZheBX5XFycTw_TXTqN2UA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsOoxSXF4K0hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48Hy5vw6axcEdNZ4-qms-YBMd-66ay666ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYgIP6cOYP1NxD71M9gjQHistvnWOuAWIiHY-XdqevYBG607d7DDACol06c"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
6 KB 339ms
84ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ad3f727ef5f17ff632a0cf27ad59f11458e1b4033322e5d2b4b2c3abe09ca5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 02 Feb 2024 21:17:15 GMT
server: cloudflare
age: 515883
etag: W/"65bd5bdb-42d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8527eb47cf69a22c-YYZ
expires: Mon, 12 Feb 2024 00:15:38 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 333ms
76ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:26:27 GMT
content-encoding: gzip
age: 2339351
x-guploader-uploadid: ABPtcPrZNycsIc_V62CFdCp-vemwrcvjuYKrzjTPSBVGPf3mGpyDdCB7zZqyhv0QRzKdP3YLpsNkztL8YIfFlhnjCIiuww
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 11 Jan 2025 22:26:27 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 551ms
150ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 07 Feb 2024 07:37:39 GMT
server: nginx
etag: W/"65c33343-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Feb 2024 00:15:38 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 414ms
127ms Script
text/javascript 3.162.3.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-84.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:35:08 GMT
content-encoding: gzip
via: 1.1 327dc9ff74acc5a845efbe2daefaec7a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P2
age: 52831
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: tq4gZ9RQtfrbBiX7Sw-qS9bfMB1DVHtVvJyb1QbjpSgAlkbcoKYzXQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 475ms
192ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:38 GMT
via: 1.1 google, 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 69bdabe4ff5af1544ba25a00ae262d6a
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 118 KB
45 KB 489ms
488ms Fetch
text/plain 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3540696877866421&correlator=1585017153223075&eid=31080924&output=ldjh&gdfp_req=1&vrg=202402010101&ptt=17&impl=fif&gdpr=0&iu_parts=22106840220%3A22411953314%2Cxerifetech.com%2Cxerifetech.com_w_fixed_11012023&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=980x90%7C970x90%7C728x90&ifi=1&didk=922258396&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707437737886&lmt=1707437737&adxs=310&adys=154&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.downloads.xerifetech.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=884973320.1707437738&ga_sid=1707437738&ga_hid=129171490&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYm4_h2dgxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiaj-HZ2DFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ym4_h2dgxSABSAghkEhcKCHJ0YmhvdXNlGJuP4dnYMUgAUgIIZBIUCgVvcGVueBibj-HZ2DFIAFICCGQ.&dlt=1707437735970&idt=1147&cust_params=id_post_wp%3D223&adks=573106984&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4f5c8850246f54f9bb7709bef61fbb8df2d1799c225277a1f6e4e9925e19335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45968
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.downloads.xerifetech.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
17 KB 667ms
666ms Fetch
text/plain 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3540696877866421&correlator=1585017153223075&eid=31080924&output=ldjh&gdfp_req=1&vrg=202402010101&ptt=17&impl=fif&gdpr=0&iu_parts=22106840220%3A22411953314%2Cxerifetech.com%2Cxerifetech.com_mw_content1_11012023&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C336x280%7C300x250&ifi=2&didk=4066117327&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707437737898&lmt=1707437737&adxs=1060&adys=154&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.downloads.xerifetech.com%2F&vis=1&psz=280x0&msz=280x0&fws=4&ohw=1600&ga_vid=884973320.1707437738&ga_sid=1707437738&ga_hid=129171490&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYm4_h2dgxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiaj-HZ2DFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ym4_h2dgxSABSAghkEhcKCHJ0YmhvdXNlGJuP4dnYMUgAUgIIZBIUCgVvcGVueBibj-HZ2DFIAFICCGQ.&dlt=1707437735970&idt=1147&cust_params=id_post_wp%3D223&adks=344432293&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af5f8ff7bbe2abc25aef5cb6d7b1898e855f7e1853f44b0fcffc6e13b1eb5b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17070
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.downloads.xerifetech.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 186 KB
53 KB 971ms
970ms Fetch
text/plain 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3540696877866421&correlator=1585017153223075&eid=31080924&output=ldjh&gdfp_req=1&vrg=202402010101&ptt=17&impl=fif&gdpr=0&iu_parts=22106840220%3A22411953314%2Cxerifetech.com%2Cxerifetech.com_Interstitial_11012023&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&didk=1086516769&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1707437737904&lmt=1707437737&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.downloads.xerifetech.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=884973320.1707437738&ga_sid=1707437738&ga_hid=129171490&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYm4_h2dgxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiaj-HZ2DFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ym4_h2dgxSABSAghkEhcKCHJ0YmhvdXNlGJuP4dnYMUgAUgIIZBIUCgVvcGVueBibj-HZ2DFIAFICCGQ.&dlt=1707437735970&idt=1147&cust_params=id_post_wp%3D223&adks=4251666664&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd8244ce6863a3f2e0d6d359e3b6c2e926efd5e3cabee05c1593ab617fde1927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54100
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.downloads.xerifetech.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 72AD 6 KB
3 KB 557ms
148ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 00:15:38 GMT
expires: Sat, 08 Feb 2025 00:15:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/ 44 KB
14 KB 116ms
115ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl_page_level_ads.js?cb=31080924

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

345f5e0d0c54f7e0e8449e49333deecd2b361a6d7a83f5d51b480cef5deb304f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 07:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59509
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14246
x-xss-protection: 0
server: cafe
etag: 1834480086689483259
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 07 Feb 2025 07:43:48 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 1217ms
1216ms Fetch
text/plain 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3540696877866421&correlator=1585017153223075&eid=31080924&output=ldjh&gdfp_req=1&vrg=202402010101&ptt=17&impl=fif&gdpr=0&iu_parts=22106840220%3A22411953314%2Cxerifetech.com%2Cxerifetech.com_mw_content2_11012023&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C336x280%7C300x250&ifi=4&didk=4066211565&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707437737919&lmt=1707437737&adxs=1060&adys=184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.downloads.xerifetech.com%2F&vis=1&psz=300x20&msz=280x20&fws=4&ohw=1600&ga_vid=884973320.1707437738&ga_sid=1707437738&ga_hid=129171490&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYm4_h2dgxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiaj-HZ2DFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ym4_h2dgxSABSAghkEhcKCHJ0YmhvdXNlGJuP4dnYMUgAUgIIZBIUCgVvcGVueBibj-HZ2DFIAFICCGQ.&dlt=1707437735970&idt=1147&cust_params=id_post_wp%3D223&adks=2122305623&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de0824fbb46cb2a739a83ff6e0bfa0f1037d1669082a8e748eefec1dae309c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10626
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.downloads.xerifetech.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxU28EG7iudVe7hGySgkDDbB84icd_hGC2zLBct9AJq2VA57Ajjfu66-j56pcWQ0Fylnjdsq5NXR1Z23YX-n25NtPfajy9SPetLPbCscRI1uzlsuXpZSxflhyohNOq0JjLVfZRRn3g== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 149ms
148ms Script
application/javascript 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU28EG7iudVe7hGySgkDDbB84icd_hGC2zLBct9AJq2VA57Ajjfu66-j56pcWQ0Fylnjdsq5NXR1Z23YX-n25NtPfajy9SPetLPbCscRI1uzlsuXpZSxflhyohNOq0JjLVfZRRn3g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3NDM3NzM4LDkwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3LDldLG51bGwsMixudWxsLCJwdC1QVCJdLCJodHRwczovL3d3dy5kb3dubG9hZHMueGVyaWZldGVjaC5jb20vIixudWxsLFtbOCwiamNrRkVOZ0tCRnMiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce3a42993f4df1ba301fa4d46d0cae8789c346e3c0cba154fc06c3fd90c39ac3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mLTMeoELlkb1HrixmGTiBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-mLTMeoELlkb1HrixmGTiBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsOoxSXF4K0hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48Hy5vw6axcEdNZ4-qms-YBMd-66ay666ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYgIP6cOYP1NxD71M9gjQHistvnWOuAWIibY9XdqevYBBa092oAAFgsTaA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
702 B 500ms
162ms XHR
application/json 52.22.89.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.89.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-89-206.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 011d1854c195802981fb7615a2233c85f300c86829214a82bcdc5c266ab8af99

Request headers

Referer: https://www.downloads.xerifetech.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:38 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.downloads.xerifetech.com
cache-control: no-cache
x-server: 10.40.62.210
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 container.html Show response
c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5450 6 KB
3 KB 126ms
125ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 00:15:38 GMT
expires: Sat, 08 Feb 2025 00:15:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3853 6 KB
3 KB 114ms
113ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 00:15:38 GMT
expires: Sat, 08 Feb 2025 00:15:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4D8C 645 B
548 B 148ms
147ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMSisJEEEOrUpJIEGKW6gIQCMAE&v=APEucNWeoXZlr39shol3ZNrMBMVlH0XRESJTPLUDVsDzw2Asn5DUv9DpP5HxEcaoR9VudI3T1T1eLqCpD4ovzqYIcDIqgQ3dmOa7xPgFoa-j5DHTQGHvXSQ

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 00:15:38 GMT
expires: Fri, 09 Feb 2024 00:15:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5450 111 KB
39 KB 590ms
168ms Script
text/javascript 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
Origin: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 12:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Feb 2024 12:47:48 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 5450 8 KB
3 KB 118ms
118ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 5450 23 KB
9 KB 137ms
136ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 00:13:08 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5450 41 KB
14 KB 658ms
257ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 01:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 255763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 01:12:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 5450 3 KB
1 KB 675ms
275ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 5450 20 KB
9 KB 566ms
167ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:19 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5450 42 B
173 B 190ms
190ms Image
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMZDzQs9SMXsD8nqaBoA3EYoDjpIqE-Ijgqrww2RyzW_ZOP-fJYhE87VA-peAmCjbOwNzVfuCJERLOUIrs9X7G102ZTX_CzPUldQJ5jloQ9Ke1WS0

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5450 205 KB
65 KB 789ms
377ms Script
text/javascript 2607:f8b0:4004:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66416
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707309907044448"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 00:15:39 GMT

GET
H2 200 widget.js Show response
widgets.outbrain.com/n2d/widget/ Frame 3853 53 KB
14 KB 599ms
216ms Script
application/x-javascript 104.88.197.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/n2d/widget/widget.js
Requested by: Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.197.92 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-88-197-92.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7713fb56b5aa338b53d90b38fc0e121c963c29bd7781a8215311af5405e99491

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Fri, 09 Feb 2024 00:15:39 GMT
content-encoding: gzip
content-length: 13756
last-modified: Tue, 16 Jan 2024 15:14:19 GMT
server: AkamaiNetStorage
etag: "551d2aec09d35b19b129e3e098883ad7:1705418627.814861"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Fri, 09 Feb 2024 04:15:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 3853 3 KB
1 KB 564ms
256ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 3853 20 KB
8 KB 477ms
170ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:19 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3853 24 KB
7 KB 562ms
255ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 01:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 255763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Feb 2025 01:12:56 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3853 205 KB
65 KB 512ms
192ms Script
text/javascript 2607:f8b0:4004:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66416
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707309907044448"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 00:15:39 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 4D8C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1&gdpr=0

43 B
335 B

116ms
115ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMSisJEEEOrUpJIEGKW6gIQCMAE&v=APEucNWeoXZlr39shol3ZNrMBMVlH0XRESJTPLUDVsDzw2Asn5DUv9DpP5HxEcaoR9VudI3T1T1eLqCpD4ovzqYIcDIqgQ3dmOa7xPgFoa-j5DHTQGHvXSQ
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiHf%2F5SHMrEPn95mypt9GaKeCj9V9JuuNbMkqrhRdeu1uqZhpOoikGtMsMR0NtYl7irC0E2u1eo3BTBaDZLqJ1LRr7QkkvhyFFC9KEizuiXLvgRxXeM2M8mJiU5jkOk%2Fpj3kaPf0lbcwVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8527eb4f685e54d3-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4D8C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcVuq9HM6FwAAAglAAPfNgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1

43 B
763 B

115ms
114ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMSisJEEEOrUpJIEGKW6gIQCMAE&v=APEucNWeoXZlr39shol3ZNrMBMVlH0XRESJTPLUDVsDzw2Asn5DUv9DpP5HxEcaoR9VudI3T1T1eLqCpD4ovzqYIcDIqgQ3dmOa7xPgFoa-j5DHTQGHvXSQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niKtBu5XGdfukEeHTHJOCoHe8svtag6eVz0gZYImltUvQe33v7Msfp2v%2BMKeLes94c2BmIF740PROTuUv4lLb4npskUKnZbIqEKKB8lvuxc7yZw5wu1iDjFnojznB6E3h49hjRtaO0dP9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8527eb50ce85a235-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 4D8C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEETKUrvb7w8CKO7EuSdqmyQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEETKUrvb7w8CKO7EuSdqmyQ%26google_cver%3D1

43 B
1 KB

110ms
108ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEETKUrvb7w8CKO7EuSdqmyQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMSisJEEEOrUpJIEGKW6gIQCMAE&v=APEucNWeoXZlr39shol3ZNrMBMVlH0XRESJTPLUDVsDzw2Asn5DUv9DpP5HxEcaoR9VudI3T1T1eLqCpD4ovzqYIcDIqgQ3dmOa7xPgFoa-j5DHTQGHvXSQ

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
an-x-request-uuid: 05b675b5-bd68-449a-97f5-e826db939e87
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 166.0.205.213; 166.0.205.213; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
an-x-request-uuid: fc332532-8389-441f-bcc3-447fbb782af2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEETKUrvb7w8CKO7EuSdqmyQ%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 166.0.205.213; 166.0.205.213; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4D8C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxOTA3MDk3MDQ0OTQzMzY0

170 B
243 B

214ms
213ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxOTA3MDk3MDQ0OTQzMzY0

Requested by

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
an-x-request-uuid: 58e40dda-4749-4a25-9498-6c847ebd91b1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYxOTA3MDk3MDQ0OTQzMzY0
x-proxy-origin: 166.0.205.213; 166.0.205.213; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 marginaleadservlet Show response
fundingchoicesmessages.google.com/f/AGSKWxXv2G_wV03eXIXlPTS_XYDT73_IXvltwWVLlRycQ8ndO0rqHTTubEQ89UIZ8yyhLkE2_DRF3W5nuZI8pVZ7kEvFmG8YknCF02Mu1S6aznA1DkDd9tbBA3MoUKRH6HyPtYRMfHUWERSYUPOwJvD5LvtI2_XCf... 54 B
110 B 140ms
139ms Script
application/javascript 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXv2G_wV03eXIXlPTS_XYDT73_IXvltwWVLlRycQ8ndO0rqHTTubEQ89UIZ8yyhLkE2_DRF3W5nuZI8pVZ7kEvFmG8YknCF02Mu1S6aznA1DkDd9tbBA3MoUKRH6HyPtYRMfHUWERSYUPOwJvD5LvtI2_XCfhpRzL2NA-EEXuxJLh1xoJQ124VnsM70/_/ads.client-/marginaleadservlet?/cwggoogleadshow.?adcontext=/banner_ads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jckFENgKBFs.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzagGqXr5oFhEL1_4sxa-2Z-JQzpg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc9c3f20ca2aab86925ddd54d00c0c61a921edd836a803a2091aa6e8344b10a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vs2hEOxnSbMcW0Hn4n03XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-vs2hEOxnSbMcW0Hn4n03XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsOoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48Hy5vw6axcEdNZ4-qms-YBMd-66ay666ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYgIP6cOYP1NxD71M9gjQHistvnWOuAWIiHY9XdqevYBG70fF3BDACi2k7A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 65 KB
24 KB 115ms
114ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d8422717684d38a8c50ce8bee6dd6b573edd07902908d8956e5c5720a1e44a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24651
x-xss-protection: 0
server: cafe
etag: 1327764161256606968
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 01:00:47 GMT

POST
H3 204 AGSKWxWc-4F-9WnbTy5QheXs6YkVpDGun04vjrLB76Le0s2Ce_BOzaPU1vXXgd_19u2QjS9hp2BZ9SNfx0YicLgG8HRPaIwISANdW9Fh2AVZskZpOM4XvxBII2hY3r9VmWBMp7KBDDoiBg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 647ms
170ms XHR
text/html 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWc-4F-9WnbTy5QheXs6YkVpDGun04vjrLB76Le0s2Ce_BOzaPU1vXXgd_19u2QjS9hp2BZ9SNfx0YicLgG8HRPaIwISANdW9Fh2AVZskZpOM4XvxBII2hY3r9VmWBMp7KBDDoiBg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mwqulDtdZYPm7ozUG3fobg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-mwqulDtdZYPm7ozUG3fobg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmJw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEQjwcq-9OXccmsKB_wkZGAOd6HHM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.downloads.xerifetech.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E037 6 KB
3 KB 130ms
129ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 00:15:38 GMT
expires: Sat, 08 Feb 2025 00:15:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxWc-4F-9WnbTy5QheXs6YkVpDGun04vjrLB76Le0s2Ce_BOzaPU1vXXgd_19u2QjS9hp2BZ9SNfx0YicLgG8HRPaIwISANdW9Fh2AVZskZpOM4XvxBII2hY3r9VmWBMp7KBDDoiBg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 484ms
168ms XHR
text/html 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWc-4F-9WnbTy5QheXs6YkVpDGun04vjrLB76Le0s2Ce_BOzaPU1vXXgd_19u2QjS9hp2BZ9SNfx0YicLgG8HRPaIwISANdW9Fh2AVZskZpOM4XvxBII2hY3r9VmWBMp7KBDDoiBg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S8VVfgF7AwHLRfvf0Ki8EQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-S8VVfgF7AwHLRfvf0Ki8EQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmJw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEQjwcq-9OXccmMGPn1w2MAOibHPc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.downloads.xerifetech.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWc-4F-9WnbTy5QheXs6YkVpDGun04vjrLB76Le0s2Ce_BOzaPU1vXXgd_19u2QjS9hp2BZ9SNfx0YicLgG8HRPaIwISANdW9Fh2AVZskZpOM4XvxBII2hY3r9VmWBMp7KBDDoiBg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 480ms
166ms XHR
text/html 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWc-4F-9WnbTy5QheXs6YkVpDGun04vjrLB76Le0s2Ce_BOzaPU1vXXgd_19u2QjS9hp2BZ9SNfx0YicLgG8HRPaIwISANdW9Fh2AVZskZpOM4XvxBII2hY3r9VmWBMp7KBDDoiBg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1YrNAuX9osQqXMp1lSaFng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-1YrNAuX9osQqXMp1lSaFng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmII1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEQjwcq-9OXccm0HF-1QZGAOvcHME"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.downloads.xerifetech.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWc-4F-9WnbTy5QheXs6YkVpDGun04vjrLB76Le0s2Ce_BOzaPU1vXXgd_19u2QjS9hp2BZ9SNfx0YicLgG8HRPaIwISANdW9Fh2AVZskZpOM4XvxBII2hY3r9VmWBMp7KBDDoiBg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 483ms
169ms XHR
text/html 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWc-4F-9WnbTy5QheXs6YkVpDGun04vjrLB76Le0s2Ce_BOzaPU1vXXgd_19u2QjS9hp2BZ9SNfx0YicLgG8HRPaIwISANdW9Fh2AVZskZpOM4XvxBII2hY3r9VmWBMp7KBDDoiBg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Tcw5euXCi9VTu3VVdLT0sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Tcw5euXCi9VTu3VVdLT0sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmJw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEQjwcq-9OXccmcGLl1w2MAOqpHRw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.downloads.xerifetech.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVAqgl5Kje3cDP6lpx0swqj1u-CSKrapw8VN2C5bIj8lNUPAzxHN2Uctt1Zud2mPV5esUkp2_RI6vkewvQW53wLeXRbiFg6XKvIwREPzEdAUcgscYe_tvhWbZauTJ4dU1Fpk0ZGhA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 180ms
179ms Script
application/javascript 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVAqgl5Kje3cDP6lpx0swqj1u-CSKrapw8VN2C5bIj8lNUPAzxHN2Uctt1Zud2mPV5esUkp2_RI6vkewvQW53wLeXRbiFg6XKvIwREPzEdAUcgscYe_tvhWbZauTJ4dU1Fpk0ZGhA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3NDM3NzM4LDk5MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwicHQtUFQiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuZG93bmxvYWRzLnhlcmlmZXRlY2guY29tLyIsbnVsbCxbWzgsImpja0ZFTmdLQkZzIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2b2f373bcd2c45ac264390879f228a8d84455094d818b723c7436d783b0fd03

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lM7J0hlVaqlBuVvcDPUv4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lM7J0hlVaqlBuVvcDPUv4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4KchxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99ecnE8_UlkwQQawDxO8lXTN-AeIePB8ub8OmsXBHTWePqprPmATHfuumsuuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWICD-nDmD9TcQ-9TPYI0B4rLb51jrgFiIm2P13anr2AROzO5UBAABolLl"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 yrhYEesrE Show response
post.plastformspecial.com/ 0
526 B 887ms
488ms Script
application/javascript 2606:4700:3035::6815:5ba5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://post.plastformspecial.com/yrhYEesrE
Requested by: Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5ba5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEWoKJ%2BSqK%2BXLG8JhxVpxNr554wn1S7L4h07h4iL%2FdObUFjNSGkMJXIlcXcg8VguLg4QzsKj7yivX%2Bh9BkF3EthfiUGu1knwmZS8YJpIUggzLtKTlLbscnn3ZdKWrrZM4gpJefO7KRHaimEatYoQ52zaKn6DRDcb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8527eb50281653f5-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Fri, 09 Feb 2024 00:15:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame E037 5 KB
1 KB 608ms
147ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 00:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 00:12:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 00:15:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 29D7 14 KB
1 KB 605ms
157ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 00:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 22:21:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 00:15:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 29D7 2 KB
903 B 211ms
211ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 29D7 23 KB
9 KB 260ms
258ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 29D7 3 KB
1 KB 267ms
264ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 29D7 20 KB
8 KB 211ms
209ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 29D7 205 KB
65 KB 375ms
373ms Script
text/javascript 2607:f8b0:4004:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66416
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707309907044448"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 00:15:39 GMT

GET
H2 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame 29D7 37 KB
16 KB 582ms
134ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 03:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 17:13:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 May 2024 03:13:11 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame E037 22 KB
9 KB 262ms
262ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
server: cafe
etag: 11136001603933606047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:35 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E037 205 B
519 B 599ms
157ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 15:05:26 GMT
x-content-type-options: nosniff
age: 33013
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 07 Feb 2025 15:05:26 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E037 604 B
695 B 599ms
157ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:02:31 GMT
x-content-type-options: nosniff
age: 29588
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 07 Feb 2025 16:02:31 GMT

GET
H3 200 container.html Show response
c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7BCD 6 KB
3 KB 179ms
179ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 00:15:38 GMT
expires: Sat, 08 Feb 2025 00:15:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxXxDMv2SNA5mAiZtlXtUw11TJDP99JAbFNmcVkIR6io3g9N8cxYwo9PdSrT7a-qCUlIU_Zn2yyGaAuGG9IUEyzS--K1bgQuBWZO2aTASHSkao8kAsBOxcPZhD-GEe62OfUodIXa3w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 297ms
169ms XHR
text/html 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXxDMv2SNA5mAiZtlXtUw11TJDP99JAbFNmcVkIR6io3g9N8cxYwo9PdSrT7a-qCUlIU_Zn2yyGaAuGG9IUEyzS--K1bgQuBWZO2aTASHSkao8kAsBOxcPZhD-GEe62OfUodIXa3w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MDC8X81RpAGpoaOvE_X5Pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-MDC8X81RpAGpoaOvE_X5Pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmJw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBCX3T7HWgfEQjwcq-9OXccmcKPt4wZGAOphHQU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.downloads.xerifetech.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5450 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d4ac31177e5e705197d10b14357149f1a090c69f575643306664b4712d4eb5b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame ADC1 38 KB
13 KB 137ms
136ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 255763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 01:12:56 GMT
expires: Wed, 05 Feb 2025 01:12:56 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 645C 645 B
257 B 154ms
153ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLpIxClo8_0BRi6ooGHAjAB&v=APEucNXtm-x7aze4vcdnMJGVugNqm415-Ji-p3dFErmwXMN6pWvyA7jh1JnGia_J23iY_EtuIEljXbM0345FW0M5wNE1XZW203FQM6MKHsf0fGrk8NBVQ3o

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 00:15:39 GMT
expires: Fri, 09 Feb 2024 00:15:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7BCD 93 KB
33 KB 157ms
157ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 00:15:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BCD 42 B
63 B 210ms
209ms Image
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ahmhq7VPZgVNE6Po0dK9RJ_qOrrNOV1dyQtdbO2PTxGLIwXDmaSiasHMShYa7UIbmDRVsBCOM1PJi0WQC3BlE8GeM7EhA_y2_s6_nEyw_MYNLEtUw

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7BCD 3 KB
1 KB 145ms
144ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7BCD 20 KB
8 KB 141ms
140ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7BCD 205 KB
65 KB 209ms
208ms Script
text/javascript 2607:f8b0:4004:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66416
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707309907044448"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 00:15:39 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 3853 990 B
1 KB 146ms
146ms Image
image/svg+xml 104.88.197.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.197.92 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-88-197-92.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 10 Mar 2024 00:15:39 GMT
date: Fri, 09 Feb 2024 00:15:39 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK /
b1t-nydc1.zemanta.com/t/imp/impression/QVOAGBUN43LTKXOLEMBMPFZWJMG4I5P6CBXAM7CE4IKTNG3AAAT4SSC27XUDOPXTP52FPK6ANBWNTFAAHXVTZTGL6KJDSBPDPLPNVL5MRH6PPKIZPC5Z4VFFNHX7F2UHSWXLC2GHLYZROBAIX56NNXVTSZ6HOV... Frame 3853 26 B
200 B 540ms
96ms Image
image/gif 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b1t-nydc1.zemanta.com/t/imp/impression/QVOAGBUN43LTKXOLEMBMPFZWJMG4I5P6CBXAM7CE4IKTNG3AAAT4SSC27XUDOPXTP52FPK6ANBWNTFAAHXVTZTGL6KJDSBPDPLPNVL5MRH6PPKIZPC5Z4VFFNHX7F2UHSWXLC2GHLYZROBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NPGTF2LSOPRXQR6BRHRVD6FBEM7T6BLZWPVCW56T7IVKAOBL5Q64SH5OTGUBJQCOKTLBYKU55JGMBHSAQQGQFXG3V2RN5MJP43IO5TVAWUDNVKKRWOXBKPQCLZ4MMGQWUEFA2R5WBLH4ANWRJXJJD7AOLNY6GN3PDW7IHCJ5UB5BKW55XIKRQ/?

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 00:15:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Length: 26
Content-Type: image/gif

GET
H2 200 3eead1dea89807c35e66190e68574914f4.png
zem.outbrainimg.com/p/srv/sha/42/c3/48/ Frame 3853 20 KB
20 KB 515ms
126ms Image
image/jpeg 146.75.30.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/42/c3/48/3eead1dea89807c35e66190e68574914f4.png?fit=crop&crop=entropy&thomcrop&w=334&h=150&fm=jpg

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

d21e0ecbc996f05d70ee26f4785afdcd335e835ee7baecf28eb7be8281dd92cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 521891
x-cache: HIT, MISS, HIT
x-imgix-id: 7a61dfb79510c6c08ec1d10bc33c6e14c00a7dfa
cross-origin-resource-policy: cross-origin
content-length: 20429
x-served-by: cache-sjc10083-SJC, cache-iad-kiad7000083-IAD, cache-iad-kiad7000140-IAD
x-imgix-render-farm: 02.131624
last-modified: Fri, 02 Feb 2024 23:17:28 GMT
server: Google Frontend
x-timer: S1707437740.838427,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
DATA 200
OK truncated
/ Frame 3853 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23e9d3a3ba71d35582d906a3926ce80e92dbad06897e28a2aa9d3e650d803955

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 moatad.js Show response
z.moatads.com/mightyhiveusmmcm360display620308191229/ Frame 5450 315 KB
108 KB 561ms
166ms Script
application/x-javascript 104.88.197.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mightyhiveusmmcm360display620308191229/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.197.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-88-197-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c8387317297798e3c7e00799e3625eb9859abeeeea904452c3aa4db36d1d0cb3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 17:53:31 GMT
server: AmazonS3
x-amz-request-id: WV85JYPVWWYZNC0V
etag: "80be7721a13764967b2d429c3dad51b0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=5749
accept-ranges: bytes
content-length: 109782
x-amz-id-2: b280678qA3V4GxLzg7OQKZ9ev3mdbmxgMkPQ7QrbiAnQyFPGMRFcpLz9NiqxdLcTOwuV2J/ij34=

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 7 KB
2 KB 529ms
114ms Document
text/html 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7c867fe9286f5bd763d04cadb00fa24adf78a16013e2a2645e4dc3b29367ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 40690
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2106
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 12:57:29 GMT
expires: Fri, 07 Feb 2025 12:57:29 GMT
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 5450 0
0 541ms
184ms Fetch
image/gif 142.251.163.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsugIiG5ri1en2WmW8a98OsuL2W8NIp2cEz-cC-0X2U6N-lxButBYbBpTeFkpyUMfMMboPbbejVM0KEjwiX2AsCzU0hWAwV3KY_dMSJDn3_uLeH-MfcU6ajR6FYra0NaURR3pFqP9uy5aLNScxCMJRbUjiVOaErUh5UUpZcHn5oVH_WEuVEHr0bi_3PcO2QiHLsKG8fZJvlcI7mX21Zx0mQtBPQl7zCg0IVLAVRmn7FYhKYSFIULKz62NMGYi_vR4IeREXQWS7dQwkbQxOx8ksf_8qM3PGroXVuO6nyrDDuwMe6R0rLLURfqqMBpGGF5BxOn9jDFj4XWf2Mvd8IaLdothny9CqLVvpGU_pldQRsE4vulQ5dEVo2a6TsVytq8gHeoVQ2dYpZn86lLc2abpXcynySqXE2bwxuR7npH_2iwM8c5wRqz4fWWwPLOFym_yGf_0_exCQorN9TZoV5-tH7ESlzdXR-h5GmjmsL16T2T-Hj3M5onnVdLIiywLH162t64MOC3qbczktm_nsSNFL2nXckMP85aS7EhsE_kRBCKyJq6-3hq6ricf3laWZ-QpGBYAyfOIDE4kxTqob_qyxb1ZHxij00x_W2TjTJxF6RXfIZzfLryPhtYehu1aKgCTGVXCpCbj9o6BXKL3nuDRYuZ0vfur3-OUi_KsbmbhR3Ye3YAxlGE06_WJGsnhl--bxPrWI3HAgXV5auwQSGPc7ltUK00ZPvS6EUnU0RY_wLRNOgqa9kdrvcUuLXxYkRvPIiB6_5E5YMli99nn24WJgC9KvyPK1xlr8n8ZfEJtgmXN7rJ18XwalQ6gh49pnC6pWG9Qu4cLegAfXDlBlgvL_2OStmSEptNp4toNHSujvC90olDCCu1kfWKXBb8Gez9DVxu2nUz8NAt3m0cpGdt7zvw6i5o79Jx8CK78qGsQkDgOpM5CaLbV8q0yH1eduF31e50qTu5KMXIKrEzM-_ETvG1zJjPNlpu12YCb-1OPMKcWOdHF6Q5NsolepcnhT2QxwOJOq-XjJYK_X7cldXdfY9Oy6sT_kU-tdLuqhHNAySCmi5ZJqQQ7NcicpCCWgivRosv3MGZ2jbyUdpOO_ddZYlcnu_H53kF0xzF_sSpfVnFJUXGwe5OGWcF5OA62ZQeI6fhBQzFJOviDkkBEwUmsTy4ryZXERu21RvYQ3BuUF2OWiVvQvTi3j0y_lbFzGJCHrJIhLNyMHn8mCPQ53XB_KI6hCrZ3BfdMd36bO9gw7_vvAA6LhlrgXwI7tbRHoqeVId6BP4ei-G2PxAshpD_w0yNm1EaDwYwdu8I8QX2dIq1my3UJdpZYIJFsbbBw67TkH_Xk29q9tmgOirwYKS82Z7jz7SAhFGKapF6t4N6JX-9Q5W_p27Sps498H202hp6RV5LPv8DDwThboXo8dcVEamSfRVxsx7myIe40WAFXDciCmwKzXJmGrp4-XAsIvjO&sai=AMfl-YSS4fb5TQUJlNisgdV7nuR8Fm0UuKWV3pWqj3K4g1BIOkk6UFuqO-QsPQDRX2u_JGQkF6UiHcnp-brc3PNEpmQQqFfsiCl-30KG80Q_tOkxPnd1cFIz57XYnk1zttM0-nc3rS7-SXr8AVJSQEgrnXf0Mz5Sv3vD3g_G9flTesxEJyeme_K6fgNAYb-PlTtseRZJQB9ajaNu361fHtzPdThfLg3DhjtusCQfFZ1xcaZGh1ZrMi9ODC_onfDlwsh3sV3sUTN0CrlVFxArbc3rCg4ygirSJPXXZfwXzZAx6OIOrNPEIm1mECpTNQe4UO2PpzFQZW3Vc9iPPEbxk5S1M0sabhMDvC_vZ7tR7n73Srsfakq-YYZwmyosLRwQIaLrkeXdiS_SvOX4O5jsDrAP6mnn8qwUUxOx3GU2ZHmir08yyFOde3vHHVONJEmuACJcM5HBQquB_iT7BtJN704qREDUlb7v-OdmQ8s-WXvcRREOgZEkn9yW2QnL1VP93TCXUAW_c-w&sig=Cg0ArKJSzN4ziPt1J0YHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9rcmFrZW4uY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=756&cbvp=1&cstd=753&cisv=r20240207.46018&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Feb 2024 00:15:39 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 09 Feb 2024 00:15:39 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 645C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1&gdpr=0

43 B
739 B

123ms
123ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLpIxClo8_0BRi6ooGHAjAB&v=APEucNXtm-x7aze4vcdnMJGVugNqm415-Ji-p3dFErmwXMN6pWvyA7jh1JnGia_J23iY_EtuIEljXbM0345FW0M5wNE1XZW203FQM6MKHsf0fGrk8NBVQ3o
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HIGAT2b%2ByCSt6Vw%2FRetXt9wWqtZyV4znnfBk3wyccnden1P4440W%2Fy9GWbg%2BG9aVd99jnGQSnHY0a%2BdFhc7%2F%2BWWz2rhuFSp%2FeOiMCc7q31AuMDAEvQhWKD7nWyNMDZBbqQvWWXSLjgegQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8527eb513f6fa235-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 645C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcVuq9HM6FwAAAglAAPfNgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1

43 B
733 B

110ms
110ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLpIxClo8_0BRi6ooGHAjAB&v=APEucNXtm-x7aze4vcdnMJGVugNqm415-Ji-p3dFErmwXMN6pWvyA7jh1JnGia_J23iY_EtuIEljXbM0345FW0M5wNE1XZW203FQM6MKHsf0fGrk8NBVQ3o
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCaUrG%2FRMf3dD7W5Iv1OGe%2BGvybBVIQjtiJIJzNlK8cUqyXCFKuAc3hBEpDwU7RN2Hun9DLme7GSZF8sicufxfbaRIHu2xkQurNcJ5jRMLErvpuqOvowEZ8JyPwIF%2B7b0Y3iTwR1t6SULQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8527eb51b80aa235-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgmrdeD1EgrLKC1pLZ4TNw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 645C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEETKUrvb7w8CKO7EuSdqmyQ&google_cver=1

43 B
1 KB

161ms
161ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEETKUrvb7w8CKO7EuSdqmyQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLpIxClo8_0BRi6ooGHAjAB&v=APEucNXtm-x7aze4vcdnMJGVugNqm415-Ji-p3dFErmwXMN6pWvyA7jh1JnGia_J23iY_EtuIEljXbM0345FW0M5wNE1XZW203FQM6MKHsf0fGrk8NBVQ3o

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
an-x-request-uuid: d907841d-a4ac-4f21-84b1-c6e03719f0e2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 166.0.205.213; 166.0.205.213; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEETKUrvb7w8CKO7EuSdqmyQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 645C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ1Mzc1MDQzMDg1MjMxMzU2Mg%3D%3D

170 B
232 B

152ms
151ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ1Mzc1MDQzMDg1MjMxMzU2Mg%3D%3D

Requested by

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
an-x-request-uuid: 53545149-c797-4d12-bcba-1d6d7d9fca0f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ1Mzc1MDQzMDg1MjMxMzU2Mg%3D%3D
x-proxy-origin: 166.0.205.213; 166.0.205.213; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame ADC1 39 KB
15 KB 116ms
116ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 02:47:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 02:47:21 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BCD 0
20 B 172ms
172ms Ping
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9237300713279&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BCD 0
20 B 173ms
172ms Ping
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9237300713279&version=m202401290101&ct=119&x=1&cor=3747946393728108000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7BCD 92 KB
38 KB 178ms
178ms Script
text/javascript 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-De_LAfD71tJQyzjTYbDQOHyn1Vv0Bgh-9e4OGqOnBBMFAj1lpEi7vrDJHf_3sLeTeZjbl-OpWt-suSr7W7SeF63Rqy6KPpBt_5bMiRX-pwOFcOPD1AFyiiDth8rg12VpXxflR41Y3hfqUW-7eiz8f3o3cFi6BaVyTHlJmjKf8fg9LV_X5wpZpcAcvSunp50P8P_yYJ&cry=1&dbm_d=AKAmf-Bo_43bfQZP8cjtPetnoxOnXOmCmKKOPL-pO8zdQKs5A26t5Lkab_PT4CPao6oZW0xvLohK9hfUfzECTV8WW8hCPcqyNGHFh4qODOfkJ92hOYlnujc-TcjLYtmZTP8QhKK5bHd6rXmawwNap0PgzcXKyJr3oLRrcsa5Ll_d-eZTiOerOe7FKW65ejMy_3dFtgDdjge-4x6ayL9xc22mtvG2y5bfkCqeawGz0kbTcYqKjbj33Stcw4GBDh2kWZ3eMciv8_xm2twk_KTJKKuDQHkS9xnyM1nNi6cEFKBasS6_K1dtt-h355832pHFLcm2cy3v4GFgucXFiedwn_Aj3b4M85MIRrid0HZ_nP_BNDY-fTLqPPXsFvyoO14DO85pPenmzElbRSaLFP8UgUuEVRk8R2czW-mD1VnEVS2N0aZOhuHsxIFMutpgO3pablGVX-237bw36mYRegdjZaEPCmh0YOHHmovvzlWGo_8bdMXxguoW9YNgdOqn7UmMSU5gh_HenQQ6ug8dNovvZmHtBl7JbAiGc8vm1H4nZBiP6s_BpXHlTQp8Y-duFdYBcj_-M_NOq6GfuRZpsSZzMvnPSURGDc361aw_KWCk5o8KHUabQG60GZXali2l9CdE7fYKU02L9d4GTewOE8tmCuM2ts6hj6q957uwQ38n8EAJVt3pXau_BIJu7j0RvDEfqAXAWwl2N2vsbesoTaaoQsPEzGEO2VDQAlcldDXp86zvHSnng25HF_qX2V4-4IFXTP49ADWWYmCFCc13TxGSZFHmGtSOcI6I-ycqpN5nzob_haVMpx6ABAEFqBpk6tN8dhba8RWn5MpC_hhrS2UszrWyLCTtqjlaxeFSsOOiHvQRTvOj0179j0O0nHrYCuxS7m4D0arVLJzyi4lV0xsNZ19m69GfLOTCWsEfcz1wZ_tc6Tw66HrIz6mrHwOhVXGci8BN-IsaTh-SJDLiF9DVyuav0XU3VRVXBiAOamHh2LVPBrUT2L51PN90X4TaDgXPaKFoA8onMSEPyPwGP0fz7u7ES8146lsk5GLX3meoQZhCKPzSeCxD45u6st0CxwGn3TLYstU2Hyg_BnUwLSz8UMWK3ioHISn0wPZZv61TMKjiNqPIwhfUnJ18GrOUGWmwpREJSxrTyuaZmmFKreXekHj6xZdizJg4p8kc0jLajBMNpFPPJp1_hZy46byjwjZoA6bsRosoLRIrwqvHwNek0V_b4jmJU4oVHHLkXQXL94JNF8MLDFDWVwUJEbvuKfGSdronAxV0I_DCpQeoyYpt8GY4bfImTPYtPDseASF_6dSzcmxMqq1CBLj5cyTvjno4ytjd0hhH7lBRVjGocdl6w_vmTujJ0SkzyAWmpO8sKvmF_4gQI6XitxLDe0GvjELnvcnFgw5CDsaSpidSE1YQ6uGftfHpWzLOhNBZWCHihlJpdQNpSEKhFwcdMj0qVKN3RuWQ-S8Vpz3pWaumZvetPE71wVDY0yXHg4o8a28QbajZR33O6Bs0Q44uL_MTMXCl-ijtx1YsuIpEi3XPNUV56uKUj3V2OKnFYtzWptASTp-LGQdAfSbPkZxer1prTPIcQvePIz0h6BJb30eVicUqJypCSykXJ7Ju_wte7GvHAYG-Yct8jFBivq_lfptzALRDvjPqNWmjN1renffOn8Tz7g842qevfmkOuwRt5WZCtETwZGonqW5L1-udEoFsEpjgTs-lMnlcp555P1ksCLoeOWOff2VYkicDBoi5H1W9eYbaFz1dXC7B4XM1mUt-lqG1zEyaX2hnkt6-v5rGHcb9XGuIaG3XTpgei92TBzLde41QdNmQYxz4qMUpXbF1qfVoHUCOjhs7z4Fn12JNJsbs19cVmlHqoLJXtOFGUjdPUqCfqFoOINcb0tF8JL5vnd4AX6kl_Zz2hnsprEODGs64LNBE83VqvglYxvJx8Yll4h7BJWnVy3eixBGYnf1bgpESdjwHvt4yElnPrJMu3XGBu6rr5R0Rsc7It_XDDS_9JNh2V0bXFHzjaGTQQ0XOsqhPhdalw6j-0Ck4Fxcr7dzzcWZ6zovbOtQI1a0xUX8TmNAlRxUmQGdBwE8xTWOG30fDNTgYPygGuiUTte2CMXJGkllUNfJSAuHYzI1GjVpI9iA03GB24ku0UWX8SU80ukAfDzxMr0ST2ddlvkGP4v6EFxSHpM5POSMOWG_3bZOrSM3OW73P-_wCRB0n1xu7Az3XajCp4P9GLtjkR9TL21q8lLWr8-zdx6OHm9VXEWKFAi-pMLZdSwIXwHin8YA7NGn3SwO8ek9xsXd8WOSm9yINfkLF6sBBgAR_ad5qEiaCxVYiBxfBFAfgYrGSyUvRZKvO4NrXI9e8--XWKL9V39g61lVFpLmVA6SZMJx5KQsOuQe2_r2m1pA6NIcwHIzQV6JoyP-5o8Ih3W3htDG0a3vP9niWCcNfYIZoWSmJk6_b1FDyz3Vh7RsZW4EYEmJySkNyWWp1OVU9Raz6p2MU_3PmCytE8UyTAMf-DA7KCGF0-GyfRpW9DZfnIuVcNGVpI1U5aLh1gkJeo0pCJaG6ZrpDFQX_C9AtRzKKXEFfw1gPKUsOHcxFYuqMlBwUIrydHDxjlvIPUq4cHV2r8rYiNdbgNHmk8_g2Y4pSo2jzhwfWNKemg4G_FFl1wgfi4P3WGngHmXSAVrobAf2-XADRgiyjHCYFD3jV4tWXidXVL8LJFBooTi0KD25iMfDWOCc8l9YMh_I7Yt1yXa0J6D2QSFiR09cqY0DfBcEY3RIBxi6s8nExSwnellJlmim5zVgvrQXwrG2qSjqnZkt8Vzn5lQsEqFoBT4822X5YYDXl2hBy7mtAjEpEAbKUt__1_Yyr8_iacWrVOIO0wL0piATvZ2Le9KcZEfB4vtuFe_eDHD0eR6NBjvs6oOItKKHWIf7GqvRLw4QUnLgAC-gc6gop0kJ-jgi7BxIPrag0KC2UMBd8ahpjGtzs3Ji4jFPuTEJ6qNrTObtl1aGoc8_hK8IjPgDDU4e48YMpe7icJr3VVPNRCedF9z0T47_6KZoyEStQ5PaL4T1cKBatv2iu825OIzWRl_orOyfI9cfGr6XuoqTy3zl517Q8ZcwJGlU057AYGtzL4394_iIzuYHHeCA340w0conC1eE-TW4Jr1YQwJyj7dDfmAE1g7uR5BQGjUbU-QxZPsr5sQMabCKkWtXDXxhgr9Sy6GBxxn5c6Dneuh4fa18o64eYqP5UNmpbiZAcKSeMHe_Unwd4E7FbDgTy1O5clz_JDobmCS8M2zmz0GUh_Pbc8-dQ-o-rFUP1VwDnToEq6Hoa_AKQgDc3tiSDq5UqlrPXWEc1Xa9ew0cZvP0Ti2XaZ3ClLEKqW49FwU2jAAjuvg4s_vBopXqnaf9oBxqkFrIZ5W4tB5gMQ4gbw8TKck23JTchM6sS1_-dI17-sgX9_7lLB7lFmVRezcnBktMLJJuZUJJ6PUlEBToAozNKV048-ZHF-56PFVYpeCIs4QWWyOdKDE6c3lPtPmd9Onov_0UIRjFmYwQOGU8FcrmvIQ14C_pjC9Svd_4TuXM5JBXya2Ij6VsUIC-lKucS8xKi5BLkSa7gAaP4iFT7c0s4DuiWdgi3gdy1GAEJZxGwpLxkdyl7GMXK8SFKaJ35bmwVHF5xo5z_lCwniyIV1gJ78bp1ascR_C2zG5Bj5E31D0xLT60jzazX8QblMnWiUwq7Ctl8d9JzQxqou5zWcl-Cn_dvGtPihNFigGKCF0MY5apL-JL0T4rU8y4uh-lHh2NgIta9_yDHX7f5b-p8ew03lq5dgqy74ptY6cReNvBHZfMVM9sXWLZAtvejzaAC48HMkQtNpFMmLJV0aOrUj5QQJUDrkTd0DIVU4LcHVe-qf8BDjj4wo898U8FBlgs-I6yVs2IqnttEDLCH_GCKyYijRLMjnL1pVchDhxApl5F8irX0gSJPaFWdhWmqPECQjAGddbTVGIS2F90zNjSmu6kH0A-hS9LHJZfWpJzTt9U1_Fiim0nWeGcVoBXq64HCpgD2k3kcY08TE7kHpzKs7fGoDct2SYWAWgahi1LS-8ifd_QsW5Hib0PsxvEW63MOi8t8H79iUUBqRAKWlmkms8Ix4vO_tLUek9w6qFXeLWvbzOJOiTd6NkSEBJk2OAnaJHIzzwkByzR9XTujbIpd4nePv_B1smov44H9ktyBcElkxsdS8rqapFoFcgJzPLbNNSrn10luEBpY58AgTLKn4v1Nt2ebL9Fh-Q3_M6070p_3Lg_mmPMZGRQWVRnASWEvHQytYpH2kYu-u32ZQt5pItJb0KnO2Ueg_t8CVc0&cid=CAQSTwAvHhf_rsNXypEjl6wXVNYo0U8wtNd-qSiD0KCWIs9wuVCAqZZ9ulw_cBl4ENxMr-mzzA8Wdcm7Sti83fpTmU9D-pBO8lq4xmHu1jYs3bEYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.downloads.xerifetech.com%2F&ds=l&xdt=1&iif=1&cor=3747946393728108000&adk=3944675603&idt=211&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d468091cad7f4013391f3f03089d6b854ccd41af0c6ccb5709a5dd3e276ebe1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39147
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E3C7 50 KB
19 KB 118ms
117ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19829
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 00:10:40 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ADC1 0
20 B 189ms
188ms Image
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BOIUHqW7FZfLXPK-4jvQPs-yI0AQAAAAAOAHgBAI&bg=!gYKlgs3NAAaxkZ3akZE7ADQBe5WfOOBK_8ACodeNxB4kG096Qfi0XD3oO95XqIk2bTOXPDHxeA3nYpTzVzA5vNyJx9qlAgAAAGJSAAAAA2gBBwoALWzTz5fXqZNjNRrKdXipm8kmDCIi_MHNqQI5vAmo6j1qRyLpKMQHka6eHRjTApkDIN9a7qhRdQrL1PVNVKeGMg6lKcU6RT5N_23jhlSVyjZ0CCFEaFwufiLPJ3taLa9n4tf7490yD4_mmfWO0DW3XTACe7nJQmsZwL3MeJ8quV1CtMDe3d_mjMUwTUQYmt6KRdg6nR6t2Iq0NXYziNYGJ8JO0AF1ATaXcuG5N3zAVhq3pnOxvRgUY-kisrD1J6IeVy7darjDsLCP3f_GbSPxLIOyDbeOTanmMi1Q1etBtqqNlJ4-FK3fjj3KDEusxbdDef4MyE9joFZIrzHi5W0dOEqMdse_gRFTGUuMj7nvZ0jeVBxyGdg1Uw3MCgvk_qBLi7ZsMmmD8FSbtcCxOV12JbORJC_laSZWQa5oNbvZsTgrLDWgpvksAafW3rZy_GboTmKITtxVed6Lsto1FD9I09I2aJwV7URjgefv2xwkRwVQDhzDRmh3t57gyaCkmApkScSO6gserduvEKbRFzcQY47HxF6hwRtzxCyDcxRlXF1IMTyVPRo90ygyg6Dt0-k5eT1As4ZFjRxhUwvC6ky6IjyZL8hPR7dKithBPlfxIrN3-WgB5P5OeALXnvNVCaYxa0y_-6ByckcBD3cBIlOUS-uOSoqDFZadJ1DaRoDoxxJhCfN0lnqoaNIYmsKhS9se9Cusok0hrfOzlsz9139S581fqA21qquJou8C1P9hfPh3rtbsukNqX8gjCB5EQVJrZZc9vbim6J0QDm-KsCop-NDUzqtRjioiGbNumlge014_3xQS1Bv90Y5dgDIJaLaFTaVVixSfWCHK203ebcEOmWT44WTGEK74yI474gaB_v9MkHUBJCVdTZM36T8ljBtbWq4ld4FLwrmyi5tgyIVx96IPJuXUJwhTdV6db6PTgAtVZsEYrBdZk8YVaq66qdy2wGY16eBPSnfDE8mP6N09UzbqKloYjzt-1xmtdmHrTWGOiPRHSI2WVEqAkKBlqVZ3dGywy7MTeAZ1XsM_a3Y-JV7fbQdGy5DkDli4y03JNYus-QPbhhTGPMdt3jmmRX2vv7swrUmuapuaFyEWagpUPNJskXhSl8eU7zU1w-z1LvOr

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7BCD 111 KB
39 KB 120ms
117ms Script
text/javascript 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
Origin: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 12:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Feb 2024 12:47:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 7BCD 12 KB
4 KB 116ms
116ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-De_LAfD71tJQyzjTYbDQOHyn1Vv0Bgh-9e4OGqOnBBMFAj1lpEi7vrDJHf_3sLeTeZjbl-OpWt-suSr7W7SeF63Rqy6KPpBt_5bMiRX-pwOFcOPD1AFyiiDth8rg12VpXxflR41Y3hfqUW-7eiz8f3o3cFi6BaVyTHlJmjKf8fg9LV_X5wpZpcAcvSunp50P8P_yYJ&cry=1&dbm_d=AKAmf-Bo_43bfQZP8cjtPetnoxOnXOmCmKKOPL-pO8zdQKs5A26t5Lkab_PT4CPao6oZW0xvLohK9hfUfzECTV8WW8hCPcqyNGHFh4qODOfkJ92hOYlnujc-TcjLYtmZTP8QhKK5bHd6rXmawwNap0PgzcXKyJr3oLRrcsa5Ll_d-eZTiOerOe7FKW65ejMy_3dFtgDdjge-4x6ayL9xc22mtvG2y5bfkCqeawGz0kbTcYqKjbj33Stcw4GBDh2kWZ3eMciv8_xm2twk_KTJKKuDQHkS9xnyM1nNi6cEFKBasS6_K1dtt-h355832pHFLcm2cy3v4GFgucXFiedwn_Aj3b4M85MIRrid0HZ_nP_BNDY-fTLqPPXsFvyoO14DO85pPenmzElbRSaLFP8UgUuEVRk8R2czW-mD1VnEVS2N0aZOhuHsxIFMutpgO3pablGVX-237bw36mYRegdjZaEPCmh0YOHHmovvzlWGo_8bdMXxguoW9YNgdOqn7UmMSU5gh_HenQQ6ug8dNovvZmHtBl7JbAiGc8vm1H4nZBiP6s_BpXHlTQp8Y-duFdYBcj_-M_NOq6GfuRZpsSZzMvnPSURGDc361aw_KWCk5o8KHUabQG60GZXali2l9CdE7fYKU02L9d4GTewOE8tmCuM2ts6hj6q957uwQ38n8EAJVt3pXau_BIJu7j0RvDEfqAXAWwl2N2vsbesoTaaoQsPEzGEO2VDQAlcldDXp86zvHSnng25HF_qX2V4-4IFXTP49ADWWYmCFCc13TxGSZFHmGtSOcI6I-ycqpN5nzob_haVMpx6ABAEFqBpk6tN8dhba8RWn5MpC_hhrS2UszrWyLCTtqjlaxeFSsOOiHvQRTvOj0179j0O0nHrYCuxS7m4D0arVLJzyi4lV0xsNZ19m69GfLOTCWsEfcz1wZ_tc6Tw66HrIz6mrHwOhVXGci8BN-IsaTh-SJDLiF9DVyuav0XU3VRVXBiAOamHh2LVPBrUT2L51PN90X4TaDgXPaKFoA8onMSEPyPwGP0fz7u7ES8146lsk5GLX3meoQZhCKPzSeCxD45u6st0CxwGn3TLYstU2Hyg_BnUwLSz8UMWK3ioHISn0wPZZv61TMKjiNqPIwhfUnJ18GrOUGWmwpREJSxrTyuaZmmFKreXekHj6xZdizJg4p8kc0jLajBMNpFPPJp1_hZy46byjwjZoA6bsRosoLRIrwqvHwNek0V_b4jmJU4oVHHLkXQXL94JNF8MLDFDWVwUJEbvuKfGSdronAxV0I_DCpQeoyYpt8GY4bfImTPYtPDseASF_6dSzcmxMqq1CBLj5cyTvjno4ytjd0hhH7lBRVjGocdl6w_vmTujJ0SkzyAWmpO8sKvmF_4gQI6XitxLDe0GvjELnvcnFgw5CDsaSpidSE1YQ6uGftfHpWzLOhNBZWCHihlJpdQNpSEKhFwcdMj0qVKN3RuWQ-S8Vpz3pWaumZvetPE71wVDY0yXHg4o8a28QbajZR33O6Bs0Q44uL_MTMXCl-ijtx1YsuIpEi3XPNUV56uKUj3V2OKnFYtzWptASTp-LGQdAfSbPkZxer1prTPIcQvePIz0h6BJb30eVicUqJypCSykXJ7Ju_wte7GvHAYG-Yct8jFBivq_lfptzALRDvjPqNWmjN1renffOn8Tz7g842qevfmkOuwRt5WZCtETwZGonqW5L1-udEoFsEpjgTs-lMnlcp555P1ksCLoeOWOff2VYkicDBoi5H1W9eYbaFz1dXC7B4XM1mUt-lqG1zEyaX2hnkt6-v5rGHcb9XGuIaG3XTpgei92TBzLde41QdNmQYxz4qMUpXbF1qfVoHUCOjhs7z4Fn12JNJsbs19cVmlHqoLJXtOFGUjdPUqCfqFoOINcb0tF8JL5vnd4AX6kl_Zz2hnsprEODGs64LNBE83VqvglYxvJx8Yll4h7BJWnVy3eixBGYnf1bgpESdjwHvt4yElnPrJMu3XGBu6rr5R0Rsc7It_XDDS_9JNh2V0bXFHzjaGTQQ0XOsqhPhdalw6j-0Ck4Fxcr7dzzcWZ6zovbOtQI1a0xUX8TmNAlRxUmQGdBwE8xTWOG30fDNTgYPygGuiUTte2CMXJGkllUNfJSAuHYzI1GjVpI9iA03GB24ku0UWX8SU80ukAfDzxMr0ST2ddlvkGP4v6EFxSHpM5POSMOWG_3bZOrSM3OW73P-_wCRB0n1xu7Az3XajCp4P9GLtjkR9TL21q8lLWr8-zdx6OHm9VXEWKFAi-pMLZdSwIXwHin8YA7NGn3SwO8ek9xsXd8WOSm9yINfkLF6sBBgAR_ad5qEiaCxVYiBxfBFAfgYrGSyUvRZKvO4NrXI9e8--XWKL9V39g61lVFpLmVA6SZMJx5KQsOuQe2_r2m1pA6NIcwHIzQV6JoyP-5o8Ih3W3htDG0a3vP9niWCcNfYIZoWSmJk6_b1FDyz3Vh7RsZW4EYEmJySkNyWWp1OVU9Raz6p2MU_3PmCytE8UyTAMf-DA7KCGF0-GyfRpW9DZfnIuVcNGVpI1U5aLh1gkJeo0pCJaG6ZrpDFQX_C9AtRzKKXEFfw1gPKUsOHcxFYuqMlBwUIrydHDxjlvIPUq4cHV2r8rYiNdbgNHmk8_g2Y4pSo2jzhwfWNKemg4G_FFl1wgfi4P3WGngHmXSAVrobAf2-XADRgiyjHCYFD3jV4tWXidXVL8LJFBooTi0KD25iMfDWOCc8l9YMh_I7Yt1yXa0J6D2QSFiR09cqY0DfBcEY3RIBxi6s8nExSwnellJlmim5zVgvrQXwrG2qSjqnZkt8Vzn5lQsEqFoBT4822X5YYDXl2hBy7mtAjEpEAbKUt__1_Yyr8_iacWrVOIO0wL0piATvZ2Le9KcZEfB4vtuFe_eDHD0eR6NBjvs6oOItKKHWIf7GqvRLw4QUnLgAC-gc6gop0kJ-jgi7BxIPrag0KC2UMBd8ahpjGtzs3Ji4jFPuTEJ6qNrTObtl1aGoc8_hK8IjPgDDU4e48YMpe7icJr3VVPNRCedF9z0T47_6KZoyEStQ5PaL4T1cKBatv2iu825OIzWRl_orOyfI9cfGr6XuoqTy3zl517Q8ZcwJGlU057AYGtzL4394_iIzuYHHeCA340w0conC1eE-TW4Jr1YQwJyj7dDfmAE1g7uR5BQGjUbU-QxZPsr5sQMabCKkWtXDXxhgr9Sy6GBxxn5c6Dneuh4fa18o64eYqP5UNmpbiZAcKSeMHe_Unwd4E7FbDgTy1O5clz_JDobmCS8M2zmz0GUh_Pbc8-dQ-o-rFUP1VwDnToEq6Hoa_AKQgDc3tiSDq5UqlrPXWEc1Xa9ew0cZvP0Ti2XaZ3ClLEKqW49FwU2jAAjuvg4s_vBopXqnaf9oBxqkFrIZ5W4tB5gMQ4gbw8TKck23JTchM6sS1_-dI17-sgX9_7lLB7lFmVRezcnBktMLJJuZUJJ6PUlEBToAozNKV048-ZHF-56PFVYpeCIs4QWWyOdKDE6c3lPtPmd9Onov_0UIRjFmYwQOGU8FcrmvIQ14C_pjC9Svd_4TuXM5JBXya2Ij6VsUIC-lKucS8xKi5BLkSa7gAaP4iFT7c0s4DuiWdgi3gdy1GAEJZxGwpLxkdyl7GMXK8SFKaJ35bmwVHF5xo5z_lCwniyIV1gJ78bp1ascR_C2zG5Bj5E31D0xLT60jzazX8QblMnWiUwq7Ctl8d9JzQxqou5zWcl-Cn_dvGtPihNFigGKCF0MY5apL-JL0T4rU8y4uh-lHh2NgIta9_yDHX7f5b-p8ew03lq5dgqy74ptY6cReNvBHZfMVM9sXWLZAtvejzaAC48HMkQtNpFMmLJV0aOrUj5QQJUDrkTd0DIVU4LcHVe-qf8BDjj4wo898U8FBlgs-I6yVs2IqnttEDLCH_GCKyYijRLMjnL1pVchDhxApl5F8irX0gSJPaFWdhWmqPECQjAGddbTVGIS2F90zNjSmu6kH0A-hS9LHJZfWpJzTt9U1_Fiim0nWeGcVoBXq64HCpgD2k3kcY08TE7kHpzKs7fGoDct2SYWAWgahi1LS-8ifd_QsW5Hib0PsxvEW63MOi8t8H79iUUBqRAKWlmkms8Ix4vO_tLUek9w6qFXeLWvbzOJOiTd6NkSEBJk2OAnaJHIzzwkByzR9XTujbIpd4nePv_B1smov44H9ktyBcElkxsdS8rqapFoFcgJzPLbNNSrn10luEBpY58AgTLKn4v1Nt2ebL9Fh-Q3_M6070p_3Lg_mmPMZGRQWVRnASWEvHQytYpH2kYu-u32ZQt5pItJb0KnO2Ueg_t8CVc0&cid=CAQSTwAvHhf_rsNXypEjl6wXVNYo0U8wtNd-qSiD0KCWIs9wuVCAqZZ9ulw_cBl4ENxMr-mzzA8Wdcm7Sti83fpTmU9D-pBO8lq4xmHu1jYs3bEYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.downloads.xerifetech.com%2F&ds=l&xdt=1&iif=1&cor=3747946393728108000&adk=3944675603&idt=211&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:43:36 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 7BCD 31 KB
12 KB 120ms
120ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11930
x-xss-protection: 0
server: cafe
etag: 15760894069517589058
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 00:03:01 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7BCD 41 KB
14 KB 118ms
118ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 01:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 255763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 01:12:56 GMT

GET
DATA 200
OK truncated
/ Frame 7BCD 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3526320a3a70379b1d95110c3dd5f08f9ae169687f8512e4bc2f58a52f0e3f56

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3853 0
0 180ms
179ms Image
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWxBqqm7FZfurEqyyjvQP26W7gAWkr-vkdcrq_Lz9EMCNtwEQASAAYP3AlIHoA4IBF2NhLXB1Yi05MDYzNDg2MzkxMzg3OTgzyAEJ4AIAqAMByAMCqgSvAk_QVOON7E6x8-jwQXmMUD2jxY0GBXi8C1aqDfI2ZloSuRVWSeCcIi6VUdE4GeMwoOhk7UvfkcZafemw6fs1Hyugmi7GS3W259BW-D3h_3gB2U24cR6VXVLV7VFRduzzH3AXYuYjkGKeUkjR8VGAvaZGOOxwDjV3aguGd1Pl5gQIBTCpJiBApQ5ofkhFYjk0V7tJqJOc8eUX99la84pP8CGg8xKn66cyS_VAdY5gKQfKh6rGzNRj9zCabDudyPp75l9xcImMjTn9abRLLSArHIvP_UwvXh_9qobAgnSSKcqwi-azPJkMy2O_Nr7mxgAehU2XLFKAWXk7YcKnVkRprYhQhL3jvHMzABka9uFjv-PeGadUtskb7UU7Ws_xG8IcCzUMoJ7kj7FlUahp1h811eAEAYAGoc7O2a_9zPWPAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICACEi9_cE6WOyj5J79nIQDgAoD-gsCCAGADAHiDRMIp9rknv2chAMVLJmDCB3b0g5Q0BUBgBcBshccChoSFHB1Yi05MDYzNDg2MzkxMzg3OTgzGNCteA&sigh=7lq80A5WSLY&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_J2igEAMm3V4RAbJg5f21gieG39wIR_zQVHYtqCNnbJKYDRkRJUJF-pWZ1uT6fF139zr7aruBpfcR5jg_ZGaTs5RgjxVLrzAjZBgB&cbvp=2&vis=1
Requested by: Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H/1.1 200
OK /
b1-nydc1.zemanta.com/bidder/win/googleadx_display/5a38fa35-c6e0-11ee-a8bc-31a839213e11/ZcVuqgAElfsIg5ksAA7S298vi8Uz2ZeUzsFujA/YD2A45DMKUIFEJ2K4IVCSRC3XJTVUVOIGCIZ7NMA7IYEHXMBVNWF67YJ6YAGIGLXDFVVVFV... Frame 3853 0
148 B 535ms
103ms Image
text/plain 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b1-nydc1.zemanta.com/bidder/win/googleadx_display/5a38fa35-c6e0-11ee-a8bc-31a839213e11/ZcVuqgAElfsIg5ksAA7S298vi8Uz2ZeUzsFujA/YD2A45DMKUIFEJ2K4IVCSRC3XJTVUVOIGCIZ7NMA7IYEHXMBVNWF67YJ6YAGIGLXDFVVVFV26R2SKXN2GX73QCJZUZQIQUTEWL64Z4J47OY6WJQWKXMY4N3ZGNHPWJWLPLD3LWKZJDLZPOMHABR3SQQ64SZR6K3HLRRESUBTZBMO6SV7S5Y5PXE2EHB2OZUA5MCCKUWGT2PYJI3CITCZNYZAYIID7GQ7BFK7VKNW6FHEVACAP3EWQDLSZGAD56TYU2CUWTSZP7TAZQ6E3MFH5BAT2JHSBXBXGZ3VNIBU5PTOCI2PMIBTPZW2IEQE4IUYQCUI4FDUJZ447DSNIDYHLHZPXZEQ4XCTUQ432VBT232GSX5RDNWX32NL3GE4LTUE3GQCZD2UZUUUBN3ITOBVS3SGD4XXFBN7O6IONXX5B7HA7GIM5IASJPR25VQKFZX43YOKLCBA4EMYQHPQDF7FKE6TVVZKCQOEN3NB6AYOXGIZIG7E22N2EXFDLPC3RF6AJH43PUTCKRGQCOBDE7V47JET2TK6JKRAX3XXAL7VRZ7NH27O5NFD5QLVCOG32EFP6CVVY6S3LRNSRQAYQAUSOPXEVDYWA74O2KK6PZYAX5LAEYCDX7VAVYN45CMVLGAJVBG7NYXKAI5Z3WUXAQFSSGCLBTLTYEJIUJWUS4PISJ4W23BSSBA4JSALOUASUMHORCNKQTHKYTCX52IQPRAS6OFJYRC6ZGUJJ5METQIR3UYJ6JQKAJOFIVROUJN3VV7WZOETKG3CFP277ZO3GIV2SROCAKQN6OLYYQEUSRQSM635YDH7TOUNBZXZJLEQP4EVHXBK552AKHJEXS22DK3LOJ5MOD7CY5TQC7LFZSY/?amtw=&cbvp=2

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 00:15:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Length: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 3 KB
858 B 116ms
116ms Stylesheet
text/css 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b3dd074129ed4df39ca9d6a03b7581371ee635a6f10dd6abdd69715c89e68d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 12:57:58 GMT
date: Thu, 08 Feb 2024 12:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40662
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 828
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/ Frame 2455 110 KB
32 KB 488ms
124ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6280858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 32828
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1b8f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLDZYwSzQxp16GpKlvDNd6ciujFBZY1rMh69ModPBeVCYZkRyhzxIw71GPfgUdgm8SUce5Z1EUr1XKTtn6shVBKOl9FpcoaLY9JdOlMvUAEDGjXvjS%2FKnb14zI5O8AwMuI5YnLr0qtH1HWrZHnxwoXbe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8527eb555c3f36a0-YYZ
expires: Wed, 29 Jan 2025 00:15:40 GMT

GET
H2 200 zepto.min.js Show response
cdnjs.cloudflare.com/ajax/libs/zepto/1.1.6/ Frame 2455 25 KB
9 KB 476ms
112ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/zepto/1.1.6/zepto.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27f6c0723a8c90ef39d2894d0058897f4d95586c19b78567a5fd374f76540756

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6006669
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8433
last-modified: Mon, 04 May 2020 16:18:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04043-6233"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soIqqgm%2FTtwjRmTDwuVRL708aaR1GveAwxpi7vPottfVzxyp%2FoeqQNl2Ero6SyITfy27IHkZzYMmu77oD7ZzG5S53vLUE9aXQJDyAAeC5hlZeGUZzSXpBRGwUHLdFLz91O9y6BYOXvL94tESUOMzRa9m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8527eb555c3936a0-YYZ
expires: Wed, 29 Jan 2025 00:15:40 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 6 KB
1 KB 116ms
115ms Script
application/x-javascript 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b90649eb90deadf7b1caa2c20025b29bda2f889ae52d488c90530e4517a2139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 13:18:48 GMT
date: Thu, 08 Feb 2024 13:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1326
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1BDB 38 KB
13 KB 134ms
117ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 255764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 01:12:56 GMT
expires: Wed, 05 Feb 2025 01:12:56 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9863652241792040960/ENGLISH_V2__300x250/ Frame BA4B 8 KB
3 KB 131ms
115ms Document
text/html 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9863652241792040960/ENGLISH_V2__300x250/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f9365a6aaca35ade3d19915bcd3c79a09fa40f5b309507021584f67c2ce27df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 39427
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2783
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 13:18:33 GMT
expires: Fri, 07 Feb 2025 13:18:33 GMT
last-modified: Fri, 02 Feb 2024 19:51:27 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7BCD 0
0 477ms
163ms Fetch
image/gif 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3E7Q4pW6bvsyjcNQ4D5kK_W42M8gJ3TK2zuLIkRIEIrU_5P_Ml0KrCdGCOJipSCZfvaEs0Ijerk9Pp6k7hpno--Lc-oKKPbONDq8RTGxDatAwaAjbedPcXN0tx-TcQZxF-UFquyNSiUJsTKhsJQBgANtC8hv2QB8y8mVLEFLMdSyl42xyiqoh37KXOoXQfBrRJ0ZoaTKAyeXamq9IwvLuBRQ32q1jADU1IL1POc2joFGv_48Z2rcYLvgJbwWSyk1CkCOLwvJLDqUWN5E_i2jrqygckNn_G88MsY_rO1099w2sJ5tNHZIZmL_dgHTpvAp2RWqM1OpkCGk1zws5uMWGYveCQG1bAVCq2pWIFqZJV7IaeYKwE8AZwPX2hjiSNeTakmxsOMpkf-vQu2Aa4X7dC3tMwt8cP65wFks0Npm0vlU_DBrbY31QnF9-muO0_X80YJzfHjNtHXdfffVtk5MGK1anH23msdvKb1tt6_iQ44URICA6EUREQ7CFdbK4N02D_wCbIMiodeco0h68tP5rCT3riBfZi_h4-5fi2XPtDQr38MV481y37fSQLaP1veq_FzafZuS9talRXPPKsaEQEb_i6XRyJvAr0g9xK8fkhTXubgwDT5Mal-PcxHcqrDSKw1s3MKLIxWcjnZnOv-w9yzLWgJzDxsI9zrubrHL1UC7mKzd4xOI2Le4ejZf-0t53wbyj9fpO5ktW99kDjqdBpWfNyC_ycosKCJzd5Ii7qcFMfudnN91Oebzwx9tvKrcLOoq7hKUCJGcn43LRHBBOxUV4hoB3u9qjmD4uGy4_JGWVM8LsVh5jgys0aC3Kt0MEjyIlwT6TTAx5nukK8Gw4iq_MfWU9_Jknec_AmyfK_5kpA7R5SG-MA2nM_7Nf_5z8gpOuP8XVe4cUq_48eiNmV1SSX1rjRrTZ-9NpQ4PzW_b3p5gUZyATNCF-0IDzjB2YIkoAuuPtRrrJjY6jPdgg6z3uwPCkGd9N9VQaHbwm4SazLqrN4432jMlOFiwxa9x-PQbz1NhjPSJAxcl8gWwGxchm5fwLhXZhTtqqfxdb8ZQDCg88FkWV1VKD3idw-g9es8QgSE1ZVq03-A72KLpFW3fMOVD3JhmSRdxu2sIA4I9FulOPLidbEcTmJW4kh3LmPEVehrIETE2jjg0E3C09QGaMKRwDpFT0Nzi9ID4nU1BihZhG18or3DVTMmlywpN7IUizJsDQuyQ4izhmU2Dz6GxMwpw02G6dfP_cwj386Xj3TFTophUaC78wTC7X74Ct-kArtTTzfGz3EdaR0-lQyrvzucaf_n-09KterhVkvqFi7y4kxdXA9Ss3aNqB2z6jMzZhSRGZCbdHuN2X9Eiph9GpJrsq3zxIgH8zbGJ4YO1OHYJ_aPxpMvg09OffQYpldz1-W8K5qYuNeDzuMCNkBk6yrPtBaLMLB5OBdRa9KeSJd8HK&sai=AMfl-YRT5rMujzVgw7z1Y0183jmYP6CIG1f81QKGldP3NDaVPgk7M9SyqgD2NEDXpHc_LurERQjdWlX9-HTdZxOspKvGavgEPSTUF48q6PtdaDdAu0uOkN1CyGqknyex11cLFqD-DiFoZWiDLFWP1oKYJNxmKmA1nhgO3mT6nhfz1niGxzh5O2Y5p2f6oAZx29hIk1Ds2FeOhJgri_xz_9WFU1gW6RNa2aZcifatnYqoQ6qDyD9GGZOicHFpPjOyPiYM9arseCIgklr6LeYF9GPRkEeuIuSxiQd8jFMEDv_Kdw&sig=Cg0ArKJSzLHpg_swsBshEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=163&cbvp=1&cstd=161&cisv=r20240207.83212&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Feb 2024 00:15:40 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 09 Feb 2024 00:15:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 5450 43 B
265 B 123ms
119ms Image
image/gif 104.88.197.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MIGHTYHIVE_US_MM_CM360_DISPLAY1&hp=1&ra=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.downloads.xerifetech.com&lp=https%3A%2F%2Fwww.downloads.xerifetech.com&t=1707437740090&de=3041028407&m=0&ar=c26ce66e-clean&iw=aeadae8&q=2&cb=0&ym=0&cu=1707437740090&ll=2&lm=1&ln=1&em=0&en=0&d=31381503%3A8511905%3A386387790%3A208758794&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.downloads.xerifetech.com%2F&id=0&ii=3&bo=xerifetech.com&bd=downloads.xerifetech.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=mightyhiveusmmcm360display620308191229&fd=1&it=500&ti=0&ih=2&pe=0%3A732%3A732%3A0%3A1069&fs=95&na=1139000927&cs=0
Requested by: Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.197.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-88-197-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 09 Feb 2024 00:15:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 09 Feb 2024 00:15:40 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame BA4B 236 KB
63 KB 685ms
178ms Script
text/javascript 2600:1405:7400:6::17d7:dfd7

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9863652241792040960/ENGLISH_V2__300x250/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1405:7400:6::17d7:dfd7 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:40 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Fri, 09 Feb 2024 00:30:40 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/9863652241792040960/ENGLISH_V2__300x250/ Frame BA4B 53 KB
10 KB 117ms
116ms Script
application/x-javascript 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9863652241792040960/ENGLISH_V2__300x250/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9863652241792040960/ENGLISH_V2__300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99ed8d74f6a2c724e0b7f8aa153798da62c36764302ed499c921fcf109429f13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9863652241792040960/ENGLISH_V2__300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 13:18:33 GMT
date: Thu, 08 Feb 2024 13:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10622
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 19:51:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BDB 39 KB
15 KB 126ms
126ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 02:47:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 02:47:21 GMT

GET
H3 200 c1a.png
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 5 KB
5 KB 121ms
120ms Image
image/png 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/c1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd26debf9f462b3bf65bb13df199794d37200c166ee5d801a27bfea2aee3c8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 01 Feb 2025 05:00:54 GMT
date: Fri, 02 Feb 2024 05:00:54 GMT
x-content-type-options: nosniff
age: 587686
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4814
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c1b.png
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 11 KB
11 KB 126ms
124ms Image
image/png 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/c1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f271399a65844452039e5dd6af2da4155c3650c346df50324e470e06073c7056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 13:01:09 GMT
date: Thu, 08 Feb 2024 13:01:09 GMT
x-content-type-options: nosniff
age: 40471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11396
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 tac.png
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 9 KB
9 KB 156ms
154ms Image
image/png 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/tac.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe8143f9087608784b4e6bfaeda9f742304016e61e699d4667364417673872c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 13:04:53 GMT
date: Thu, 08 Feb 2024 13:04:53 GMT
x-content-type-options: nosniff
age: 40247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9651
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 3 KB
3 KB 176ms
173ms Image
image/png 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90668c9ffce53662076fe7e4d895da8aa34e4a6595b95719f43097b758db3a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 13:16:11 GMT
date: Thu, 08 Feb 2024 13:16:11 GMT
x-content-type-options: nosniff
age: 39569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2809
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c2a.png
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 2 KB
2 KB 190ms
188ms Image
image/png 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/c2a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0914a17d601593395ca9d39a7e054ee1188dba20f06c2e9f8a661f1e720dfa2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 13:01:09 GMT
date: Thu, 08 Feb 2024 13:01:09 GMT
x-content-type-options: nosniff
age: 40471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2298
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c2b.png
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 3 KB
3 KB 190ms
188ms Image
image/png 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/c2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ac5e48bcd46c4621e070c32b0c532531a00e42cbbad733b030ef8d9db2711cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 12:57:30 GMT
date: Thu, 08 Feb 2024 12:57:30 GMT
x-content-type-options: nosniff
age: 40690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2659
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c3a.png
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 3 KB
3 KB 272ms
270ms Image
image/png 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/c3a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53ec5f08f4b9102d101e9295c38507afec2c2bbf87ac9ccff5ec83d65ca95677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 12:57:30 GMT
date: Thu, 08 Feb 2024 12:57:30 GMT
x-content-type-options: nosniff
age: 40690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2818
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c3b.png
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 4 KB
4 KB 198ms
196ms Image
image/png 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/c3b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b2a3911f0d7a27365de171c9abb06847eceade8caa98a539b8ebf7c1badb6c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 13:16:11 GMT
date: Thu, 08 Feb 2024 13:16:11 GMT
x-content-type-options: nosniff
age: 39569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3712
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 tac2.png
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 10 KB
10 KB 203ms
202ms Image
image/png 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/tac2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfed2689b992fa4d78fb564be3183ad2639aa065df74320bfdd136bbe98eb20d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 13:04:53 GMT
date: Thu, 08 Feb 2024 13:04:53 GMT
x-content-type-options: nosniff
age: 40247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9821
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 logo2.png
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 3 KB
3 KB 275ms
273ms Image
image/png 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/logo2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da4807049bcb39f7cdf009fec897f987ad5ae17ab30c3edc31f75769ce07f51f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 12:57:59 GMT
date: Thu, 08 Feb 2024 12:57:59 GMT
x-content-type-options: nosniff
age: 40661
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2741
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 phone.png
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 45 KB
45 KB 227ms
225ms Image
image/png 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/phone.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d269c2f144aea8efa008d91e6f721034ca2164c331b502599dcd195e250c4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 03:13:20 GMT
date: Thu, 08 Feb 2024 03:13:20 GMT
x-content-type-options: nosniff
age: 75740
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45889
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/ Frame 2455 14 KB
14 KB 280ms
278ms Image
image/png 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856d5a3a8509ffa33dd77103627294d440b885d78a01d703d8e2fd2d7d8c39d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15150490168812148073/60_dv360_ca_html5_728x90_middlemen/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 12:57:59 GMT
date: Thu, 08 Feb 2024 12:57:59 GMT
x-content-type-options: nosniff
age: 40661
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13933
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 19:18:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 pixel.gif
px.moatads.com/ Frame 5450 43 B
265 B 206ms
206ms Image
image/gif 104.88.197.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F15150490168812148073%2F60_dv360_ca_html5_728x90_middlemen%2Findex.html%3Fev%3D01_250&i=MIGHTYHIVE_US_MM_CM360_DISPLAY1&ol=1043329781&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wz%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-BHxD4bI%2F0rYACQ%3D%3D&sc=1&os=1-SQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.downloads.xerifetech.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.downloads.xerifetech.com&lp=https%3A%2F%2Fwww.downloads.xerifetech.com&t=1707437740090&de=3041028407&cu=1707437740090&m=96&ar=c26ce66e-clean&iw=aeadae8&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A732%3A732%3A0%3A1069&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=64&cd=0&ah=64&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=31381503%3A8511905%3A386387790%3A208758794&bo=xerifetech.com&bd=downloads.xerifetech.com&gw=mightyhiveusmmcm360display620308191229&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=95&na=1429926060&cs=0
Requested by: Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.197.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-88-197-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 09 Feb 2024 00:15:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 09 Feb 2024 00:15:40 GMT

GET
H/1.1 200
OK / Show response
b1t-nydc1.zemanta.com/t/imp/view/QVOAGBUN43LTKXOLEMBMPFZWJMG4I5P6CBXAM7CE4IKTNG3AAAT4SSC27XUDOPXTP52FPK6ANBWNTFAAHXVTZTGL6KJDSBPDPLPNVL5MRH6PPKIZPC5Z4VFFNHX7F2UHSWXLC2GHLYZROBAIX56NNXVTSZ6HOVWAHYFI... Frame 3853 26 B
343 B 95ms
95ms Fetch
image/gif 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://b1t-nydc1.zemanta.com/t/imp/view/QVOAGBUN43LTKXOLEMBMPFZWJMG4I5P6CBXAM7CE4IKTNG3AAAT4SSC27XUDOPXTP52FPK6ANBWNTFAAHXVTZTGL6KJDSBPDPLPNVL5MRH6PPKIZPC5Z4VFFNHX7F2UHSWXLC2GHLYZROBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NPGTF2LSOPRXQR6BRHRVD6FBEM7T6BLZWPVCW56T7IVKAOBL5Q64SH5OTGUBJQCOKTLBYKU55JGMBHSAQQGQFXG3V2RN5MJP43IO5TVAWUDNVKKRWOXBKPQCLZ4MMGQWUEFA2R5WBLH4ANWRJXJJD7AOLNY6GN3PDW7IHCJ5UB5BKW55XIKRQ/?

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
Date: Fri, 09 Feb 2024 00:15:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Credentials: true
Content-Length: 26
Content-Type: image/gif

OPTIONS
H/1.1 204
No Content /
b1t-nydc1.zemanta.com/t/imp/view/QVOAGBUN43LTKXOLEMBMPFZWJMG4I5P6CBXAM7CE4IKTNG3AAAT4SSC27XUDOPXTP52FPK6ANBWNTFAAHXVTZTGL6KJDSBPDPLPNVL5MRH6PPKIZPC5Z4VFFNHX7F2UHSWXLC2GHLYZROBAIX56NNXVTSZ6HOVWAHYFI... Frame 0
0 480ms
95ms Preflight 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Origin: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
Access-Control-Max-Age: 600
Date: Fri, 09 Feb 2024 00:15:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BDB 0
20 B 177ms
177ms Image
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BsI0uq27FZeOdKPCko9kP0PCquAMAAAAAOAHgBAI&bg=!cXKlcj3NAAaxkZ3akZE7ADQBe5WfOD7kyfUf0ca8XBaeocqroS7etfHj9BhKXpF07et-fhe-61NmJpoKnDJPJycZD3BbAgAAAEJSAAAAA2gBB5kDCV5QP1Y7oVqq2MgKebosg54KOUqljxaEJcIWZfiPek7ruifsECrwMv9iQ5hNElY1dYnoetqbOU224RpRL1gVvJWyjf3h3RvvxzEX-eNOk8FTwShcnQKdQ7CNZr5cvsxtuSCJg3p9TAvM4YbCmvoAedJVwr7wFiZZXz8Gf_iQrMkfNX2gw7WoVr2RPvjBfqZM_wmHA8grorID8SQONPmemy_Mc-L4FMJj3V-3sKVrKIRnnTEgU8wInl5ghs2pf1jstZgao7QHXxSxKdsxJwh90mlCkpFIURBY8QZI7T67X1-5w2uHaxoqtuF80fcAoPNtzVU26LOTyiZU95X0AO_PlqauPyh71-SNKZABdN6WHiKka-KS3KJtrFg2XeWUtP6cQBQI1hvfw5YVuv0Zs6VLyYD91og8VZZFp6fCs5eTpoiA_RktOAMG_vT4mubMHuDtgFJT9_maqOsPtq3O2Wt56FTjh6gFrt_sfHaolackwRq3_hPQ2u3ZaQzEg74SjU17XllvYMDwWKVbisifLE7HG3J3yXi3TXwxxpNuEJwDmqQKS5w9VJspTxbeFvvnsyIxlXonPHsXqAbWD24jW36LBRNHG_l1MbkD6J6kMw0aHZ2vTmYMp1QkaLSgTWfOE5yU_3cZcC3ZLFuMA5afRippXpIrJelg3q_A87mf76PS0E3vtuTMVc9QJiFB8bP6bBNk3i4zJgo7omuDdCJfNKVPLah8oCPBu26Zkt2SRm5ucdPXUVVvYzs0Ww2GfHji2mL2u1xUkiHLroyZWDWsA-wsAl_qzNFnTK7X7ks-VZUrwFjYad0SudgiZDQ03oe-uPpgIsIy-5ZGnbGvfPaYmYMCmQGiiikE-k1l_070BmiaQchvdGN25HQvELPF_Ttl-3DYUnnQfa8YPwieqTm16wSUS5Lb7E0tIBJTmrPeFbZmr_lTULewDaAxxI2s1BT_NlyJlnR79KG7O1MKdNa1VOrKmem13g9E0f0O72f_T16oD0DuDFXJbu9dRXIgLHl9KdFbs67A5MkXgErelg

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5450 42 B
174 B 174ms
173ms Fetch
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjV4VccShG7DBkERlSQdwP4TnRYvkRVi-YGrAeuSqPXMWbl7LWH-QxJ4kjQwKlZT3CiH3bqZGEgzHbgTC63Kz8oAGLUNuILLAEPkMBVyhmTqFwoheOLyRle2_ts7iEFnetx5R4Jkb3zpBm-pLU7Q&sai=AMfl-YQP5O0HvhtIh2Z9MXQKdngKxzavNiuLFRd7wZqueuggbG2vX3YeAyStRjUl3wKhL9dWn6JMuHE3MD4MHltho3YWhtkyx3-oswL74T9lhNcwCFTJjXvZ8LZcG3GACb2pN_H8_CnKcSPlj1rrCivD&sig=Cg0ArKJSzJRtdTKQWfmEEAE&cid=CAQSTgAvHhf_dQ6N_Z_EwJt6RYWAHjHBkhfcZ75luL2UF6uwn5huqOD00uNY98DnH-73wBpJm-lxDoKHFiPzXlWO8kjQJKU9rTxSOqlMPEgAixgB&id=lidar2&mcvt=1000&p=154,436,244,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=573106984&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=337053900&rst=1707437738498&rpt=1051&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 5450 0
0 157ms
156ms Fetch
image/gif 142.251.163.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsugIiG5ri1en2WmW8a98OsuL2W8NIp2cEz-cC-0X2U6N-lxButBYbBpTeFkpyUMfMMboPbbejVM0KEjwiX2AsCzU0hWAwV3KY_dMSJDn3_uLeH-MfcU6ajR6FYra0NaURR3pFqP9uy5aLNScxCMJRbUjiVOaErUh5UUpZcHn5oVH_WEuVEHr0bi_3PcO2QiHLsKG8fZJvlcI7mX21Zx0mQtBPQl7zCg0IVLAVRmn7FYhKYSFIULKz62NMGYi_vR4IeREXQWS7dQwkbQxOx8ksf_8qM3PGroXVuO6nyrDDuwMe6R0rLLURfqqMBpGGF5BxOn9jDFj4XWf2Mvd8IaLdothny9CqLVvpGU_pldQRsE4vulQ5dEVo2a6TsVytq8gHeoVQ2dYpZn86lLc2abpXcynySqXE2bwxuR7npH_2iwM8c5wRqz4fWWwPLOFym_yGf_0_exCQorN9TZoV5-tH7ESlzdXR-h5GmjmsL16T2T-Hj3M5onnVdLIiywLH162t64MOC3qbczktm_nsSNFL2nXckMP85aS7EhsE_kRBCKyJq6-3hq6ricf3laWZ-QpGBYAyfOIDE4kxTqob_qyxb1ZHxij00x_W2TjTJxF6RXfIZzfLryPhtYehu1aKgCTGVXCpCbj9o6BXKL3nuDRYuZ0vfur3-OUi_KsbmbhR3Ye3YAxlGE06_WJGsnhl--bxPrWI3HAgXV5auwQSGPc7ltUK00ZPvS6EUnU0RY_wLRNOgqa9kdrvcUuLXxYkRvPIiB6_5E5YMli99nn24WJgC9KvyPK1xlr8n8ZfEJtgmXN7rJ18XwalQ6gh49pnC6pWG9Qu4cLegAfXDlBlgvL_2OStmSEptNp4toNHSujvC90olDCCu1kfWKXBb8Gez9DVxu2nUz8NAt3m0cpGdt7zvw6i5o79Jx8CK78qGsQkDgOpM5CaLbV8q0yH1eduF31e50qTu5KMXIKrEzM-_ETvG1zJjPNlpu12YCb-1OPMKcWOdHF6Q5NsolepcnhT2QxwOJOq-XjJYK_X7cldXdfY9Oy6sT_kU-tdLuqhHNAySCmi5ZJqQQ7NcicpCCWgivRosv3MGZ2jbyUdpOO_ddZYlcnu_H53kF0xzF_sSpfVnFJUXGwe5OGWcF5OA62ZQeI6fhBQzFJOviDkkBEwUmsTy4ryZXERu21RvYQ3BuUF2OWiVvQvTi3j0y_lbFzGJCHrJIhLNyMHn8mCPQ53XB_KI6hCrZ3BfdMd36bO9gw7_vvAA6LhlrgXwI7tbRHoqeVId6BP4ei-G2PxAshpD_w0yNm1EaDwYwdu8I8QX2dIq1my3UJdpZYIJFsbbBw67TkH_Xk29q9tmgOirwYKS82Z7jz7SAhFGKapF6t4N6JX-9Q5W_p27Sps498H202hp6RV5LPv8DDwThboXo8dcVEamSfRVxsx7myIe40WAFXDciCmwKzXJmGrp4-XAsIvjO&sai=AMfl-YSS4fb5TQUJlNisgdV7nuR8Fm0UuKWV3pWqj3K4g1BIOkk6UFuqO-QsPQDRX2u_JGQkF6UiHcnp-brc3PNEpmQQqFfsiCl-30KG80Q_tOkxPnd1cFIz57XYnk1zttM0-nc3rS7-SXr8AVJSQEgrnXf0Mz5Sv3vD3g_G9flTesxEJyeme_K6fgNAYb-PlTtseRZJQB9ajaNu361fHtzPdThfLg3DhjtusCQfFZ1xcaZGh1ZrMi9ODC_onfDlwsh3sV3sUTN0CrlVFxArbc3rCg4ygirSJPXXZfwXzZAx6OIOrNPEIm1mECpTNQe4UO2PpzFQZW3Vc9iPPEbxk5S1M0sabhMDvC_vZ7tR7n73Srsfakq-YYZwmyosLRwQIaLrkeXdiS_SvOX4O5jsDrAP6mnn8qwUUxOx3GU2ZHmir08yyFOde3vHHVONJEmuACJcM5HBQquB_iT7BtJN704qREDUlb7v-OdmQ8s-WXvcRREOgZEkn9yW2QnL1VP93TCXUAW_c-w&sig=Cg0ArKJSzN4ziPt1J0YHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9rcmFrZW4uY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1914&vt=11&dtpt=1158&dett=3&cstd=753&cisv=r20240207.46018&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 09 Feb 2024 00:15:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 5450 43 B
265 B 118ms
118ms Image
image/gif 104.88.197.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=MIGHTYHIVE_US_MM_CM360_DISPLAY1&ol=1043329781&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wz%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-BHxD4bI%2F0rYACQ%3D%3D&sc=1&os=1-SQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.downloads.xerifetech.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.downloads.xerifetech.com&lp=https%3A%2F%2Fwww.downloads.xerifetech.com&t=1707437740090&de=3041028407&cu=1707437740090&m=207&ar=c26ce66e-clean&iw=aeadae8&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A732%3A732%3A0%3A1069&aa=0&ad=61&cn=0&gk=61&gl=0&ik=61&ic=61&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=64&cd=64&ah=64&am=64&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=31381503%3A8511905%3A386387790%3A208758794&bo=xerifetech.com&bd=downloads.xerifetech.com&gw=mightyhiveusmmcm360display620308191229&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=95&na=956456828&cs=0
Requested by: Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.197.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-88-197-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 09 Feb 2024 00:15:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 09 Feb 2024 00:15:40 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7BCD 42 B
108 B 177ms
177ms Fetch
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4PB649VRfldm2dC3F_WuIybFEo1bNHX9kq_EBp2Q1NhTRjerpcuVG8P5H48v0w7kxevMI9M0uCDxN8hsRaC-BlKS4Z8dWS5XAQyo1zJVOSgPHkm1i-hAteSzOkVkw1lgPXHCLEiNbgvn2Jx3bMOgrjdELehrAHfQ&sai=AMfl-YQHlYmb7YxPtfiX6642tIVKDXb9Mo6apYmCJfgeONTyktiqgs-cwoap91BnC6Qgouic3ontI3YTsxY_Nhk_KKKikq1UHEitzxasR8XYqU_oSmyPwncKehevBb6MtYRkMpcXAmbMvrs4LHJfZvg5-A&sig=Cg0ArKJSzKIb2D0lSo-nEAE&cid=CAQSTwAvHhf_rsNXypEjl6wXVNYo0U8wtNd-qSiD0KCWIs9wuVCAqZZ9ulw_cBl4ENxMr-mzzA8Wdcm7Sti83fpTmU9D-pBO8lq4xmHu1jYs3bEYAQ&id=lidar2&mcvt=1000&p=574,1060,824,1360&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2122305623&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=337053900&rst=1707437739157&rpt=711&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3853 42 B
108 B 172ms
171ms Fetch
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthEo8IATIsjxRRRtw_cgrXO98Kc2oCcU6wq9c33HHWuSrGDfGKgoSIT25Q_LmTEUtpOlt3uwnnjTvy3C3C2Rwo70cZmgVF_a6SZ4AS4YVJcQ0cJGYKInD4UFK3Wf7z92kxGPzzwmw&sig=Cg0ArKJSzNKw2DARgvvVEAE&id=lidar2&mcvt=1000&p=264,1060,544,1396&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=344432293&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=337053900&rst=1707437738616&rpt=1347&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 00:15:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bag.png
s0.2mdn.net/sadbundle/9863652241792040960/ENGLISH_V2__300x250/ Frame BA4B 83 KB
83 KB 118ms
117ms Image
image/png 2607:f8b0:4004:c09::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9863652241792040960/ENGLISH_V2__300x250/bag.png?1704653899660

Requested by

Host: c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
URL: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::94 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed5a8285df97e11a6e15c6efcf433a09f0f068ea312ba3a5965a8743b4cf7d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9863652241792040960/ENGLISH_V2__300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 13:18:33 GMT
date: Thu, 08 Feb 2024 13:18:33 GMT
x-content-type-options: nosniff
age: 39428
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84924
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 19:51:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7BCD 0
0 159ms
158ms Fetch
image/gif 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3E7Q4pW6bvsyjcNQ4D5kK_W42M8gJ3TK2zuLIkRIEIrU_5P_Ml0KrCdGCOJipSCZfvaEs0Ijerk9Pp6k7hpno--Lc-oKKPbONDq8RTGxDatAwaAjbedPcXN0tx-TcQZxF-UFquyNSiUJsTKhsJQBgANtC8hv2QB8y8mVLEFLMdSyl42xyiqoh37KXOoXQfBrRJ0ZoaTKAyeXamq9IwvLuBRQ32q1jADU1IL1POc2joFGv_48Z2rcYLvgJbwWSyk1CkCOLwvJLDqUWN5E_i2jrqygckNn_G88MsY_rO1099w2sJ5tNHZIZmL_dgHTpvAp2RWqM1OpkCGk1zws5uMWGYveCQG1bAVCq2pWIFqZJV7IaeYKwE8AZwPX2hjiSNeTakmxsOMpkf-vQu2Aa4X7dC3tMwt8cP65wFks0Npm0vlU_DBrbY31QnF9-muO0_X80YJzfHjNtHXdfffVtk5MGK1anH23msdvKb1tt6_iQ44URICA6EUREQ7CFdbK4N02D_wCbIMiodeco0h68tP5rCT3riBfZi_h4-5fi2XPtDQr38MV481y37fSQLaP1veq_FzafZuS9talRXPPKsaEQEb_i6XRyJvAr0g9xK8fkhTXubgwDT5Mal-PcxHcqrDSKw1s3MKLIxWcjnZnOv-w9yzLWgJzDxsI9zrubrHL1UC7mKzd4xOI2Le4ejZf-0t53wbyj9fpO5ktW99kDjqdBpWfNyC_ycosKCJzd5Ii7qcFMfudnN91Oebzwx9tvKrcLOoq7hKUCJGcn43LRHBBOxUV4hoB3u9qjmD4uGy4_JGWVM8LsVh5jgys0aC3Kt0MEjyIlwT6TTAx5nukK8Gw4iq_MfWU9_Jknec_AmyfK_5kpA7R5SG-MA2nM_7Nf_5z8gpOuP8XVe4cUq_48eiNmV1SSX1rjRrTZ-9NpQ4PzW_b3p5gUZyATNCF-0IDzjB2YIkoAuuPtRrrJjY6jPdgg6z3uwPCkGd9N9VQaHbwm4SazLqrN4432jMlOFiwxa9x-PQbz1NhjPSJAxcl8gWwGxchm5fwLhXZhTtqqfxdb8ZQDCg88FkWV1VKD3idw-g9es8QgSE1ZVq03-A72KLpFW3fMOVD3JhmSRdxu2sIA4I9FulOPLidbEcTmJW4kh3LmPEVehrIETE2jjg0E3C09QGaMKRwDpFT0Nzi9ID4nU1BihZhG18or3DVTMmlywpN7IUizJsDQuyQ4izhmU2Dz6GxMwpw02G6dfP_cwj386Xj3TFTophUaC78wTC7X74Ct-kArtTTzfGz3EdaR0-lQyrvzucaf_n-09KterhVkvqFi7y4kxdXA9Ss3aNqB2z6jMzZhSRGZCbdHuN2X9Eiph9GpJrsq3zxIgH8zbGJ4YO1OHYJ_aPxpMvg09OffQYpldz1-W8K5qYuNeDzuMCNkBk6yrPtBaLMLB5OBdRa9KeSJd8HK&sai=AMfl-YRT5rMujzVgw7z1Y0183jmYP6CIG1f81QKGldP3NDaVPgk7M9SyqgD2NEDXpHc_LurERQjdWlX9-HTdZxOspKvGavgEPSTUF48q6PtdaDdAu0uOkN1CyGqknyex11cLFqD-DiFoZWiDLFWP1oKYJNxmKmA1nhgO3mT6nhfz1niGxzh5O2Y5p2f6oAZx29hIk1Ds2FeOhJgri_xz_9WFU1gW6RNa2aZcifatnYqoQ6qDyD9GGZOicHFpPjOyPiYM9arseCIgklr6LeYF9GPRkEeuIuSxiQd8jFMEDv_Kdw&sig=Cg0ArKJSzLHpg_swsBshEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1194&vt=11&dtpt=1031&dett=3&cstd=161&cisv=r20240207.83212&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 09 Feb 2024 00:15:41 GMT

GET
H2 200 arlinablock.js Show response
cdn.jsdelivr.net/gh/Arlina-Design/quasar@master/ 89 KB
60 KB 469ms
102ms Script
application/javascript 2a04:4e42:400::485

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Arlina-Design/quasar@master/arlinablock.js

Requested by

Host: www.downloads.xerifetech.com
URL: https://www.downloads.xerifetech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 -, , ASN (),

Reverse DNS

Software

Resource Hash

7479748bad5793b25b90b43aec31d698a6dc56b094c4b5d26ac884bce952931c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 00:15:41 GMT
x-content-type-options: nosniff
content-encoding: br
age: 42912
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 61382
x-served-by: cache-fra-etou8220062-FRA, cache-yyz4582-YYZ
x-jsd-version-type: branch
etag: W/"162b7-J7GuEbwR9hTtBO1SIcoyA3ddHw8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 160ms
160ms XHR
application/json 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb31ce4403298726b3723a8818e55e9bb2daac5a5209e62a1971db4fc8eeb4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12369
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 121ms
120ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js?cb=31080924

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.downloads.xerifetech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Feb 2024 00:15:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 5450 43 B
265 B 120ms
119ms Image
image/gif 104.88.197.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=MIGHTYHIVE_US_MM_CM360_DISPLAY1&ol=1043329781&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wz%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-BHxD4bI%2F0rYACQ%3D%3D&sc=1&os=1-SQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.downloads.xerifetech.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.downloads.xerifetech.com&lp=https%3A%2F%2Fwww.downloads.xerifetech.com&t=1707437740090&de=3041028407&cu=1707437740090&m=1212&ar=c26ce66e-clean&iw=aeadae8&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A732%3A732%3A2191%3A1069&aa=1&ad=1067&cn=61&gn=1&gk=1067&gl=61&ik=1067&ic=1067&ez=1&co=1067&cp=991&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=991&cd=64&ah=991&am=64&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=31381503%3A8511905%3A386387790%3A208758794&bo=xerifetech.com&bd=downloads.xerifetech.com&gw=mightyhiveusmmcm360display620308191229&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=95&na=1260678384&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.197.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-88-197-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 09 Feb 2024 00:15:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 09 Feb 2024 00:15:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 791F 13 KB
5 KB 127ms
124ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.downloads.xerifetech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 9892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 21:30:49 GMT
expires: Fri, 07 Feb 2025 21:30:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET aframe
www.google.com/recaptcha/api2/ Frame F96E 0
0

GET
H2 200 pixel.gif
px.moatads.com/ Frame 5450 43 B
265 B 207ms
206ms Image
image/gif 104.88.197.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=MIGHTYHIVE_US_MM_CM360_DISPLAY1&ol=1043329781&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wz%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-BHxD4bI%2F0rYACQ%3D%3D&sc=1&os=1-SQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.downloads.xerifetech.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.downloads.xerifetech.com&lp=https%3A%2F%2Fwww.downloads.xerifetech.com&t=1707437740090&de=3041028407&cu=1707437740090&m=1213&ar=c26ce66e-clean&iw=aeadae8&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A732%3A732%3A2191%3A1069&aa=1&ad=1067&cn=1067&gn=1&gk=1067&gl=1067&ik=1067&ic=1067&ez=1&co=1067&cp=991&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=991&cd=991&ah=991&am=991&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=31381503%3A8511905%3A386387790%3A208758794&bo=xerifetech.com&bd=downloads.xerifetech.com&gw=mightyhiveusmmcm360display620308191229&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=95&na=687213660&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.197.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-88-197-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 09 Feb 2024 00:15:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 09 Feb 2024 00:15:41 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 791F 39 KB
15 KB 119ms
119ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 02:47:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 02:47:21 GMT

GET adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0

GET pixel.gif
px.moatads.com/ Frame 5450 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Domain: px.moatads.com
URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=MIGHTYHIVE_US_MM_CM360_DISPLAY1&ol=1043329781&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wz%2BHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-BHxD4bI%2F0rYACQ%3D%3D&sc=1&os=1-SQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.downloads.xerifetech.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.downloads.xerifetech.com&lp=https%3A%2F%2Fwww.downloads.xerifetech.com&t=1707437740090&de=3041028407&cu=1707437740090&m=1215&ar=c26ce66e-clean&iw=aeadae8&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A732%3A732%3A2191%3A1069&aa=1&ad=1067&cn=1067&gn=1&gk=1067&gl=1067&ik=1067&ic=1067&ez=1&co=1067&cp=991&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=991&cd=991&ah=991&am=991&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=31381503%3A8511905%3A386387790%3A208758794&bo=xerifetech.com&bd=downloads.xerifetech.com&gw=mightyhiveusmmcm360display620308191229&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=95&na=592321762&cs=0

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xerifetech.com/	1970-01-20 18:17:17	Name: lotame_domain_check Value: xerifetech.com
.doubleclick.net/	1970-01-21 03:53:17	Name: IDE Value: AHWqTUnxYadh3s2WHrpR_6Qy3a3WHYktqaqbtK-6xcr2uA15TfKuGqMzAtbh26ar
.crwdcntrl.net/	1970-01-21 00:46:05	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 00:46:05	Name: _cc_id Value: 69db1174b0aa4ee1e71da3bc96b4e826
.xerifetech.com/	1970-01-21 00:46:05	Name: _cc_id Value: 69db1174b0aa4ee1e71da3bc96b4e826
.xerifetech.com/	1970-01-20 18:27:22	Name: panoramaId_expiry Value: 1708042538736
.xerifetech.com/	1970-01-20 18:27:22	Name: panoramaId Value: 16e8d05fbfb85ea06db8a3fc2463185ca02cf0edbcd21913e6c37ae2e7c764c9
.xerifetech.com/	1970-01-20 18:27:22	Name: panoramaIdType Value: panoDevice
.xerifetech.com/	1970-01-21 03:38:53	Name: __gads Value: ID=cb23d458d6a641b6:T=1707437737:RT=1707437737:S=ALNI_MaWmAYvMj13_zBUPywVa73Cs0J0tg
.xerifetech.com/	1970-01-21 03:38:53	Name: __gpi Value: UID=00000a0c5437e40b:T=1707437737:RT=1707437737:S=ALNI_MbTwCFoKx1h6My6S8OoiT8vyrJPMw
.xerifetech.com/	1970-01-21 03:02:53	Name: FCNEC Value: %5B%5B%22AKsRol8oICYyBw6BAQPYkSvpQNsruO-CcOKpAd73lNm_jaoxsijFwECRfEoo_duzABhFh8HJ0IPxOGLNFiqld1Jyl3VugZkUh1MZQQvRKWmHGsbTdlgxzSQIgYylUvUoHzytlixNvDQW_VN06e9bDbMZBTBMbXBveg%3D%3D%22%5D%5D
.casalemedia.com/	1970-01-21 03:02:53	Name: CMID Value: ZcVuq9HM6FwAAAglAAPfNgAA
.casalemedia.com/	1970-01-20 20:26:53	Name: CMPS Value: 540
.casalemedia.com/	1970-01-20 20:26:53	Name: CMPRO Value: 540
.adnxs.com/	1970-01-21 03:53:17	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:26:53	Name: XANDR_PANID Value: aAL9Nfz4p6q77K3waZIK2jUra9QQ3QQ4oKKiDt_qSc5v5-zalJt0-lXZPvzaqYkLP-MGR1EBq54Ugxx3Y8FwPhtTun0h5Y4DiIoV8ts3IrM.
.adnxs.com/	1970-01-20 20:26:53	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>>kFTJ`!]tbPl1M>e)ZlrFUfJ+tGXxoXPo-R3Ai#)DOxW<)aWKsz<rzYOX^Xo+?vN=K3If)y3KL9D3I?+S:Qe-.
.adnxs.com/	1970-01-20 20:26:53	Name: uuid2 Value: 8453750430852313562
.doubleclick.net/	1970-01-20 22:36:29	Name: APC Value: AfxxVi5VwGT1aqT0p4vK3fYIdiSqqb3ZhWwGcoFBr4mhueTFivNjEg
.doubleclick.net/	1970-01-20 22:36:29	Name: receive-cookie-deprecation Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
violation	error	URL: https://z.moatads.com/mightyhiveusmmcm360display620308191229/moatad.js(Line 139) Message: Permissions policy violation: accelerometer is not allowed in this document.
javascript	warning	URL: https://z.moatads.com/mightyhiveusmmcm360display620308191229/moatad.js(Line 139) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
b1-nydc1.zemanta.com
b1t-nydc1.zemanta.com
bcp.crwdcntrl.net
c5324f4c2481b31d000c86d14b6a7859.safeframe.googlesyndication.com
cdn-ima.33across.com
cdn.jsdelivr.net
cdn.specialtaskevents.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gate.getmygateway.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
invstatic101.creativecdn.com
maxcdn.bootstrapcdn.com
near.flyspecialline.com
oa.openxcdn.net
pagead2.googlesyndication.com
post.plastformspecial.com
px.moatads.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
widgets.outbrain.com
www.downloads.xerifetech.com
www.google.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
zem.outbrainimg.com
pagead2.googlesyndication.com
px.moatads.com
www.google.com
104.18.35.167
104.18.36.155
104.88.197.161
104.88.197.92
142.251.163.149
142.251.167.157
146.75.30.132
158.69.181.32
172.253.62.157
2600:1405:7400:6::17d7:dfd7
2606:4700:3035::6815:5ba5
2606:4700:3035::ac43:b911
2606:4700::6811:180e
2606:4700::6812:bcf
2607:f8b0:4004:c06::71
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::94
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c19::9c
2607:f8b0:4004:c1b::9c
2607:f8b0:4004:c1d::84
2607:f8b0:4004:c1d::9d
2620:100:a001::4
2a04:4e42:400::485
3.162.3.84
34.102.146.192
34.96.70.87
45.140.146.101
52.22.89.206
68.67.179.155
70.42.32.127
011d1854c195802981fb7615a2233c85f300c86829214a82bcdc5c266ab8af99
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0914a17d601593395ca9d39a7e054ee1188dba20f06c2e9f8a661f1e720dfa2b
09284469fb462f2fe1909df5d20fdf5d239d3fd118221850cc67e410b99d3a51
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
15dccfe8f1e4fdbb12c4542b8d2fcea3407f7b6ea79e1ce9627da9f64ac50126
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
23e9d3a3ba71d35582d906a3926ce80e92dbad06897e28a2aa9d3e650d803955
27f6c0723a8c90ef39d2894d0058897f4d95586c19b78567a5fd374f76540756
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
345f5e0d0c54f7e0e8449e49333deecd2b361a6d7a83f5d51b480cef5deb304f
3526320a3a70379b1d95110c3dd5f08f9ae169687f8512e4bc2f58a52f0e3f56
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d269c2f144aea8efa008d91e6f721034ca2164c331b502599dcd195e250c4fb
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4b3dd074129ed4df39ca9d6a03b7581371ee635a6f10dd6abdd69715c89e68d0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d8422717684d38a8c50ce8bee6dd6b573edd07902908d8956e5c5720a1e44a9
51ed1f79aeb5a9c25435cb7b6d5335353448d2eefaac75fa24470d93a0d07fde
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53ec5f08f4b9102d101e9295c38507afec2c2bbf87ac9ccff5ec83d65ca95677
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54753bd05c9a14e23b2ecd6fb242faf57272cc3e1c12688fe1fb117b9f4d4f36
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ac5e48bcd46c4621e070c32b0c532531a00e42cbbad733b030ef8d9db2711cc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f9365a6aaca35ade3d19915bcd3c79a09fa40f5b309507021584f67c2ce27df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a
6d4ac31177e5e705197d10b14357149f1a090c69f575643306664b4712d4eb5b
723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791
7479748bad5793b25b90b43aec31d698a6dc56b094c4b5d26ac884bce952931c
7713fb56b5aa338b53d90b38fc0e121c963c29bd7781a8215311af5405e99491
78cd2d9af2ba2db3f1fea9be3c28d559a644d4c1b2c951c2bbc36e8ef6d90aa4
7b90649eb90deadf7b1caa2c20025b29bda2f889ae52d488c90530e4517a2139
7bb596ad9ef6bea1cd0ddd257a4aeca62e53852fb1ba98618eb36286f861eb61
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
856d5a3a8509ffa33dd77103627294d440b885d78a01d703d8e2fd2d7d8c39d2
85f4fe6b01478702a7c2581b25a81de3dfbfa871ee5ed0298fc44588f270720a
87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da
8b2a3911f0d7a27365de171c9abb06847eceade8caa98a539b8ebf7c1badb6c4
90668c9ffce53662076fe7e4d895da8aa34e4a6595b95719f43097b758db3a9b
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
9436eb946e30cd6c0fd12a90f211efd0966be105a84545c92cc68e5308be8f4d
99ed8d74f6a2c724e0b7f8aa153798da62c36764302ed499c921fcf109429f13
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9c702801fa3fee8f55c6dd59c5ed20c4277a439e8410e99cc883231a16863910
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a2b2f373bcd2c45ac264390879f228a8d84455094d818b723c7436d783b0fd03
a4f5c8850246f54f9bb7709bef61fbb8df2d1799c225277a1f6e4e9925e19335
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19
abe8143f9087608784b4e6bfaeda9f742304016e61e699d4667364417673872c
af5f8ff7bbe2abc25aef5cb6d7b1898e855f7e1853f44b0fcffc6e13b1eb5b99
b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b262571da9247167d6eb83a97960c84422b90b9cae4bcb89c59a18b9a26ab5af
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b54f06762dd0a95d8adb60355f551e9667bec2492d3acebbe104f12cb41b67e3
bb31ce4403298726b3723a8818e55e9bb2daac5a5209e62a1971db4fc8eeb4be
bd2f492259f55a75ef4be7968a66e330e1038cd9c62942644ab3c90fe5d627a6
be94ab61751b7494ad15abe618c21824d31974ee0682c1470bf93236e01879f2
bfed2689b992fa4d78fb564be3183ad2639aa065df74320bfdd136bbe98eb20d
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c5ad3f727ef5f17ff632a0cf27ad59f11458e1b4033322e5d2b4b2c3abe09ca5
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c8387317297798e3c7e00799e3625eb9859abeeeea904452c3aa4db36d1d0cb3
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd26debf9f462b3bf65bb13df199794d37200c166ee5d801a27bfea2aee3c8c6
ce3a42993f4df1ba301fa4d46d0cae8789c346e3c0cba154fc06c3fd90c39ac3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08bf66a4021c2bcfc6e1ab9d52b9427a91cf6976e3a75af7a54f41ed0680de8
d21e0ecbc996f05d70ee26f4785afdcd335e835ee7baecf28eb7be8281dd92cf
d2e0fa3b1515fc66ccd9807a8edcf0e93132127943bb3a0bf5a7938be67b7284
d468091cad7f4013391f3f03089d6b854ccd41af0c6ccb5709a5dd3e276ebe1f
d7c867fe9286f5bd763d04cadb00fa24adf78a16013e2a2645e4dc3b29367ad8
da2e81c1224c244d964a7d2724c706c8a5e48a5f19d36adab3688268a0180f82
da4807049bcb39f7cdf009fec897f987ad5ae17ab30c3edc31f75769ce07f51f
dc9c3f20ca2aab86925ddd54d00c0c61a921edd836a803a2091aa6e8344b10a6
dd8244ce6863a3f2e0d6d359e3b6c2e926efd5e3cabee05c1593ab617fde1927
de0824fbb46cb2a739a83ff6e0bfa0f1037d1669082a8e748eefec1dae309c2c
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ed5a8285df97e11a6e15c6efcf433a09f0f068ea312ba3a5965a8743b4cf7d3e
ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f271399a65844452039e5dd6af2da4155c3650c346df50324e470e06073c7056

www.downloads.xerifetech.com Open in urlscan Pro 158.69.181.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

152 Requests

93 %HTTPS

53 %IPv6

27 Domains

38 Subdomains

35 IPs

4 Countries

2236 kBTransfer

5613 kBSize

20 Cookies

6 Outgoing links

Page URL History

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.downloads.xerifetech.com Open in urlscan Pro
158.69.181.32 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

93 %
HTTPS

53 %
IPv6

27
Domains

38
Subdomains

35
IPs

4
Countries

2236 kB
Transfer

5613 kB
Size

20
Cookies

152 HTTP transactions
3 data transactions