urlscan.io logo urlscan.io
SecurityTrails logo

www.mediafire.com Open in urlscan Pro
104.16.202.237  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Submission: On January 25 via manual from JP — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 8 countries across 54 domains to perform 276 HTTP transactions. The main IP is 104.16.202.237, located in and belongs to CLOUDFLARENET, US. The main domain is www.mediafire.com. The Cisco Umbrella rank of the primary domain is 26552.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on August 28th 2021. Valid for: a year.
This is the only time www.mediafire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 104.16.202.237 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
18 2607:f8b0:400... 15169 (GOOGLE)
7 142.250.65.162 15169 (GOOGLE)
1 54.192.100.135 16509 (AMAZON-02)
3 104.97.113.145 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.26.226.86 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
5 34.200.124.21 14618 (AMAZON-AES)
2 35.244.159.8 15169 (GOOGLE)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 34.107.148.139 15169 (GOOGLE)
11 104.16.68.69 13335 (CLOUDFLAR...)
2 51.222.39.185 16276 (OVH)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.91.106.207 16625 (AKAMAI-AS)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 162.252.214.5 53334 (TUT-AS)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
8 2607:f8b0:400... 15169 (GOOGLE)
30 2607:f8b0:400... 15169 (GOOGLE)
19 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
18 29 142.250.80.34 15169 (GOOGLE)
6 14 23.52.162.21 16625 (AKAMAI-AS)
8 12 68.67.181.202 29990 (ASN-APPNEX)
25 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 142.250.176.194 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
4 4 74.121.140.14 30419 (MEDIAMATH...)
5 5 15.197.193.217 16509 (AMAZON-02)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 124.146.215.46 2514 (INFOSPHER...)
2 2 44.196.51.251 14618 (AMAZON-AES)
9 104.114.160.25 16625 (AKAMAI-AS)
2 104.102.253.5 16625 (AKAMAI-AS)
2 7 34.98.64.218 15169 (GOOGLE)
3 3 54.85.104.149 14618 (AMAZON-AES)
2 3 54.175.87.114 14618 (AMAZON-AES)
1 2 209.54.180.3 16509 (AMAZON-02)
3 3 2620:112:f006... 6336 (TURN-US-ASN)
3 3 151.101.66.49 54113 (FASTLY)
2 2600:1f18:4e9... 14618 (AMAZON-AES)
1 2620:100:a001::c 19750 (AS-CRITEO)
1 1 198.8.71.129 54312 (ROCKETFUEL)
1 1 69.166.1.10 27630 (AS-XFERNET)
2 104.81.240.21 16625 (AKAMAI-AS)
2 2 34.236.79.15 14618 (AMAZON-AES)
1 1 74.119.119.150 19750 (AS-CRITEO)
3 3 35.211.178.172 15169 (GOOGLE)
2 2 64.202.112.95 22075 (AS-OUTBRAIN)
1 1 173.223.56.123 16625 (AKAMAI-AS)
2 2 35.207.24.140 15169 (GOOGLE)
1 104.36.115.113 62713 (AS-PUBMATIC)
2 2 185.184.10.30 203690 (RTB-HOUSE...)
2 2 207.198.113.179 13768 (COGECO-PEER1)
8 8 54.236.200.174 14618 (AMAZON-AES)
1 1 35.175.84.112 14618 (AMAZON-AES)
1 2 185.167.164.49 198622 (ADFORM)
8 8.28.7.83 62713 (AS-PUBMATIC)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 1 199.187.193.185 47043 (SMARTADSE...)
1 1 193.122.130.38 31898 (ORACLE-BM...)
1 2 35.190.60.146 15169 (GOOGLE)
3 104.36.115.114 62713 (AS-PUBMATIC)
1 1 52.116.221.248 36351 (SOFTLAYER)
276 58
16    104.16.202.237 (None, )

ASN13335 (CLOUDFLARENET, US)
www.mediafire.com
static.mediafire.com
2    2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
18    2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
translate.google.com
7    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
securepubads.g.doubleclick.net
1    54.192.100.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-100-135.ewr53.r.cloudfront.net
cdn.amplitude.com
3    104.97.113.145 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-97-113-145.deploy.static.akamaitechnologies.com
c.aaxads.com
l3.aaxads.com
1    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2606:4700::6813:d725 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.otnolatrnup.com
otnolatrnup.com
1    52.26.226.86 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-226-86.us-west-2.compute.amazonaws.com
api.amplitude.com
1    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)
translate.googleapis.com
5    34.200.124.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-124-21.compute-1.amazonaws.com
btlr.sharethrough.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
mediafire-d.openx.net
us-u.openx.net
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
11    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
2    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
3    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
1    104.91.106.207 (Boston, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-91-106-207.deploy.static.akamaitechnologies.com
www.aaxdetect.com
3    2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2607:f8b0:4023:1404::9c (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2607:f8b0:4006:80c::2001 (United States)

ASN15169 (GOOGLE, US)
d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
1    2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)
translate-pa.googleapis.com
4    2607:f8b0:4006:81d::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
2    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)
6.adsco.re
4    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
4.adsco.re
adsco.re
1    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
jpb4huqkvfk7.l4.adsco.re
1    38.132.109.186 (New York, United States)

ASN9009 (M247, GB)
jpb4huqkvfk7.n4.adsco.re
1    185.200.116.90 (Singapore, Singapore)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
jpb4huqkvfk7.s4.adsco.re
8    2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
30    2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
19    2607:f8b0:4006:822::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
29    142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
cm.g.doubleclick.net
14    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
12    68.67.181.202 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
25    2607:f8b0:4006:820::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2606:4700::6813:d625 (United States)

ASN13335 (CLOUDFLARENET, US)
otnolatrnup.com
8    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
googleads4.g.doubleclick.net
4    2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2607:f8b0:4006:80e::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    124.146.215.46 (Shibuya, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    44.196.51.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-51-251.compute-1.amazonaws.com
cs.emxdgt.com
9    104.114.160.25 (Chicago, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-114-160-25.deploy.static.akamaitechnologies.com
contextual.media.net
2    104.102.253.5 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-253-5.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
3    54.85.104.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-104-149.compute-1.amazonaws.com
pixel.advertising.com
3    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    2620:112:f006:bbbb::12 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2600:1f18:4e9:5a02:efb6:c060:3207:6cbc (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    198.8.71.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    104.81.240.21 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-81-240-21.deploy.static.akamaitechnologies.com
cs.media.net
2    34.236.79.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-79-15.compute-1.amazonaws.com
pm.w55c.net
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
3    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    173.223.56.123 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-123.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
2    207.198.113.179 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
8    54.236.200.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-200-174.compute-1.amazonaws.com
match.prod.bidr.io
1    35.175.84.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-84-112.compute-1.amazonaws.com
match.sharethrough.com
2    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
8    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    199.187.193.185 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
3    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    52.116.221.248 (United States)

ASN36351 (SOFTLAYER, US)
PTR: f8.dd.7434.ip4.static.sl-reverse.com
um.simpli.fi
Apex Domain
Subdomains		 Transfer
54 googlesyndication.com
d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
285 KB
53 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
305 KB
25 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
3 MB
24 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2438
translate.google.com — Cisco Umbrella Rank: 1164
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
134 KB
16 mediafire.com
www.mediafire.com — Cisco Umbrella Rank: 26552
static.mediafire.com — Cisco Umbrella Rank: 39387
251 KB
15 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 473
image6.pubmatic.com — Cisco Umbrella Rank: 595
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image2.pubmatic.com — Cisco Umbrella Rank: 1032
image4.pubmatic.com — Cisco Umbrella Rank: 848
simage4.pubmatic.com — Cisco Umbrella Rank: 1179
36 KB
14 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
13 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
11 KB
12 adsco.re
c.adsco.re — Cisco Umbrella Rank: 15182
6.adsco.re — Cisco Umbrella Rank: 16216
4.adsco.re — Cisco Umbrella Rank: 17467
adsco.re — Cisco Umbrella Rank: 13596
jpb4huqkvfk7.l4.adsco.re
jpb4huqkvfk7.n4.adsco.re
jpb4huqkvfk7.s4.adsco.re
49 KB
12 media.net
prebid.media.net — Cisco Umbrella Rank: 1360
contextual.media.net — Cisco Umbrella Rank: 516
cs.media.net — Cisco Umbrella Rank: 1922
23 KB
11 districtm.io
dmx.districtm.io — Cisco Umbrella Rank: 1407
cdn.districtm.io — Cisco Umbrella Rank: 2067
5 KB
9 openx.net
mediafire-d.openx.net — Cisco Umbrella Rank: 43054
us-u.openx.net — Cisco Umbrella Rank: 359
13 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
4 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
67 KB
7 googleapis.com
translate.googleapis.com — Cisco Umbrella Rank: 955
translate-pa.googleapis.com — Cisco Umbrella Rank: 1674
fonts.googleapis.com — Cisco Umbrella Rank: 47
86 KB
6 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1349
match.sharethrough.com — Cisco Umbrella Rank: 637
1 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
3 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
149 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
805 B
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
1 KB
3 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
1 KB
3 otnolatrnup.com
cdn.otnolatrnup.com — Cisco Umbrella Rank: 43386
otnolatrnup.com — Cisco Umbrella Rank: 39539
67 KB
3 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 4855
l3.aaxads.com — Cisco Umbrella Rank: 5955
116 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 316
436 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
950 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
808 B
2 creativecdn.com
us.creativecdn.com — Cisco Umbrella Rank: 3401
697 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 865
800 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 588
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 876
1 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 369
dis.criteo.com — Cisco Umbrella Rank: 691
910 B
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
2 KB
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 908
647 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2928
api.amplitude.com — Cisco Umbrella Rank: 1266
22 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
99 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
653 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1292
801 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578
763 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 577
800 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 510
1 KB
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
831 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 702
689 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1948
1 KB
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4389
542 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 7861
501 B
1 aaxdetect.com
www.aaxdetect.com — Cisco Umbrella Rank: 8265
323 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
3 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1366
5 KB
0 pippio.com Failed
pippio.com Failed
276 54
Domain Requested by
30 pagead2.googlesyndication.com d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.mediafire.com
www.googletagservices.com
securepubads.g.doubleclick.net
29 cm.g.doubleclick.net 18 redirects googleads.g.doubleclick.net
d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
www.mediafire.com
us-u.openx.net
25 s0.2mdn.net www.mediafire.com
s0.2mdn.net
d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
19 tpc.googlesyndication.com d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
17 fundingchoicesmessages.google.com www.mediafire.com
14 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
12 ib.adnxs.com 8 redirects googleads.g.doubleclick.net
11 static.mediafire.com www.mediafire.com
9 contextual.media.net www.mediafire.com
contextual.media.net
9 dmx.districtm.io www.mediafire.com
cdn.districtm.io
8 match.prod.bidr.io 8 redirects
8 us-u.openx.net 2 redirects www.mediafire.com
us-u.openx.net
8 googleads4.g.doubleclick.net www.mediafire.com
8 googleads.g.doubleclick.net d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
www.mediafire.com
7 securepubads.g.doubleclick.net www.mediafire.com
securepubads.g.doubleclick.net
5 match.adsrvr.org 5 redirects
5 d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 btlr.sharethrough.com www.mediafire.com
5 www.mediafire.com www.mediafire.com
static.cloudflareinsights.com
4 image2.pubmatic.com ads.pubmatic.com
4 simage2.pubmatic.com ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com s0.2mdn.net
4 www.googletagservices.com d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
4 www.google.com www.mediafire.com
d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 x.bidswitch.net 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 ad.turn.com 3 redirects
3 ups.analytics.yahoo.com 2 redirects us-u.openx.net
3 pixel.advertising.com 3 redirects
3 www.gstatic.com www.mediafire.com
translate.googleapis.com
3 c.adsco.re cdn.otnolatrnup.com
c.adsco.re
2 image4.pubmatic.com ads.pubmatic.com
2 idsync.rlcdn.com 1 redirects ads.pubmatic.com
2 c1.adform.net 1 redirects ads.pubmatic.com
2 pixel-sync.sitescout.com 2 redirects
2 us.creativecdn.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 pm.w55c.net 2 redirects
2 cs.media.net contextual.media.net
2 pr-bh.ybp.yahoo.com us-u.openx.net
ads.pubmatic.com
2 s.amazon-adsystem.com 1 redirects us-u.openx.net
2 ads.pubmatic.com www.mediafire.com
ads.pubmatic.com
2 cdn.districtm.io www.mediafire.com
cdn.districtm.io
2 cs.emxdgt.com 2 redirects
2 otnolatrnup.com cdn.otnolatrnup.com
2 adsco.re c.adsco.re
2 4.adsco.re www.mediafire.com
c.adsco.re
2 6.adsco.re www.mediafire.com
c.adsco.re
2 adservice.google.com securepubads.g.doubleclick.net
2 onetag-sys.com www.mediafire.com
2 translate.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 c.aaxads.com www.mediafire.com
2 www.googletagmanager.com www.mediafire.com
1 simage4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi 1 redirects
1 sync.technoratimedia.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 match.sharethrough.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 stags.bluekai.com 1 redirects
1 dis.criteo.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 p.rfihub.com 1 redirects
1 gum.criteo.com contextual.media.net
1 tg.socdm.com 1 redirects
1 dsp.adkernel.com 1 redirects
1 jpb4huqkvfk7.s4.adsco.re c.adsco.re
1 jpb4huqkvfk7.n4.adsco.re c.adsco.re
1 jpb4huqkvfk7.l4.adsco.re c.adsco.re
1 www.google.ca www.mediafire.com
1 l3.aaxads.com www.mediafire.com
1 translate-pa.googleapis.com srcdoc
1 stats.g.doubleclick.net www.google-analytics.com
1 www.aaxdetect.com www.mediafire.com
1 prebid.media.net www.mediafire.com
1 hbopenbid.pubmatic.com www.mediafire.com
1 mediafire-d.openx.net www.mediafire.com
1 www.facebook.com www.mediafire.com
1 api.amplitude.com cdn.amplitude.com
1 cdn.otnolatrnup.com www.mediafire.com
1 static.cloudflareinsights.com www.mediafire.com
1 translate.google.com www.mediafire.com
1 cdn.amplitude.com www.mediafire.com
0 pippio.com Failed us-u.openx.net
276 89
Subject Issuer Validity Valid
*.mediafire.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-28 -
2022-09-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
cdn.amplitude.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
*.aaxads.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2020-02-18 -
2022-02-13		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-03 -
2022-02-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA		 2021-09-06 -
2022-09-28		 a year crt.sh
*.aaxdetect.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.l4.adsco.re
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
*.n4.adsco.re
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
*.s4.adsco.re
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh

This page contains 34 frames:

Primary Page: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Frame ID: 31DA004EDD9C343DE3852588EE4FD3B3
Requests: 89 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575
Frame ID: BF1979FE7256D67079660604FE205461
Requests: 1 HTTP requests in this frame

Frame: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 953CF304CC33903FA86966F1A722026B
Requests: 1 HTTP requests in this frame

Frame: https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=en-US&key=AIzaSyBwiZMnpJaVvcWHlTAcFdNmtrJb_P4aLXc&callback=callback
Frame ID: 29623DC1FC8AF2DD1B513B91050B0927
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: E0197413A2F040981460E3EC53AF8848
Requests: 4 HTTP requests in this frame

Frame: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FCB049E32B473472EF39A1152168013E
Requests: 15 HTTP requests in this frame

Frame: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5C258260BC7A151E56461640C91B568B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNV3JmHNDprY56OpkJ0LBAzaXVrFSX1pyFPrG930p9IXBtnAvepC_C4SBcaoJ4EsdbOWIX_jHuxsXWq1-23Y_Znivgrc06vds2unUMzGBxxIcoOPEUE
Frame ID: C4E8F41272EDF62986C9EA959FC3ECDD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUY_oOBmAEwAQ&v=APEucNVxA9HSvGsAgOR4u64Njsg3sVTfDDpGNPKcqhF4dAnrrQleLwo4Cs7OoylBHYmcL8Ft6xqqZLRhpK5qgUsYeGuDtSrQyDRawxCVu_rym-OVk-PKS0o
Frame ID: 3D195D7D7E17D5D273A56C43060A084E
Requests: 5 HTTP requests in this frame

Frame: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 137D541FE62A50063A34C8FCECDB5355
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
Frame ID: 291E96DF8EC69FDBF91D3D09E954537C
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
Frame ID: 5C7574E7FE73FD24C15FDE7287DDF8D0
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 80A0067B839D533EA41EDEED03239DCC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 01AE3D3EF73E367B94A0CA4C07437719
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUY_oOBmAEwAQ&v=APEucNVsZS2r0pdW7sv4B6f4y3-QQMjCFTCGn6YBAzxC3pnF5YugjrJduBqb3hs-87MJIq2ZMkdSDa3KVZUBt_a6QrO5UI3v4ab1ZfXK5cymZBOp2FVTGZk
Frame ID: 7572F931DD4FA6EBEBD02CFC5A418C9D
Requests: 5 HTTP requests in this frame

Frame: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0BA6DC7CF16FA0C304098F2425532B06
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNX5zq4v5Flji9DS956ZQRqO_Cz7cAgsf_NBu45yp3vp3PnVItBdcZ2_N06QWrrB9i6qIdX82hwgEQiKNZwGai9O1L5MBrYRHXpLICSzP-1HzTGaGGw
Frame ID: 18F1CB40371798675CA10E031C1A6EDE
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
Frame ID: DCB6CA2F7CD279F7862A4345580E407C
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
Frame ID: 3D0F1CB82EA45567B7CABDDFD8BDD5E5
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 19670DEF3CC4C183AEF36CFC261D4690
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 95B64D4181F46EE3DE5D4D971CE37CAA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 90A386D732DC3570E14B8199EDC93394
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A045C50E488CD4D3546B5B1D75ED570C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0DCA6C71826CD3E89C7FB10856454FF5
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C173%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C262%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 6ADFF5301D19AF608DB25E810332E9D4
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1643072497599
Frame ID: BCC3C352D071C609908F36766C45ADED
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Frame ID: DC46D75B529964CF73F1CCBE32EF8FC2
Requests: 11 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 5DEB658C87474CF6ACDFC1D604FCC5D5
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Frame ID: 02E12B9D036F4D4E2E61CCC064CF73EF
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2860741001455533000V10&type=rkt&refUrl=&vid=30725009062860741001455533000V10&ovsid=1978557988489650912
Frame ID: 34A4A18375BE2D455710A434F127CE06
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3E8A32ED-6DE8-48EE-AACA-66CCEC6F297D
Frame ID: 45CE19EE1743F5FC89C0E0EF9F1234E9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ye9L9AABFB0wWQBB&gdpr=0&gdpr_consent=
Frame ID: 9BA02D477851A5865DD370CADD13EAF7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:058b61ef-4bf3-4c00-894e-359ba6a44298&gdpr=0&gdpr_consent=
Frame ID: A709BD4EDADB34341E0BAA258E76C08E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACcTU7D3pgAAECdQh_LFw
Frame ID: D1272F8ACB95E86AF34B910878B092E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MobiHok-Free-Download-v6-v6,1-Clean

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Page Statistics

276
Requests

80 %
HTTPS

33 %
IPv6

54
Domains

89
Subdomains

58
IPs

8
Countries

4809 kB
Transfer

8579 kB
Size

118
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPmUGLXavf6Q8SKU_MzY1Po&google_cver=1&gdpr=0
Request Chain 94
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ye9L8vEu.ZucI7-t1oyNigAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvTT6225_ox-JRow5IEzbw&google_cver=1&google_hm=2
Request Chain 95
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEY6J0a9W8gyP69x2l4-f6c&google_cver=1
Request Chain 96
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPmUGLXavf6Q8SKU_MzY1Po&google_cver=1&gdpr=0
Request Chain 98
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ye9L8vEu.ZucI7-t1oyNigAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvTT6225_ox-JRow5IEzbw&google_cver=1&google_hm=2
Request Chain 99
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEY6J0a9W8gyP69x2l4-f6c&google_cver=1
Request Chain 100
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
Request Chain 134
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&gdpr=0
Request Chain 135
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ye9L8vEu.ZucI7-t1oyNigAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&google_hm=2
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEN0FcKk1-EpXnk_8_PIrjhM&google_cver=1
Request Chain 137
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
Request Chain 152
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&gdpr=0
Request Chain 153
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ye9L8vEu.ZucI7-t1oyNigAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&google_hm=2
Request Chain 154
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEN0FcKk1-EpXnk_8_PIrjhM&google_cver=1
Request Chain 155
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
Request Chain 181
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED4WqixBB9lzOt5hY2CBVE0&google_cver=1&google_push=AYg5qPIVOVSuxAbPGwGDA4hJ2snTWaLZz5zXs8z4YwS2whoZCiZpL3MsQT94Tos61_pOl9m8LTRVpiFQC-3AvR0r7KuH3qw0l-woDA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIVOVSuxAbPGwGDA4hJ2snTWaLZz5zXs8z4YwS2whoZCiZpL3MsQT94Tos61_pOl9m8LTRVpiFQC-3AvR0r7KuH3qw0l-woDA
Request Chain 182
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESED-GdEnYXVy8lqWfcYyJLso&google_cver=1&google_push=AYg5qPKOgS6hicoT95QdMMy2tUBjuUm_KkCzqoGVxkBmpx7_B-LtcUGu-5DMiLLc8HYY10BD4B59UAdtOjK7jJoJNaZaQGVrLN_6ZA HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESED-GdEnYXVy8lqWfcYyJLso&google_cver=1&google_push=AYg5qPKOgS6hicoT95QdMMy2tUBjuUm_KkCzqoGVxkBmpx7_B-LtcUGu-5DMiLLc8HYY10BD4B59UAdtOjK7jJoJNaZaQGVrLN_6ZA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=Zjg5ZDE0MzItMjBhOS00MjZmLWIxMGYtZTM3NTQ0ZWMyZTJi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=f89d1432-20a9-426f-b10f-e37544ec2e2b
Request Chain 184
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEMJGM8Wcf-YEmBlfe8Dl0Fw&google_cver=1&google_push=AYg5qPIFRrVPmsvzI-9Uyn7wUfAapERdsroqVURw_f_byoFiV17bhtGVNw8dNFOuGumVD9bJWZHomYX92Nifwq1caX3teguRMcytdw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTEyNjIyMjk1NDQ5NjU2NTE0NjQ&google_push=AYg5qPIFRrVPmsvzI-9Uyn7wUfAapERdsroqVURw_f_byoFiV17bhtGVNw8dNFOuGumVD9bJWZHomYX92Nifwq1caX3teguRMcytdw
Request Chain 185
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELTnFM6fOevlwP0_Z3Rbm6Y&google_cver=1&google_push=AYg5qPI5-C_eXWAI0qXriqzJI2OqtFjEs8ot-3gdGLj_rh3y5gN07UaRydOojVH-RyJw1DmiM67DnWcmozLszus0a6qrZSMyZk88WA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPI5-C_eXWAI0qXriqzJI2OqtFjEs8ot-3gdGLj_rh3y5gN07UaRydOojVH-RyJw1DmiM67DnWcmozLszus0a6qrZSMyZk88WA&google_hm=WWU5TDg4Q284WFVBQUZOLllSRUFBQUFB
Request Chain 186
  • https://sync.inmobi.com/gob?google_gid=CAESEP2rBYZduzKB_W2CsGdtJaM&google_cver=1&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk&gdpr_consent=&gdpr= HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMO4-sBvQxxh4dQcF86pbo1DJbCmOW3fw20wo1qpg&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk
Request Chain 187
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEEoCOnX9o64PLuOhas5aiEs&google_cver=1&google_push=AYg5qPJ5AUEPOqYwXJQ2oBvQmULXLfzUgi8RNpwMy1g-V-F1y9Hctddd6fnphSzMdJ2eJ4dt_jQ5MYwmxMFKRrmcq6h-0azombRAIyA HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Demx_eb%26google_hm%3DNTc0MTE2NDMwNzI0OTk0NDg5MTJhYQ%3D%3D&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbD9nb29nbGVfbmlkPWVteF9lYiZnb29nbGVfaG09TlRjME1URTJORE13TnpJME9UazBORGc1TVRKaFlRPT0=&ssp=google_ob HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=8025915137503046458&redirect=https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTc0MTE2NDMwNzI0OTk0NDg5MTJhYQ==&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdWJsZWNsaWNrLm5ldC9waXhlbD9nb29nbGVfbmlkPWVteF9lYiZnb29nbGVfaG09TlRjME1URTJORE13TnpJME9UazBORGc1TVRKaFlRPT0=&ssp=google_ob HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTc0MTE2NDMwNzI0OTk0NDg5MTJhYQ==
Request Chain 232
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=7e971192-045c-0308-3c00-7d1feb55ff61 HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=7e971192-045c-0308-3c00-7d1feb55ff61&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=7e971192-045c-0308-3c00-7d1feb55ff61&apid=UP5b13d0c1-7d7a-11ec-95b2-02b1c9ea71a3
Request Chain 233
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=0595ed7d-1171-0f21-305e-3ce6456d6ad0 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokMDU5NWVkN2QtMTE3MS0wZjIxLTMwNWUtM2NlNjQ1NmQ2YWQwEAAaDQj0l72PBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=c4120160b022e67307407087e74a7081f1206a730147a2fc6ed5e8fa67a98be2791426b5417dce21&_=2
Request Chain 234
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8025915137503046458
Request Chain 235
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0885ee66-c09c-82bb-af29-3e8214c5c0e8 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0885ee66-c09c-82bb-af29-3e8214c5c0e8&dcc=t
Request Chain 236
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7145531615313356293&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 237
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Ye9L9AABFB0wWQBB HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Ye9L9AABFB0wWQBB&_test=Ye9L9AABFB0wWQBB
Request Chain 239
  • https://match.adsrvr.org/track/cmf/openx?oxid=5053921b-dc36-3941-6f27-bc157cf60b08&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f89d1432-20a9-426f-b10f-e37544ec2e2b&ttd_puid=5053921b-dc36-3941-6f27-bc157cf60b08
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPfQHRIUNNzyohmHNnfKGRA&google_cver=1
Request Chain 245
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2860741001455533000V10%26type%3Drkt%26refUrl%3D%26vid%3D30725009062860741001455533000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2860741001455533000V10&type=rkt&refUrl=&vid=30725009062860741001455533000V10&ovsid=1978557988489650912
Request Chain 246
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=2860741001455533000V10&type=son&refUrl=&vid=30725009062860741001455533000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2860741001455533000V10&type=son&refUrl=&vid=30725009062860741001455533000V10&ovsid=001ccc16-7030-4a42-b497-660421669fd4
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjg2MDc0MTAwMTQ1NTUzMzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEFB0g55ACscRov97Le0n6vo&google_cver=1
Request Chain 248
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2860741001455533000V10%26type%3Ddxu%26refUrl%3D%26vid%3D30725009062860741001455533000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2860741001455533000V10%26type%3Ddxu%26refUrl%3D%26vid%3D30725009062860741001455533000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2860741001455533000V10&type=dxu&refUrl=&vid=30725009062860741001455533000V10&ovsid=ziJGSgz31Ncadn5
Request Chain 249
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0eacd359-ec43-4225-aeba-44ef760beea0
Request Chain 250
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3Dcf6a5d23-7914-4657-a188-1491a4c89510&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=058b61ef-4bf3-4c00-894e-359ba6a44298&expires=30&ssp=medianet&bsw_param=cf6a5d23-7914-4657-a188-1491a4c89510&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=cf6a5d23-7914-4657-a188-1491a4c89510&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 251
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2860741001455533000V10%26type%3Dzem%26refUrl%3D%26vid%3D30725009062860741001455533000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=dj36vpd1eyWuOdaoxhXt&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLENIZTM5TQMQYWK6KXOVHWIYLPPBUFQ5BGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTANZSGUYDAOJQGYZDQNRQG42DCMBQGE2DKNJVGMZTAMBQKYYTAJTWONUWIPJSHA3DANZUGEYDAMJUGU2TKMZTGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLENIZTM5TQMQYWK6KXOVHWIYLPPBUFQ5BGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTANZSGUYDAOJQGYZDQNRQG42DCMBQGE2DKNJVGMZTAMBQKYYTAJTWONUWIPJSHA3DANZUGEYDAMJUGU2TKMZTGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=dj36vpd1eyWuOdaoxhXt&refUrl=&type=zem&vid=30725009062860741001455533000V10&vsid=2860741001455533000V10
Request Chain 252
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2860741001455533000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2860741001455533000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=3e7d8b5f-ba78-4679-9374-3bff24095508&cs=1
Request Chain 253
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f89d1432-20a9-426f-b10f-e37544ec2e2b
Request Chain 254
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2860741001455533000V10%26type%3Damb%26refUrl%3D%26vid%3D30725009062860741001455533000V10%26ovsid%3D%23USER_ID%23 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2860741001455533000V10&type=amb&refUrl=&vid=30725009062860741001455533000V10&ovsid=7073474021275428357
Request Chain 256
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP5b13d0c1-7d7a-11ec-95b2-02b1c9ea71a3 HTTP 302
  • https://dmx.districtm.io/s/10051/y-hs0ZbxpE2uGTXb0T6MktUCEW0W0K55jV~A~UP5b13d0c1-7d7a-11ec-95b2-02b1c9ea71a3
Request Chain 257
  • https://us.creativecdn.com/cm-notify?pi=districtm HTTP 302
  • https://us.creativecdn.com/cm-notify?pi=districtm&tc=1 HTTP 302
  • https://dmx.districtm.io/s/10027/zY2u9c5JdrI7qJX2w01Y?pi=districtm&tc=1
Request Chain 258
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96 HTTP 302
  • https://dmx.districtm.io/s/10001/f993fda0-42d5-44ff-8b3d-6c308e681773-61ef4bf5-4341
Request Chain 259
  • https://match.prod.bidr.io/cookie-sync/districtm HTTP 303
  • https://match.prod.bidr.io/cookie-sync/districtm?_bee_ppp=1 HTTP 303
  • https://dmx.districtm.io/s/10025/AAA6m07D3pgAAEFxK6gEmg
Request Chain 260
  • https://match.sharethrough.com/1PQ8qgv7/v1/ HTTP 302
  • https://dmx.districtm.io/s/10059/107f1c55-1bbe-48b2-8bba-05cb0953b95a
Request Chain 261
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3E8A32ED-6DE8-48EE-AACA-66CCEC6F297D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3E8A32ED-6DE8-48EE-AACA-66CCEC6F297D
Request Chain 262
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ye9L9AABFB0wWQBB&gdpr=0&gdpr_consent=
Request Chain 263
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:058b61ef-4bf3-4c00-894e-359ba6a44298&gdpr=0&gdpr_consent=
Request Chain 264
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDY1RVN0QzcGdBQUVDZFFoX0xGdw&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACcTU7D3pgAAECdQh_LFw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACcTU7D3pgAAECdQh_LFw&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACcTU7D3pgAAECdQh_LFw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1938027340317007171 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AACcTU7D3pgAAECdQh_LFw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1938027340317007171%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?userid=1938027340317007171&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACcTU7D3pgAAECdQh_LFw
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Pooy7W3oSO6qymbM7G8pfQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 266
  • https://idsync.rlcdn.com/420486.gif?partner_uid=3E8A32ED-6DE8-48EE-AACA-66CCEC6F297D HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0595ed7d-1171-0f21-305e-3ce6456d6ad0
Request Chain 267
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=058b61ef-4bf3-4c00-894e-359ba6a44298
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0U4QTMyRUQtNkRFOC00OEVFLUFBQ0EtNjZDQ0VDNkYyOTdE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 269
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA7LBY429hy9efWOP4-Rf3U&google_cver=1
Request Chain 270
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D9CF01CF5CDF4A709152F4177C7AF060
Request Chain 271
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7289646803389212165&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 272
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f89d1432-20a9-426f-b10f-e37544ec2e2b
Request Chain 274
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3E8A32ED-6DE8-48EE-AACA-66CCEC6F297D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZkVt5IJE2uXDi_GfoLpsovZ0gDX7urE-~A&gdpr=0&gdpr_consent=

276 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request file
www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/ 		315 KB
86 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fadf30edeffb402b69fd6357a8e812dc14c6c9069975517183ae68d0361705
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Tue, 25 Jan 2022 01:01:36 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=0
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
expires
0
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d2d923f2cad3fcd-YYZ
content-encoding
gzip
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-829541-1
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
46f889b299c4cf465ea6b35fb7a55d5bc73c39e6a87236b3f605a390153efe62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35988
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 00:42:45 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Jan 2022 01:01:37 GMT
AGSKWxXxhCjA0376PEJRKvPbYABIeaqFcJOARWkOOyVBNfrKKqu3hGNujPnDlFLsbJnzVyv6SNOTkimv2wm82c-AdjA=
fundingchoicesmessages.google.com/f/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXxhCjA0376PEJRKvPbYABIeaqFcJOARWkOOyVBNfrKKqu3hGNujPnDlFLsbJnzVyv6SNOTkimv2wm82c-AdjA=
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
614133818f8a85903004d8c00b079830eae4a8153004563f64660f2ca8e7bb13
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KgJowWH9M8ldEd1afQEyJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KgJowWH9M8ldEd1afQEyJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KgJowWH9M8ldEd1afQEyJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KgJowWH9M8ldEd1afQEyJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
cb17c161c34d66467614bac8254ca44ce6ee01987926b66a1a6f6ec359acc9af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27021
x-xss-protection
0
server
sffe
etag
"1112 / 846 of 1000 / last-modified: 1643065529"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Jan 2022 01:01:37 GMT
prebid5.17.0.js
www.mediafire.com/js/ 		263 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediafire.com/js/prebid5.17.0.js
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a39730df25a30a8453ed3206ed5d88f56f774f8709c9e9bd59378153c6acf80

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 25 Oct 2021 17:23:40 GMT
server
cloudflare
etag
W/"6176e81c-41aec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
cf-ray
6d2d92425aad3fcd-YYZ
expires
Thu, 24 Feb 2022 01:01:37 GMT
amplitude-8.5.0-min.gz.js
cdn.amplitude.com/libs/ 		68 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-135.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4

Request headers

Referer
https://www.mediafire.com/
Origin
https://www.mediafire.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 15:38:35 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
8241782
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22154
access-control-allow-origin
*
last-modified
Fri, 13 Aug 2021 22:37:42 GMT
server
AmazonS3
etag
"660c3b546f2a131de50b69b91f26c636"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
c6FLZBMU3y86bUtZDQZeadRCkS10htLpOeRJO4lXTOMNO13EHSacxA==
aax.js
c.aaxads.com/ 		424 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=www.mediafire.com&ver=1.2
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.97.113.145 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-97-113-145.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc2b3ca8c4be2d5c3f446cc98c0bad919f76ce3cda5c097597981b9e26469458
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Tue, 25 Jan 2022 01:01:37 GMT
vary
Accept-Encoding
x-mnet-h
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=1800
content-type
text/javascript; charset=utf-8
expires
Tue, 25 Jan 2022 01:31:37 GMT
gtm.js
www.googletagmanager.com/ 		201 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa20878dee0f3bebea0b45af7568851dfc928387483b197fdbe5da34a7bfc467
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64414
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 00:42:45 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Jan 2022 01:01:37 GMT
mf_logo_full_color.svg
static.mediafire.com/images/backgrounds/header/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Oct 2016 22:22:42 GMT
server
cloudflare
age
1315
etag
W/"5813cfb2-d1d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/svg+xml
access-control-allow-origin
*
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
cf-ray
6d2d92425aaf3fcd-YYZ
file-zip-v3.png
static.mediafire.com/images/filetype/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/filetype/file-zip-v3.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
cf-cache-status
HIT
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
age
534693
content-length
1872
last-modified
Fri, 11 Mar 2016 23:22:56 GMT
server
cloudflare
etag
"56e35350-750"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6d2d92425ab13fcd-YYZ
expires
Thu, 17 Feb 2022 20:30:04 GMT
element.js
translate.google.com/translate_a/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googFooterTranslate
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c183665e382cdeb42cbeb72042eaf5610b666059061cac0e998930884b01f8a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.mediafire.com/
Origin
https://www.mediafire.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6d2d9242dfc34bd6-YUL
icons_sprite.svg
www.mediafire.com/images/icons/svg_light/ 		36 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mediafire.com/images/icons/svg_light/icons_sprite.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba1bc2084def769e77a7dbf97cd91d68fe6c6d55b5d183a7d36630da8da2b02

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 27 Sep 2021 17:45:30 GMT
server
cloudflare
etag
W/"6152033a-90ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cf-ray
6d2d9242ab233fcd-YYZ
dl_promo_logo.png
static.mediafire.com/images/backgrounds/download/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/backgrounds/download/dl_promo_logo.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
174d0ce23ddaa3923575af7a8e047e1dbf75199ebee7df1aca5e5713c4a1dd62

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
cf-cache-status
HIT
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
age
534707
content-length
2240
last-modified
Fri, 11 Mar 2016 23:22:56 GMT
server
cloudflare
etag
"56e35350-8c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6d2d9242ab253fcd-YYZ
expires
Thu, 17 Feb 2022 20:29:50 GMT
apps_list_sprite-v6.png
static.mediafire.com/images/backgrounds/download/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/backgrounds/download/apps_list_sprite-v6.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc54b817820f14ce6395ba2a037f37d4bb0af75d5b017336140793fbe2f7f738

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
cf-cache-status
HIT
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
age
534707
content-length
8145
last-modified
Tue, 05 Oct 2021 21:36:28 GMT
server
cloudflare
etag
"615cc55c-1fd1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6d2d9242ab283fcd-YYZ
expires
Thu, 17 Feb 2022 20:29:50 GMT
arrow_dropdown.svg
www.mediafire.com/images/icons/svg_dark/ 		315 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 18 Dec 2018 18:09:53 GMT
server
cloudflare
etag
W/"5c1937f1-13b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cf-ray
6d2d9242bb2a3fcd-YYZ
check_circle_green.svg
static.mediafire.com/images/icons/svg_dark/ 		444 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/icons/svg_dark/check_circle_green.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03c8d2dc7d985c3004ff2cd6d8148dd03560f37ed15efdf6c2d7f4d771d0e599

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 17 Jul 2018 20:30:14 GMT
server
cloudflare
age
587
etag
W/"5b4e51d6-1bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/svg+xml
access-control-allow-origin
*
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
cf-ray
6d2d9242bb373fcd-YYZ
fb_16x16.png
static.mediafire.com/images/backgrounds/download/social/ 		181 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/backgrounds/download/social/fb_16x16.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
cf-cache-status
HIT
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
age
534706
content-length
181
last-modified
Fri, 11 Mar 2016 23:22:56 GMT
server
cloudflare
etag
"56e35350-b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6d2d9242cb653fcd-YYZ
expires
Thu, 17 Feb 2022 20:29:51 GMT
infinity.js.aspx
cdn.otnolatrnup.com/Scripts/ 		193 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
eac075e804e8b9de8cc97d606eca4d0b15e2fb38bbb612fd72750428fd3ca726

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 00:56:30 GMT
server
cloudflare
age
220
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, no-transform, max-age=900
cf-ray
6d2d92434e69ece6-YUL
content-type
application/x-javascript; charset=utf-8
footerIcons.png
static.mediafire.com/images/backgrounds/footer/social/ 		583 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
cf-cache-status
HIT
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
age
534706
content-length
583
last-modified
Fri, 11 Mar 2016 23:22:56 GMT
server
cloudflare
etag
"56e35350-247"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6d2d92432c233fcd-YYZ
expires
Thu, 17 Feb 2022 20:29:51 GMT
/
api.amplitude.com/ 		7 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.226.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-226-86.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 25 Jan 2022 01:01:37 GMT
content-length
7
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
like.php
www.facebook.com/plugins/ Frame BF19 		0
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
3CJpA3vL56FpgOHzKCEr6t7JSKfdIihwcojxbEmflgqfzUTu+DYfYcjqKgXZzrZGz9WohiYPUEm76bbVnSb+WA==
content-length
0
date
Tue, 25 Jan 2022 01:01:37 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
world.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 		143 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/backgrounds/download/additional_content/world.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 17 Jul 2018 20:30:14 GMT
server
cloudflare
age
1098
etag
W/"5b4e51d6-23ce2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/svg+xml
access-control-allow-origin
*
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
cf-ray
6d2d92437ca03fcd-YYZ
continent-eu.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 		23 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/backgrounds/download/additional_content/continent-eu.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb99c4149249b280f1d3d924d9bdd29a4a14cba1e71775fb3bdbdf13ebd5a48

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 17 Jul 2018 20:30:14 GMT
server
cloudflare
age
5260
etag
W/"5b4e51d6-5ca3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/svg+xml
access-control-allow-origin
*
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
cf-ray
6d2d92437cb83fcd-YYZ
gbr.svg
static.mediafire.com/images/flags_svg/ 		522 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/flags_svg/gbr.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9b86c8de4422e66eeb0d0ab9074f51434eca690fd0caf96e7eade4ea726e32f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 17 Jul 2018 20:30:14 GMT
server
cloudflare
age
2394
etag
W/"5b4e51d6-20a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/svg+xml
access-control-allow-origin
*
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
cf-ray
6d2d92437cb93fcd-YYZ
flag.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 		234 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/backgrounds/download/additional_content/flag.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 17 Jul 2018 20:30:14 GMT
server
cloudflare
age
654
etag
W/"5b4e51d6-ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/svg+xml
access-control-allow-origin
*
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
cf-ray
6d2d92437cba3fcd-YYZ
pubads_impl_2022011002.js
securepubads.g.doubleclick.net/gpt/ 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 00:57:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121009
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Jan 2023 00:57:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		339 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mediafire.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
0ec47383b2dbdefc49b74d00351f225657afbbaf3946816fc05b78380ef67d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161
x-xss-protection
0
expires
Tue, 25 Jan 2022 01:01:37 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-829541-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2386
date
Tue, 25 Jan 2022 00:21:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 25 Jan 2022 02:21:51 GMT
AGSKWxWrsrekXCQ0s6UnmUBL3UiVGaGc5w3A6QZVSzQ9Y4ijwpmun5fOaftcWR0-1V0nCbVbTJW-jHjzsaJPc3e4cLE=
fundingchoicesmessages.google.com/el/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWrsrekXCQ0s6UnmUBL3UiVGaGc5w3A6QZVSzQ9Y4ijwpmun5fOaftcWR0-1V0nCbVbTJW-jHjzsaJPc3e4cLE=?pvid=E5437F01-A532-4206-A08B-F5927A2642C8&anonid=A82866FD-C302-4EA1-9E34-552F2AEE8156
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Je69o0mtxD8.es5.O/d=1/rs=AJlcJMytk5IxJSaSMUUAqg6yyPDqcW1E6w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-+fOSyuUgsiudez5T3ys59Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-+fOSyuUgsiudez5T3ys59Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-+fOSyuUgsiudez5T3ys59Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-+fOSyuUgsiudez5T3ys59Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWrsrekXCQ0s6UnmUBL3UiVGaGc5w3A6QZVSzQ9Y4ijwpmun5fOaftcWR0-1V0nCbVbTJW-jHjzsaJPc3e4cLE=
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWrsrekXCQ0s6UnmUBL3UiVGaGc5w3A6QZVSzQ9Y4ijwpmun5fOaftcWR0-1V0nCbVbTJW-jHjzsaJPc3e4cLE=?pvid=E5437F01-A532-4206-A08B-F5927A2642C8&anonid=A82866FD-C302-4EA1-9E34-552F2AEE8156
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Je69o0mtxD8.es5.O/d=1/rs=AJlcJMytk5IxJSaSMUUAqg6yyPDqcW1E6w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OXZnqGmd6kex4HbipEfsug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-OXZnqGmd6kex4HbipEfsug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-OXZnqGmd6kex4HbipEfsug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-OXZnqGmd6kex4HbipEfsug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUDf7AOZc_M7yTJPaLlMb0uEoqXBK3hQuVJ5HfrJy-1vTd03pUgjn3Ytv3hpGheMCPvjcP2ns-5W2QJ7oOid98=
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUDf7AOZc_M7yTJPaLlMb0uEoqXBK3hQuVJ5HfrJy-1vTd03pUgjn3Ytv3hpGheMCPvjcP2ns-5W2QJ7oOid98=?pvid=E5437F01-A532-4206-A08B-F5927A2642C8&anonid=A82866FD-C302-4EA1-9E34-552F2AEE8156
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Je69o0mtxD8.es5.O/d=1/rs=AJlcJMytk5IxJSaSMUUAqg6yyPDqcW1E6w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xS4OFb9T4V+IT2s+m9JH7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-xS4OFb9T4V+IT2s+m9JH7Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-xS4OFb9T4V+IT2s+m9JH7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-xS4OFb9T4V+IT2s+m9JH7Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVRdARCJCEtGLkiOWTqjQIDo72UY7lD4cJ-cvGGHF4JmK6JQjZB_rbd9Pyp-hyliNn1d02lbfmNA1fZbdnc-KU=
fundingchoicesmessages.google.com/f/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVRdARCJCEtGLkiOWTqjQIDo72UY7lD4cJ-cvGGHF4JmK6JQjZB_rbd9Pyp-hyliNn1d02lbfmNA1fZbdnc-KU=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzMDcyNDk3LDI5MjAwMDAwMF0sIkU1NDM3RjAxLUE1MzItNDIwNi1BMDhCLUY1OTI3QTI2NDJDOCIsIkE4Mjg2NkZELUMzMDItNEVBMS05RTM0LTU1MkYyQUVFODE1NiIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5tZWRpYWZpcmUuY29tL2ZpbGUva2NvbW43djdiZngwcjd6L01vYmlIb2stRnJlZS1Eb3dubG9hZC12Ni12NiwxLUNsZWFuLnJhci9maWxlIixudWxsLFtdXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Je69o0mtxD8.es5.O/d=1/rs=AJlcJMytk5IxJSaSMUUAqg6yyPDqcW1E6w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b9e44b7961ec5e28dc6d77d37bb4fc18823ec8eede632efae54487e9a19527a3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-B9SP+zdrnRAXwUVx7Lnhzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-B9SP+zdrnRAXwUVx7Lnhzg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-B9SP+zdrnRAXwUVx7Lnhzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-B9SP+zdrnRAXwUVx7Lnhzg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.Wro7p2VKbqA.O/d=1/rs=AN8SPfruXK5cFa3kuLTkXw2BSf29FqGdRQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 00:03:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
3496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 25 Jan 2022 01:03:21 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.Wro7p2VKbqA.O/am=AQ/d=1/exm=el_conf/ed=1/rs=AN8SPfqAYNmkUJzjXstNPz2FcO7yy73QRQ/ 		225 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.Wro7p2VKbqA.O/am=AQ/d=1/exm=el_conf/ed=1/rs=AN8SPfqAYNmkUJzjXstNPz2FcO7yy73QRQ/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.Wro7p2VKbqA.O/d=1/rs=AN8SPfruXK5cFa3kuLTkXw2BSf29FqGdRQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
771c0221504a9f74728817281e5003800cc6c2092d6de69e5dd6bc2758c4ca21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 22:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78666
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 22:11:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 22:03:21 GMT
v1
btlr.sharethrough.com/universal/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.124.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-124-21.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.mediafire.com
Date
Tue, 25 Jan 2022 01:01:37 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.124.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-124-21.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.mediafire.com
Date
Tue, 25 Jan 2022 01:01:37 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.124.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-124-21.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.mediafire.com
Date
Tue, 25 Jan 2022 01:01:37 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.124.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-124-21.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.mediafire.com
Date
Tue, 25 Jan 2022 01:01:37 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.124.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-124-21.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.mediafire.com
Date
Tue, 25 Jan 2022 01:01:37 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
arj
mediafire-d.openx.net/w/1.0/ 		52 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mediafire-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fkcomn7v7bfx0r7z%2FMobiHok-Free-Download-v6-v6%2C1-Clean.rar%2Ffile&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=65e6dcd4-6198-459f-95f2-acff8bcfbb2a%2C23ffb01e-0ddf-4b6f-a890-243286d512cc%2C5de8d896-a778-4dac-b265-55ab7e78d480%2Cc3051cff-d2a9-4fb2-beae-4f48833e2d23%2C56cd72a0-f60f-4808-ab75-f5992123525c&nocache=1643072497443&aus=728x90%7C336x280%2C300x250%7C336x280%2C300x250%7C728x90%7C728x90&divids=div-gpt-ad-1583943974201-0%2Cdiv-gpt-ad-1583943910909-0%2Cdiv-gpt-ad-1583943842379-0%2Cdiv-gpt-ad-1583943738910-0%2Cdiv-gpt-ad-1573581836508-0&aucs=div-gpt-ad-1583943974201-0%2Cdiv-gpt-ad-1583943910909-0%2Cdiv-gpt-ad-1583943842379-0%2Cdiv-gpt-ad-1583943738910-0%2Cdiv-gpt-ad-1573581836508-0&auid=539074863%2C539074864%2C539074865%2C539074866%2C539074866
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
397291ff5a0d91671db16bb187479b58994851ba738cf4a1943879b9b5174f3f

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.mediafire.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11035
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ad6ed2710d6e44ce6b19f55d0f0830572c34517725b2b4e38cf363aedbccef05

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mediafire.com
date
Tue, 25 Jan 2022 01:01:36 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
prebid
prebid.media.net/rtb/ 		26 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO2689O
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7f5b4871b7127b7f7687c9d07d8c19b0c6d621c06377499407f2c4965d435fe7

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
v1
dmx.districtm.io/b/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.mediafire.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d2d92457854334e-EWR
access-control-allow-headers
origin, content-type
prebid-request
onetag-sys.com/ 		15 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.mediafire.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
c.adsco.re/ 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: cdn.otnolatrnup.com
URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
5035492
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6d2d92479ba7ece2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 25 Feb 2022 01:01:37 GMT
pxusr.gif
c.aaxads.com/ 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/pxusr.gif
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.97.113.145 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-97-113-145.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
last-modified
Mon, 26 Feb 2018 13:29:58 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/gif
cache-control
max-age=403260
accept-ranges
bytes
content-length
43
expires
Sat, 29 Jan 2022 17:02:37 GMT
pxext.gif
www.aaxdetect.com/ 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaxdetect.com/pxext.gif
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.91.106.207 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-106-207.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 01:01:37 GMT
Last-Modified
Mon, 26 Feb 2018 13:29:58 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=435340
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sun, 30 Jan 2022 01:57:17 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1500694061&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fkcomn7v7bfx0r7z%2FMobiHok-Free-Download-v6-v6%2C1-Clean.rar%2Ffile&ul=en-us&de=UTF-8&dt=MobiHok-Free-Download-v6-v6%2C1-Clean&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1342506769&gjid=518940719&cid=1164219392.1643072498&tid=UA-829541-1&_gid=183648250.1643072498&_r=1&gtm=2ou1o0&cd1=unregistered&cd7=legacy&cd3=archive&cd4=34&cd5=rar&cd8=%2F100%2F&z=2095312689
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxVudzuF4te4gnVdZXiMUllD7YBlNJJlr5dSKos_5cCb4675CfXvQzhIezBH0OvaWa-LfMV8i0Pk-uA4_TekBX9RF_sHpBrFFWHfck4lIUlIRELIYz8iQinUGPY8NR2InOrVaNs-KjO3Utv-8Mw4M2I_dte_pPlZV01FMmLAhAPCYqigjk_2QNlfk_-Q
fundingchoicesmessages.google.com/el/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVudzuF4te4gnVdZXiMUllD7YBlNJJlr5dSKos_5cCb4675CfXvQzhIezBH0OvaWa-LfMV8i0Pk-uA4_TekBX9RF_sHpBrFFWHfck4lIUlIRELIYz8iQinUGPY8NR2InOrVaNs-KjO3Utv-8Mw4M2I_dte_pPlZV01FMmLAhAPCYqigjk_2QNlfk_-Q?pvid=E5437F01-A532-4206-A08B-F5927A2642C8&anonid=A82866FD-C302-4EA1-9E34-552F2AEE8156
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Je69o0mtxD8.es5.O/d=1/exm=kernel_loader/rs=AJlcJMytk5IxJSaSMUUAqg6yyPDqcW1E6w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h2aRw8LGs9+Q4VGHcyZG5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-h2aRw8LGs9+Q4VGHcyZG5g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-h2aRw8LGs9+Q4VGHcyZG5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-h2aRw8LGs9+Q4VGHcyZG5g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVudzuF4te4gnVdZXiMUllD7YBlNJJlr5dSKos_5cCb4675CfXvQzhIezBH0OvaWa-LfMV8i0Pk-uA4_TekBX9RF_sHpBrFFWHfck4lIUlIRELIYz8iQinUGPY8NR2InOrVaNs-KjO3Utv-8Mw4M2I_dte_pPlZV01FMmLAhAPCYqigjk_2QNlfk_-Q
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVudzuF4te4gnVdZXiMUllD7YBlNJJlr5dSKos_5cCb4675CfXvQzhIezBH0OvaWa-LfMV8i0Pk-uA4_TekBX9RF_sHpBrFFWHfck4lIUlIRELIYz8iQinUGPY8NR2InOrVaNs-KjO3Utv-8Mw4M2I_dte_pPlZV01FMmLAhAPCYqigjk_2QNlfk_-Q?pvid=E5437F01-A532-4206-A08B-F5927A2642C8&anonid=A82866FD-C302-4EA1-9E34-552F2AEE8156
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Je69o0mtxD8.es5.O/d=1/exm=kernel_loader/rs=AJlcJMytk5IxJSaSMUUAqg6yyPDqcW1E6w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fYvapgpfsPb0a0S8aXOslA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-fYvapgpfsPb0a0S8aXOslA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fYvapgpfsPb0a0S8aXOslA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-fYvapgpfsPb0a0S8aXOslA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 11:17:53 GMT
x-content-type-options
nosniff
age
135824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
846
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 23 Jan 2023 11:17:53 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 02:49:03 GMT
x-content-type-options
nosniff
age
166354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
910
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 23 Jan 2023 02:49:03 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 02:54:58 GMT
x-content-type-options
nosniff
age
79599
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 24 Jan 2023 02:54:58 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-829541-1&cid=1164219392.1643072498&jid=1342506769&gjid=518940719&_gid=183648250.1643072498&_u=YEBAAUAAAAAAAC~&z=1969059959
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::9c Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 25 Jan 2022 01:01:37 GMT
content-type
text/plain
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mediafire.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1142847526655018&correlator=1748659501608025&output=ldjh&impl=fifs&vrg=2022011002&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=183096492%2CMediaFire-Zone1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=buildnumber%3D121858%26dladtemplate%3D34%26button_delay%3Ddisabled%26hb_highestbidder%3Dnone%26hb_highestbid%3D0.00&eri=5&cookie_enabled=1&bc=31&abxe=1&dt=1643072497760&dlt=1643072496974&idt=554&frm=20&biw=1600&bih=1200&oid=2&adxs=552&adys=10&adks=630197753&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fkcomn7v7bfx0r7z%2FMobiHok-Free-Download-v6-v6%2C1-Clean.rar%2Ffile&vis=1&scr_x=0&scr_y=0&psz=960x1500&msz=728x-1&ga_vid=1164219392.1643072498&ga_sid=1643072498&ga_hid=1500694061&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
b8ab09d4e27b389027f1bc776befc8a0906746972d6017e075391d3c6292af01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7907
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1142847526655018&correlator=711165127973850&output=ldjh&impl=fifs&vrg=2022011002&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=183096492%2CMediaFire-Zone2&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&prev_scp=buildnumber%3D121858%26dladtemplate%3D34%26button_delay%3Ddisabled%26hb_format_openx%3Dbanner%26hb_size_openx%3D300x250%26hb_pb_openx%3D0.05%26hb_adid_openx%3D414da77befefdae%26hb_bidder_openx%3Dopenx%26hb_format_medianet%3Dbanner%26hb_size_medianet%3D300x250%26hb_pb_medianet%3D0.10%26hb_adid_medianet%3D394937ee94fad8%26hb_bidder_medianet%3Dmedianet%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D336x280%26hb_pb_pubmatic%3D0.25%26hb_adid_pubmatic%3D37370a34df9a76b%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D336x280%26hb_pb%3D0.25%26hb_adid%3D37370a34df9a76b%26hb_bidder%3Dpubmatic%26hb_highestbidder%3Dpubmatic%26hb_highestbid%3D0.25&eri=5&cookie_enabled=1&bc=31&abxe=1&dt=1643072497770&dlt=1643072496974&idt=554&frm=20&biw=1600&bih=1200&oid=2&adxs=320&adys=120&adks=3841872593&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fkcomn7v7bfx0r7z%2FMobiHok-Free-Download-v6-v6%2C1-Clean.rar%2Ffile&vis=1&scr_x=0&scr_y=0&psz=960x1500&msz=336x-1&ga_vid=1164219392.1643072498&ga_sid=1643072498&ga_hid=1500694061&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
db8cd6869bb01edb47b5de6b8665c2464f7a793508a45944d2911498f70b85c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7923
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1142847526655018&correlator=2079149235939047&output=ldjh&impl=fifs&vrg=2022011002&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=183096492%2CMediaFire-Zone3&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&prev_scp=buildnumber%3D121858%26dladtemplate%3D34%26button_delay%3Ddisabled%26hb_format_openx%3Dbanner%26hb_size_openx%3D300x250%26hb_pb_openx%3D0.10%26hb_adid_openx%3D420da86166d0c1c%26hb_bidder_openx%3Dopenx%26hb_format_medianet%3Dbanner%26hb_size_medianet%3D300x250%26hb_pb_medianet%3D0.05%26hb_adid_medianet%3D40f367251c20858%26hb_bidder_medianet%3Dmedianet%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D336x280%26hb_pb_pubmatic%3D0.35%26hb_adid_pubmatic%3D383440b7e09848e%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D336x280%26hb_pb%3D0.35%26hb_adid%3D383440b7e09848e%26hb_bidder%3Dpubmatic%26hb_highestbidder%3Dpubmatic%26hb_highestbid%3D0.35&eri=5&cookie_enabled=1&bc=31&abxe=1&dt=1643072497773&dlt=1643072496974&idt=554&frm=20&biw=1600&bih=1200&oid=2&adxs=320&adys=420&adks=1870779098&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fkcomn7v7bfx0r7z%2FMobiHok-Free-Download-v6-v6%2C1-Clean.rar%2Ffile&vis=1&scr_x=0&scr_y=0&psz=960x1500&msz=336x-1&ga_vid=1164219392.1643072498&ga_sid=1643072498&ga_hid=1500694061&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
bc3577940a2ea0e607e8cbd55536c356c23ece175c027fc9bddd448d10542d56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7783
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 953C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 25 Jan 2022 01:01:37 GMT
expires
Wed, 25 Jan 2023 01:01:37 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
supportedLanguages
translate-pa.googleapis.com/v1/ Frame 2962 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=en-US&key=AIzaSyBwiZMnpJaVvcWHlTAcFdNmtrJb_P4aLXc&callback=callback
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ecae715341645fcb5a95f62c8d6a32f2b8b9e5a3bae5d3430f7d261f0e029cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
text/javascript; charset=UTF-8
vary
Origin, X-Origin, Referer
content-length
1207
x-xss-protection
0
expires
Tue, 25 Jan 2022 01:01:37 GMT
log
l3.aaxads.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dgw=desktop&flg=AAX3221EY&fw=MONTREAL&ff=CA&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=mediafire.com&vhuyqdph=ssp-serving-6c996656dc-p2m6q&vyu=011911_318_012411_282_ssp&vf=QC&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001643072497578025035145559732&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=3&dgeg=0&qsd=0&jgsu=0&fvvwu=&wfi_fps=300&wfi_vwdwxv=loaded&wfi_sus=0000--0--0&vxf=0&wfi_dsl=1&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=1---&xifd=0&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_delay400&deg=2&gvwduw=43&ghqg=240&uhtxuo=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fkcomn7v7bfx0r7z%2FMobiHok-Free-Download-v6-v6%2C1-Clean.rar%2Ffile&nzui=
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.97.113.145 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-97-113-145.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:37 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 25 Jan 2022 01:01:37 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-829541-1&cid=1164219392.1643072498&jid=1342506769&_u=YEBAAUAAAAAAAC~&z=1920053299
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-829541-1&cid=1164219392.1643072498&jid=1342506769&_u=YEBAAUAAAAAAAC~&z=1920053299
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
6.adsco.re/ 		0
103 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediafire.com/
Origin
https://www.mediafire.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.mediafire.com
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6d2d92482e4e7138-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
4.adsco.re/ 		0
464 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediafire.com/
Origin
https://www.mediafire.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 01:01:38 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://www.mediafire.com
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
p
adsco.re/ 		0
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 25 Jan 2022 01:01:38 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK nyc224
Access-Control-Allow-Origin
https://www.mediafire.com
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
4.adsco.re/ 		47 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
713b207214d5d6b43b60c0ddfa6ed0bbeac7ed114a75920591facfffc57e4ad0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 01:01:38 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://www.mediafire.com
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/ 		54 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5916bff90aaf09e8c6d3779bbca63db25278a56ad75afb7c0351c67798048481

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.mediafire.com
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6d2d92482e497138-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
jpb4huqkvfk7.l4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jpb4huqkvfk7.l4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 25 Jan 2022 01:01:38 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
jpb4huqkvfk7.n4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jpb4huqkvfk7.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 25 Jan 2022 01:01:37 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
jpb4huqkvfk7.s4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jpb4huqkvfk7.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 25 Jan 2022 01:01:39 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame E019 		62 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/

Response headers

date
Tue, 25 Jan 2022 01:01:37 GMT
content-type
text/html
cache-control
public, max-age=2678400
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
expires
Fri, 25 Feb 2022 01:01:37 GMT
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
cf-cache-status
HIT
age
5035492
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6d2d92485ec7714a-YUL
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
6.adsco.re/ Frame E019 		0
0
/
4.adsco.re/ Frame E019 		0
0
/
c.adsco.re/ Frame E019 		61 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:38 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
5035493
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6d2d92496fe3714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 25 Feb 2022 01:01:38 GMT
container.html
d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FCB0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 25 Jan 2022 01:01:37 GMT
expires
Wed, 25 Jan 2023 01:01:37 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mediafire.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 01:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1142847526655018&correlator=3328798380196445&output=ldjh&impl=fifs&vrg=2022011002&ptt=17&gdpr=0&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=183096492%2CMediaFire-Zone4&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=buildnumber%3D121858%26dladtemplate%3D34%26button_delay%3Ddisabled%26hb_highestbidder%3Dnone%26hb_highestbid%3D0.00&eri=5&cookie=ID%3Dc9e28495bbbaf22e-22c3cef4af7b008f%3AT%3D1643072497%3AS%3DALNI_Mb6D4EVFXb3AoavvR8v4Jd9m8Hd5w&bc=31&abxe=1&dt=1643072498168&dlt=1643072496974&idt=554&frm=20&biw=1600&bih=1200&oid=2&adxs=430&adys=1095&adks=215913335&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fkcomn7v7bfx0r7z%2FMobiHok-Free-Download-v6-v6%2C1-Clean.rar%2Ffile&vis=1&scr_x=0&scr_y=0&psz=960x1500&msz=728x-1&ga_vid=1164219392.1643072498&ga_sid=1643072498&ga_hid=1500694061&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
76c3e086b35b8390e03906dfa7e5d9ca47d95ca6ad0be740779b3d922b6f89ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9040
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5C25 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 25 Jan 2022 01:01:37 GMT
expires
Wed, 25 Jan 2023 01:01:37 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame C4E8 		645 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNV3JmHNDprY56OpkJ0LBAzaXVrFSX1pyFPrG930p9IXBtnAvepC_C4SBcaoJ4EsdbOWIX_jHuxsXWq1-23Y_Znivgrc06vds2unUMzGBxxIcoOPEUE
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 25 Jan 2022 01:01:38 GMT
server
cafe
cache-control
private
content-length
285
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 25 Jan 2022 01:01:38 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FCB0 		71 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXzlFyGVrigqDmhRSzSGyWnWzT9JG84W0JDIHeyojnwq6TKfMwtiR0hk1K-zeDePZD00rGbI0vKvDhiXUXsSizjjoElUXWEoXyt0cL-beodXHt3-7ZyeJgb3QPrKX023wv20tq2lUpdcNF2RQWEArAqF0UnQ&dbm_d=AKAmf-ASNj9LeHNmKViuiwmwIGv6eyWSEg3vwmcodA5ydAR7RQg2bhB-1ELx_OqWrGT_Z7qMq_bh84Zlgm1TBtwNuhimwftY-6vgHAFeCuBuC8UvGFwdOw0bDnFzIpANIpORZiKQ2HiQXtd48ZqZLu4A52BPGaMjDGzueUMxeLUeaPdeAeuLt2NTgxa8AFSipbAlGkzQzAU49BIzzVDb7NIX_EvVSKUAEnRCv7c6DtLZAQIpe2eATGe5cpbE5yDgNbuoImCV7eYCqMG6PzR6luIiUvT2IcymcndSRwf8CQMKKUI0x0DBiGHIyTK-zrCeCySyZMsCfXu8hxlJTisNWmSLEeVnm3GGnIeZkFVqy488_Q6vrurKFjXXyM0qFk6TDPavZ5mFrVrc80-XXb68Mx7HFLer8q_FQ9YZtBmzo4OxKFKfHDyh_Zf1A5-BRqgyTwNmyt5NoUpdQZ96FiIv0ir1_EIZegPxBOS_8rY9mkqzAJbRzz55quI5x6d3T4s987yBlrrpjYdQC2S8IiuDiEQXm8MYoQn7PKoEHPRg-L_S-T8LjWxMXDcFl5wI7-S3rqmalxO197pLyloMAyAzxTFpcsdZvdaxKex4LHXYOeuch13shU4E8SdDE15ODBAsynHHRbodfLLhN8sgqR--Efqt_et5AP-7R9EZPUhPv75pTq0P_igcmnUo73uIwLQ1k-imWHMY9FOJ4vSN6DY6mG_kNMjrpXSkAdi_zFKWQVjJB-p15FykUiOswZXf0KneZkP2ro8QchvFkNLLt-KlfYdBSXat3AyMlcd_Tlc1tM3apocmP5VqgTCkd2wVNFE1QAwwnIqVNwVOCHLhnyI1w5yXoYkejQ9kPUK9C_1_613-onls3g6U15pQbT6Tryv51it81Gf_pmL41LRmewXOy5E9_70CBQU5GRtbxLBWJCcd20FUYInbHLLBXsZ1aQgvDMCVFzdluA_L7FoOTnsqk4TUNEP1O19pvZiOyjTs5AJWQLLvqL-nO9MNOPVWBJxYMMZ3TeD3EOJP3OT3n5AFfIaVDTyXb8Ge8Gt1ca0XB69gde-PThaDwu70sGw6tFZjo1bUZUVhS36EYHRsbQtOIVYYeusuTyzLPeTpWA0_nmpt5y6QiFNhSeIDW9yNZETSu9kyXZuDb_T1nEznBRtKqpQjC_m7R1BNnaL0wg8G-R-8NSNLAp7I3dQfDCmwfrhuBxUdbc08oXhauJQoej4ZsqM-zg8EfEp8ai6SVzlXN5khn-LCZENxVKva40PiafthoCER80QUqaWEVD1Q3UltgAtw1d1IJpMopZRctual5x02iQiFcudegYLDqYINPSzbFVu-9NODLFQ_iYxqVb8lE4rDBnlt1LfuNHHd2re7z-GbaaXCYp-GJXoPduV7-cuOJpTa8f-wEe9exGkmP7toLQMigc_or-WB8mFJ3U2AF65Uj1AjUCym4nOYj_sGRpEgroOavEgkOfaGY7Z-QEg5DksYr-75JHOPxPUlQxuJ2yEzEEFD9z6f6nP4ex9GG_MKujeLVZfaiQzWlSaRAwCEPPCDLQeGvWGbVIKhvyERh8C8XWIb8Ht30k0vcbCzzjWnsSidIPbWMQOcAuNXXWAkopIMdjxsNYDw-xsYkP63fKiZAAdPJnwgfuE9Re1YUPV7Ha4NqNAxcwRLfYZaKwrQwDQbESSTxbwDQJLYpUMijM6Bu-VElYr9OSiDA-R1OpEa9k8AzqFaOGMWUxf4HFfje4eefbDWItlViWKUFNBO460qW1k715htzI-iejITyzu9PlTYanLmD9LB5GzcZLyqcUmyoaIaWY5bChRxOWyOxnmSlQFG0zdD3e64jNc_LYDISWc8RvW2uGukN5bJ_Y52LvHFW5EAHRA7L7ClXDlOCEr6vF08CKtwa0Nse04vwUiIkvqq0OQHpsNHsKiHhzdH2vx5NS3WXtsq29UOupZfRGHflPs2NUSWuWUVQKF4aZzo_Dt3mKaOhuTmpDq9gOoJGJa4i_vD7liaXBcm7DILkgXllSOJp2qnO78QG76jgivHTQ_ckckIr5h5Wq9Tyj2o7Ws76Tw4NsoPA_hBa3BFswHgWGqW_Nf5HbpiZq1xaPyNk1H4B3nONvpQKeD8CAJhn5zdlwzBHTKcIkY5mqhTMrwd6FG94bj3r6uW4B_tSjs--r0PmLtZSJgYevkE1D3M-moCMfTwl-tMJ8-k5y3BpW8ntKSVRbcVlofUQobkRzYC43pr7BqzMBglBJT2_Lc6jfnWPj1qCnmwUw55aNq9-zGICJpEVBG9N1DpgtU0SSR5rYVFHbhgD7bHQ-Q89iN3AB5IDqrdRBSfWKR5YgWPi-M1Z7E26khE2faleckhUBGDJcQ9RVFuovjrCM_xjz2NjDFymDvkkjXa6UMuG3NQL88SPrvssXm3FgnM1vvZJsHjv9QSOJFlAwgDLllctQL7z-SSUiNidUcUpf9lT5BSgGbSWBttCtHRii2t2IwSYKns-_CPB63JQk5wJ8kBj7nxbaMvKszUnKYqiUzWbOEW2mlY-3QBLt90brra_lKX0FQ1H5k4F4rO1cloujaC1nDjXC-CiPvEsKdxqHDZyqxll9yOxnXaVkIJsw9ecquMly9dkJmwK7TeUJdWjhxo7WK1btJrKT8MvYPqVGc8ZYEPGNQgpRdxpAmls427KXRu8ULNwLz9Ju_g6biSwqGCOCXUq8Rsoa4Y0s1B2S2IPdFiZ3VrV904J_yrYtwJjGMz-BACqu00W8kww0SBoyIEemMIyBPDoGQr2NMp0Vac2kgsaQNHwKCrooAQTZGbjmE8rEU9dqDVUhAEYMdw-U-ENrsNRrkdYAMgxHHC-3CFLyITUlhgmFnJfiykFEktv6uPrRg_wPaPxuNQhQgrMlmao32Bh2jj2WJnjiiwyIhkE7d0iWpTQWeGl5tRo4U9efCZj67fBRDFXvGxoaEAmtyFHqn1g4fC74ZXxKKTs5drs4f_jgp-UBGN-CI3AZFqcUqN536xwmleccQsrPjV468er_6nHneGv18IvxFvU8Q1S54jyqH8OiAq3CHroxGWLAoqTcJ1X8V-C7WL5yN5c38I32PD9weGMY8KkcWajBaJQLiceJB2z_NLfvKmyTf4gZAgKNDoYvA6n6AjTAp3SZrvgIkke41-xjSNis6g3F1Xn7NA46RstSFOgWq3WQvt_nq2Rwg6Y9KuRq0KFlPIPxetqQUKPhZ-iOGtWqwrP35RbJBf9DLZ_3MS6bxsDh8uDRH50yms3fvqZdN-S6qZ&cid=CAASFeRoe91uUPmRio3O-OzMIwr925Jnrw&rfl=1%2Chttps%253A%252F%252Fwww.mediafire.com%252F%240
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ada0f58395dc268986c32e5e5348608b43f61564220b6ac70a5df5bc050f84d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30616
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FCB0 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-PDwVgrygGPrb3IF-TlwzPxQj71ERe-zTlWPKZqTXxMIkxIFZJd4urSxZFU5ezhOhMJTpMb2_C2inZQ3y7rr2PA_bLLjyJ3f1PafMrjUmqcK8bf4
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame FCB0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 01:01:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame FCB0 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 01:00:37 GMT
l
www.google.com/ads/measurement/ Frame FCB0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiWwmmUo0c5uqkArpYqacEca1L8nTNltWyLHPYKO2m6sqC90Xf3xigudyznCHuCcJrNUqU2MGi-mNw4qnXG6rfrHc9rA
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FCB0 		122 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Jan 2022 01:01:38 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3D19 		645 B
984 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUY_oOBmAEwAQ&v=APEucNVxA9HSvGsAgOR4u64Njsg3sVTfDDpGNPKcqhF4dAnrrQleLwo4Cs7OoylBHYmcL8Ft6xqqZLRhpK5qgUsYeGuDtSrQyDRawxCVu_rym-OVk-PKS0o
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 25 Jan 2022 01:01:38 GMT
server
cafe
cache-control
private
content-length
285
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 25 Jan 2022 01:01:38 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5C25 		71 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Az_oOSpcYIOhL6kVDwfKHiUDV9ZSjgx2a1cau_Z5e1xCFM1sQ7n1reEz4aNJHslmJIkiTdISpWXu-ijvPanXF3UHfZIPnO-THCu-pP1SolEm9YPoyY6BQjmCW5dYTD0kth9YsJZif3lMwlvOt1hmLx4-La4g&dbm_d=AKAmf-BL_E83MnBi4gHZSzC5P6ZfdzXltQRFFxzT5tz08Yp2UvqMohAX5p-xuWNAz02IxRjy3GRbVK14ShWL7ka9rfWJ-ivv9XANV7VKok2-xl92RmMo2WFfEI19aY5tpvY_GFu4E_DTww8L2qFfjMmD3Zx6QhW9oywn8tutYkwJFigRXrHk7N6NSH610FtGrrUyOvhkUf2vr5i5Fg963_v71HGwqWQPACwKkGg9ozfC5ZyIISzZrMoe5S_vvYhkR9yKfoaBgB0dlf3-RY3xqb-O-t2aupxOjkZbadogzfeMdr6c9v4P4kEVDmwejR42Oxr5mvzmypky6dBfRCQBhlSKrU9ilwjk2m5XDbhfg2kVbd2_vAeJdHxFLEWk5pcPmnBOOjhEv8Dz2OIDt44cdECtPOHZz3srme8s6unXec8JA4_YqZSqShWT2JcFgdHPV19vnl2orVQqIpBuvvNvpJnLkKHHQk3ru9rJFaltY9LY4m-Td4aHbziVkMSIlBn2mBg6cW4GezkSPWyalSSWCRt86-1grtibVLupqd5397gji2_lTsIU2pZY5TuKWuSQQyJxzXFO_j6sAOWprKDoAlsqPLEt5_2cAMByB8aeEX0B2diQvipTtWeSWywyPJJOgZpBMJ9Fvd3dks8ljHugyJ3nooKHsmkSAZMRGEk0m5UDFhybtCa3CdTyKzxcr4crArOVpTkFkwhN0TVY92StdPckVZ7PM6imU5gkpvN0c0jw9rvlpFjD5eRUfIUIh3LtPyuoweMafOzOq80TjBVJ5hlGe9mreAhmc3YN_18DtFn6CLl0LsEHrwNm_vkvZBWa2Lu9S0xtQx4FvROeNbGH-bAJfnMuo8pYRuzM9jzabBIulskIc_uuNqD8EyIIzosLAlNCc1qCiR30rKQ11ZK5WOWR7HMU1Avh0OUuA2-CZECq41ZP9ecKwixtuOFf6YtXqpAajCa5SjR9Y1uJwBq1bsJgVxB1EG84olcQRV6Eu2KlXAg36-fQbDLZz1P3dVPmWhkHMkOFtZZuNktmESi_G-jjhJXR7NplB3WYg1jvjomobCD8OM_ccyLGYMpNM3zm9GObioxqCJ05t_MoZws1KZoxfUIfKW0lejXqCf7uJdKbyYdnTkDewKj9hYO1CYrmUsEv0lgGJKy3C43J3H34vQist8CCk6ZGPyRVJV39Rgmit27buTMbDe43oL2YRuIRmzVSEnCNbPkmLffzACOOFjg9yMwgH7YzZZY8xcSKwYCSZ3AN1a19TvmFAT4iEs0DFkU1OeB06bT4CnFzOSnN8cBv1Rm90BqabMZIafECz463OZQo5U5HwO_DxK_T1aU_BLmznGk3Ccw4HWe3pNcQ-EvhHJH9Ro502abRu6pmUFsA__OMPhH7HdLRy2nsuU-SQGNIs-RZd9eeWjUYNnEMAfT9tMnhCdVP_XScMY0EknrRY9fOeoIcJgsCi0jHauQQuL6J_chR3oFGmiEBbZ4cK5X2aHgeEuY7gDKVZB3suD1Ypfok-AC65V88pD2JykWlxCJfv0JDw2r0OMFbUNB845FFt7uYF4v6SpxYu5JPEo3sUpPyr9xfTYtrpT7wIITEIF2hqYwxzPQYcHVIfqpdlsCKQdcCKD7tpV0ciGdLkChLt50oVDOba5W1_3fuxteqlvEcKIQrMJLKUkwDqHXVA7sIhoqc1PRH-ZZJ_0GNDvsE4fVwFHdPLN1DAX3rMN2EKKOSAPxAYn5SPHNoUF7yhJQpkp1kZ1P9WjKcqa-BmcbTjuwgcdWnDoR6FLdcsPu26n8JnC9AFu_UwPDUiXcJPIcbyYr4yZd4sfDOb-dkT_Ro78pU-uEbw1xPClz355QjQ9NHUPQew4HscrAYFPG3p3aBth8AOBWqo6JPS0peQQkhFeQM7VrHUCjrZKgQDmB43mVQH4ZKHL1uI3AYU47cp0dUAxH26I69U0NWaKEDvQ5Mdl1eaMcRYbJ2fAwJfUGvZWB4EN1nmdbGQ8Zixpb66Bji0wDDinWHfoKL9vfgkpq-KQuBprp8DRJVOTHuJUXSF0PvaFvDA84oAufAH-4qmZalKarO-DgqNPnKavxHyHqwIfj7M_vFCgbgTdvKao3A_eRA5cPThgROrFVhnIhH_qMoAF3-wvPQImvEk08gLvvyGVwK5_NcjZDlepvCLg2bDLJPzP6mJbB7wawbyf3RsF8r4LEnTKQA9OR-3O1Ij09odMVday0m15vth0K_OF5bdkwktrWDbDK6PcegOoG6QC6MUwsGKzoTvaDvSmvyFmP2Juu_N8U2Ka-3haHtiYsoYkitTvZHp3QRutZkzKGX4-7CsE7lrNZ-H8H3_Xw9mm2czTt4a_zsHsDtZMvOF3ULpwhEmBQI9S5Mp7pR4jcXvAgFjbTEBdw38gPWpJ4UhsHATS4cIKcqyhSSmApfPy723PQxqiweDqAPfoN72i_AVYp4AJbBm934WOptvk627n3xR5bExw3MctKURjFdR9nkKalD4frR5E7tYbQBOI74vAlg4Zgm7m6njMe6_EZePN-pe0cb3ZTo3h0XUwjGFgNNC27TgHLLFV9C4M_obI0TKkpQBR3qKN3PT6mcDiP-Z7Zwl67fkDn-7UwNabnJI5oD3a0eMvsOa3fVbo8gtFWFFLGijhu6aRw5QaoBwlqBGeK1u_Zm8Qh7suF-68LnSwKBrPxcoib9vQJoOOeQlY53plmrSYy4tO9Q7OHhqzsRr2LUv2AbXzvbq-R9Buxe_KwjQMgyz-aQumklva0YYeoaBdlZsZsWNmSwaqW9QwTRyB_NbPnmxau6FxuV72XU92_w_-u_RrChXg5_AQMJZSnJwOXxg3kthAgqemg0YdJRkJYkMbUqLDA7I7Ip98jkvwObTDODJdxvHI2Tv-sFA17dl7NuGEPkQ8sgbb6OUssvocjtETvH_RpE5ROCrEHO5r0RPnFS9rBqoFArsGUftKge9cCTv-bb7sJIraDcdE8VR8B0blsn96qKHLu7Brh2C7Di03TxmBQBjC5ELtlGGp6m1UPWqdkuK3y5gDfcJI9i2yfHyqJ5x7gddl5GSiO6DKl7_mMnAzBgc-rAEVVeTAVf8ofb_tZzzzL7Jmx0p0sEA45hQ0H1boNqVl2ZI3aokGZM_gNd8bM6m5Z789CmsP_LLVhk_7ab7vD31xE7_18rUp-y52L1r1CA7VGnCL4NnENxQUEoFWHvZCIE3fHTb2J5dSIsGLuGrm6LfEW6XK3UnV9vERjpZFZxW0WkERrDym5_R9IiZZiYEoo5&cid=CAASFeRoQxDF63WoS3qfHrANh4p1ADGZvw&rfl=1%2Chttps%253A%252F%252Fwww.mediafire.com%252F%240
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d60dac57a96d305da74aef56f2a2a4359bbaacc3433b21541cbe00e8029e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30697
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C25 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AfMn3CIYEaP4oElXkpCoUSq77xSwQxgMdFnwZABVYtjqP8pz6NVSSNePJ7imMd9m-v1pej2_8D1LMQGt8YHT07UKcl8X5jo4_vUj9Xp75itRG9Hm0
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 5C25 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 01:01:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 5C25 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 01:00:37 GMT
l
www.google.com/ads/measurement/ Frame 5C25 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTeB73ls6eMunJotBarPuike7sEHsR4v2zQ8ILILBvsdIIoIeLapZYJhneH4nG9U9ebEQKplfdaSBWMU-GvIEJfmbqarA
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5C25 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Jan 2022 01:01:38 GMT
rum
dsum-sec.casalemedia.com/ Frame 3D19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPmUGLXavf6Q8SKU_MzY1Po&google_cver=1&gdpr=0
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPmUGLXavf6Q8SKU_MzY1Po&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUY_oOBmAEwAQ&v=APEucNVxA9HSvGsAgOR4u64Njsg3sVTfDDpGNPKcqhF4dAnrrQleLwo4Cs7OoylBHYmcL8Ft6xqqZLRhpK5qgUsYeGuDtSrQyDRawxCVu_rym-OVk-PKS0o
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 01:01:38 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPmUGLXavf6Q8SKU_MzY1Po&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3D19
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ye9L8vEu.ZucI7-t1oyNigAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvTT6225_ox-JRow5IEzbw&google_cver=1&google_hm=2
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvTT6225_ox-JRow5IEzbw&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUY_oOBmAEwAQ&v=APEucNVxA9HSvGsAgOR4u64Njsg3sVTfDDpGNPKcqhF4dAnrrQleLwo4Cs7OoylBHYmcL8Ft6xqqZLRhpK5qgUsYeGuDtSrQyDRawxCVu_rym-OVk-PKS0o
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 01:01:38 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvTT6225_ox-JRow5IEzbw&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 3D19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEY6J0a9W8gyP69x2l4-f6c&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEY6J0a9W8gyP69x2l4-f6c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUY_oOBmAEwAQ&v=APEucNVxA9HSvGsAgOR4u64Njsg3sVTfDDpGNPKcqhF4dAnrrQleLwo4Cs7OoylBHYmcL8Ft6xqqZLRhpK5qgUsYeGuDtSrQyDRawxCVu_rym-OVk-PKS0o
Protocol
HTTP/1.1
Server
68.67.181.202 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:38 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
c0e50d6a-d23a-483a-ac8b-5612fe1de4f5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEY6J0a9W8gyP69x2l4-f6c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3D19
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUY_oOBmAEwAQ&v=APEucNVxA9HSvGsAgOR4u64Njsg3sVTfDDpGNPKcqhF4dAnrrQleLwo4Cs7OoylBHYmcL8Ft6xqqZLRhpK5qgUsYeGuDtSrQyDRawxCVu_rym-OVk-PKS0o
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:38 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
d565404e-e566-4665-8baf-2b8739e4d345
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C4E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPmUGLXavf6Q8SKU_MzY1Po&google_cver=1&gdpr=0
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPmUGLXavf6Q8SKU_MzY1Po&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNV3JmHNDprY56OpkJ0LBAzaXVrFSX1pyFPrG930p9IXBtnAvepC_C4SBcaoJ4EsdbOWIX_jHuxsXWq1-23Y_Znivgrc06vds2unUMzGBxxIcoOPEUE
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 01:01:38 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPmUGLXavf6Q8SKU_MzY1Po&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C4E8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ye9L8vEu.ZucI7-t1oyNigAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvTT6225_ox-JRow5IEzbw&google_cver=1&google_hm=2
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvTT6225_ox-JRow5IEzbw&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNV3JmHNDprY56OpkJ0LBAzaXVrFSX1pyFPrG930p9IXBtnAvepC_C4SBcaoJ4EsdbOWIX_jHuxsXWq1-23Y_Znivgrc06vds2unUMzGBxxIcoOPEUE
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 01:01:38 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvTT6225_ox-JRow5IEzbw&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C4E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEY6J0a9W8gyP69x2l4-f6c&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEY6J0a9W8gyP69x2l4-f6c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNV3JmHNDprY56OpkJ0LBAzaXVrFSX1pyFPrG930p9IXBtnAvepC_C4SBcaoJ4EsdbOWIX_jHuxsXWq1-23Y_Znivgrc06vds2unUMzGBxxIcoOPEUE
Protocol
HTTP/1.1
Server
68.67.181.202 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:38 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
c950b05b-cf1e-460c-aa5c-11cbb34693d1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEY6J0a9W8gyP69x2l4-f6c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C4E8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNV3JmHNDprY56OpkJ0LBAzaXVrFSX1pyFPrG930p9IXBtnAvepC_C4SBcaoJ4EsdbOWIX_jHuxsXWq1-23Y_Znivgrc06vds2unUMzGBxxIcoOPEUE
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:38 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
6a6b6d01-cb46-4e04-83ab-d1b5d6c13561
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 5C25 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
Origin
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 23:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7295
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 23:00:03 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/ Frame 5C25 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Az_oOSpcYIOhL6kVDwfKHiUDV9ZSjgx2a1cau_Z5e1xCFM1sQ7n1reEz4aNJHslmJIkiTdISpWXu-ijvPanXF3UHfZIPnO-THCu-pP1SolEm9YPoyY6BQjmCW5dYTD0kth9YsJZif3lMwlvOt1hmLx4-La4g&dbm_d=AKAmf-BL_E83MnBi4gHZSzC5P6ZfdzXltQRFFxzT5tz08Yp2UvqMohAX5p-xuWNAz02IxRjy3GRbVK14ShWL7ka9rfWJ-ivv9XANV7VKok2-xl92RmMo2WFfEI19aY5tpvY_GFu4E_DTww8L2qFfjMmD3Zx6QhW9oywn8tutYkwJFigRXrHk7N6NSH610FtGrrUyOvhkUf2vr5i5Fg963_v71HGwqWQPACwKkGg9ozfC5ZyIISzZrMoe5S_vvYhkR9yKfoaBgB0dlf3-RY3xqb-O-t2aupxOjkZbadogzfeMdr6c9v4P4kEVDmwejR42Oxr5mvzmypky6dBfRCQBhlSKrU9ilwjk2m5XDbhfg2kVbd2_vAeJdHxFLEWk5pcPmnBOOjhEv8Dz2OIDt44cdECtPOHZz3srme8s6unXec8JA4_YqZSqShWT2JcFgdHPV19vnl2orVQqIpBuvvNvpJnLkKHHQk3ru9rJFaltY9LY4m-Td4aHbziVkMSIlBn2mBg6cW4GezkSPWyalSSWCRt86-1grtibVLupqd5397gji2_lTsIU2pZY5TuKWuSQQyJxzXFO_j6sAOWprKDoAlsqPLEt5_2cAMByB8aeEX0B2diQvipTtWeSWywyPJJOgZpBMJ9Fvd3dks8ljHugyJ3nooKHsmkSAZMRGEk0m5UDFhybtCa3CdTyKzxcr4crArOVpTkFkwhN0TVY92StdPckVZ7PM6imU5gkpvN0c0jw9rvlpFjD5eRUfIUIh3LtPyuoweMafOzOq80TjBVJ5hlGe9mreAhmc3YN_18DtFn6CLl0LsEHrwNm_vkvZBWa2Lu9S0xtQx4FvROeNbGH-bAJfnMuo8pYRuzM9jzabBIulskIc_uuNqD8EyIIzosLAlNCc1qCiR30rKQ11ZK5WOWR7HMU1Avh0OUuA2-CZECq41ZP9ecKwixtuOFf6YtXqpAajCa5SjR9Y1uJwBq1bsJgVxB1EG84olcQRV6Eu2KlXAg36-fQbDLZz1P3dVPmWhkHMkOFtZZuNktmESi_G-jjhJXR7NplB3WYg1jvjomobCD8OM_ccyLGYMpNM3zm9GObioxqCJ05t_MoZws1KZoxfUIfKW0lejXqCf7uJdKbyYdnTkDewKj9hYO1CYrmUsEv0lgGJKy3C43J3H34vQist8CCk6ZGPyRVJV39Rgmit27buTMbDe43oL2YRuIRmzVSEnCNbPkmLffzACOOFjg9yMwgH7YzZZY8xcSKwYCSZ3AN1a19TvmFAT4iEs0DFkU1OeB06bT4CnFzOSnN8cBv1Rm90BqabMZIafECz463OZQo5U5HwO_DxK_T1aU_BLmznGk3Ccw4HWe3pNcQ-EvhHJH9Ro502abRu6pmUFsA__OMPhH7HdLRy2nsuU-SQGNIs-RZd9eeWjUYNnEMAfT9tMnhCdVP_XScMY0EknrRY9fOeoIcJgsCi0jHauQQuL6J_chR3oFGmiEBbZ4cK5X2aHgeEuY7gDKVZB3suD1Ypfok-AC65V88pD2JykWlxCJfv0JDw2r0OMFbUNB845FFt7uYF4v6SpxYu5JPEo3sUpPyr9xfTYtrpT7wIITEIF2hqYwxzPQYcHVIfqpdlsCKQdcCKD7tpV0ciGdLkChLt50oVDOba5W1_3fuxteqlvEcKIQrMJLKUkwDqHXVA7sIhoqc1PRH-ZZJ_0GNDvsE4fVwFHdPLN1DAX3rMN2EKKOSAPxAYn5SPHNoUF7yhJQpkp1kZ1P9WjKcqa-BmcbTjuwgcdWnDoR6FLdcsPu26n8JnC9AFu_UwPDUiXcJPIcbyYr4yZd4sfDOb-dkT_Ro78pU-uEbw1xPClz355QjQ9NHUPQew4HscrAYFPG3p3aBth8AOBWqo6JPS0peQQkhFeQM7VrHUCjrZKgQDmB43mVQH4ZKHL1uI3AYU47cp0dUAxH26I69U0NWaKEDvQ5Mdl1eaMcRYbJ2fAwJfUGvZWB4EN1nmdbGQ8Zixpb66Bji0wDDinWHfoKL9vfgkpq-KQuBprp8DRJVOTHuJUXSF0PvaFvDA84oAufAH-4qmZalKarO-DgqNPnKavxHyHqwIfj7M_vFCgbgTdvKao3A_eRA5cPThgROrFVhnIhH_qMoAF3-wvPQImvEk08gLvvyGVwK5_NcjZDlepvCLg2bDLJPzP6mJbB7wawbyf3RsF8r4LEnTKQA9OR-3O1Ij09odMVday0m15vth0K_OF5bdkwktrWDbDK6PcegOoG6QC6MUwsGKzoTvaDvSmvyFmP2Juu_N8U2Ka-3haHtiYsoYkitTvZHp3QRutZkzKGX4-7CsE7lrNZ-H8H3_Xw9mm2czTt4a_zsHsDtZMvOF3ULpwhEmBQI9S5Mp7pR4jcXvAgFjbTEBdw38gPWpJ4UhsHATS4cIKcqyhSSmApfPy723PQxqiweDqAPfoN72i_AVYp4AJbBm934WOptvk627n3xR5bExw3MctKURjFdR9nkKalD4frR5E7tYbQBOI74vAlg4Zgm7m6njMe6_EZePN-pe0cb3ZTo3h0XUwjGFgNNC27TgHLLFV9C4M_obI0TKkpQBR3qKN3PT6mcDiP-Z7Zwl67fkDn-7UwNabnJI5oD3a0eMvsOa3fVbo8gtFWFFLGijhu6aRw5QaoBwlqBGeK1u_Zm8Qh7suF-68LnSwKBrPxcoib9vQJoOOeQlY53plmrSYy4tO9Q7OHhqzsRr2LUv2AbXzvbq-R9Buxe_KwjQMgyz-aQumklva0YYeoaBdlZsZsWNmSwaqW9QwTRyB_NbPnmxau6FxuV72XU92_w_-u_RrChXg5_AQMJZSnJwOXxg3kthAgqemg0YdJRkJYkMbUqLDA7I7Ip98jkvwObTDODJdxvHI2Tv-sFA17dl7NuGEPkQ8sgbb6OUssvocjtETvH_RpE5ROCrEHO5r0RPnFS9rBqoFArsGUftKge9cCTv-bb7sJIraDcdE8VR8B0blsn96qKHLu7Brh2C7Di03TxmBQBjC5ELtlGGp6m1UPWqdkuK3y5gDfcJI9i2yfHyqJ5x7gddl5GSiO6DKl7_mMnAzBgc-rAEVVeTAVf8ofb_tZzzzL7Jmx0p0sEA45hQ0H1boNqVl2ZI3aokGZM_gNd8bM6m5Z789CmsP_LLVhk_7ab7vD31xE7_18rUp-y52L1r1CA7VGnCL4NnENxQUEoFWHvZCIE3fHTb2J5dSIsGLuGrm6LfEW6XK3UnV9vERjpZFZxW0WkERrDym5_R9IiZZiYEoo5&cid=CAASFeRoQxDF63WoS3qfHrANh4p1ADGZvw&rfl=1%2Chttps%253A%252F%252Fwww.mediafire.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 01:01:31 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/ Frame 5C25 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Az_oOSpcYIOhL6kVDwfKHiUDV9ZSjgx2a1cau_Z5e1xCFM1sQ7n1reEz4aNJHslmJIkiTdISpWXu-ijvPanXF3UHfZIPnO-THCu-pP1SolEm9YPoyY6BQjmCW5dYTD0kth9YsJZif3lMwlvOt1hmLx4-La4g&dbm_d=AKAmf-BL_E83MnBi4gHZSzC5P6ZfdzXltQRFFxzT5tz08Yp2UvqMohAX5p-xuWNAz02IxRjy3GRbVK14ShWL7ka9rfWJ-ivv9XANV7VKok2-xl92RmMo2WFfEI19aY5tpvY_GFu4E_DTww8L2qFfjMmD3Zx6QhW9oywn8tutYkwJFigRXrHk7N6NSH610FtGrrUyOvhkUf2vr5i5Fg963_v71HGwqWQPACwKkGg9ozfC5ZyIISzZrMoe5S_vvYhkR9yKfoaBgB0dlf3-RY3xqb-O-t2aupxOjkZbadogzfeMdr6c9v4P4kEVDmwejR42Oxr5mvzmypky6dBfRCQBhlSKrU9ilwjk2m5XDbhfg2kVbd2_vAeJdHxFLEWk5pcPmnBOOjhEv8Dz2OIDt44cdECtPOHZz3srme8s6unXec8JA4_YqZSqShWT2JcFgdHPV19vnl2orVQqIpBuvvNvpJnLkKHHQk3ru9rJFaltY9LY4m-Td4aHbziVkMSIlBn2mBg6cW4GezkSPWyalSSWCRt86-1grtibVLupqd5397gji2_lTsIU2pZY5TuKWuSQQyJxzXFO_j6sAOWprKDoAlsqPLEt5_2cAMByB8aeEX0B2diQvipTtWeSWywyPJJOgZpBMJ9Fvd3dks8ljHugyJ3nooKHsmkSAZMRGEk0m5UDFhybtCa3CdTyKzxcr4crArOVpTkFkwhN0TVY92StdPckVZ7PM6imU5gkpvN0c0jw9rvlpFjD5eRUfIUIh3LtPyuoweMafOzOq80TjBVJ5hlGe9mreAhmc3YN_18DtFn6CLl0LsEHrwNm_vkvZBWa2Lu9S0xtQx4FvROeNbGH-bAJfnMuo8pYRuzM9jzabBIulskIc_uuNqD8EyIIzosLAlNCc1qCiR30rKQ11ZK5WOWR7HMU1Avh0OUuA2-CZECq41ZP9ecKwixtuOFf6YtXqpAajCa5SjR9Y1uJwBq1bsJgVxB1EG84olcQRV6Eu2KlXAg36-fQbDLZz1P3dVPmWhkHMkOFtZZuNktmESi_G-jjhJXR7NplB3WYg1jvjomobCD8OM_ccyLGYMpNM3zm9GObioxqCJ05t_MoZws1KZoxfUIfKW0lejXqCf7uJdKbyYdnTkDewKj9hYO1CYrmUsEv0lgGJKy3C43J3H34vQist8CCk6ZGPyRVJV39Rgmit27buTMbDe43oL2YRuIRmzVSEnCNbPkmLffzACOOFjg9yMwgH7YzZZY8xcSKwYCSZ3AN1a19TvmFAT4iEs0DFkU1OeB06bT4CnFzOSnN8cBv1Rm90BqabMZIafECz463OZQo5U5HwO_DxK_T1aU_BLmznGk3Ccw4HWe3pNcQ-EvhHJH9Ro502abRu6pmUFsA__OMPhH7HdLRy2nsuU-SQGNIs-RZd9eeWjUYNnEMAfT9tMnhCdVP_XScMY0EknrRY9fOeoIcJgsCi0jHauQQuL6J_chR3oFGmiEBbZ4cK5X2aHgeEuY7gDKVZB3suD1Ypfok-AC65V88pD2JykWlxCJfv0JDw2r0OMFbUNB845FFt7uYF4v6SpxYu5JPEo3sUpPyr9xfTYtrpT7wIITEIF2hqYwxzPQYcHVIfqpdlsCKQdcCKD7tpV0ciGdLkChLt50oVDOba5W1_3fuxteqlvEcKIQrMJLKUkwDqHXVA7sIhoqc1PRH-ZZJ_0GNDvsE4fVwFHdPLN1DAX3rMN2EKKOSAPxAYn5SPHNoUF7yhJQpkp1kZ1P9WjKcqa-BmcbTjuwgcdWnDoR6FLdcsPu26n8JnC9AFu_UwPDUiXcJPIcbyYr4yZd4sfDOb-dkT_Ro78pU-uEbw1xPClz355QjQ9NHUPQew4HscrAYFPG3p3aBth8AOBWqo6JPS0peQQkhFeQM7VrHUCjrZKgQDmB43mVQH4ZKHL1uI3AYU47cp0dUAxH26I69U0NWaKEDvQ5Mdl1eaMcRYbJ2fAwJfUGvZWB4EN1nmdbGQ8Zixpb66Bji0wDDinWHfoKL9vfgkpq-KQuBprp8DRJVOTHuJUXSF0PvaFvDA84oAufAH-4qmZalKarO-DgqNPnKavxHyHqwIfj7M_vFCgbgTdvKao3A_eRA5cPThgROrFVhnIhH_qMoAF3-wvPQImvEk08gLvvyGVwK5_NcjZDlepvCLg2bDLJPzP6mJbB7wawbyf3RsF8r4LEnTKQA9OR-3O1Ij09odMVday0m15vth0K_OF5bdkwktrWDbDK6PcegOoG6QC6MUwsGKzoTvaDvSmvyFmP2Juu_N8U2Ka-3haHtiYsoYkitTvZHp3QRutZkzKGX4-7CsE7lrNZ-H8H3_Xw9mm2czTt4a_zsHsDtZMvOF3ULpwhEmBQI9S5Mp7pR4jcXvAgFjbTEBdw38gPWpJ4UhsHATS4cIKcqyhSSmApfPy723PQxqiweDqAPfoN72i_AVYp4AJbBm934WOptvk627n3xR5bExw3MctKURjFdR9nkKalD4frR5E7tYbQBOI74vAlg4Zgm7m6njMe6_EZePN-pe0cb3ZTo3h0XUwjGFgNNC27TgHLLFV9C4M_obI0TKkpQBR3qKN3PT6mcDiP-Z7Zwl67fkDn-7UwNabnJI5oD3a0eMvsOa3fVbo8gtFWFFLGijhu6aRw5QaoBwlqBGeK1u_Zm8Qh7suF-68LnSwKBrPxcoib9vQJoOOeQlY53plmrSYy4tO9Q7OHhqzsRr2LUv2AbXzvbq-R9Buxe_KwjQMgyz-aQumklva0YYeoaBdlZsZsWNmSwaqW9QwTRyB_NbPnmxau6FxuV72XU92_w_-u_RrChXg5_AQMJZSnJwOXxg3kthAgqemg0YdJRkJYkMbUqLDA7I7Ip98jkvwObTDODJdxvHI2Tv-sFA17dl7NuGEPkQ8sgbb6OUssvocjtETvH_RpE5ROCrEHO5r0RPnFS9rBqoFArsGUftKge9cCTv-bb7sJIraDcdE8VR8B0blsn96qKHLu7Brh2C7Di03TxmBQBjC5ELtlGGp6m1UPWqdkuK3y5gDfcJI9i2yfHyqJ5x7gddl5GSiO6DKl7_mMnAzBgc-rAEVVeTAVf8ofb_tZzzzL7Jmx0p0sEA45hQ0H1boNqVl2ZI3aokGZM_gNd8bM6m5Z789CmsP_LLVhk_7ab7vD31xE7_18rUp-y52L1r1CA7VGnCL4NnENxQUEoFWHvZCIE3fHTb2J5dSIsGLuGrm6LfEW6XK3UnV9vERjpZFZxW0WkERrDym5_R9IiZZiYEoo5&cid=CAASFeRoQxDF63WoS3qfHrANh4p1ADGZvw&rfl=1%2Chttps%253A%252F%252Fwww.mediafire.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 00:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 00:59:38 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame FCB0 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
Origin
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 23:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7295
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 23:00:03 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/ Frame FCB0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXzlFyGVrigqDmhRSzSGyWnWzT9JG84W0JDIHeyojnwq6TKfMwtiR0hk1K-zeDePZD00rGbI0vKvDhiXUXsSizjjoElUXWEoXyt0cL-beodXHt3-7ZyeJgb3QPrKX023wv20tq2lUpdcNF2RQWEArAqF0UnQ&dbm_d=AKAmf-ASNj9LeHNmKViuiwmwIGv6eyWSEg3vwmcodA5ydAR7RQg2bhB-1ELx_OqWrGT_Z7qMq_bh84Zlgm1TBtwNuhimwftY-6vgHAFeCuBuC8UvGFwdOw0bDnFzIpANIpORZiKQ2HiQXtd48ZqZLu4A52BPGaMjDGzueUMxeLUeaPdeAeuLt2NTgxa8AFSipbAlGkzQzAU49BIzzVDb7NIX_EvVSKUAEnRCv7c6DtLZAQIpe2eATGe5cpbE5yDgNbuoImCV7eYCqMG6PzR6luIiUvT2IcymcndSRwf8CQMKKUI0x0DBiGHIyTK-zrCeCySyZMsCfXu8hxlJTisNWmSLEeVnm3GGnIeZkFVqy488_Q6vrurKFjXXyM0qFk6TDPavZ5mFrVrc80-XXb68Mx7HFLer8q_FQ9YZtBmzo4OxKFKfHDyh_Zf1A5-BRqgyTwNmyt5NoUpdQZ96FiIv0ir1_EIZegPxBOS_8rY9mkqzAJbRzz55quI5x6d3T4s987yBlrrpjYdQC2S8IiuDiEQXm8MYoQn7PKoEHPRg-L_S-T8LjWxMXDcFl5wI7-S3rqmalxO197pLyloMAyAzxTFpcsdZvdaxKex4LHXYOeuch13shU4E8SdDE15ODBAsynHHRbodfLLhN8sgqR--Efqt_et5AP-7R9EZPUhPv75pTq0P_igcmnUo73uIwLQ1k-imWHMY9FOJ4vSN6DY6mG_kNMjrpXSkAdi_zFKWQVjJB-p15FykUiOswZXf0KneZkP2ro8QchvFkNLLt-KlfYdBSXat3AyMlcd_Tlc1tM3apocmP5VqgTCkd2wVNFE1QAwwnIqVNwVOCHLhnyI1w5yXoYkejQ9kPUK9C_1_613-onls3g6U15pQbT6Tryv51it81Gf_pmL41LRmewXOy5E9_70CBQU5GRtbxLBWJCcd20FUYInbHLLBXsZ1aQgvDMCVFzdluA_L7FoOTnsqk4TUNEP1O19pvZiOyjTs5AJWQLLvqL-nO9MNOPVWBJxYMMZ3TeD3EOJP3OT3n5AFfIaVDTyXb8Ge8Gt1ca0XB69gde-PThaDwu70sGw6tFZjo1bUZUVhS36EYHRsbQtOIVYYeusuTyzLPeTpWA0_nmpt5y6QiFNhSeIDW9yNZETSu9kyXZuDb_T1nEznBRtKqpQjC_m7R1BNnaL0wg8G-R-8NSNLAp7I3dQfDCmwfrhuBxUdbc08oXhauJQoej4ZsqM-zg8EfEp8ai6SVzlXN5khn-LCZENxVKva40PiafthoCER80QUqaWEVD1Q3UltgAtw1d1IJpMopZRctual5x02iQiFcudegYLDqYINPSzbFVu-9NODLFQ_iYxqVb8lE4rDBnlt1LfuNHHd2re7z-GbaaXCYp-GJXoPduV7-cuOJpTa8f-wEe9exGkmP7toLQMigc_or-WB8mFJ3U2AF65Uj1AjUCym4nOYj_sGRpEgroOavEgkOfaGY7Z-QEg5DksYr-75JHOPxPUlQxuJ2yEzEEFD9z6f6nP4ex9GG_MKujeLVZfaiQzWlSaRAwCEPPCDLQeGvWGbVIKhvyERh8C8XWIb8Ht30k0vcbCzzjWnsSidIPbWMQOcAuNXXWAkopIMdjxsNYDw-xsYkP63fKiZAAdPJnwgfuE9Re1YUPV7Ha4NqNAxcwRLfYZaKwrQwDQbESSTxbwDQJLYpUMijM6Bu-VElYr9OSiDA-R1OpEa9k8AzqFaOGMWUxf4HFfje4eefbDWItlViWKUFNBO460qW1k715htzI-iejITyzu9PlTYanLmD9LB5GzcZLyqcUmyoaIaWY5bChRxOWyOxnmSlQFG0zdD3e64jNc_LYDISWc8RvW2uGukN5bJ_Y52LvHFW5EAHRA7L7ClXDlOCEr6vF08CKtwa0Nse04vwUiIkvqq0OQHpsNHsKiHhzdH2vx5NS3WXtsq29UOupZfRGHflPs2NUSWuWUVQKF4aZzo_Dt3mKaOhuTmpDq9gOoJGJa4i_vD7liaXBcm7DILkgXllSOJp2qnO78QG76jgivHTQ_ckckIr5h5Wq9Tyj2o7Ws76Tw4NsoPA_hBa3BFswHgWGqW_Nf5HbpiZq1xaPyNk1H4B3nONvpQKeD8CAJhn5zdlwzBHTKcIkY5mqhTMrwd6FG94bj3r6uW4B_tSjs--r0PmLtZSJgYevkE1D3M-moCMfTwl-tMJ8-k5y3BpW8ntKSVRbcVlofUQobkRzYC43pr7BqzMBglBJT2_Lc6jfnWPj1qCnmwUw55aNq9-zGICJpEVBG9N1DpgtU0SSR5rYVFHbhgD7bHQ-Q89iN3AB5IDqrdRBSfWKR5YgWPi-M1Z7E26khE2faleckhUBGDJcQ9RVFuovjrCM_xjz2NjDFymDvkkjXa6UMuG3NQL88SPrvssXm3FgnM1vvZJsHjv9QSOJFlAwgDLllctQL7z-SSUiNidUcUpf9lT5BSgGbSWBttCtHRii2t2IwSYKns-_CPB63JQk5wJ8kBj7nxbaMvKszUnKYqiUzWbOEW2mlY-3QBLt90brra_lKX0FQ1H5k4F4rO1cloujaC1nDjXC-CiPvEsKdxqHDZyqxll9yOxnXaVkIJsw9ecquMly9dkJmwK7TeUJdWjhxo7WK1btJrKT8MvYPqVGc8ZYEPGNQgpRdxpAmls427KXRu8ULNwLz9Ju_g6biSwqGCOCXUq8Rsoa4Y0s1B2S2IPdFiZ3VrV904J_yrYtwJjGMz-BACqu00W8kww0SBoyIEemMIyBPDoGQr2NMp0Vac2kgsaQNHwKCrooAQTZGbjmE8rEU9dqDVUhAEYMdw-U-ENrsNRrkdYAMgxHHC-3CFLyITUlhgmFnJfiykFEktv6uPrRg_wPaPxuNQhQgrMlmao32Bh2jj2WJnjiiwyIhkE7d0iWpTQWeGl5tRo4U9efCZj67fBRDFXvGxoaEAmtyFHqn1g4fC74ZXxKKTs5drs4f_jgp-UBGN-CI3AZFqcUqN536xwmleccQsrPjV468er_6nHneGv18IvxFvU8Q1S54jyqH8OiAq3CHroxGWLAoqTcJ1X8V-C7WL5yN5c38I32PD9weGMY8KkcWajBaJQLiceJB2z_NLfvKmyTf4gZAgKNDoYvA6n6AjTAp3SZrvgIkke41-xjSNis6g3F1Xn7NA46RstSFOgWq3WQvt_nq2Rwg6Y9KuRq0KFlPIPxetqQUKPhZ-iOGtWqwrP35RbJBf9DLZ_3MS6bxsDh8uDRH50yms3fvqZdN-S6qZ&cid=CAASFeRoe91uUPmRio3O-OzMIwr925Jnrw&rfl=1%2Chttps%253A%252F%252Fwww.mediafire.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 01:01:31 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/ Frame FCB0 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXzlFyGVrigqDmhRSzSGyWnWzT9JG84W0JDIHeyojnwq6TKfMwtiR0hk1K-zeDePZD00rGbI0vKvDhiXUXsSizjjoElUXWEoXyt0cL-beodXHt3-7ZyeJgb3QPrKX023wv20tq2lUpdcNF2RQWEArAqF0UnQ&dbm_d=AKAmf-ASNj9LeHNmKViuiwmwIGv6eyWSEg3vwmcodA5ydAR7RQg2bhB-1ELx_OqWrGT_Z7qMq_bh84Zlgm1TBtwNuhimwftY-6vgHAFeCuBuC8UvGFwdOw0bDnFzIpANIpORZiKQ2HiQXtd48ZqZLu4A52BPGaMjDGzueUMxeLUeaPdeAeuLt2NTgxa8AFSipbAlGkzQzAU49BIzzVDb7NIX_EvVSKUAEnRCv7c6DtLZAQIpe2eATGe5cpbE5yDgNbuoImCV7eYCqMG6PzR6luIiUvT2IcymcndSRwf8CQMKKUI0x0DBiGHIyTK-zrCeCySyZMsCfXu8hxlJTisNWmSLEeVnm3GGnIeZkFVqy488_Q6vrurKFjXXyM0qFk6TDPavZ5mFrVrc80-XXb68Mx7HFLer8q_FQ9YZtBmzo4OxKFKfHDyh_Zf1A5-BRqgyTwNmyt5NoUpdQZ96FiIv0ir1_EIZegPxBOS_8rY9mkqzAJbRzz55quI5x6d3T4s987yBlrrpjYdQC2S8IiuDiEQXm8MYoQn7PKoEHPRg-L_S-T8LjWxMXDcFl5wI7-S3rqmalxO197pLyloMAyAzxTFpcsdZvdaxKex4LHXYOeuch13shU4E8SdDE15ODBAsynHHRbodfLLhN8sgqR--Efqt_et5AP-7R9EZPUhPv75pTq0P_igcmnUo73uIwLQ1k-imWHMY9FOJ4vSN6DY6mG_kNMjrpXSkAdi_zFKWQVjJB-p15FykUiOswZXf0KneZkP2ro8QchvFkNLLt-KlfYdBSXat3AyMlcd_Tlc1tM3apocmP5VqgTCkd2wVNFE1QAwwnIqVNwVOCHLhnyI1w5yXoYkejQ9kPUK9C_1_613-onls3g6U15pQbT6Tryv51it81Gf_pmL41LRmewXOy5E9_70CBQU5GRtbxLBWJCcd20FUYInbHLLBXsZ1aQgvDMCVFzdluA_L7FoOTnsqk4TUNEP1O19pvZiOyjTs5AJWQLLvqL-nO9MNOPVWBJxYMMZ3TeD3EOJP3OT3n5AFfIaVDTyXb8Ge8Gt1ca0XB69gde-PThaDwu70sGw6tFZjo1bUZUVhS36EYHRsbQtOIVYYeusuTyzLPeTpWA0_nmpt5y6QiFNhSeIDW9yNZETSu9kyXZuDb_T1nEznBRtKqpQjC_m7R1BNnaL0wg8G-R-8NSNLAp7I3dQfDCmwfrhuBxUdbc08oXhauJQoej4ZsqM-zg8EfEp8ai6SVzlXN5khn-LCZENxVKva40PiafthoCER80QUqaWEVD1Q3UltgAtw1d1IJpMopZRctual5x02iQiFcudegYLDqYINPSzbFVu-9NODLFQ_iYxqVb8lE4rDBnlt1LfuNHHd2re7z-GbaaXCYp-GJXoPduV7-cuOJpTa8f-wEe9exGkmP7toLQMigc_or-WB8mFJ3U2AF65Uj1AjUCym4nOYj_sGRpEgroOavEgkOfaGY7Z-QEg5DksYr-75JHOPxPUlQxuJ2yEzEEFD9z6f6nP4ex9GG_MKujeLVZfaiQzWlSaRAwCEPPCDLQeGvWGbVIKhvyERh8C8XWIb8Ht30k0vcbCzzjWnsSidIPbWMQOcAuNXXWAkopIMdjxsNYDw-xsYkP63fKiZAAdPJnwgfuE9Re1YUPV7Ha4NqNAxcwRLfYZaKwrQwDQbESSTxbwDQJLYpUMijM6Bu-VElYr9OSiDA-R1OpEa9k8AzqFaOGMWUxf4HFfje4eefbDWItlViWKUFNBO460qW1k715htzI-iejITyzu9PlTYanLmD9LB5GzcZLyqcUmyoaIaWY5bChRxOWyOxnmSlQFG0zdD3e64jNc_LYDISWc8RvW2uGukN5bJ_Y52LvHFW5EAHRA7L7ClXDlOCEr6vF08CKtwa0Nse04vwUiIkvqq0OQHpsNHsKiHhzdH2vx5NS3WXtsq29UOupZfRGHflPs2NUSWuWUVQKF4aZzo_Dt3mKaOhuTmpDq9gOoJGJa4i_vD7liaXBcm7DILkgXllSOJp2qnO78QG76jgivHTQ_ckckIr5h5Wq9Tyj2o7Ws76Tw4NsoPA_hBa3BFswHgWGqW_Nf5HbpiZq1xaPyNk1H4B3nONvpQKeD8CAJhn5zdlwzBHTKcIkY5mqhTMrwd6FG94bj3r6uW4B_tSjs--r0PmLtZSJgYevkE1D3M-moCMfTwl-tMJ8-k5y3BpW8ntKSVRbcVlofUQobkRzYC43pr7BqzMBglBJT2_Lc6jfnWPj1qCnmwUw55aNq9-zGICJpEVBG9N1DpgtU0SSR5rYVFHbhgD7bHQ-Q89iN3AB5IDqrdRBSfWKR5YgWPi-M1Z7E26khE2faleckhUBGDJcQ9RVFuovjrCM_xjz2NjDFymDvkkjXa6UMuG3NQL88SPrvssXm3FgnM1vvZJsHjv9QSOJFlAwgDLllctQL7z-SSUiNidUcUpf9lT5BSgGbSWBttCtHRii2t2IwSYKns-_CPB63JQk5wJ8kBj7nxbaMvKszUnKYqiUzWbOEW2mlY-3QBLt90brra_lKX0FQ1H5k4F4rO1cloujaC1nDjXC-CiPvEsKdxqHDZyqxll9yOxnXaVkIJsw9ecquMly9dkJmwK7TeUJdWjhxo7WK1btJrKT8MvYPqVGc8ZYEPGNQgpRdxpAmls427KXRu8ULNwLz9Ju_g6biSwqGCOCXUq8Rsoa4Y0s1B2S2IPdFiZ3VrV904J_yrYtwJjGMz-BACqu00W8kww0SBoyIEemMIyBPDoGQr2NMp0Vac2kgsaQNHwKCrooAQTZGbjmE8rEU9dqDVUhAEYMdw-U-ENrsNRrkdYAMgxHHC-3CFLyITUlhgmFnJfiykFEktv6uPrRg_wPaPxuNQhQgrMlmao32Bh2jj2WJnjiiwyIhkE7d0iWpTQWeGl5tRo4U9efCZj67fBRDFXvGxoaEAmtyFHqn1g4fC74ZXxKKTs5drs4f_jgp-UBGN-CI3AZFqcUqN536xwmleccQsrPjV468er_6nHneGv18IvxFvU8Q1S54jyqH8OiAq3CHroxGWLAoqTcJ1X8V-C7WL5yN5c38I32PD9weGMY8KkcWajBaJQLiceJB2z_NLfvKmyTf4gZAgKNDoYvA6n6AjTAp3SZrvgIkke41-xjSNis6g3F1Xn7NA46RstSFOgWq3WQvt_nq2Rwg6Y9KuRq0KFlPIPxetqQUKPhZ-iOGtWqwrP35RbJBf9DLZ_3MS6bxsDh8uDRH50yms3fvqZdN-S6qZ&cid=CAASFeRoe91uUPmRio3O-OzMIwr925Jnrw&rfl=1%2Chttps%253A%252F%252Fwww.mediafire.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 00:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 00:59:38 GMT
p
adsco.re/ 		259 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
338f73e0a5a7977994e85d2e2f8b477377637329f784cc4fe75ebf0fa0a8d582

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

AS-P-G
OK
Date
Tue, 25 Jan 2022 01:01:38 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-H
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK nyc224
Access-Control-Allow-Origin
https://www.mediafire.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5C25 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 04:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Jan 2023 04:41:57 GMT
truncated
/ Frame 5C25 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb13d266821176f5ccc71729d9452a0928c49bfaf06dd09e246567055f41907b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FCB0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 04:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Jan 2023 04:41:57 GMT
truncated
/ Frame FCB0 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a612f80951870a7ce65c815c1ea34349df609519d894ed5dfd2e2308c1664b7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
container.html
d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 137D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 25 Jan 2022 01:01:37 GMT
expires
Wed, 25 Jan 2023 01:01:37 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
verify
otnolatrnup.com/ 		17 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://otnolatrnup.com/verify?sig=BAoAYe9L8gFh70vygAGBAcAAIN38sNf9ZuGsbxwDZx_lLhSAJxkfkr3wihB8aZyY_KJswQAgDv9IlCV_Eo61oHGeZtq-RsYi7JDdp8MVDklrxOukZpLCACDILayLqG0f284A33gUQNJCZ86YA6pDdkqxHkIlYQuFrcQAECYHUwAAYHhnAAAAAAAAABHFABDZe6TUsLGYiBW4lXzgI864wwAgem1mrDWptTvJzVOG6Geh3fOyG_FREAIIb4fG3vqmCB4
Requested by
Host: cdn.otnolatrnup.com
URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d625 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:38 GMT
server
cloudflare
x-adscore-status
bot
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Content-Type
cf-ray
6d2d924c3efa7156-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17
Tag.vrfy
otnolatrnup.com/ 		0
56 B 		Script
General
Check archive.org
Download Go to
Full URL
https://otnolatrnup.com/Tag.vrfy?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=31291&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fkcomn7v7bfx0r7z%2FMobiHok-Free-Download-v6-v6%2C1-Clean.rar%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone&sig=BAoAYe9L8gFh70vygAGBAcAAIN38sNf9ZuGsbxwDZx_lLhSAJxkfkr3wihB8aZyY_KJswQAgDv9IlCV_Eo61oHGeZtq-RsYi7JDdp8MVDklrxOukZpLCACDILayLqG0f284A33gUQNJCZ86YA6pDdkqxHkIlYQuFrcQAECYHUwAAYHhnAAAAAAAAABHFABDZe6TUsLGYiBW4lXzgI864wwAgem1mrDWptTvJzVOG6Geh3fOyG_FREAIIb4fG3vqmCB4
Requested by
Host: cdn.otnolatrnup.com
URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:38 GMT
server
cloudflare
cf-ray
6d2d924befeeece6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
index.html
s0.2mdn.net/sadbundle/18080364882124629212/ Frame 291E 		92 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d8cdffd34822837be8f1505dd8ee799b99300a7afc80a180952b97a032942c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 12:54:12 GMT
expires
Thu, 19 Jan 2023 12:54:12 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 12 Jan 2021 05:34:55 GMT
content-type
text/html
content-length
21697
age
475646
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 5C25 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuIiYE5rGgUCseEwce3U9WdDRkQi-wnWIE2l_3LSjoTZH0QLJ8_rk-AUZhzubI2b2fx4eg64uJ8Vc6k6McSB3hSXUlkLOUObcPGQ-H3cfKU5B8BHRhBag5JN61-HoKRs6QpdOq4gxa6e3SNCqLICssPnf9wVAtfpClpV_cA-jErsGmpBeIWpQgxdSvbwVbpY50AVulxViQuiasKjjfWoAq9gmJ-bXl4O5cgDdWZLgYeCxi1nEAc8iZPkX9VEXM2k_79jKZG_-u-rFQGjw1hOToMxwSKYgKCQjsq5xSpziUViEdumILFa5OivtYAi-AOdUvAKAqXWud3xn-kV5_zXYOaLP7pXtmiMnv05vbUds376k54dsJDMFX45CCd13DfiRXkk16BdamPfkMPsMEjgTQetUHv9znujRilzAIKPogJkygmbLTbTfh_CGKFozguK_6QC3DDteHZEdGTqz-cPcAHNPF6Yzm4zNUhwc7uJTW2edWIdyNZ7cPJRWxwoytc-UY5EHgva5pWCsqdWj65s4D0z_azOiJLd4Pyz6hVA0yO5g2DRt9zJNHR3ROGzCgbg0srBCFkhZBGkZIrNK0tIOoIOKrPhimE93MH7gF9-0pLIG0KkKSG1jqhkFNBsCe80XVn-9GSQDpmHBQBQICPxCKTASjMIdbei7DaAh7d__366ZQ1-iVFE-Nhb4RTZvlBBkuE8OZo0gi_6tDTF3Wpq2mrreB87QeeFjQpZWJa5e8Cx_-AC1job82sgLWzOeGbBLHfpvyFfWtBckZ_NgsjdfuvtJcPAsnnAwZntH_1jE85nJMxBGv_AjSLaYGAZkAl54zILaXS1njcCqptidqgGws-ltqyghCN82cKzXZiu4lEmvLZd8pVd7689C9g8_O4NAGKpyzw2gPzb0rerc8UIz2RdEJAN5g6hpZj122Pcp_EYZ0l9ENKgRMM-_W7MpNop9BMHQZs3TRmC0qb-B72SruBxqRAj_AWFHgQIGa-vJ0oy9FdqUT0NtMJstlK3_NPy71zAe_wO0V5EM2Mr7EuidgvxXZ1UHCBfLlYJssTicFc5xkXSqsRyV_YaF_e0FR4v-1AJ38hh-5HggVn9OeGeoLgeMnP6lAcAQNjJeLj5S_ggnhqb8LF3kBdFzyLSPQfNBZIBl60Zi890Pz6gBwwLcph5lgJsKGXLr6r&sai=AMfl-YSFqO99g2dpPlaAzld7Uwh_SrvXckQ6jEDjLOYHrqCgizMmxl0v8QY42wZY0NgDI0derMWAORXPkaEvprbTRGJN9H5a_aYSvvddKOpt2TKQknV3XoNTq9V6PoMq916UK7ckdPYHeRYBpO-YgR3xId6pYYxyxYjXziM8dds&sig=Cg0ArKJSzKCKW9v8OpoOEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=177&cbvp=1&cstd=174&cisv=r20220119.91166&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 25 Jan 2022 01:01:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/16862631110216872732/ Frame 5C75 		93 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e46484286c90cb4aea34abdd9b242b4e2ab985af692be837028b37296b2cd83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
21683
date
Mon, 24 Jan 2022 15:16:03 GMT
expires
Tue, 24 Jan 2023 15:16:03 GMT
cache-control
public, max-age=31536000
age
35135
last-modified
Tue, 12 Jan 2021 05:34:56 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame FCB0 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKa91o46cSbfik7iP2CxTOOss0gS1ijNQMGeT1aeYgRK-5RxQLQriesO8tRnw4lmfXtuE70PHPXBmoIE4hS3jDIeGMVumQjASY_QqpYNVMiwDhgI_i0oJPJC8NklwRZxsyGldqwnC0Xs9owCAnr4rxqZ0xmGjojzVxWbw6Dv5PpIxfYLdfd9AAG92SRm5Wx4DxM3KEJIu1rfJFp0QYptAroop2VxtrK3-Ey0E0AKhx6gJ36oowJHuxLKxhSjeRE0LjWPTSY4ah39GQKuumW-xs_1BsnnF2t0mFndZmTPOfEknORYDue9w_xtcndAJw6vjvskL1zP1mcBV1tSNsvC9aynzXm961TKFZIkMNRqZmxSRuc9RSHGnnURmQnsnrCuidFddMBWz1fxNJZRdgAOQFUha1MLJ1Rht5_SbGiKRXsG6oj2_zbdL4BWKAcgfxSRL0DqqAzOzj3xsSaOij7UANeH22P88Lr4dtRczIN7Zv_aL07cS1GF7SC4jWA9Jb0wX-xRdA4wH0lKQ1LqlPdqYKtKJJyh1k48J0c-PAlWEf5lw5hfKdOEAQ8Ht90cSiMqVKGil_cuM9guNde-dWF2sjjp9Cgbnq0tTF0PcpHFQNBSG0aelRExUlkVvYtF02hQBkxZ2oIlUN6V08jxGbF9V-OiYT7vbOHSenHaf5kkiP1TeWAOYVZ2mO-VIrAW-w4IfEpqdFhPthrUcj3igBcMga72zfzKa16uXo_5kM03BILcdQR82QN0n_1aOScbKdu7uBUe_E9f0hGNs-iGip4jCp5hnEKtoysrp7dA4pmpxVDvh09nNsY4rLro3x0P9X2prV8T0UUIayFHxVNQ2R-uFtEgAew_mbYN93Q3WHySkDuwW8020VT4WrdF1MEj70QCmxy7QKanNniBpJxpEqYyNxBNenpLxP4yfesw_VuBqEu5CdDUuj2P6WFLlIvr-_MhBtMPDvMku9_JiakQi72TuI_sfEzJh5fajBakE3kBGlBu2a3MwKANhY-HIG0ixCauiTvlbEI5B7AX8f_BCC3H4dzh17mkxwwG_DXI-iJ9y_HCN90IXYyMW8v-We_7i1NHBqdf4Qi_7nwegKO4r6gPeehqJwu-DQeZklB7seRQ1PDzECvO7AbWRmeNu8Rk70Qkz2LT1WNXGZg1kYFdLvnvv8ewO9arCrPw&sai=AMfl-YROz-FEkh3oD8xTelZ2M3S7midEQrOeh-rvjxf513EbB5AoJjsmxF9724ceO6qycNeKYIHtGPbXLiahq5TGNBdKsaDUsXQZvXjaqNWa_v5hZv1Jy25nKeMzXghNdyRtjOXG6P0UM_u7liJmH5DXAL65wBR4g489dOkrMf4&sig=Cg0ArKJSzGxe0pae4xkpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=165&cbvp=1&cstd=163&cisv=r20220119.47988&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 25 Jan 2022 01:01:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 80A0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 04:41:58 GMT
expires
Tue, 24 Jan 2023 04:41:58 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
73180
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 01AE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 04:41:58 GMT
expires
Tue, 24 Jan 2023 04:41:58 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
73180
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7572 		645 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUY_oOBmAEwAQ&v=APEucNVsZS2r0pdW7sv4B6f4y3-QQMjCFTCGn6YBAzxC3pnF5YugjrJduBqb3hs-87MJIq2ZMkdSDa3KVZUBt_a6QrO5UI3v4ab1ZfXK5cymZBOp2FVTGZk
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 25 Jan 2022 01:01:38 GMT
server
cafe
cache-control
private
content-length
285
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 25 Jan 2022 01:01:38 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 137D 		71 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJRheDTeOZHkJrWDuqINyikeIBzKM9N_4XADEgnsaTY2zq341_dkStmYEriHyAsskUSVe1FHI82pNtiBvKqjpnD5Dv05pjAwbJaYLRrWxYSeXhDhA3Z_0Dhor2yJLcR7IWDl3aWCLGICOdRvU4S-4WfXt5cA&dbm_d=AKAmf-AVwV93OOgEj0kPNpOoAYYd3a_pKEmpTjIt62ZEwQlAR2BbzGNEzqDk4ArQyELEfABPn-vLH8ca0wmmgPiIwy7dA4fjPUeEfm-n9qfVio-nDrpYtHL6KU71HAhdYKasK7PATJqZYhbyF3tl-AJ5zovS8FBycSGyF_iz0cwmVh0xdBq1CjBvdtt2H9noLQ0KmkFtYAr_qe8PK1OPruBu5-DFxSaWuQQplpQNwNEoLHHnUzpP2bjgUm_qYdtYeXFVFvquAc9zgav-E9lU0ItTJtJsTIovWMWiSjuw5EBMl6tZRsi9PlCYwoMd7wjf7env2nRCSKRtJKyMIhJprTjHwc2hXKk2wfMPHWQ8xpdnpwndLIxR7MvDh8Y1C8EzFgGw27zNsR3tDJs8DPsA19hesndB2KC2M-7uo76Q2kkTTR-X2KblxWk7bVyWm0r0K58KelUYxc8F2U3UWaXp-DuLaNDYU9Ocaw-n4sZ8-TDX9fWextsHYbIshXUzR6XeuZeJMwxImM-KJDZ8g-HB5671DhhtkMwjUOUXaV5eCtQu7zQYLsow80BaNxKwUFMc-zfRY69qF1Tf23YszXI8zhW_HuThg3M3SxpseFzl7YQ6oNM4DkcOUDknJxLZVngHk3KrKjimuZ0QIq9mxNp29bfGGfH1wZwtmoFGNjmTJ8yvTExcrH4NVep2c-f_ADJNGh0lHu_7w6erayQonLT0-y_XPZV-61qFcz0SxDWW6DKn_ssVAkJddzqAEbWupy43X_MmYkwvEMx4aQSa02d4pgA1jzdDJkgxF722Blbwjc6l7lKopgvhiIO7_vvoSYv3k1Pb_hZY-JDttvxF4d_hgNyoFyo-PoLAtNdmM7BJy7CAliAVxV853oASozW2UCnLCxYiSXbl03YNQcUHya6X_Gk_bqLurixAixU1TKhfmzAdHS1RwbEhByW6WD-LWVOG8gnEdvIzeKG5mCd42WRrofx7CGNkDKmwcYrBgS423oh_eJhmLBx4moNwo-X-96XGb_QepmFqNzC4Wo8GtbNGQBJ5LTaBWb3synZAGMcpupadMk2IzA_tSQOLSA7SFLzF9Sk-oEyfTUIU6-VwwYrVotD7QlV8AItKllREZAOMVGoaLDUAQ3Km3aH0j6eHGgYTtwJmzUFI-wbtLn8xzTob6vXnNpZHrywHbCPDK5hVo8Mjgp2qAr1cZ5y7khOe94WYMpLE-q2MFO88v3c_51Kjil5HtOrA6awIY7ep_g05OfGsUGBWXlFAVI2MBRjaNSKu-MYxvVC7YXsPKZRlMs-ky_WCNg5WD6TPwft4Um41N_G9IOsNlBhdX8fpMDytmmObBO1RKTxrnc7zaKZ435PmwTTxCQFyZYStKekBMFaC5DVbLjMbNoSqwVRA65HUDLKSkzDBLTTSfBGErsb6asw99x9VrfvW5QIFLt0pusT-yGwyoR07J_1Ctzw5L5tHTymh9Uro92hbW6viJ-Ouc9Sjc2oRt6kFe3-88Pu3eWyJhydbI3CxJLuPsqnAyKTgrjRXZFScMsWDoecGYum7GgtKv7YqJICaz6NYj8r0Ogq_IHdeZbWRvWxaZnB1068KgobVads25uvOpWx6jaX9RivHOX2gzWPLg0VA-aPSmT9pT0D7s9DKh34GSHblFykHMJq9MoqlopiPjF3cQXeuWQAZcvfjwazQkBRH7bkAbIKeTu7sFjq0tSa6JSZFJFuhz5_SEypVwsQEl5T3ytPHDm2C9A7Rm65hSjA_VRcgUYhfOXdTUu5RjdZ6Ct19gJFAq9o8tQiHFHC_aPTJBvtmzlg0y7eZsD1mAUb7YhdFa9tdib3OYp2_20cAIXdSxGuLNW4zVH619ht32R24r3hCZl4__6kqLFP48RjNesTjixOntppA1zomPEL-P0vlPVoA5BodEXoJl_tgQmYAzYbBY1z_YpeGL7Npoj1MpZeTGDJL0VfvNoGw1PpmyGO8RpJQxga3N0aylwgUibU_VRQm-0i7Mwu9m7shlTxMkLTfRqXTMSoHdlYs7XsCzJFZbvfsIO1GKgvX5H8B4h6t3o7oHySbbxNhCsfZ288Yh0SxT94wVTmSw5tZGvjYM6QwUKZ5Hr6i2YbKyXcYEt6u-7igZKznIximy8twZ4gRcqE1XWt9pVPvAVufoXbMyUl0cXxa2cdVmazen75w7lR3eOAZ96t-QWvZ1cn0lkQnal2BsZSbETB1HO3bqEbRkjmSr18esOEHSaZhP04gqudkf04Em5UpRjUvlrmECE_mCP8Ll_saHfs2hvWDpwHPLxLTYJDgwxs3uUQvTDvA59Vjg4-arcYxLXyNuiohxUNUaEV-ctXTUcS-_eaIngQL9x5TxIX5kVqVrrGnFYH8B9Ssc1Rx50RDsaLcYSABnQGWLANgqFMygyOHziqDnUqpIULFShDG0ets4CHTI4-zfhNeNtE3P8eL1d9v9MZ36SZ4pS2SSWPpzLLBK85Iu_pZZCT83rIWs52FURruI15z7bbj1zspuJaDRoqLP1zNFyvxEpYvrM9yhG2aauqXvPJdRM6v4N4uVJZ5NDbJXjy_AEKTrEBF4pMxPotJ7hXCRXP0ZsAapJjoXWCvCYDW2_dVUEOyOk3MIB8AWm72ZLETLqM7P7en7spDrNPBvP0SuRHuzvgJ4D-M2v2LeJbAClMnU_rNk5WHWWAhpuccrWKRey60BDLg_feZN2_sXxBNOCL911G1sUrgAgkTKE9LrPxPa3CMlEVqJl6yQJPYRxjpHeuHa25wNqIKA-AvTLLlCsBretE0PIpGnS7URTIR67L5vZqDQhpSfRvgAnL2sz5WwDINLI7ogEbb6NpGC4_3YZLrRAUEpNr_VLXJpS3iqTz4fzUIT87F5ovpXoV_wFRTAfAMk4hovRy6WKrrmBl2Rq9d9iVuBi2cKeLX4H27Lmt7pxj6BuWH6eMpTLFpJ5cbYPMaRveH3M-P3XxFb_8L6ikJchBJoJb8dbfpa6OErlaOkAcCyhL1iQleH71qd_pXFcfodYIMOo2h8k0Mo3zD47vK64gq8OCzntlEzZQj0zs7eMAi66U-4eCtWAMsQPZSikd-tSTu7S-uZCaUTX3utBCXoIiIXsyEZQdZFmGq9RT7GQp7iAL2-Q0o9MI7QPgN6hCC4XfFjQ7AZ1ykHKO-DYdOlk8Lj8m2J5H9WOhYt5SIHFKSzcHsNKvGehrfqFfJxy5jb9Zl4q8U_k3Fy1U2aC1Pq7GSQcHqNywFbCClnjwDa6viwT9BefC9HhEhnuXDK0ca&cid=CAASFeRonIka0yxrDnz4AkWyel0gkReI-A&rfl=1%2Chttps%253A%252F%252Fwww.mediafire.com%252F%240
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c8ca2b68009c58cbbecfe494876ce38cf01cbc2e85ce802924359ada6bcecf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30636
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 137D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BErSZKpaEeK0Jz9C-JlC4VMvJMaHaJXzGcX-_3CRF--IFwjZkZgGAQXFW607Wo6vbtM_HsUTuFl8RDyNLRwZGNJb49VlPf8fzoc6MQKEJVx8isj9c
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 137D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 01:01:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 137D 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643027698847572"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Jan 2022 01:01:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 137D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 01:00:37 GMT
container.html
d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0BA6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 25 Jan 2022 01:01:37 GMT
expires
Wed, 25 Jan 2023 01:01:37 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 291E 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 00:46:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 25 Jan 2022 01:01:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Jan 2022 01:01:38 GMT
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 291E 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 06:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67677
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 06:13:41 GMT
css
fonts.googleapis.com/ Frame 5C75 		6 KB
774 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,regular,700italic
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
872890c5623628fc32f2bfcacd96f0cbf2226304412a28475ef6567a784c4082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 01:00:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 25 Jan 2022 01:01:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Jan 2022 01:01:38 GMT
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 5C75 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 06:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67677
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 06:13:41 GMT
vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
pagead2.googlesyndication.com/bg/ Frame 80A0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 04:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
73180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13436
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 04:41:58 GMT
vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
pagead2.googlesyndication.com/bg/ Frame 01AE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 04:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
73180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13436
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 04:41:58 GMT
rum
dsum-sec.casalemedia.com/ Frame 7572
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&gdpr=0
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUY_oOBmAEwAQ&v=APEucNVsZS2r0pdW7sv4B6f4y3-QQMjCFTCGn6YBAzxC3pnF5YugjrJduBqb3hs-87MJIq2ZMkdSDa3KVZUBt_a6QrO5UI3v4ab1ZfXK5cymZBOp2FVTGZk
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 01:01:38 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7572
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ye9L8vEu.ZucI7-t1oyNigAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&google_hm=2
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUY_oOBmAEwAQ&v=APEucNVsZS2r0pdW7sv4B6f4y3-QQMjCFTCGn6YBAzxC3pnF5YugjrJduBqb3hs-87MJIq2ZMkdSDa3KVZUBt_a6QrO5UI3v4ab1ZfXK5cymZBOp2FVTGZk
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 01:01:38 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7572
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEN0FcKk1-EpXnk_8_PIrjhM&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEN0FcKk1-EpXnk_8_PIrjhM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUY_oOBmAEwAQ&v=APEucNVsZS2r0pdW7sv4B6f4y3-QQMjCFTCGn6YBAzxC3pnF5YugjrJduBqb3hs-87MJIq2ZMkdSDa3KVZUBt_a6QrO5UI3v4ab1ZfXK5cymZBOp2FVTGZk
Protocol
HTTP/1.1
Server
68.67.181.202 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:38 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
60162800-72d1-406f-a148-d0c322c4dc47
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEN0FcKk1-EpXnk_8_PIrjhM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7572
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUY_oOBmAEwAQ&v=APEucNVsZS2r0pdW7sv4B6f4y3-QQMjCFTCGn6YBAzxC3pnF5YugjrJduBqb3hs-87MJIq2ZMkdSDa3KVZUBt_a6QrO5UI3v4ab1ZfXK5cymZBOp2FVTGZk
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:38 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
e1dd052c-41b5-4070-83bd-ee6e164f6882
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 18F1 		645 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNX5zq4v5Flji9DS956ZQRqO_Cz7cAgsf_NBu45yp3vp3PnVItBdcZ2_N06QWrrB9i6qIdX82hwgEQiKNZwGai9O1L5MBrYRHXpLICSzP-1HzTGaGGw
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 25 Jan 2022 01:01:38 GMT
server
cafe
cache-control
private
content-length
285
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 0BA6 		73 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgNotx9pMOTEjaWA078kcPxSy-nDglAZBREHrEBhFNXYU10Mfh9C-QwuiC8e_TeFDA4iUb7ikHDkrr3jsz8b20oDdkvdDvvjsAowM-clXAD3dw2wfMfryH3iqEhOXhskIVWD0Xgi5FlEu4_64xEFuzYKcCNQ&dbm_d=AKAmf-CmBmPcbMsU_mLOLhgukA7usp76KpyzfxY7Rm6h1PWDYnMhqRhs4z37OKtSnoH8rgV1XdM-S6nAq9yDPq_ShjqUUqhQR_iLi3Us7BX5t8bapjHrRo_p19_yjMprFw3uxqOrIbQ528l0qWBD6BC5lZSSSeXk-xlR1SmpkpLtl6Y1v3whZtbdvnwe0xVT_M-hvH8FMJcNMkcrU4eJAvkcuGPOTX5ooX71HQE8mOyfl62_mekbCLJaKM8AEsS3THgcmYL-CwRYAlAPZHNd1SLLZM3_WhCJDTCeqsebUTO7rv2MfRCEvj8-B7iWCeXxdGNNk3VbfZj-jKztwOTJHd2LqyOZjeJqka4BZ7sC2J1Z73q2RaKnb6K2B517AkDFkgRzuRX6rnwuZg6XJ3zfhjdrsi80KVz8cEC1wKxNpR-AJ9ifI7vYQgEpCPwE5nAvy53iqXqvmXzp8IajLx4wMovgdy-_-bulOZL47PpgwEbYAIYKTrGsrONg303iqjNO1PwCbMYKaSbmobz7rKEWB7QvBiucMSXcZDIoVydGcJg-n2zddX03qC0wZ_ni7ghfJCNT-xScZe_8uMalsYGjcs2Y7NcmjFJRuid4sQrsoRMd3oZvRKpQ9AbbJ1xDH3vbK3bASPc64lLStbtHRBLO5S5pi5hQpB-zD_woiDY8NMQHfsKI-e6TmOvLD5v9tbXxiC5mEudw178mvwj-I5K1XCNtjMdm53YcqpmFeor-7I770ErxKDShoE_JyedNW-zjERTElg45yrjsPdI4wF-rpepFKeXg3lOKoBNSsNQpFMDu-tt9XchTOjgD0i3MLIn38Eofc67fX01UO954uYfs9IqVW5KBveT2JEFGIzlUO25j84w7znGUrfflm9LoTjz7Msmi8RuTwzsReumFva9ps6B3SR2Q5oQjy216h-tTt9H5ltqNBDI18c7ejjez7HEks1E3yWn8gKeENyv-XqoKh69YIMcYzY9SbBO8ghDcHg2FQZ41MUoWqYygKEk5cF9hPTgcdgEdwe6jr-f8xZKQJ4Gb9Tld46HcqURbKQvIM0GngEaY10V7RDSTaRUj14QT5dB5auQCcEMd3V4xtFsEa1Ix_Tx3DPr0RAzrAUuKkW_wUJ0laso0ttj6CEc4ECR8eatxzIWJ5HUB_NXZGJM_4vXVpHpBBQDrEAeDb_hC4izbsv2GhhsyfPpGpV8qCHSD-RZ17EAHkiZqYPyI3c3kbJtWnduiw_CTPRYikd-3uVJ_zbpHKmkjtibxJUHzjG_gVQEoP6HEAYNsMVrrq9geC8zj6ltZsNL-hzRvVzio3Sme0kHLLQbNUqVcwB5uwExPNMbWR7X-TWD4Q40a4fIIywjiQpfD29zwISoLreMTqiNI5z4pDQYBHDUFXuuDo9yiH1KsF-1CnOd_0Rptca-yeuI8hrCFrpeu0-PxvsqFCBaGQ__v3JPqZEiPvOmV6xsJiAXvBrZXepJ2Lb0SBOOjKOvDCngdGPoNgKjdsTxMn9rPoTyNYcn7WsC-eq-RgDizsC8_twvgZoqAcY_OMFUJuHng0cDTehWrBdWr4_ea2qg-doHD6hdljaYhf6hi--1uG1BIbqotVW2Qd7mMr_17CJwYqU8TPoLa0wsDe2NLrR_jBJIo3o-pWKPBH-HKz0KYmLbyIjzefIQGauPFr-vVKSeaVP4mp81xyT0NdS94UGAzOmREzxCc_VqQkbSPkLUatPK1vhAfA5mT4w9vCCD0FzSqFOBsPOJJkyI4KkQGIvH1zUfM-BUMeNyrM3p_XQhuM9gess96BPoceYfXEdSPEpILcg-FwH_NVXXwLRjFjpMrjlSRwwyT-4KPwCE5bGregyw2dNCH7T0dv6leRyEWdOcT27miQtQTrIlHXRoWpq4YkNr18qispDIDOM8G2v0_cThDkBdrDsWgQL7jeEByC-h-5yT1M-eWlh-vcuiDWNIaHbVvN0ARsbL8Nn_FrHBM6oLhbD_5B-1ohz1Eqv0YWBOowW0Qy-i7ZwMGlpXdJxfx0mG3EiptZRYvRxZmlfX_pyH2hm1JF-Bjb2_guzStDfQEc8SnszcfOo5hu0o1NO3Puf_UNOXaVeWShoF5CUHO5nNZ0Y8S8oitHtkx2zZeI-07FkAbDwOgqKsxBTEacQtg02DPm8QpMMavDaegLQMRqgE2iesFhLs6BUhWMUWg7u2I-kzZdUPMQveEpBNEBZQ6I-i9ne3F8Xap89efWNtCa7KsyTcEhImaoQmkhSSp7YBzQEnDc_ey0oNf7rXiUNE80E39_cH1QdzFKb-zhAl4M_VuQ_BGeO8wiaWGJQZWbpv9jG8L3grj2gtziIj_irgBd67BaYQeFIaBoM8LEXLpm_cmNZVWUaJuf_MAohlZ2ehzqpaKRZxwdp8HGB_8bO1FTQYTjj-_zsB0Miyp3RI_23U1DWR6EtJ2MG_vpQII9nHY_hk736cgmwQCAfgNdgvnUs_J-y5c6fHvNmALwOvf83iFUkbEr0tZjWDJS7DspKV7UBLhSwK7zijwDEQvAkoFCGunsyfL_zgrP5y8KGu1wJLmGekbbS1XqTrL0ZR8cajsprH8aWQHtdyPU5owLACzfiy2LANwuBni6L0Wf4sf56jD0GBN5NbBGMNbSvVYB8QX6vBHLTm4Fuh06fbidN6AQrNrNo9bUdAEpD5HvGz6d4h4t7EHlHndZV3s-8auZ8Es0xnS8NjfXpaymgSTOPL-bvD524C8YiHZUp9MzfOK8Ma0mQvtBShsOWsO0cUf0e0k90g21-Sio34seTnvr55EM_PxpsaowJ2pLNsvYK6mC8U017Mtr2N7bbz-0NLJOiLuN_qgiIQyIZ54V9Oo3RQXHGMnfvakF6mON0qNtBf-5bhNIfPgwSdeHvlADA7_zbPovi82JiaDH67p5UrjtYrTSjKC4lweHEVgl0Wag9uhMU5mcU3AzBTpMU8gTjVYapC035HdwQVBpgz_A8G_TTdNAg8IBrizYeQgWwZFN7VpKSX-WJx2IJU6cZs6TwbLCH7iHRLA0chg_FUdaKYXIAdwq8wP93xg2F77OsR-x627M0M4GWCLpuYy&cid=CAASEuRoJojrCkE1gnVGxrnTf7sCIA&rfl=1%2Chttps%253A%252F%252Fwww.mediafire.com%252F%240
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66b9791ec8c14cbf13a61f92857e84d9c143b2ff278035a90ba86b94b7aa09de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31617
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BA6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ABsivfOrx0q61dx4mcD34ZOaUFsXpT2DfQLBvwA-iR6gn2oh_3qZkbCXLtTLnR3vQto0davlccqyu_La1JAmZR12f0w2xyqXE91MCFFRuZ-knos2w
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 0BA6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 01:01:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0BA6 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Jan 2022 01:01:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 0BA6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 01:00:37 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 137D 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
Origin
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 23:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7295
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 23:00:03 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/ Frame 137D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJRheDTeOZHkJrWDuqINyikeIBzKM9N_4XADEgnsaTY2zq341_dkStmYEriHyAsskUSVe1FHI82pNtiBvKqjpnD5Dv05pjAwbJaYLRrWxYSeXhDhA3Z_0Dhor2yJLcR7IWDl3aWCLGICOdRvU4S-4WfXt5cA&dbm_d=AKAmf-AVwV93OOgEj0kPNpOoAYYd3a_pKEmpTjIt62ZEwQlAR2BbzGNEzqDk4ArQyELEfABPn-vLH8ca0wmmgPiIwy7dA4fjPUeEfm-n9qfVio-nDrpYtHL6KU71HAhdYKasK7PATJqZYhbyF3tl-AJ5zovS8FBycSGyF_iz0cwmVh0xdBq1CjBvdtt2H9noLQ0KmkFtYAr_qe8PK1OPruBu5-DFxSaWuQQplpQNwNEoLHHnUzpP2bjgUm_qYdtYeXFVFvquAc9zgav-E9lU0ItTJtJsTIovWMWiSjuw5EBMl6tZRsi9PlCYwoMd7wjf7env2nRCSKRtJKyMIhJprTjHwc2hXKk2wfMPHWQ8xpdnpwndLIxR7MvDh8Y1C8EzFgGw27zNsR3tDJs8DPsA19hesndB2KC2M-7uo76Q2kkTTR-X2KblxWk7bVyWm0r0K58KelUYxc8F2U3UWaXp-DuLaNDYU9Ocaw-n4sZ8-TDX9fWextsHYbIshXUzR6XeuZeJMwxImM-KJDZ8g-HB5671DhhtkMwjUOUXaV5eCtQu7zQYLsow80BaNxKwUFMc-zfRY69qF1Tf23YszXI8zhW_HuThg3M3SxpseFzl7YQ6oNM4DkcOUDknJxLZVngHk3KrKjimuZ0QIq9mxNp29bfGGfH1wZwtmoFGNjmTJ8yvTExcrH4NVep2c-f_ADJNGh0lHu_7w6erayQonLT0-y_XPZV-61qFcz0SxDWW6DKn_ssVAkJddzqAEbWupy43X_MmYkwvEMx4aQSa02d4pgA1jzdDJkgxF722Blbwjc6l7lKopgvhiIO7_vvoSYv3k1Pb_hZY-JDttvxF4d_hgNyoFyo-PoLAtNdmM7BJy7CAliAVxV853oASozW2UCnLCxYiSXbl03YNQcUHya6X_Gk_bqLurixAixU1TKhfmzAdHS1RwbEhByW6WD-LWVOG8gnEdvIzeKG5mCd42WRrofx7CGNkDKmwcYrBgS423oh_eJhmLBx4moNwo-X-96XGb_QepmFqNzC4Wo8GtbNGQBJ5LTaBWb3synZAGMcpupadMk2IzA_tSQOLSA7SFLzF9Sk-oEyfTUIU6-VwwYrVotD7QlV8AItKllREZAOMVGoaLDUAQ3Km3aH0j6eHGgYTtwJmzUFI-wbtLn8xzTob6vXnNpZHrywHbCPDK5hVo8Mjgp2qAr1cZ5y7khOe94WYMpLE-q2MFO88v3c_51Kjil5HtOrA6awIY7ep_g05OfGsUGBWXlFAVI2MBRjaNSKu-MYxvVC7YXsPKZRlMs-ky_WCNg5WD6TPwft4Um41N_G9IOsNlBhdX8fpMDytmmObBO1RKTxrnc7zaKZ435PmwTTxCQFyZYStKekBMFaC5DVbLjMbNoSqwVRA65HUDLKSkzDBLTTSfBGErsb6asw99x9VrfvW5QIFLt0pusT-yGwyoR07J_1Ctzw5L5tHTymh9Uro92hbW6viJ-Ouc9Sjc2oRt6kFe3-88Pu3eWyJhydbI3CxJLuPsqnAyKTgrjRXZFScMsWDoecGYum7GgtKv7YqJICaz6NYj8r0Ogq_IHdeZbWRvWxaZnB1068KgobVads25uvOpWx6jaX9RivHOX2gzWPLg0VA-aPSmT9pT0D7s9DKh34GSHblFykHMJq9MoqlopiPjF3cQXeuWQAZcvfjwazQkBRH7bkAbIKeTu7sFjq0tSa6JSZFJFuhz5_SEypVwsQEl5T3ytPHDm2C9A7Rm65hSjA_VRcgUYhfOXdTUu5RjdZ6Ct19gJFAq9o8tQiHFHC_aPTJBvtmzlg0y7eZsD1mAUb7YhdFa9tdib3OYp2_20cAIXdSxGuLNW4zVH619ht32R24r3hCZl4__6kqLFP48RjNesTjixOntppA1zomPEL-P0vlPVoA5BodEXoJl_tgQmYAzYbBY1z_YpeGL7Npoj1MpZeTGDJL0VfvNoGw1PpmyGO8RpJQxga3N0aylwgUibU_VRQm-0i7Mwu9m7shlTxMkLTfRqXTMSoHdlYs7XsCzJFZbvfsIO1GKgvX5H8B4h6t3o7oHySbbxNhCsfZ288Yh0SxT94wVTmSw5tZGvjYM6QwUKZ5Hr6i2YbKyXcYEt6u-7igZKznIximy8twZ4gRcqE1XWt9pVPvAVufoXbMyUl0cXxa2cdVmazen75w7lR3eOAZ96t-QWvZ1cn0lkQnal2BsZSbETB1HO3bqEbRkjmSr18esOEHSaZhP04gqudkf04Em5UpRjUvlrmECE_mCP8Ll_saHfs2hvWDpwHPLxLTYJDgwxs3uUQvTDvA59Vjg4-arcYxLXyNuiohxUNUaEV-ctXTUcS-_eaIngQL9x5TxIX5kVqVrrGnFYH8B9Ssc1Rx50RDsaLcYSABnQGWLANgqFMygyOHziqDnUqpIULFShDG0ets4CHTI4-zfhNeNtE3P8eL1d9v9MZ36SZ4pS2SSWPpzLLBK85Iu_pZZCT83rIWs52FURruI15z7bbj1zspuJaDRoqLP1zNFyvxEpYvrM9yhG2aauqXvPJdRM6v4N4uVJZ5NDbJXjy_AEKTrEBF4pMxPotJ7hXCRXP0ZsAapJjoXWCvCYDW2_dVUEOyOk3MIB8AWm72ZLETLqM7P7en7spDrNPBvP0SuRHuzvgJ4D-M2v2LeJbAClMnU_rNk5WHWWAhpuccrWKRey60BDLg_feZN2_sXxBNOCL911G1sUrgAgkTKE9LrPxPa3CMlEVqJl6yQJPYRxjpHeuHa25wNqIKA-AvTLLlCsBretE0PIpGnS7URTIR67L5vZqDQhpSfRvgAnL2sz5WwDINLI7ogEbb6NpGC4_3YZLrRAUEpNr_VLXJpS3iqTz4fzUIT87F5ovpXoV_wFRTAfAMk4hovRy6WKrrmBl2Rq9d9iVuBi2cKeLX4H27Lmt7pxj6BuWH6eMpTLFpJ5cbYPMaRveH3M-P3XxFb_8L6ikJchBJoJb8dbfpa6OErlaOkAcCyhL1iQleH71qd_pXFcfodYIMOo2h8k0Mo3zD47vK64gq8OCzntlEzZQj0zs7eMAi66U-4eCtWAMsQPZSikd-tSTu7S-uZCaUTX3utBCXoIiIXsyEZQdZFmGq9RT7GQp7iAL2-Q0o9MI7QPgN6hCC4XfFjQ7AZ1ykHKO-DYdOlk8Lj8m2J5H9WOhYt5SIHFKSzcHsNKvGehrfqFfJxy5jb9Zl4q8U_k3Fy1U2aC1Pq7GSQcHqNywFbCClnjwDa6viwT9BefC9HhEhnuXDK0ca&cid=CAASFeRonIka0yxrDnz4AkWyel0gkReI-A&rfl=1%2Chttps%253A%252F%252Fwww.mediafire.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 01:01:31 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/ Frame 137D 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJRheDTeOZHkJrWDuqINyikeIBzKM9N_4XADEgnsaTY2zq341_dkStmYEriHyAsskUSVe1FHI82pNtiBvKqjpnD5Dv05pjAwbJaYLRrWxYSeXhDhA3Z_0Dhor2yJLcR7IWDl3aWCLGICOdRvU4S-4WfXt5cA&dbm_d=AKAmf-AVwV93OOgEj0kPNpOoAYYd3a_pKEmpTjIt62ZEwQlAR2BbzGNEzqDk4ArQyELEfABPn-vLH8ca0wmmgPiIwy7dA4fjPUeEfm-n9qfVio-nDrpYtHL6KU71HAhdYKasK7PATJqZYhbyF3tl-AJ5zovS8FBycSGyF_iz0cwmVh0xdBq1CjBvdtt2H9noLQ0KmkFtYAr_qe8PK1OPruBu5-DFxSaWuQQplpQNwNEoLHHnUzpP2bjgUm_qYdtYeXFVFvquAc9zgav-E9lU0ItTJtJsTIovWMWiSjuw5EBMl6tZRsi9PlCYwoMd7wjf7env2nRCSKRtJKyMIhJprTjHwc2hXKk2wfMPHWQ8xpdnpwndLIxR7MvDh8Y1C8EzFgGw27zNsR3tDJs8DPsA19hesndB2KC2M-7uo76Q2kkTTR-X2KblxWk7bVyWm0r0K58KelUYxc8F2U3UWaXp-DuLaNDYU9Ocaw-n4sZ8-TDX9fWextsHYbIshXUzR6XeuZeJMwxImM-KJDZ8g-HB5671DhhtkMwjUOUXaV5eCtQu7zQYLsow80BaNxKwUFMc-zfRY69qF1Tf23YszXI8zhW_HuThg3M3SxpseFzl7YQ6oNM4DkcOUDknJxLZVngHk3KrKjimuZ0QIq9mxNp29bfGGfH1wZwtmoFGNjmTJ8yvTExcrH4NVep2c-f_ADJNGh0lHu_7w6erayQonLT0-y_XPZV-61qFcz0SxDWW6DKn_ssVAkJddzqAEbWupy43X_MmYkwvEMx4aQSa02d4pgA1jzdDJkgxF722Blbwjc6l7lKopgvhiIO7_vvoSYv3k1Pb_hZY-JDttvxF4d_hgNyoFyo-PoLAtNdmM7BJy7CAliAVxV853oASozW2UCnLCxYiSXbl03YNQcUHya6X_Gk_bqLurixAixU1TKhfmzAdHS1RwbEhByW6WD-LWVOG8gnEdvIzeKG5mCd42WRrofx7CGNkDKmwcYrBgS423oh_eJhmLBx4moNwo-X-96XGb_QepmFqNzC4Wo8GtbNGQBJ5LTaBWb3synZAGMcpupadMk2IzA_tSQOLSA7SFLzF9Sk-oEyfTUIU6-VwwYrVotD7QlV8AItKllREZAOMVGoaLDUAQ3Km3aH0j6eHGgYTtwJmzUFI-wbtLn8xzTob6vXnNpZHrywHbCPDK5hVo8Mjgp2qAr1cZ5y7khOe94WYMpLE-q2MFO88v3c_51Kjil5HtOrA6awIY7ep_g05OfGsUGBWXlFAVI2MBRjaNSKu-MYxvVC7YXsPKZRlMs-ky_WCNg5WD6TPwft4Um41N_G9IOsNlBhdX8fpMDytmmObBO1RKTxrnc7zaKZ435PmwTTxCQFyZYStKekBMFaC5DVbLjMbNoSqwVRA65HUDLKSkzDBLTTSfBGErsb6asw99x9VrfvW5QIFLt0pusT-yGwyoR07J_1Ctzw5L5tHTymh9Uro92hbW6viJ-Ouc9Sjc2oRt6kFe3-88Pu3eWyJhydbI3CxJLuPsqnAyKTgrjRXZFScMsWDoecGYum7GgtKv7YqJICaz6NYj8r0Ogq_IHdeZbWRvWxaZnB1068KgobVads25uvOpWx6jaX9RivHOX2gzWPLg0VA-aPSmT9pT0D7s9DKh34GSHblFykHMJq9MoqlopiPjF3cQXeuWQAZcvfjwazQkBRH7bkAbIKeTu7sFjq0tSa6JSZFJFuhz5_SEypVwsQEl5T3ytPHDm2C9A7Rm65hSjA_VRcgUYhfOXdTUu5RjdZ6Ct19gJFAq9o8tQiHFHC_aPTJBvtmzlg0y7eZsD1mAUb7YhdFa9tdib3OYp2_20cAIXdSxGuLNW4zVH619ht32R24r3hCZl4__6kqLFP48RjNesTjixOntppA1zomPEL-P0vlPVoA5BodEXoJl_tgQmYAzYbBY1z_YpeGL7Npoj1MpZeTGDJL0VfvNoGw1PpmyGO8RpJQxga3N0aylwgUibU_VRQm-0i7Mwu9m7shlTxMkLTfRqXTMSoHdlYs7XsCzJFZbvfsIO1GKgvX5H8B4h6t3o7oHySbbxNhCsfZ288Yh0SxT94wVTmSw5tZGvjYM6QwUKZ5Hr6i2YbKyXcYEt6u-7igZKznIximy8twZ4gRcqE1XWt9pVPvAVufoXbMyUl0cXxa2cdVmazen75w7lR3eOAZ96t-QWvZ1cn0lkQnal2BsZSbETB1HO3bqEbRkjmSr18esOEHSaZhP04gqudkf04Em5UpRjUvlrmECE_mCP8Ll_saHfs2hvWDpwHPLxLTYJDgwxs3uUQvTDvA59Vjg4-arcYxLXyNuiohxUNUaEV-ctXTUcS-_eaIngQL9x5TxIX5kVqVrrGnFYH8B9Ssc1Rx50RDsaLcYSABnQGWLANgqFMygyOHziqDnUqpIULFShDG0ets4CHTI4-zfhNeNtE3P8eL1d9v9MZ36SZ4pS2SSWPpzLLBK85Iu_pZZCT83rIWs52FURruI15z7bbj1zspuJaDRoqLP1zNFyvxEpYvrM9yhG2aauqXvPJdRM6v4N4uVJZ5NDbJXjy_AEKTrEBF4pMxPotJ7hXCRXP0ZsAapJjoXWCvCYDW2_dVUEOyOk3MIB8AWm72ZLETLqM7P7en7spDrNPBvP0SuRHuzvgJ4D-M2v2LeJbAClMnU_rNk5WHWWAhpuccrWKRey60BDLg_feZN2_sXxBNOCL911G1sUrgAgkTKE9LrPxPa3CMlEVqJl6yQJPYRxjpHeuHa25wNqIKA-AvTLLlCsBretE0PIpGnS7URTIR67L5vZqDQhpSfRvgAnL2sz5WwDINLI7ogEbb6NpGC4_3YZLrRAUEpNr_VLXJpS3iqTz4fzUIT87F5ovpXoV_wFRTAfAMk4hovRy6WKrrmBl2Rq9d9iVuBi2cKeLX4H27Lmt7pxj6BuWH6eMpTLFpJ5cbYPMaRveH3M-P3XxFb_8L6ikJchBJoJb8dbfpa6OErlaOkAcCyhL1iQleH71qd_pXFcfodYIMOo2h8k0Mo3zD47vK64gq8OCzntlEzZQj0zs7eMAi66U-4eCtWAMsQPZSikd-tSTu7S-uZCaUTX3utBCXoIiIXsyEZQdZFmGq9RT7GQp7iAL2-Q0o9MI7QPgN6hCC4XfFjQ7AZ1ykHKO-DYdOlk8Lj8m2J5H9WOhYt5SIHFKSzcHsNKvGehrfqFfJxy5jb9Zl4q8U_k3Fy1U2aC1Pq7GSQcHqNywFbCClnjwDa6viwT9BefC9HhEhnuXDK0ca&cid=CAASFeRonIka0yxrDnz4AkWyel0gkReI-A&rfl=1%2Chttps%253A%252F%252Fwww.mediafire.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 00:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 00:59:38 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 291E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 08:30:30 GMT
x-content-type-options
nosniff
age
405068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 20 Jan 2023 08:30:30 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5C75 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,regular,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 08:30:30 GMT
x-content-type-options
nosniff
age
405068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 20 Jan 2023 08:30:30 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 0BA6 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
Origin
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 23:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7295
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 23:00:03 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/ Frame 0BA6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgNotx9pMOTEjaWA078kcPxSy-nDglAZBREHrEBhFNXYU10Mfh9C-QwuiC8e_TeFDA4iUb7ikHDkrr3jsz8b20oDdkvdDvvjsAowM-clXAD3dw2wfMfryH3iqEhOXhskIVWD0Xgi5FlEu4_64xEFuzYKcCNQ&dbm_d=AKAmf-CmBmPcbMsU_mLOLhgukA7usp76KpyzfxY7Rm6h1PWDYnMhqRhs4z37OKtSnoH8rgV1XdM-S6nAq9yDPq_ShjqUUqhQR_iLi3Us7BX5t8bapjHrRo_p19_yjMprFw3uxqOrIbQ528l0qWBD6BC5lZSSSeXk-xlR1SmpkpLtl6Y1v3whZtbdvnwe0xVT_M-hvH8FMJcNMkcrU4eJAvkcuGPOTX5ooX71HQE8mOyfl62_mekbCLJaKM8AEsS3THgcmYL-CwRYAlAPZHNd1SLLZM3_WhCJDTCeqsebUTO7rv2MfRCEvj8-B7iWCeXxdGNNk3VbfZj-jKztwOTJHd2LqyOZjeJqka4BZ7sC2J1Z73q2RaKnb6K2B517AkDFkgRzuRX6rnwuZg6XJ3zfhjdrsi80KVz8cEC1wKxNpR-AJ9ifI7vYQgEpCPwE5nAvy53iqXqvmXzp8IajLx4wMovgdy-_-bulOZL47PpgwEbYAIYKTrGsrONg303iqjNO1PwCbMYKaSbmobz7rKEWB7QvBiucMSXcZDIoVydGcJg-n2zddX03qC0wZ_ni7ghfJCNT-xScZe_8uMalsYGjcs2Y7NcmjFJRuid4sQrsoRMd3oZvRKpQ9AbbJ1xDH3vbK3bASPc64lLStbtHRBLO5S5pi5hQpB-zD_woiDY8NMQHfsKI-e6TmOvLD5v9tbXxiC5mEudw178mvwj-I5K1XCNtjMdm53YcqpmFeor-7I770ErxKDShoE_JyedNW-zjERTElg45yrjsPdI4wF-rpepFKeXg3lOKoBNSsNQpFMDu-tt9XchTOjgD0i3MLIn38Eofc67fX01UO954uYfs9IqVW5KBveT2JEFGIzlUO25j84w7znGUrfflm9LoTjz7Msmi8RuTwzsReumFva9ps6B3SR2Q5oQjy216h-tTt9H5ltqNBDI18c7ejjez7HEks1E3yWn8gKeENyv-XqoKh69YIMcYzY9SbBO8ghDcHg2FQZ41MUoWqYygKEk5cF9hPTgcdgEdwe6jr-f8xZKQJ4Gb9Tld46HcqURbKQvIM0GngEaY10V7RDSTaRUj14QT5dB5auQCcEMd3V4xtFsEa1Ix_Tx3DPr0RAzrAUuKkW_wUJ0laso0ttj6CEc4ECR8eatxzIWJ5HUB_NXZGJM_4vXVpHpBBQDrEAeDb_hC4izbsv2GhhsyfPpGpV8qCHSD-RZ17EAHkiZqYPyI3c3kbJtWnduiw_CTPRYikd-3uVJ_zbpHKmkjtibxJUHzjG_gVQEoP6HEAYNsMVrrq9geC8zj6ltZsNL-hzRvVzio3Sme0kHLLQbNUqVcwB5uwExPNMbWR7X-TWD4Q40a4fIIywjiQpfD29zwISoLreMTqiNI5z4pDQYBHDUFXuuDo9yiH1KsF-1CnOd_0Rptca-yeuI8hrCFrpeu0-PxvsqFCBaGQ__v3JPqZEiPvOmV6xsJiAXvBrZXepJ2Lb0SBOOjKOvDCngdGPoNgKjdsTxMn9rPoTyNYcn7WsC-eq-RgDizsC8_twvgZoqAcY_OMFUJuHng0cDTehWrBdWr4_ea2qg-doHD6hdljaYhf6hi--1uG1BIbqotVW2Qd7mMr_17CJwYqU8TPoLa0wsDe2NLrR_jBJIo3o-pWKPBH-HKz0KYmLbyIjzefIQGauPFr-vVKSeaVP4mp81xyT0NdS94UGAzOmREzxCc_VqQkbSPkLUatPK1vhAfA5mT4w9vCCD0FzSqFOBsPOJJkyI4KkQGIvH1zUfM-BUMeNyrM3p_XQhuM9gess96BPoceYfXEdSPEpILcg-FwH_NVXXwLRjFjpMrjlSRwwyT-4KPwCE5bGregyw2dNCH7T0dv6leRyEWdOcT27miQtQTrIlHXRoWpq4YkNr18qispDIDOM8G2v0_cThDkBdrDsWgQL7jeEByC-h-5yT1M-eWlh-vcuiDWNIaHbVvN0ARsbL8Nn_FrHBM6oLhbD_5B-1ohz1Eqv0YWBOowW0Qy-i7ZwMGlpXdJxfx0mG3EiptZRYvRxZmlfX_pyH2hm1JF-Bjb2_guzStDfQEc8SnszcfOo5hu0o1NO3Puf_UNOXaVeWShoF5CUHO5nNZ0Y8S8oitHtkx2zZeI-07FkAbDwOgqKsxBTEacQtg02DPm8QpMMavDaegLQMRqgE2iesFhLs6BUhWMUWg7u2I-kzZdUPMQveEpBNEBZQ6I-i9ne3F8Xap89efWNtCa7KsyTcEhImaoQmkhSSp7YBzQEnDc_ey0oNf7rXiUNE80E39_cH1QdzFKb-zhAl4M_VuQ_BGeO8wiaWGJQZWbpv9jG8L3grj2gtziIj_irgBd67BaYQeFIaBoM8LEXLpm_cmNZVWUaJuf_MAohlZ2ehzqpaKRZxwdp8HGB_8bO1FTQYTjj-_zsB0Miyp3RI_23U1DWR6EtJ2MG_vpQII9nHY_hk736cgmwQCAfgNdgvnUs_J-y5c6fHvNmALwOvf83iFUkbEr0tZjWDJS7DspKV7UBLhSwK7zijwDEQvAkoFCGunsyfL_zgrP5y8KGu1wJLmGekbbS1XqTrL0ZR8cajsprH8aWQHtdyPU5owLACzfiy2LANwuBni6L0Wf4sf56jD0GBN5NbBGMNbSvVYB8QX6vBHLTm4Fuh06fbidN6AQrNrNo9bUdAEpD5HvGz6d4h4t7EHlHndZV3s-8auZ8Es0xnS8NjfXpaymgSTOPL-bvD524C8YiHZUp9MzfOK8Ma0mQvtBShsOWsO0cUf0e0k90g21-Sio34seTnvr55EM_PxpsaowJ2pLNsvYK6mC8U017Mtr2N7bbz-0NLJOiLuN_qgiIQyIZ54V9Oo3RQXHGMnfvakF6mON0qNtBf-5bhNIfPgwSdeHvlADA7_zbPovi82JiaDH67p5UrjtYrTSjKC4lweHEVgl0Wag9uhMU5mcU3AzBTpMU8gTjVYapC035HdwQVBpgz_A8G_TTdNAg8IBrizYeQgWwZFN7VpKSX-WJx2IJU6cZs6TwbLCH7iHRLA0chg_FUdaKYXIAdwq8wP93xg2F77OsR-x627M0M4GWCLpuYy&cid=CAASEuRoJojrCkE1gnVGxrnTf7sCIA&rfl=1%2Chttps%253A%252F%252Fwww.mediafire.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 01:01:31 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/ Frame 0BA6 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgNotx9pMOTEjaWA078kcPxSy-nDglAZBREHrEBhFNXYU10Mfh9C-QwuiC8e_TeFDA4iUb7ikHDkrr3jsz8b20oDdkvdDvvjsAowM-clXAD3dw2wfMfryH3iqEhOXhskIVWD0Xgi5FlEu4_64xEFuzYKcCNQ&dbm_d=AKAmf-CmBmPcbMsU_mLOLhgukA7usp76KpyzfxY7Rm6h1PWDYnMhqRhs4z37OKtSnoH8rgV1XdM-S6nAq9yDPq_ShjqUUqhQR_iLi3Us7BX5t8bapjHrRo_p19_yjMprFw3uxqOrIbQ528l0qWBD6BC5lZSSSeXk-xlR1SmpkpLtl6Y1v3whZtbdvnwe0xVT_M-hvH8FMJcNMkcrU4eJAvkcuGPOTX5ooX71HQE8mOyfl62_mekbCLJaKM8AEsS3THgcmYL-CwRYAlAPZHNd1SLLZM3_WhCJDTCeqsebUTO7rv2MfRCEvj8-B7iWCeXxdGNNk3VbfZj-jKztwOTJHd2LqyOZjeJqka4BZ7sC2J1Z73q2RaKnb6K2B517AkDFkgRzuRX6rnwuZg6XJ3zfhjdrsi80KVz8cEC1wKxNpR-AJ9ifI7vYQgEpCPwE5nAvy53iqXqvmXzp8IajLx4wMovgdy-_-bulOZL47PpgwEbYAIYKTrGsrONg303iqjNO1PwCbMYKaSbmobz7rKEWB7QvBiucMSXcZDIoVydGcJg-n2zddX03qC0wZ_ni7ghfJCNT-xScZe_8uMalsYGjcs2Y7NcmjFJRuid4sQrsoRMd3oZvRKpQ9AbbJ1xDH3vbK3bASPc64lLStbtHRBLO5S5pi5hQpB-zD_woiDY8NMQHfsKI-e6TmOvLD5v9tbXxiC5mEudw178mvwj-I5K1XCNtjMdm53YcqpmFeor-7I770ErxKDShoE_JyedNW-zjERTElg45yrjsPdI4wF-rpepFKeXg3lOKoBNSsNQpFMDu-tt9XchTOjgD0i3MLIn38Eofc67fX01UO954uYfs9IqVW5KBveT2JEFGIzlUO25j84w7znGUrfflm9LoTjz7Msmi8RuTwzsReumFva9ps6B3SR2Q5oQjy216h-tTt9H5ltqNBDI18c7ejjez7HEks1E3yWn8gKeENyv-XqoKh69YIMcYzY9SbBO8ghDcHg2FQZ41MUoWqYygKEk5cF9hPTgcdgEdwe6jr-f8xZKQJ4Gb9Tld46HcqURbKQvIM0GngEaY10V7RDSTaRUj14QT5dB5auQCcEMd3V4xtFsEa1Ix_Tx3DPr0RAzrAUuKkW_wUJ0laso0ttj6CEc4ECR8eatxzIWJ5HUB_NXZGJM_4vXVpHpBBQDrEAeDb_hC4izbsv2GhhsyfPpGpV8qCHSD-RZ17EAHkiZqYPyI3c3kbJtWnduiw_CTPRYikd-3uVJ_zbpHKmkjtibxJUHzjG_gVQEoP6HEAYNsMVrrq9geC8zj6ltZsNL-hzRvVzio3Sme0kHLLQbNUqVcwB5uwExPNMbWR7X-TWD4Q40a4fIIywjiQpfD29zwISoLreMTqiNI5z4pDQYBHDUFXuuDo9yiH1KsF-1CnOd_0Rptca-yeuI8hrCFrpeu0-PxvsqFCBaGQ__v3JPqZEiPvOmV6xsJiAXvBrZXepJ2Lb0SBOOjKOvDCngdGPoNgKjdsTxMn9rPoTyNYcn7WsC-eq-RgDizsC8_twvgZoqAcY_OMFUJuHng0cDTehWrBdWr4_ea2qg-doHD6hdljaYhf6hi--1uG1BIbqotVW2Qd7mMr_17CJwYqU8TPoLa0wsDe2NLrR_jBJIo3o-pWKPBH-HKz0KYmLbyIjzefIQGauPFr-vVKSeaVP4mp81xyT0NdS94UGAzOmREzxCc_VqQkbSPkLUatPK1vhAfA5mT4w9vCCD0FzSqFOBsPOJJkyI4KkQGIvH1zUfM-BUMeNyrM3p_XQhuM9gess96BPoceYfXEdSPEpILcg-FwH_NVXXwLRjFjpMrjlSRwwyT-4KPwCE5bGregyw2dNCH7T0dv6leRyEWdOcT27miQtQTrIlHXRoWpq4YkNr18qispDIDOM8G2v0_cThDkBdrDsWgQL7jeEByC-h-5yT1M-eWlh-vcuiDWNIaHbVvN0ARsbL8Nn_FrHBM6oLhbD_5B-1ohz1Eqv0YWBOowW0Qy-i7ZwMGlpXdJxfx0mG3EiptZRYvRxZmlfX_pyH2hm1JF-Bjb2_guzStDfQEc8SnszcfOo5hu0o1NO3Puf_UNOXaVeWShoF5CUHO5nNZ0Y8S8oitHtkx2zZeI-07FkAbDwOgqKsxBTEacQtg02DPm8QpMMavDaegLQMRqgE2iesFhLs6BUhWMUWg7u2I-kzZdUPMQveEpBNEBZQ6I-i9ne3F8Xap89efWNtCa7KsyTcEhImaoQmkhSSp7YBzQEnDc_ey0oNf7rXiUNE80E39_cH1QdzFKb-zhAl4M_VuQ_BGeO8wiaWGJQZWbpv9jG8L3grj2gtziIj_irgBd67BaYQeFIaBoM8LEXLpm_cmNZVWUaJuf_MAohlZ2ehzqpaKRZxwdp8HGB_8bO1FTQYTjj-_zsB0Miyp3RI_23U1DWR6EtJ2MG_vpQII9nHY_hk736cgmwQCAfgNdgvnUs_J-y5c6fHvNmALwOvf83iFUkbEr0tZjWDJS7DspKV7UBLhSwK7zijwDEQvAkoFCGunsyfL_zgrP5y8KGu1wJLmGekbbS1XqTrL0ZR8cajsprH8aWQHtdyPU5owLACzfiy2LANwuBni6L0Wf4sf56jD0GBN5NbBGMNbSvVYB8QX6vBHLTm4Fuh06fbidN6AQrNrNo9bUdAEpD5HvGz6d4h4t7EHlHndZV3s-8auZ8Es0xnS8NjfXpaymgSTOPL-bvD524C8YiHZUp9MzfOK8Ma0mQvtBShsOWsO0cUf0e0k90g21-Sio34seTnvr55EM_PxpsaowJ2pLNsvYK6mC8U017Mtr2N7bbz-0NLJOiLuN_qgiIQyIZ54V9Oo3RQXHGMnfvakF6mON0qNtBf-5bhNIfPgwSdeHvlADA7_zbPovi82JiaDH67p5UrjtYrTSjKC4lweHEVgl0Wag9uhMU5mcU3AzBTpMU8gTjVYapC035HdwQVBpgz_A8G_TTdNAg8IBrizYeQgWwZFN7VpKSX-WJx2IJU6cZs6TwbLCH7iHRLA0chg_FUdaKYXIAdwq8wP93xg2F77OsR-x627M0M4GWCLpuYy&cid=CAASEuRoJojrCkE1gnVGxrnTf7sCIA&rfl=1%2Chttps%253A%252F%252Fwww.mediafire.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 00:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 00:59:38 GMT
rum
dsum-sec.casalemedia.com/ Frame 18F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&gdpr=0
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNX5zq4v5Flji9DS956ZQRqO_Cz7cAgsf_NBu45yp3vp3PnVItBdcZ2_N06QWrrB9i6qIdX82hwgEQiKNZwGai9O1L5MBrYRHXpLICSzP-1HzTGaGGw
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 01:01:39 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 18F1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ye9L8vEu.ZucI7-t1oyNigAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&google_hm=2
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNX5zq4v5Flji9DS956ZQRqO_Cz7cAgsf_NBu45yp3vp3PnVItBdcZ2_N06QWrrB9i6qIdX82hwgEQiKNZwGai9O1L5MBrYRHXpLICSzP-1HzTGaGGw
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Jan 2022 01:01:39 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDZ4YY8vWxoX9XgrtnqbP0Q&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 18F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEN0FcKk1-EpXnk_8_PIrjhM&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEN0FcKk1-EpXnk_8_PIrjhM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNX5zq4v5Flji9DS956ZQRqO_Cz7cAgsf_NBu45yp3vp3PnVItBdcZ2_N06QWrrB9i6qIdX82hwgEQiKNZwGai9O1L5MBrYRHXpLICSzP-1HzTGaGGw
Protocol
HTTP/1.1
Server
68.67.181.202 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:39 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
76b6a8a1-16bf-4fe1-a440-907b899db83b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEN0FcKk1-EpXnk_8_PIrjhM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 18F1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNX5zq4v5Flji9DS956ZQRqO_Cz7cAgsf_NBu45yp3vp3PnVItBdcZ2_N06QWrrB9i6qIdX82hwgEQiKNZwGai9O1L5MBrYRHXpLICSzP-1HzTGaGGw
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:38 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
0079266e-ffce-4c9e-8c66-f80a77696358
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAyNTkxNTEzNzUwMzA0NjQ1OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
s0.2mdn.net/sadbundle/18080364882124629212/ Frame DCB6 		92 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d8cdffd34822837be8f1505dd8ee799b99300a7afc80a180952b97a032942c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 12:54:12 GMT
expires
Thu, 19 Jan 2023 12:54:12 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 12 Jan 2021 05:34:55 GMT
content-type
text/html
content-length
21697
age
475646
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 137D 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1CXD9DUueoTRKSgoDw-vNE1QZd7sEMdY47hdDKqb9pSQp7lU8EqY85loPcYMdQonGRG76mnPlDY2kDnIjR2Xy1ANthvu9HzJ7HBqBU8KffdZb5X3lW7lZ83Pi3SPK_YxHxi0PlaGv6Hu3Qg1jT1IXyEkrDPd70_XPttAmtaDj_M426ccfJvYe5fcWpcoBWwJwEtx6GRikc0M_QEOpxI3sJuj90LYr5_2vsrc4ZzE39-G3LZCASAjPjslSJkignnqY2bFSVIWBZ1jTLTZve4krBxm2K0vO408-LVy8LUaETmQRzN-lEBaWV6rrKQxM3az0JqmtPx1umxGx_vpLt7KQvT_iw9Q3alvA8jM-pDY7aoY_3q_d8FC-MZQlsms4nuu-5oBpVneFSgvN62DkHpAIPp9Wz6R0Q4r-Q83xCDDdLVE9uLF3H8e1nnYNAvQUOAqb9ZCWw2BtqhAWSHC0dKNZxvQ-LpD6TGbeMBtEXKeg_8xOoHdyEaqoB8jS8O4pq1XvqtnJPPdwakIK8MSr9QTqCYjFJcOBOn9YEIkWbgWA4VRf5w_NzgGTqRdObpq11XOcLDIAGQ2tkasguAEHRDnZEX6L4-yvhHr0bvnwwLQF18tGqyHTPbytrbWux3Ay_sgu0ncf7-mVnwfmuqlrYQD108R0in4hIWny-y29P-9ZRkjCyDLfwCSF0bTZhEHPRQbLPrLUcQWhP6mpMXnrdnvlvFJGJOpp8t2mm65-PyFnmXI9URIm7pHfuRQJnHdw6UUmPKl0kn6vI6ieEwVmgXc16YZu9GV-5gZBXdh93U2NxkdefvTQJ-RszgCCWC3nCMIi42S3diAhLq4SDNqTVYUv25gnoWGg4wi4LkNS9bet4OZahRsVqwVESjCqV9AZRNrjRk8jmYTKTo5I076QHjHwEFc-XDbP6nPCH2DutgtGPxqc_Gh2WrwEn9-9V4Wa3bSSaxGN5Bq1oBojGZmMdGu3SmWFuvyYD8UoT8STXaKm4c-qpp2bedPaTV5IbRyMpJ6GipXftOktm8Cb58lUJeXn-rAoCPfAynlpqXV9it-vlWW2rrGRZEWUR0nWzGXNDvIU91_nGmHLCUxSK3t4FY-v7gvTjF-vGCxUMfSa0-B0HU0KXUTXmbtNFUEHnK2gEAGO3YwsECjJj24tsNwfraRqTlbqn1fC-G5o&sai=AMfl-YSo-qJtkum87UUABVY1hzHtSkJQCb3-83HdESEWJhf38MDsD-JSrM8pxhtwgG2aYSuwNJ0h5BU-TskifPQt2X3NVcV-iIE5jO7UgfUZIwowQdeKHbi6GfeAJQLTxIbvTeQEcwrw8kE1KSEYTxhQu_Y3BsiOZaGVI4Z2SK8&sig=Cg0ArKJSzGSTYpkxsRG8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=186&cbvp=1&cstd=184&cisv=r20220119.97133&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 25 Jan 2022 01:01:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 5C25 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuIiYE5rGgUCseEwce3U9WdDRkQi-wnWIE2l_3LSjoTZH0QLJ8_rk-AUZhzubI2b2fx4eg64uJ8Vc6k6McSB3hSXUlkLOUObcPGQ-H3cfKU5B8BHRhBag5JN61-HoKRs6QpdOq4gxa6e3SNCqLICssPnf9wVAtfpClpV_cA-jErsGmpBeIWpQgxdSvbwVbpY50AVulxViQuiasKjjfWoAq9gmJ-bXl4O5cgDdWZLgYeCxi1nEAc8iZPkX9VEXM2k_79jKZG_-u-rFQGjw1hOToMxwSKYgKCQjsq5xSpziUViEdumILFa5OivtYAi-AOdUvAKAqXWud3xn-kV5_zXYOaLP7pXtmiMnv05vbUds376k54dsJDMFX45CCd13DfiRXkk16BdamPfkMPsMEjgTQetUHv9znujRilzAIKPogJkygmbLTbTfh_CGKFozguK_6QC3DDteHZEdGTqz-cPcAHNPF6Yzm4zNUhwc7uJTW2edWIdyNZ7cPJRWxwoytc-UY5EHgva5pWCsqdWj65s4D0z_azOiJLd4Pyz6hVA0yO5g2DRt9zJNHR3ROGzCgbg0srBCFkhZBGkZIrNK0tIOoIOKrPhimE93MH7gF9-0pLIG0KkKSG1jqhkFNBsCe80XVn-9GSQDpmHBQBQICPxCKTASjMIdbei7DaAh7d__366ZQ1-iVFE-Nhb4RTZvlBBkuE8OZo0gi_6tDTF3Wpq2mrreB87QeeFjQpZWJa5e8Cx_-AC1job82sgLWzOeGbBLHfpvyFfWtBckZ_NgsjdfuvtJcPAsnnAwZntH_1jE85nJMxBGv_AjSLaYGAZkAl54zILaXS1njcCqptidqgGws-ltqyghCN82cKzXZiu4lEmvLZd8pVd7689C9g8_O4NAGKpyzw2gPzb0rerc8UIz2RdEJAN5g6hpZj122Pcp_EYZ0l9ENKgRMM-_W7MpNop9BMHQZs3TRmC0qb-B72SruBxqRAj_AWFHgQIGa-vJ0oy9FdqUT0NtMJstlK3_NPy71zAe_wO0V5EM2Mr7EuidgvxXZ1UHCBfLlYJssTicFc5xkXSqsRyV_YaF_e0FR4v-1AJ38hh-5HggVn9OeGeoLgeMnP6lAcAQNjJeLj5S_ggnhqb8LF3kBdFzyLSPQfNBZIBl60Zi890Pz6gBwwLcph5lgJsKGXLr6r&sai=AMfl-YSFqO99g2dpPlaAzld7Uwh_SrvXckQ6jEDjLOYHrqCgizMmxl0v8QY42wZY0NgDI0derMWAORXPkaEvprbTRGJN9H5a_aYSvvddKOpt2TKQknV3XoNTq9V6PoMq916UK7ckdPYHeRYBpO-YgR3xId6pYYxyxYjXziM8dds&sig=Cg0ArKJSzKCKW9v8OpoOEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=548&vt=11&dtpt=371&dett=3&cstd=174&cisv=r20220119.91166&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 01:01:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame FCB0 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKa91o46cSbfik7iP2CxTOOss0gS1ijNQMGeT1aeYgRK-5RxQLQriesO8tRnw4lmfXtuE70PHPXBmoIE4hS3jDIeGMVumQjASY_QqpYNVMiwDhgI_i0oJPJC8NklwRZxsyGldqwnC0Xs9owCAnr4rxqZ0xmGjojzVxWbw6Dv5PpIxfYLdfd9AAG92SRm5Wx4DxM3KEJIu1rfJFp0QYptAroop2VxtrK3-Ey0E0AKhx6gJ36oowJHuxLKxhSjeRE0LjWPTSY4ah39GQKuumW-xs_1BsnnF2t0mFndZmTPOfEknORYDue9w_xtcndAJw6vjvskL1zP1mcBV1tSNsvC9aynzXm961TKFZIkMNRqZmxSRuc9RSHGnnURmQnsnrCuidFddMBWz1fxNJZRdgAOQFUha1MLJ1Rht5_SbGiKRXsG6oj2_zbdL4BWKAcgfxSRL0DqqAzOzj3xsSaOij7UANeH22P88Lr4dtRczIN7Zv_aL07cS1GF7SC4jWA9Jb0wX-xRdA4wH0lKQ1LqlPdqYKtKJJyh1k48J0c-PAlWEf5lw5hfKdOEAQ8Ht90cSiMqVKGil_cuM9guNde-dWF2sjjp9Cgbnq0tTF0PcpHFQNBSG0aelRExUlkVvYtF02hQBkxZ2oIlUN6V08jxGbF9V-OiYT7vbOHSenHaf5kkiP1TeWAOYVZ2mO-VIrAW-w4IfEpqdFhPthrUcj3igBcMga72zfzKa16uXo_5kM03BILcdQR82QN0n_1aOScbKdu7uBUe_E9f0hGNs-iGip4jCp5hnEKtoysrp7dA4pmpxVDvh09nNsY4rLro3x0P9X2prV8T0UUIayFHxVNQ2R-uFtEgAew_mbYN93Q3WHySkDuwW8020VT4WrdF1MEj70QCmxy7QKanNniBpJxpEqYyNxBNenpLxP4yfesw_VuBqEu5CdDUuj2P6WFLlIvr-_MhBtMPDvMku9_JiakQi72TuI_sfEzJh5fajBakE3kBGlBu2a3MwKANhY-HIG0ixCauiTvlbEI5B7AX8f_BCC3H4dzh17mkxwwG_DXI-iJ9y_HCN90IXYyMW8v-We_7i1NHBqdf4Qi_7nwegKO4r6gPeehqJwu-DQeZklB7seRQ1PDzECvO7AbWRmeNu8Rk70Qkz2LT1WNXGZg1kYFdLvnvv8ewO9arCrPw&sai=AMfl-YROz-FEkh3oD8xTelZ2M3S7midEQrOeh-rvjxf513EbB5AoJjsmxF9724ceO6qycNeKYIHtGPbXLiahq5TGNBdKsaDUsXQZvXjaqNWa_v5hZv1Jy25nKeMzXghNdyRtjOXG6P0UM_u7liJmH5DXAL65wBR4g489dOkrMf4&sig=Cg0ArKJSzGxe0pae4xkpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=541&vt=11&dtpt=376&dett=3&cstd=163&cisv=r20220119.47988&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 01:01:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
TS-Online-EN.png
s0.2mdn.net/sadbundle/18080364882124629212/ Frame 291E 		628 KB
629 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18080364882124629212/TS-Online-EN.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 12:54:17 GMT
x-content-type-options
nosniff
age
475641
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
643563
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 05:34:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Jan 2023 12:54:17 GMT
BitdefenderLogo_white-_2_.png
s0.2mdn.net/sadbundle/18080364882124629212/ Frame 291E 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18080364882124629212/BitdefenderLogo_white-_2_.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 12:54:17 GMT
x-content-type-options
nosniff
age
475641
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28426
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 05:34:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Jan 2023 12:54:17 GMT
BD2020-SOY-336x280.jpg
s0.2mdn.net/sadbundle/18080364882124629212/ Frame 291E 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18080364882124629212/BD2020-SOY-336x280.jpg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d5577e19a9bf74f16bdca1ca37ad3d2da078145c515d98d3052d5c9f067274d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 12:54:17 GMT
x-content-type-options
nosniff
age
475641
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55178
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 05:34:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Jan 2023 12:54:17 GMT
TS-Online-EN.png
s0.2mdn.net/sadbundle/16862631110216872732/ Frame 5C75 		628 KB
629 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16862631110216872732/TS-Online-EN.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 15:16:03 GMT
x-content-type-options
nosniff
age
35135
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
643563
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 05:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 Jan 2023 15:16:03 GMT
BitdefenderLogo_white-_2_.png
s0.2mdn.net/sadbundle/16862631110216872732/ Frame 5C75 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16862631110216872732/BitdefenderLogo_white-_2_.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 15:16:03 GMT
x-content-type-options
nosniff
age
35135
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28426
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 05:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 Jan 2023 15:16:03 GMT
BD2020-SOY-728x90.jpg
s0.2mdn.net/sadbundle/16862631110216872732/ Frame 5C75 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16862631110216872732/BD2020-SOY-728x90.jpg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00de3a8b534ab3f1eb3e62ef737340a791f5c4408cf651563d441ccb62d6d3da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 15:16:03 GMT
x-content-type-options
nosniff
age
35135
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24679
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 05:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 Jan 2023 15:16:03 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 137D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 04:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Jan 2023 04:41:57 GMT
truncated
/ Frame 137D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae184279f2210c81144e51b70c0ec68b30855314f1b69c4fbbd26363366f400a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/16862631110216872732/ Frame 3D0F 		93 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e46484286c90cb4aea34abdd9b242b4e2ab985af692be837028b37296b2cd83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
21683
date
Mon, 24 Jan 2022 15:16:03 GMT
expires
Tue, 24 Jan 2023 15:16:03 GMT
cache-control
public, max-age=31536000
age
35136
last-modified
Tue, 12 Jan 2021 05:34:56 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 0BA6 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQCGi6kZhPIXuxzWm8qolwcYHmjCKZK146O_2TeEGUkElgpJtPohNb2dGD7wpbMEe-yjwZfoeCRa05gjMQgWnNTDKHf22wU-PhwLQO2I4KM4QyP0FqWFPirii1LfdH8xRgvjo-LgXuxHK1Y8QphAFjQmXV7Ax3L4rPBua2Y2Duzyzrjt7ZmtG0RzX6S0NOqOMWZQ9k_qitkJ2GkF6oIaATY29lgoMHvmqQgcqgnVmRStHI9irnuXI8yBriu6ceYXR-i0iPCWhgm8H8eLEBkeBJ06UMIAWt5y3k9P-N_3uUZ-ObAa2ufSbUiFmf98cs8iJpW1jW_MAONqxYC6kdw--OXw6abmEHo7mpDNV1YI4WpA89NW8eRbgancjn8mBS4LdTfPOd5p5FIMxvDV2M2FmEI2vrJqXLE2gJoc1lFU5JEzuDDdr5uLFfVPiI8prPeNU9Ae_bbj9luQDD_exSP9fHvBlWIRBJnqsPAG35N5E-X5MS6VN6hTxu9YLihVvL_c-F_LAW_On_YDiuwb5DBxzkk9mUohFmYO4wHQ1khIylROwd8PUWOGimFaR8OMpixFUAiAr0kYsSVF0q0y8Gm6eF6ovVjpQfluaxmmx0p_5PsySRFoSjTiRxWceGxwRZ8I1G_n1iO05xrtR6s7k0zjRaugdWmSO1aHWuLGt8bYuR6tCA433FH7_z1fxcl4fUPmHYUPBIXL3cg8lp2qinMRewOoQCmkaCiNd60BrsvdncF8eRteKSpxx38tcJhPm7Gaq4hoVmDjuYjnDcZAtDhYaJkubKH7e18f9CNv06YLExr4_WzlbS8679n21fmVy9IQUkXvThRJsz3xMiKhyFqgTA3jyeVnfd5ldh-7hN7QrvX1OkqwgdexjMe84t7csBFcRQSrlqsOSyv6vMtlT3rT7_Dzu1HSjCcHemxVOqigpL_aplooVwnW-Bqwyqvuxw2g0UvIXm_ADsU2_s9wiO0KUzNVSsGt4kN0nBZRQN4B5EMWndK-ngRfdpiwekCprJB7gODFSn2UkqyZ-mSOq-Bb4Yiu3STVwlhwshVJUS67EvE5JhBtSpCeAAI-hvoArdusJFdMghkAS5hQQNx9lOCt5IjCAwsg92Xyu-G0CZJrIgOijGWQUm75Vl9tFtp9B6DHs4cA-5Y9DjzEViNxKAosG1pZiGXn04cCYZqa6Ck5iFs03CzpyVVf5JfFRrt5Ma0ukHl6E267bI8k_S2VBwVhQ44ozJoDV0dw&sai=AMfl-YTijTf5BT7VVxRp6TEv4koqvYsyfgNA6vAKTBu6RceUaDlhpPcpY6qQC4wBj1HXRvE_c3OSZ71nQhhxgEDambCVakdKpiUPdHqBS8qPld0ny75GmK0Bazn64C1Er6cXKyAxv2RyE-mYZxgWJtrX5ZiIAsCKe2u1jHBXSnVskmFNDQ-6XPzh&sig=Cg0ArKJSzOVAYI5dPx2BEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=174&cbvp=1&cstd=173&cisv=r20220119.56709&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 25 Jan 2022 01:01:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0BA6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 04:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Jan 2023 04:41:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1967 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 24 Jan 2022 16:21:02 GMT
expires
Tue, 25 Jan 2022 16:21:02 GMT
cache-control
public, max-age=86400
age
31237
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0BA6 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b3f606f1030774bf92e17751532cb06d78b6f54728c2951ab388c1665b56a2e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame DCB6 		4 KB
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 00:46:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 25 Jan 2022 01:01:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Jan 2022 01:01:39 GMT
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame DCB6 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 06:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 06:13:41 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 95B6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 04:41:58 GMT
expires
Tue, 24 Jan 2023 04:41:58 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
73181
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 3D0F 		6 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,regular,700italic
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
872890c5623628fc32f2bfcacd96f0cbf2226304412a28475ef6567a784c4082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 23:01:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 25 Jan 2022 01:01:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Jan 2022 01:01:39 GMT
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 3D0F 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 06:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 06:13:41 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 90A3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 04:41:58 GMT
expires
Tue, 24 Jan 2023 04:41:58 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
73181
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame DCB6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 08:30:30 GMT
x-content-type-options
nosniff
age
405069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 20 Jan 2023 08:30:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 80A0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRbsd8kvvYYP5EsSpyQP5uoOgCwAAAAA4AeAEAg&bg=!V1SlVBDNAAZ_DxPPfw87ACkAdvg8WoyR-bXuXqL5-hgfocOSVd7GNKJNm6Nm0R7sQB1aliVdNf7ZbwIAAAHoUgAAAANoAQeZAyvkU6F_-tsZ6j8Gcu-DBul2_vYDV0_bp0URv2DUWeH_xHi-rlLxWxkNbNvggEEnFkDGJDN3Ccp19lVfo6am9pFGZO8VfXYtSem0thK0jLgoMcGQEH-X3CS83vtG9njRQJRj4pEEf48GIXsSECix3Ov-pLIUJI20k1bFerrhyr-qyJZE2-LBoRrLgVmSy-Ymfd_5r5-FG0LfxXQLym0_IkVHCqM3ATTX81_2oMsm3buOOVUbzDmKBe35r6nUUbM22_QnJi6mTcHb7cL4XKelWe1WxyYkG2cokzN-oYI1cvLexXPqJkBCA8MK_fFyVStSWO4szwJO664OGiTSBGzk2FYaVoPec_l7qXqTb82ZekSWhyDeNFfQFyh9rxal1Pgk3l4FmUoxhBsGZ30gys2wHkxA44Ex9JC7sh4vW8YfidWCZhU5leH0rg5cQFMcIgeAtYArf16AWT969ojXilsWJ1-N54swTAYmxdJWixvbkx-mWtJxf_n6cLZwV7oZGWxDwcFWvFPcjOv3Y2ZOUBRVggwF73e1YW6q1y3Gow-wgEPBydS-ptw_9VnJA4KQIU302zDvD90RmjbcHpQIm_X2T_WTKgSEovH8vomv6ixwy4ljnV6OzwRUONe3Zo0IsiZ7yWwyMne43wxxjhP-KFhRYoC3g2HXDWe98F3k0zL5m5_pPEKghYN1cu6nG_fW48RLd8DW-z2NbTmAJrxUZ8f1wgnXap_3tD2tB41rLyO-GUutlXo-kM-sdeWD1-R8n98m3EvS9Jjx19Odea5fBQ_JdQDJWEtpgrtOFBmIGcCZckrTi41seYbJD6JhBNvS5iqUc5OwXB77LN1Sn_Vuk18OMcBjzxkSKk4dPqsepFFiRLec6ipw8EelRIFWMI7NzoGt9jHhyxNH8BgESWBMTAEhUN48CQ1580G1rjqEOcNy11SnlMrLgtDZLpL10mc_82mc5LAZISFBbBPXWdDKPOR016I4PxacSoCcRWAqOJJiYkEzQn-Fif56wRMpdAdZaS5ptjy9jOUTdIdnOFQtvMTyyWUNj6VKxL1M6IMhTLYzxTKNRWJ43msFE5xvmjvQ
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1967
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED4WqixBB9lzOt5hY2CBVE0&google_cver=1&google_push=AYg5qPIVOVSuxAbPGwGDA4hJ2snTWaLZz5zXs8z4YwS2whoZCiZpL3MsQT94Tos61_pOl9m8LTRVpiFQC-3AvR0r...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIVOVSuxAbPGwGDA4hJ2snTWaLZz5zXs8z4YwS2whoZCiZpL3MsQT94Tos61_pOl9m8LTRVpiFQC-3AvR0r7KuH3qw0l-woDA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIVOVSuxAbPGwGDA4hJ2snTWaLZz5zXs8z4YwS2whoZCiZpL3MsQT94Tos61_pOl9m8LTRVpiFQC-3AvR0r7KuH3qw0l-woDA
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 25 Jan 2022 01:01:39 GMT
Server
MT3 4133 baa842e master iad-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIVOVSuxAbPGwGDA4hJ2snTWaLZz5zXs8z4YwS2whoZCiZpL3MsQT94Tos61_pOl9m8LTRVpiFQC-3AvR0r7KuH3qw0l-woDA
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 25 Jan 2022 01:01:38 GMT
pixel
cm.g.doubleclick.net/ Frame 1967
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESED-GdEnYXVy8lqWfcYyJLso&google_cver=1&google_push=AYg5qPKOgS6hicoT95QdMMy2tUBjuUm_KkCzqoGVxkBmpx7_B-LtcUGu-5DMiLLc8HYY10BD4B59UAdtOjK7jJoJNa...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESED-GdEnYXVy8lqWfcYyJLso&google_cver=1&google_push=AYg5qPKOgS6hicoT95QdMMy2tUBjuUm_KkCzqoGVxkBmpx7_B-LtcUGu-5DMiLLc8HYY10BD4B59UAdtOjK7jJoJNa...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=Zjg5ZDE0MzItMjBhOS00MjZmLWIxMGYtZTM3NTQ0ZWMyZTJi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=f89d1432-20a9-426f-b10f-e37544ec2e2b
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=Zjg5ZDE0MzItMjBhOS00MjZmLWIxMGYtZTM3NTQ0ZWMyZTJi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=f89d1432-20a9-426f-b10f-e37544ec2e2b
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=Zjg5ZDE0MzItMjBhOS00MjZmLWIxMGYtZTM3NTQ0ZWMyZTJi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=f89d1432-20a9-426f-b10f-e37544ec2e2b
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
dot.gif
s0.2mdn.net/ Frame 1967 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEPlIjnCFbgnvbCHciLzaydk&google_cver=1&google_push=AYg5qPLgd6mRZkk3fklU7dJjh3O6_eGf5v3WQo2NbuDCNBd6vCwDUfZY-RVT9PjdF6y3ZefuYmby9Vf5fInhwZVhVh7SGCekDJym1A
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Jan 2022 01:01:39 GMT
pixel
cm.g.doubleclick.net/ Frame 1967
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEMJGM8Wcf-YEmBlfe8Dl0Fw&google_cver=1&google_push=AYg5qPIFRrVPmsvzI-9Uyn7wUfAapERdsroqVURw_f_byoFiV17bhtGVNw8dNFOuGumVD9bJWZHomYX92Nifwq1caX...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTEyNjIyMjk1NDQ5NjU2NTE0NjQ&google_push=AYg5qPIFRrVPmsvzI-9Uyn7wUfAapERdsroqVURw_f_byoFiV17bhtGVNw8dNFOuGumVD9bJWZHomYX92Nifwq1caX3t...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTEyNjIyMjk1NDQ5NjU2NTE0NjQ&google_push=AYg5qPIFRrVPmsvzI-9Uyn7wUfAapERdsroqVURw_f_byoFiV17bhtGVNw8dNFOuGumVD9bJWZHomYX92Nifwq1caX3teguRMcytdw
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTEyNjIyMjk1NDQ5NjU2NTE0NjQ&google_push=AYg5qPIFRrVPmsvzI-9Uyn7wUfAapERdsroqVURw_f_byoFiV17bhtGVNw8dNFOuGumVD9bJWZHomYX92Nifwq1caX3teguRMcytdw
Date
Tue, 25 Jan 2022 01:01:39 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1967
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELTnFM6fOevlwP0_Z3Rbm6Y&google_cver=1&google_push=AYg5qPI5-C_eXWAI0qXriqzJI2OqtFjEs8ot-3gdGLj_rh3y5gN07UaRydOojVH-RyJw1DmiM67Dn...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPI5-C_eXWAI0qXriqzJI2OqtFjEs8ot-3gdGLj_rh3y5gN07UaRydOojVH-RyJw1DmiM67DnWcmozLszus0a6qrZSMyZk88WA&google_hm=WWU5TDg4Q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPI5-C_eXWAI0qXriqzJI2OqtFjEs8ot-3gdGLj_rh3y5gN07UaRydOojVH-RyJw1DmiM67DnWcmozLszus0a6qrZSMyZk88WA&google_hm=WWU5TDg4Q284WFVBQUZOLllSRUFBQUFB
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
36
Date
Tue, 25 Jan 2022 01:01:40 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESELTnFM6fOevlwP0_Z3Rbm6Y&google_cver=1&google_push=AYg5qPI5-C_eXWAI0qXriqzJI2OqtFjEs8ot-3gdGLj_rh3y5gN07UaRydOojVH-RyJw1DmiM67DnWcmozLszus0a6qrZSMyZk88WA","cluster_id":36,"gdpr":false,"ipv4":"149.56.153.187","key":"Ye9L88Co8XUAAFN.YREAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40352"}
X-SO-Ads-Time
75
X-SO-Key
Ye9L88Co8XUAAFN.YREAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40352
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPI5-C_eXWAI0qXriqzJI2OqtFjEs8ot-3gdGLj_rh3y5gN07UaRydOojVH-RyJw1DmiM67DnWcmozLszus0a6qrZSMyZk88WA&google_hm=WWU5TDg4Q284WFVBQUZOLllSRUFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40352.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng17.dc4p.scaleout.jp
X-SO-IP
149.56.153.187
pixel
cm.g.doubleclick.net/ Frame 1967
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEP2rBYZduzKB_W2CsGdtJaM&google_cver=1&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JA...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMO4-sBvQxxh4dQcF86pbo1DJbCmOW3fw20wo1qpg&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4I...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQ...
0
0
pixel
cm.g.doubleclick.net/ Frame 1967
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEEoCOnX9o64PLuOhas5aiEs&google_cver=1&google_push=AYg5qPJ5AUEPOqYwXJQ2oBvQmULXLfzUgi8RNpwMy1g-V-F1y9Hctddd6fnphSzMdJ2eJ4dt_jQ5MYwmxMFKRrmcq6h-0...
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Demx_eb%26google_hm%3DNTc0MTE2NDMwNzI0OTk0NDg5MTJhYQ%3D%3D&b6...
  • https://cs.emxdgt.com/umcheck?apnxid=8025915137503046458&redirect=https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTc0MTE2NDMwNzI0OTk0NDg5MTJhYQ==&b64_redirect=aHR0cHM6Ly9jbS5nLmRvdW...
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTc0MTE2NDMwNzI0OTk0NDg5MTJhYQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTc0MTE2NDMwNzI0OTk0NDg5MTJhYQ==
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTc0MTE2NDMwNzI0OTk0NDg5MTJhYQ==
date
Tue, 25 Jan 2022 01:01:39 GMT
content-length
0
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 1967 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LCPgIX5ed8qzXYbWBVA-6DM10eBjfJHcABV7ADxBj29fCX5TH97L0G9XwM6uOcJRYiopGB4MM
Requested by
Host: d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
URL: https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3D0F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,regular,700italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 08:30:30 GMT
x-content-type-options
nosniff
age
405069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 20 Jan 2023 08:30:30 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 137D 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1CXD9DUueoTRKSgoDw-vNE1QZd7sEMdY47hdDKqb9pSQp7lU8EqY85loPcYMdQonGRG76mnPlDY2kDnIjR2Xy1ANthvu9HzJ7HBqBU8KffdZb5X3lW7lZ83Pi3SPK_YxHxi0PlaGv6Hu3Qg1jT1IXyEkrDPd70_XPttAmtaDj_M426ccfJvYe5fcWpcoBWwJwEtx6GRikc0M_QEOpxI3sJuj90LYr5_2vsrc4ZzE39-G3LZCASAjPjslSJkignnqY2bFSVIWBZ1jTLTZve4krBxm2K0vO408-LVy8LUaETmQRzN-lEBaWV6rrKQxM3az0JqmtPx1umxGx_vpLt7KQvT_iw9Q3alvA8jM-pDY7aoY_3q_d8FC-MZQlsms4nuu-5oBpVneFSgvN62DkHpAIPp9Wz6R0Q4r-Q83xCDDdLVE9uLF3H8e1nnYNAvQUOAqb9ZCWw2BtqhAWSHC0dKNZxvQ-LpD6TGbeMBtEXKeg_8xOoHdyEaqoB8jS8O4pq1XvqtnJPPdwakIK8MSr9QTqCYjFJcOBOn9YEIkWbgWA4VRf5w_NzgGTqRdObpq11XOcLDIAGQ2tkasguAEHRDnZEX6L4-yvhHr0bvnwwLQF18tGqyHTPbytrbWux3Ay_sgu0ncf7-mVnwfmuqlrYQD108R0in4hIWny-y29P-9ZRkjCyDLfwCSF0bTZhEHPRQbLPrLUcQWhP6mpMXnrdnvlvFJGJOpp8t2mm65-PyFnmXI9URIm7pHfuRQJnHdw6UUmPKl0kn6vI6ieEwVmgXc16YZu9GV-5gZBXdh93U2NxkdefvTQJ-RszgCCWC3nCMIi42S3diAhLq4SDNqTVYUv25gnoWGg4wi4LkNS9bet4OZahRsVqwVESjCqV9AZRNrjRk8jmYTKTo5I076QHjHwEFc-XDbP6nPCH2DutgtGPxqc_Gh2WrwEn9-9V4Wa3bSSaxGN5Bq1oBojGZmMdGu3SmWFuvyYD8UoT8STXaKm4c-qpp2bedPaTV5IbRyMpJ6GipXftOktm8Cb58lUJeXn-rAoCPfAynlpqXV9it-vlWW2rrGRZEWUR0nWzGXNDvIU91_nGmHLCUxSK3t4FY-v7gvTjF-vGCxUMfSa0-B0HU0KXUTXmbtNFUEHnK2gEAGO3YwsECjJj24tsNwfraRqTlbqn1fC-G5o&sai=AMfl-YSo-qJtkum87UUABVY1hzHtSkJQCb3-83HdESEWJhf38MDsD-JSrM8pxhtwgG2aYSuwNJ0h5BU-TskifPQt2X3NVcV-iIE5jO7UgfUZIwowQdeKHbi6GfeAJQLTxIbvTeQEcwrw8kE1KSEYTxhQu_Y3BsiOZaGVI4Z2SK8&sig=Cg0ArKJSzGSTYpkxsRG8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=636&vt=11&dtpt=450&dett=3&cstd=184&cisv=r20220119.97133&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 01:01:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
TS-Online-EN.png
s0.2mdn.net/sadbundle/18080364882124629212/ Frame DCB6 		628 KB
629 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18080364882124629212/TS-Online-EN.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 12:54:17 GMT
x-content-type-options
nosniff
age
475642
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
643563
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 05:34:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Jan 2023 12:54:17 GMT
BitdefenderLogo_white-_2_.png
s0.2mdn.net/sadbundle/18080364882124629212/ Frame DCB6 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18080364882124629212/BitdefenderLogo_white-_2_.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 12:54:17 GMT
x-content-type-options
nosniff
age
475642
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28426
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 05:34:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Jan 2023 12:54:17 GMT
BD2020-SOY-336x280.jpg
s0.2mdn.net/sadbundle/18080364882124629212/ Frame DCB6 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18080364882124629212/BD2020-SOY-336x280.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d5577e19a9bf74f16bdca1ca37ad3d2da078145c515d98d3052d5c9f067274d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18080364882124629212/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 12:54:17 GMT
x-content-type-options
nosniff
age
475642
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55178
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 05:34:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Jan 2023 12:54:17 GMT
vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
pagead2.googlesyndication.com/bg/ Frame 95B6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 04:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
73181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13436
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 04:41:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 01AE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bgarc8kvvYaaCE8iJoPwP0POjmAQAAAAAOAHgBAI&bg=!ISKlImbNAAZ_DxPPfw87ACkAdvg8WpL76a7LosIGM1fArHRvJqwO2REfHhFQaq0vav8SlJC8NDYU1QIAAAIrUgAAAANoAQeZAwuocnQHh6yhUjKmUAfvUvBCQMletpWa4j20WNJksCweYwoLyq12ntf7RCEhaWhXKnjyw7NXHtimOZEoMccEIB-vp-0Bq1tYPpQectvcugdKUn72wMLGkkAOkPF9p6NCKvk2Z5E1S6vNhiM3OJFE7YU4qmv7Z_dz5KQhErcKEzNg4lJJ5GyBEECsbNAgl0JC9rWbEPttdkUGJJ8iMbDKYHACWeDIUwxaxM9NtwbIHwfX4dtVVlZBa-fkCTRH_ASGXfbaM8ZxO3keFHZxa_YpsLEimq4xxoswEJ-pvzGkZVYUMD8_cNuC4yatbvKMCdn99JPd-kSU4Wbq20l13AuKB8aDNjRRugbdUeWXfd2tvr1dvrH-WaM17WBQbojDH7BrD8TNbocUINdCtkoMxXK5er01_W5pd2Ifq2gWvUwXhlAJVmxli5gXI8RhjTnCFdRyNj2m2pbNIe7VC6ZFQn1gruiEfWh8EMOqirQH9mXl3zi0UT5KIArT5r098OV8RrOU-YUqbadQwOSVyQbvI6p6S1h1n4bN4l9FS9o89uKheorCL9vVkK06xT1Nq_0ZL3a0QYZCCDXzzE-vCdjOt3VzfyY_l9iZQUwID2HYkdsOrI42OErlvSrxadhvYOANFD2K54ts27urXRRz49RXIEXDb0iljN9FQVlvCpP-cxEldFyzu9rvifzt7sPtoXE4ls7F5Kb7IxLnYFmFqA5zYXUxcBCBBkhTGPsgPoM-QyHV5usPikWPMi4K8JBZjK9bC-h57NJhdr9rH4isYCSKdNefOYqAYdyKnT5697bF1dYanQIOD2sjk1hFncP6ngX6vW9adZH0clhE8o4ZqjvXMZbCjbbqrYgwc1TtyELAtEJt4wqWHUSwiO4dlnFtQzYgUukcJ7nCQx6UF3S5QYogJbt9vJcLaLQuPXR6sGs7eGd61nIWFlS5F12uDC9nteWVaYWGD2klGU8DybZ2_Tq0PzADLwCIN_uodGWpCVsU2nYiSaof-SrMUntISG4UZDaMZXhPddlZHxaYwnVozBchkw
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0BA6 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQCGi6kZhPIXuxzWm8qolwcYHmjCKZK146O_2TeEGUkElgpJtPohNb2dGD7wpbMEe-yjwZfoeCRa05gjMQgWnNTDKHf22wU-PhwLQO2I4KM4QyP0FqWFPirii1LfdH8xRgvjo-LgXuxHK1Y8QphAFjQmXV7Ax3L4rPBua2Y2Duzyzrjt7ZmtG0RzX6S0NOqOMWZQ9k_qitkJ2GkF6oIaATY29lgoMHvmqQgcqgnVmRStHI9irnuXI8yBriu6ceYXR-i0iPCWhgm8H8eLEBkeBJ06UMIAWt5y3k9P-N_3uUZ-ObAa2ufSbUiFmf98cs8iJpW1jW_MAONqxYC6kdw--OXw6abmEHo7mpDNV1YI4WpA89NW8eRbgancjn8mBS4LdTfPOd5p5FIMxvDV2M2FmEI2vrJqXLE2gJoc1lFU5JEzuDDdr5uLFfVPiI8prPeNU9Ae_bbj9luQDD_exSP9fHvBlWIRBJnqsPAG35N5E-X5MS6VN6hTxu9YLihVvL_c-F_LAW_On_YDiuwb5DBxzkk9mUohFmYO4wHQ1khIylROwd8PUWOGimFaR8OMpixFUAiAr0kYsSVF0q0y8Gm6eF6ovVjpQfluaxmmx0p_5PsySRFoSjTiRxWceGxwRZ8I1G_n1iO05xrtR6s7k0zjRaugdWmSO1aHWuLGt8bYuR6tCA433FH7_z1fxcl4fUPmHYUPBIXL3cg8lp2qinMRewOoQCmkaCiNd60BrsvdncF8eRteKSpxx38tcJhPm7Gaq4hoVmDjuYjnDcZAtDhYaJkubKH7e18f9CNv06YLExr4_WzlbS8679n21fmVy9IQUkXvThRJsz3xMiKhyFqgTA3jyeVnfd5ldh-7hN7QrvX1OkqwgdexjMe84t7csBFcRQSrlqsOSyv6vMtlT3rT7_Dzu1HSjCcHemxVOqigpL_aplooVwnW-Bqwyqvuxw2g0UvIXm_ADsU2_s9wiO0KUzNVSsGt4kN0nBZRQN4B5EMWndK-ngRfdpiwekCprJB7gODFSn2UkqyZ-mSOq-Bb4Yiu3STVwlhwshVJUS67EvE5JhBtSpCeAAI-hvoArdusJFdMghkAS5hQQNx9lOCt5IjCAwsg92Xyu-G0CZJrIgOijGWQUm75Vl9tFtp9B6DHs4cA-5Y9DjzEViNxKAosG1pZiGXn04cCYZqa6Ck5iFs03CzpyVVf5JfFRrt5Ma0ukHl6E267bI8k_S2VBwVhQ44ozJoDV0dw&sai=AMfl-YTijTf5BT7VVxRp6TEv4koqvYsyfgNA6vAKTBu6RceUaDlhpPcpY6qQC4wBj1HXRvE_c3OSZ71nQhhxgEDambCVakdKpiUPdHqBS8qPld0ny75GmK0Bazn64C1Er6cXKyAxv2RyE-mYZxgWJtrX5ZiIAsCKe2u1jHBXSnVskmFNDQ-6XPzh&sig=Cg0ArKJSzOVAYI5dPx2BEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=613&vt=11&dtpt=439&dett=3&cstd=173&cisv=r20220119.56709&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 01:01:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
drawad.
fundingchoicesmessages.google.com/f/AGSKWxV0XE1AXPyACFCMpolV6NadiqCF7AWRpggeym7uvsXcZZhaPbWGLI0pPo7h0wzhx5COsgjcbm1o6Dam8itwRkaZby0VnnI62iUc9EXB2xwP4FuXcx9B71VYNBWYB-Mnq-t01UsKnFcN_NjDJS66HeDZ9Ho_3... 		54 B
107 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV0XE1AXPyACFCMpolV6NadiqCF7AWRpggeym7uvsXcZZhaPbWGLI0pPo7h0wzhx5COsgjcbm1o6Dam8itwRkaZby0VnnI62iUc9EXB2xwP4FuXcx9B71VYNBWYB-Mnq-t01UsKnFcN_NjDJS66HeDZ9Ho_37tAmzilbZcZ9-UrCW8zzwuLA-yQN5VoPfjoVyN-dYXX9ZENnAO3R0hWjZYHFBvYSzdbre2n0bTdSJ1nZXQ=/__323x120_&bannerid=.ad6media./popad-/drawad.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Je69o0mtxD8.es5.O/d=1/exm=kernel_loader/rs=AJlcJMytk5IxJSaSMUUAqg6yyPDqcW1E6w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57b98079945466709a8bdad26b6d2f1fb8b541539cfc5489092d4f251683722d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YwZOju94qZl7m4Wdr2mfAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-YwZOju94qZl7m4Wdr2mfAw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YwZOju94qZl7m4Wdr2mfAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-YwZOju94qZl7m4Wdr2mfAw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Je69o0mtxD8.es5.O/d=1/exm=kernel_loader/rs=AJlcJMytk5IxJSaSMUUAqg6yyPDqcW1E6w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e65145e26e15db20dcfcb6b8dda79c3def5a79406206e5c1391c011581cc53fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 00:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8743
x-xss-protection
0
server
cafe
etag
8672619825175664420
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 25 Jan 2022 01:44:46 GMT
AGSKWxW826K11Ydzvlc8KmIi3BtU2gjyWyZQtit45HeQzzOSjm1wopV9NP0emy1GpaqOTViAUFPUhGOs2nuBrGOawhwjohfRJlwNzLQia4XPHGL46i5E_-hGXphtXRMJ-s9Ogb6oA4Qwst-oE4YavsX6RixR5VzE-W5UcNwyukqf9YwTV1dGDZ2eUl9njPdq
fundingchoicesmessages.google.com/el/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW826K11Ydzvlc8KmIi3BtU2gjyWyZQtit45HeQzzOSjm1wopV9NP0emy1GpaqOTViAUFPUhGOs2nuBrGOawhwjohfRJlwNzLQia4XPHGL46i5E_-hGXphtXRMJ-s9Ogb6oA4Qwst-oE4YavsX6RixR5VzE-W5UcNwyukqf9YwTV1dGDZ2eUl9njPdq
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Je69o0mtxD8.es5.O/d=1/exm=kernel_loader/rs=AJlcJMytk5IxJSaSMUUAqg6yyPDqcW1E6w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HU+IBqSC/jBFZMNYbwQKQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-HU+IBqSC/jBFZMNYbwQKQQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jan 2022 01:01:39 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HU+IBqSC/jBFZMNYbwQKQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-HU+IBqSC/jBFZMNYbwQKQQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
TS-Online-EN.png
s0.2mdn.net/sadbundle/16862631110216872732/ Frame 3D0F 		628 KB
629 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16862631110216872732/TS-Online-EN.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 15:16:03 GMT
x-content-type-options
nosniff
age
35136
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
643563
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 05:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 Jan 2023 15:16:03 GMT
BitdefenderLogo_white-_2_.png
s0.2mdn.net/sadbundle/16862631110216872732/ Frame 3D0F 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16862631110216872732/BitdefenderLogo_white-_2_.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 15:16:03 GMT
x-content-type-options
nosniff
age
35136
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28426
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 05:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 Jan 2023 15:16:03 GMT
BD2020-SOY-728x90.jpg
s0.2mdn.net/sadbundle/16862631110216872732/ Frame 3D0F 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16862631110216872732/BD2020-SOY-728x90.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00de3a8b534ab3f1eb3e62ef737340a791f5c4408cf651563d441ccb62d6d3da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16862631110216872732/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 15:16:03 GMT
x-content-type-options
nosniff
age
35136
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24679
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 05:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 Jan 2023 15:16:03 GMT
vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
pagead2.googlesyndication.com/bg/ Frame 90A3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 04:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
73181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13436
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 04:41:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FCB0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEcAAm8NENDM2D-JzksZuRX_zuFyM9HLIZeXG8z3oC7TkE1HK5XuyhNpNHVllfLw1tY-bG67mIzhexR5o4M5ns5gUZfnatUgYqlXcwY02ngJKSfEg&sai=AMfl-YTMH2cbJdnjIju1uzyRMQQKwqugnbnOkmwsvziMxjndsGwSxvMyJJdaLxrPySEaMkPh2K547WA_qT7TukGAvVfZPKWIeB1QiQBiy7gRwf8ORu9jbnIpbHAW8Gt9yizx&sig=Cg0ArKJSzLFiTp7igvLoEAE&cid=CAASFeRoe91uUPmRio3O-OzMIwr925Jnrw&id=lidar2&mcvt=1038&p=10,552,100,1280&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20220119&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=630197753&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643072498158&rpt=337&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5C25 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstS4aibIZ6RyAK1sttGbpwXg2iH4TeDoXh3_JDk8nZyKT9ebvQdyokRN6Np_ZhJ8C84jICPTbWDCradsxorsx-ueK9pbFRUekBdP8gPtJTI-XyPxx0&sai=AMfl-YRo9X86ctUL9lAgRqhy3-yamUDEizlF4TPTrW8f7CqC5sh2Q8qYlwNK1NA8mFZLTg-D-HmnlTmmT51HD4mhpfWxf7NgXiS1kPWziKdNeysfvOk6hYQbSZH5taHTO-29&sig=Cg0ArKJSzArr17ChblrzEAE&cid=CAASFeRoQxDF63WoS3qfHrANh4p1ADGZvw&id=lidar2&mcvt=1015&p=120,615,150,656&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20220119&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3841872593&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643072498209&rpt=263&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxW826K11Ydzvlc8KmIi3BtU2gjyWyZQtit45HeQzzOSjm1wopV9NP0emy1GpaqOTViAUFPUhGOs2nuBrGOawhwjohfRJlwNzLQia4XPHGL46i5E_-hGXphtXRMJ-s9Ogb6oA4Qwst-oE4YavsX6RixR5VzE-W5UcNwyukqf9YwTV1dGDZ2eUl9njPdq
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW826K11Ydzvlc8KmIi3BtU2gjyWyZQtit45HeQzzOSjm1wopV9NP0emy1GpaqOTViAUFPUhGOs2nuBrGOawhwjohfRJlwNzLQia4XPHGL46i5E_-hGXphtXRMJ-s9Ogb6oA4Qwst-oE4YavsX6RixR5VzE-W5UcNwyukqf9YwTV1dGDZ2eUl9njPdq
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Je69o0mtxD8.es5.O/d=1/exm=kernel_loader/rs=AJlcJMytk5IxJSaSMUUAqg6yyPDqcW1E6w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-samSVHWL7TjJIVodasyE4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-samSVHWL7TjJIVodasyE4A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jan 2022 01:01:39 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-samSVHWL7TjJIVodasyE4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-samSVHWL7TjJIVodasyE4A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW826K11Ydzvlc8KmIi3BtU2gjyWyZQtit45HeQzzOSjm1wopV9NP0emy1GpaqOTViAUFPUhGOs2nuBrGOawhwjohfRJlwNzLQia4XPHGL46i5E_-hGXphtXRMJ-s9Ogb6oA4Qwst-oE4YavsX6RixR5VzE-W5UcNwyukqf9YwTV1dGDZ2eUl9njPdq
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW826K11Ydzvlc8KmIi3BtU2gjyWyZQtit45HeQzzOSjm1wopV9NP0emy1GpaqOTViAUFPUhGOs2nuBrGOawhwjohfRJlwNzLQia4XPHGL46i5E_-hGXphtXRMJ-s9Ogb6oA4Qwst-oE4YavsX6RixR5VzE-W5UcNwyukqf9YwTV1dGDZ2eUl9njPdq
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Je69o0mtxD8.es5.O/d=1/exm=kernel_loader/rs=AJlcJMytk5IxJSaSMUUAqg6yyPDqcW1E6w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hkZb42Hiv8YzhVXcnoz9DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-hkZb42Hiv8YzhVXcnoz9DQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jan 2022 01:01:39 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-hkZb42Hiv8YzhVXcnoz9DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-hkZb42Hiv8YzhVXcnoz9DQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW826K11Ydzvlc8KmIi3BtU2gjyWyZQtit45HeQzzOSjm1wopV9NP0emy1GpaqOTViAUFPUhGOs2nuBrGOawhwjohfRJlwNzLQia4XPHGL46i5E_-hGXphtXRMJ-s9Ogb6oA4Qwst-oE4YavsX6RixR5VzE-W5UcNwyukqf9YwTV1dGDZ2eUl9njPdq
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW826K11Ydzvlc8KmIi3BtU2gjyWyZQtit45HeQzzOSjm1wopV9NP0emy1GpaqOTViAUFPUhGOs2nuBrGOawhwjohfRJlwNzLQia4XPHGL46i5E_-hGXphtXRMJ-s9Ogb6oA4Qwst-oE4YavsX6RixR5VzE-W5UcNwyukqf9YwTV1dGDZ2eUl9njPdq
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Je69o0mtxD8.es5.O/d=1/exm=kernel_loader/rs=AJlcJMytk5IxJSaSMUUAqg6yyPDqcW1E6w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wgiooa1j2T/Z3YPNVg0phg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wgiooa1j2T/Z3YPNVg0phg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jan 2022 01:01:39 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wgiooa1j2T/Z3YPNVg0phg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wgiooa1j2T/Z3YPNVg0phg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU9zXyeiR8Ucxn_-isbE9NMsTYIzSg5FW0yzpmqJ2sTqE5JeUFQBTrfl3SLZMxPChFhB6kxImDnir4NsjdK9rFTPFPIkG2nattMiVOhtwJ0T0wUq7opyWwwpq-ctSfKkiJ85kiVYMJN5MjDFk2nL1RlEeF-dCMJ0OgzBtsuO9L6cAPhNYUKZGBrb8WT
fundingchoicesmessages.google.com/f/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU9zXyeiR8Ucxn_-isbE9NMsTYIzSg5FW0yzpmqJ2sTqE5JeUFQBTrfl3SLZMxPChFhB6kxImDnir4NsjdK9rFTPFPIkG2nattMiVOhtwJ0T0wUq7opyWwwpq-ctSfKkiJ85kiVYMJN5MjDFk2nL1RlEeF-dCMJ0OgzBtsuO9L6cAPhNYUKZGBrb8WT?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzMDcyNDk5LDYxODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZS9rY29tbjd2N2JmeDByN3ovTW9iaUhvay1GcmVlLURvd25sb2FkLXY2LXY2LDEtQ2xlYW4ucmFyL2ZpbGUiLG51bGwsW11d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Je69o0mtxD8.es5.O/d=1/exm=kernel_loader/rs=AJlcJMytk5IxJSaSMUUAqg6yyPDqcW1E6w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
701b6407a797dae56d36c4fb01962b613c3b33813cacb40fb60b9ff42cf43d5a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BfH7OYEW6wiizEKDWJHK4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-BfH7OYEW6wiizEKDWJHK4Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BfH7OYEW6wiizEKDWJHK4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-BfH7OYEW6wiizEKDWJHK4Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWxdq8LQ0rSyBfN_o27GjJbMhBFkdgAv2LQwLihwwiD8fw8vzIx1jTRFMjtvoLZhmGWP384AwykHqXFJ9sVNS-tqaUXBjO5i1G9RkNQgMPACY9nLxh61kgrYMlXxu9q0z8DKxKl-d0O7n1-kA3jPiHAu2Ieo7cgcF5zRMQiCeci-vJh0jpUi2ch8dej
fundingchoicesmessages.google.com/f/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWxdq8LQ0rSyBfN_o27GjJbMhBFkdgAv2LQwLihwwiD8fw8vzIx1jTRFMjtvoLZhmGWP384AwykHqXFJ9sVNS-tqaUXBjO5i1G9RkNQgMPACY9nLxh61kgrYMlXxu9q0z8DKxKl-d0O7n1-kA3jPiHAu2Ieo7cgcF5zRMQiCeci-vJh0jpUi2ch8dej?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzMDcyNDk5LDc3MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL2tjb21uN3Y3YmZ4MHI3ei9Nb2JpSG9rLUZyZWUtRG93bmxvYWQtdjYtdjYsMS1DbGVhbi5yYXIvZmlsZSIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2SignalJs.en_US.eQ32Q8DRCIk.es5.O/d=1/rs=AJlcJMx3ecGouwM6k3NmqAMsKP-0lWGyPA/m=iabtcfv2signalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9fcfffc318101ed6eb78278335f8e961a3742a3187ec7623749b98406414ceb8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cNuFFj0bKU5MjeqI08ByTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-cNuFFj0bKU5MjeqI08ByTQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-cNuFFj0bKU5MjeqI08ByTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-cNuFFj0bKU5MjeqI08ByTQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 95B6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXu7C8kvvYdL3J96VoPMP-LCiuAsAAAAAOAHgBAI&bg=!a2ilaCzNAAZ_DxPPfw87ACkAdvg8WmLjQkikbWkVBM7MI2jFscZaQPDXO8uZu7TK2oBIKlRlgu2V6QIAAAEbUgAAAAJoAQeZAx-nLBKmP1-mduoMFvgF36wn-px-P-LeQg5vcvf6DzxsYun3GSs_912bGSPYkQYRpf6Z54uW6dYGRsVH1uJr8DC4FxRaQeaGnRfUzNmjgdjEQIQ5jS9qwhUbQSgDVv0rU_Ed9GUayFbYqxOAS0e4nsErIQysrZHeyA_ciWGPM2NdwyPYmwri54tZ1-_cUyqWySbyRGd_IjgeNAtmCIqeajtQWJQKLO0bjAr_zK6J21B4l9H43OKQzigxmZdjHz3EsD700jFIE61Xbvbw89KDQ10pUdNgu0-2UWM5BSAAc6fBrmvFjzeJnM7Wr08qSBLOp3c_gGoLiOc4VSJZ9sZTS0O7XftuiMXrdwdAyXIIQRzqMV2Bp1cM0Zt6vU-6j24Ugk9nbd536Z5ezpDUuGDxmtzVEOzewrf0UZ7QjYVcZL-sZLs7-pSGREkW6WjNJ4Z6chrdproPnmjoTh2KqD5q9sbxI3Q846RrBePGZp-jlwqnR_-1Vwdvaux9Y6fF3BW9byXFE0jc-ZpBNm3lVXul7GkvHIfO2gOTTfAU5oyTGtBXj3-zmE7URU_HfCPHWzBX0fCCyXL0EZQrQ7cY1eHsxKhoqYES5ryxOhZiMJFP49bn6W_jcVy_QVwETLq64ceXdVB7vLT-JLlxcRLWgz2RhkhUYbDD3wOLeJcW7m3NbbCKDq42APeeTif8I7nY1eL5iGCmcg0qA4WpELVM9SzMw_vhPoA497Z2fqo_4b7ts66eSOFSUxZWJFxmUKKRWXitEZgIrZSuv47_y1z9sjS0XUPpD6t_AvaWpQPhkWohezg4eZwMTutFxFDOwQI6psIMglPAuf1UCA4mNtI61xqItyWwQjpFF4LYrhWVQ9I8Z-Fzgy9mNk7Buh5uVTb0d0e4C4giW_gUjWwk8hLkE1bQs9BxXfd4TUJN88GA35F12eYbFYyxEODivBSOSSQ-szHqO4Zub7gAEi6v2R__xSRDDvfu0x6TY17rgqBy9caoWVcZyKC5c8V2OknSwXwKwqAZZKei9_obbG_qslDxvPxlZGTQKhmZ6zqevVeYJ43OCU7t
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 90A3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1BfV8kvvYcqTLKPjzgXBn5HoAgAAAAA4AeAEAg&bg=!9Pel97PNAAZ_DxPPfw87ACkAdvg8WsaRNu9IGhg1Kz0GmUrwXnI6RpYv_iSsdKWRWhmx2LwsOdkaAwIAAADpUgAAAAJoAQeZAx3YFiW3i9eJaE6tBuESaYHHMh685VTxjFmvkWbpLwhuRIf8mqh4qwljbmLTc_-I38oT0B0Epq_Y1iuaDKp_stqZ0D3PUqLFWSWB8EeI-fR2wcW2IyOEZNZz2K5DrfXXYDHIYC94BBXZOj1m0pqZL6QGupDeW0GCCufgGZBBJP9t6HLTHXJsCkNoqk80r1N30zerxi9a_PkTUBbc9rd0OrMWwF3smVVKYF3krWbbbYgs42bbBqF7nFF6OjnZRudnk1NWmcJ-zYXIPrGDr1axJy-S54265extZu3bgXB4h_V9Fiwuai7ZShSE5JChwfjt44ftDm6eq-jBMXHJ-rKL_GzLFJU2vJwe6_Gj-0X3iQCYFO2whkJ9ZQMQVlOA1Nrknj-sOMEVfpeLqSQeSdVkop9U-vzfc3Ertm97AA4UMgLVE8ukcRh6-V7aH0LhDrc8c-AYLF_J9Pvo28RBrAr-lCB24thEI09Yl0KIPNKiMyGXFOWLHtp9Cv1CtItM6Kd9Ea1mzNb74f7Nl-kStfxjf-Cq0YYpE9zTxjJro4Npxfaj4JFnm7to2I0en8crYvH-3An0i2ZIL9KPPoW7zTBCoZOzoug0MAf6mpJpTyK1u2aM5DgYDSizLuni3FfoPBtpDbfQGzIQmnPjXYP-L5SdWyI0IgfSIhueBUN0avbye6Egr7hIhe-FM9RPSYUkUOuoJhq4el7fAhOp5sAkU9PErAGr01bIwuxi2INFQxtEICPy7e4R4DBiYxDdO_c7Zr7whUbLaWhWBSO3RuIiqYqjJEEhNkWh0cwncq8tc-teKKbAbq0s6uvJKgiOq3SIAT8sE7uWFcmen7yAHilG64CmDS99lN4-Hv8GeJxhF-dMmqHfppDJFdgCCigae6oErf-GzlFoSlJ3hNtjReBwFs_2jqroW124_wd-Fvri9gQrMTaH6PgWWiGw5Gendf_-aT4DsQaNwHwubSOgStg9n5BGD5Y5gqsSs9rGOQCJcdQQhru6Ak5f_mdgnJV6SnPnayRx-Ix6_GZGrtfjAipfxTNzM5_yswNnu_3LNB6L1aDyTg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxXXISfg9Y7WoizzB0c0_orGzRP4jsiFQ_mc4Xtdp0wrjYBrQRBEKHcRqJWeWL48O3cPr5l3Dia-ylN7tFuNa-hIVilKt6qCs2v8vpvny5ffwj53tbIi_1QMy98E6A9JWIlDBwWqErJh6Jlm9MWJWzK_oYGB2vdyen3vyzjBuNtKQwAF5C189-n8B3o-
fundingchoicesmessages.google.com/f/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXXISfg9Y7WoizzB0c0_orGzRP4jsiFQ_mc4Xtdp0wrjYBrQRBEKHcRqJWeWL48O3cPr5l3Dia-ylN7tFuNa-hIVilKt6qCs2v8vpvny5ffwj53tbIi_1QMy98E6A9JWIlDBwWqErJh6Jlm9MWJWzK_oYGB2vdyen3vyzjBuNtKQwAF5C189-n8B3o-?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzMDcyNDk5LDg1OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5LDEwXSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL2tjb21uN3Y3YmZ4MHI3ei9Nb2JpSG9rLUZyZWUtRG93bmxvYWQtdjYtdjYsMS1DbGVhbi5yYXIvZmlsZSIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.gDrjrnPLQgI.es5.O/d=1/rs=AJlcJMwzsxvi_vQeucMi1KMBwyQ7Nvg8fA/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2039ba642eb72676602b56aeeae8a9953e8c3f87b7d0e9606329174baeac408a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-W9C062d6NM68gAH1oNoC0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-W9C062d6NM68gAH1oNoC0g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-W9C062d6NM68gAH1oNoC0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-W9C062d6NM68gAH1oNoC0g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWFPvow2QF88MkWfHJp1k_oArfox7-p1dsimAS3HEFiCkOlkExLV3GWrCQLWEyi8DZuan32-30pKf2Ntoeb3hv-MBZC343hTwo3TeMKQ9gZs23oa3PmaFvQOko_ijc9F0buWTJNvFjD-km9fTplQi-obdFpD_eXNu9kcF3CjLGU_J7qOaq2rkxhC_86
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWFPvow2QF88MkWfHJp1k_oArfox7-p1dsimAS3HEFiCkOlkExLV3GWrCQLWEyi8DZuan32-30pKf2Ntoeb3hv-MBZC343hTwo3TeMKQ9gZs23oa3PmaFvQOko_ijc9F0buWTJNvFjD-km9fTplQi-obdFpD_eXNu9kcF3CjLGU_J7qOaq2rkxhC_86
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.by9fMHnlMvQ.es5.O/d=1/rs=AJlcJMzqOuiWMuM0X7To1dPURCGtG-LV1Q/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aiOUvAMrUIYauaG6K3DaDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-aiOUvAMrUIYauaG6K3DaDg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jan 2022 01:01:39 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-aiOUvAMrUIYauaG6K3DaDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-aiOUvAMrUIYauaG6K3DaDg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX5gnAFg3bptzjhp1Ya8Trd6NFJNK7xm7vvrUtfsbWMhe8yN4f74r4x3DvcUIxxGpIQBWPlTl4E6aoS2EjtL4NcCEZC1ABtEpc17ijXwF6Z-LXV2DZ16dkZLahmFY-AyjM7vMTbWKHtjDJMqZOk7n9EhglgMXj-yu_req65AaoisD81pMDJJXleeUG5
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX5gnAFg3bptzjhp1Ya8Trd6NFJNK7xm7vvrUtfsbWMhe8yN4f74r4x3DvcUIxxGpIQBWPlTl4E6aoS2EjtL4NcCEZC1ABtEpc17ijXwF6Z-LXV2DZ16dkZLahmFY-AyjM7vMTbWKHtjDJMqZOk7n9EhglgMXj-yu_req65AaoisD81pMDJJXleeUG5
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.gDrjrnPLQgI.es5.O/d=1/rs=AJlcJMwzsxvi_vQeucMi1KMBwyQ7Nvg8fA/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5oNV4xnjmp1ChXzBzVzyGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-5oNV4xnjmp1ChXzBzVzyGA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jan 2022 01:01:39 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5oNV4xnjmp1ChXzBzVzyGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-5oNV4xnjmp1ChXzBzVzyGA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8ca26a9f63c847fd0a4cbee6cb6c6ac75e3c2f0d2a932d48e62fecb05523437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 01:01:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9045
x-xss-protection
0
rum
www.mediafire.com/cdn-cgi/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mediafire.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar/file
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
application/json

Response headers

date
Tue, 25 Jan 2022 01:01:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.mediafire.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6d2d9254dd173fcd-YYZ
vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 137D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstt5rnjjorTE2izwHpVv9VLz5fW-xV60XMzJ7oMVYNfd2h2oN5pgV_fY8ho9MHNwCEPF6odw5zIInnZgPcT3SluUKPiYOAvB6YkOma0OatLIJhg0NU&sai=AMfl-YRxx3upHhdY45WqcEgd0lHtTOI1xi3xjb2z7raA6YM_ntrUpPGdZqimmJ499eoi1RI-8aVvxKfii0r-luqDEXYiqpauQl7IohfCSkDH0XIRVIww1586TvVfId25QeFz&sig=Cg0ArKJSzFj0a0BEDDwBEAE&cid=CAASFeRonIka0yxrDnz4AkWyel0gkReI-A&id=lidar2&mcvt=1003&p=420,320,700,656&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220124&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1870779098&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643072498514&rpt=499&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Jan 2022 01:01:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0BA6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshxylQOE1DFoBq_1PazshIY3MAGIStSZD_AQQqtFgZjDsATvwyOZ8NcZyE49LT3HQaCj5g5VH2_kzz3EgvjRk1HwVx4UMSQQHAkuDN05Jo_si1p_g&sai=AMfl-YSHOCStED33dKa0OnnqUY_OZ-jEt6QgLt_2qQMKQUsbL-5JSKuZkK4lXlQYhuhl2uF3823eAu-cjbYTKrQVdKzAebvWRN7uG76SIMaH54oqFlDh1D2NtJI7Qduu&sig=Cg0ArKJSzHUtvectRj4QEAE&cid=CAASEuRoJojrCkE1gnVGxrnTf7sCIA&id=lidar2&mcvt=1000&p=1095,430,1185,1158&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220119&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=215913335&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643072498642&rpt=462&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A045 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 22 Jan 2022 04:20:09 GMT
expires
Sun, 22 Jan 2023 04:20:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
247291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0DCA 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c707353c70c95c839b5743ee973d0f2bb9518adf585a2131a458ba2c8fbb372d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GoL5UnKAkxXgDYsF9XUlJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 25 Jan 2022 01:01:40 GMT
date
Tue, 25 Jan 2022 01:01:40 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-GoL5UnKAkxXgDYsF9XUlJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
pagead2.googlesyndication.com/bg/ Frame A045 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 04:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
73182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13436
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 04:41:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0DCA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=1142847526655018&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A045 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ff2Xdg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=1142847526655018&bg=!sLOls_fNAAZ_DxPPfw87ACkAdvg8WmnQqx8hiraH079rN-R0HlLqBwRYnR85I2JpzaEknjG5I-_TEgIAAACRUgAAAANoAQeZAsmylxub4HUFmS5WvaeV5Sp0-dru-KNteNd9BebLDd0eiSe290hEImQv20fOP60PIDQJgNR2HZMCHf4yjT7j4xEuAPZ6l6e0tWXD4mT5eyYMqVEIXeO1VAROc8Mq2h_-m0opLslskQiAvp57Fxrj9bUQ5aO0LDgEYL5xIYyWsSUaCszBjI6V9V6PQe6uFGfaAruQQHPWz21TFcd0AIpguGkFtyVmiUWIubaoAcZALNywW-bIDJwvdqAun0G6MtmqZnJHvR02m8d4uJkKzsaWKIdV4jlAWbrMxT_nyrgeJLcbpBNXq9hRGX20W1hQitQA7BynrjEhNXaNi_hsbagB2WENt9N2zj4CxDypBxlRQuOBr4vkZol2clFLWpm5XSnJbO-xuKYDenj2sG4YxtdbKtBZJ3IUvqhZqfDDHpJeC68bLh5r3nkiHiRY3dCG4PtBo2CvbbNwVllnifoObiyk-OCm57elX9AxlqgcbXJ3EMW8H2ejxhnbp008_GJLKR5WSN2_-9OX161l8avWcK8wesb8-V3QFtMo3ogFw04UzTzD5gTfq71q2pZ-i8rPclzZf4mu7rznfy8PPDR8_6easdknMr2la0xeda60-Ul-Ar8JIpkGCy9pZJh_n1Ou_r78bN49ACqN6hIRmkoEQYPLTwcBt2KxLLyvCuHfzUcgk-A3J37x2-rsROcR-AGB_Rtb0V_GSI3BKPDTDDtBXEs4g_JPv41qhtxVLOpK4bDQ3RYM_oULtcfHukkLELP2LWbLp6Z9U5yM8JKyd_GdtDSuGxAafano86ThqUPES7PMHb4Fl3B7sUwVsMtrkSHNYmJcSj60ho44dYaV8ix2Fte3FMOIiPIiUBHEw5_shrHhlj2L8vz8ijrHJ3ElMmm0x73SI_VbtycMAQg0MvxLM3KSE_amfpif7O7eOGXxUZeEor2e_wSZjg1qsMfLNg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
checksync.php
contextual.media.net/ Frame 6ADF 		32 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C173%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C262%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.114.160.25 Chicago, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-114-160-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9f27e7c7ec3d9d51a783f48a25b27fddd68fe6169347be67b62efce1d443aaa8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Thu, 27 Jan 2022 01:01:40 GMT
date
Tue, 25 Jan 2022 01:01:40 GMT
content-length
11152
/
onetag-sys.com/usync/ Frame BCC3 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1643072497599
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
pd
us-u.openx.net/w/1.0/ Frame DC46 		1 KB
989 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
b443a19c1ef809ed38af2081695ae0e5e9d90a64b9908b898b9606f5b8653b64

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 25 Jan 2022 01:01:40 GMT
content-type
text/html
content-length
670
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
index.html
cdn.districtm.io/ids/ Frame 5DEB 		116 B
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/

Response headers

date
Tue, 25 Jan 2022 01:01:40 GMT
content-type
text/html
cf-ray
6d2d9259cf6d334e-EWR
age
36309
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 2f04b33f21912079fa9d6afaee0c5dd0.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
-J0nQ9XXEx-mdxMlwypdtC5KJm_hc3EX9aiqYrOyeVv0i0ZbthoKbw==
x-amz-cf-pop
EWR53-C2
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 02E1 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid5.17.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.253.5 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-253-5.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.mediafire.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=145050
expires
Wed, 26 Jan 2022 17:19:10 GMT
date
Tue, 25 Jan 2022 01:01:40 GMT
vary
Accept-Encoding
sync
ups.analytics.yahoo.com/ups/58294/ Frame DC46
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=7e971192-045c-0308-3c00-7d1feb55ff61
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=7e971192-045c-0308-3c00-7d1feb55ff61&verify=true
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=7e971192-045c-0308-3c00-7d1feb55ff61&apid=UP5b13d0c1-7d7a-11ec-95b2-02b1c9ea71a3
0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=7e971192-045c-0308-3c00-7d1feb55ff61&apid=UP5b13d0c1-7d7a-11ec-95b2-02b1c9ea71a3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:41 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=7e971192-045c-0308-3c00-7d1feb55ff61&apid=UP5b13d0c1-7d7a-11ec-95b2-02b1c9ea71a3
date
Tue, 25 Jan 2022 01:01:40 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
pippio.com/api/ Frame DC46
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=0595ed7d-1171-0f21-305e-3ce6456d6ad0
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokMDU5NWVkN2QtMTE3MS0wZjIxLTMwNWUtM2NlNjQ1NmQ2YWQwEAAaDQj0l72PBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=c4120160b022e67307407087e74a7081f1206a730147a2fc6ed5e8fa67a98be2791426b5417dce21&_=2
0
0
sd
us-u.openx.net/w/1.0/ Frame DC46
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8025915137503046458
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8025915137503046458
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:40 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
c694fa6b-23ce-4a65-a6fa-aa29abf1579b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8025915137503046458
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame DC46
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0885ee66-c09c-82bb-af29-3e8214c5c0e8
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0885ee66-c09c-82bb-af29-3e8214c5c0e8&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0885ee66-c09c-82bb-af29-3e8214c5c0e8&dcc=t
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:40 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
71F1T28121Q13X6Y7G7Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:40 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Z7RRV2FV1F02T0VM66JX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0885ee66-c09c-82bb-af29-3e8214c5c0e8&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DC46
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7145531615313356293&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7145531615313356293&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:41 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7145531615313356293&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame DC46
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Ye9L9AABFB0wWQBB
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Ye9L9AABFB0wWQBB&_test=Ye9L9AABFB0wWQBB
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Ye9L9AABFB0wWQBB&_test=Ye9L9AABFB0wWQBB
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643072501.883971,VS0,VE0
x-served-by
cache-yul12833-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Ye9L9AABFB0wWQBB&_test=Ye9L9AABFB0wWQBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
c494f45f-4c9a-ab08-5ef0-aae083a1c641
pr-bh.ybp.yahoo.com/sync/openx/ Frame DC46 		43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c494f45f-4c9a-ab08-5ef0-aae083a1c641?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:efb6:c060:3207:6cbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame DC46
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=5053921b-dc36-3941-6f27-bc157cf60b08&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f89d1432-20a9-426f-b10f-e37544ec2e2b&ttd_puid=5053921b-dc36-3941-6f27-bc157cf60b08
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f89d1432-20a9-426f-b10f-e37544ec2e2b&ttd_puid=5053921b-dc36-3941-6f27-bc157cf60b08
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f89d1432-20a9-426f-b10f-e37544ec2e2b&ttd_puid=5053921b-dc36-3941-6f27-bc157cf60b08
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
293
pixel
cm.g.doubleclick.net/ Frame DC46 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2MzYzQxZDEtMTU0MS02N2U1LTdhYzctZTZhY2I2MTRjNTY4
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DC46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPfQHRIUNNzyohmHNnfKGRA&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPfQHRIUNNzyohmHNnfKGRA&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPfQHRIUNNzyohmHNnfKGRA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 5DEB 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:40 GMT
via
1.1 49830f6fdfb2c3519e81248d6d19f450.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
139921
cf-polished
origSize=3302
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
EWR52-C4
cf-ray
6d2d925a2887334e-EWR
x-amz-cf-id
BpyDbToyYei3igJS0-btMIwCNyxpUBqSub_ItWYhLo4ODW1F01WY8w==
expires
Thu, 27 Jan 2022 01:01:40 GMT
buyers
dmx.districtm.io/s/v1/ Frame 5DEB 		430 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fe62fd17864c09ec63cc8933f9caf84241376e78a3fa604617f2dac71d38702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d2d925a78f9334e-EWR
access-control-allow-headers
Origin, Content-Type
sync
gum.criteo.com/ Frame 6ADF 		61 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C173%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C262%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:40 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1855
strict-transport-security
max-age=31536000; preload;
content-length
175
expires
60
cksync.html
contextual.media.net/ Frame 34A4
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2860741001455533000V10%26type%3Drkt%26refUrl%3D%26vid%3D307250090628607410014555330...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2860741001455533000V10&type=rkt&refUrl=&vid=30725009062860741001455533000V10&ovsid=1978557988489650912
219 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2860741001455533000V10&type=rkt&refUrl=&vid=30725009062860741001455533000V10&ovsid=1978557988489650912
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C173%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C262%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.114.160.25 Chicago, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-114-160-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/

Response headers

server
Apache
content-length
219
content-type
text/html;charset=UTF-8
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
expires
Tue, 25 Jan 2022 01:01:41 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Tue, 25 Jan 2022 01:01:41 GMT

Redirect headers

Date
Tue, 25 Jan 2022 01:01:41 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2860741001455533000V10&type=rkt&refUrl=&vid=30725009062860741001455533000V10&ovsid=1978557988489650912
Content-Length
0
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 6ADF
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=2860741001455533000V10&type=son&refUrl=&vid=30725009062860741001455533000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=2860741001455533000V10&type=son&refUrl=&vid=30725009062860741001455533000V10&ovsid=001ccc16-7030-4a42-b497-660421669fd4
45 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2860741001455533000V10&type=son&refUrl=&vid=30725009062860741001455533000V10&ovsid=001ccc16-7030-4a42-b497-660421669fd4
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C173%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C262%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.114.160.25 Chicago, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-114-160-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 25 Jan 2022 01:01:41 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 25 Jan 2022 01:01:41 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:41 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-13
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2860741001455533000V10&type=son&refUrl=&vid=30725009062860741001455533000V10&ovsid=001ccc16-7030-4a42-b497-660421669fd4
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync
cs.media.net/ Frame 6ADF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjg2MDc0MTAwMTQ1NTUzMzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEFB0g55ACscRov97Le0n6vo&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEFB0g55ACscRov97Le0n6vo&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C173%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C262%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
HTTP/1.1
Server
104.81.240.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:41 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Tue, 25 Jan 2022 01:01:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEFB0g55ACscRov97Le0n6vo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 6ADF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2860741001455533000V10%26type%3Ddxu%26refUrl%3D%26vid%3D30725009062860741001455...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2860741001455533000V10%26type%3Ddxu%26refUrl%3D%26vid%3D30725009062860741...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2860741001455533000V10&type=dxu&refUrl=&vid=30725009062860741001455533000V10&ovsid=ziJGSgz31Ncadn5
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2860741001455533000V10&type=dxu&refUrl=&vid=30725009062860741001455533000V10&ovsid=ziJGSgz31Ncadn5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C173%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C262%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.114.160.25 Chicago, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-114-160-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 25 Jan 2022 01:01:41 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 25 Jan 2022 01:01:41 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:40 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0d4cbbf342c841259@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2860741001455533000V10&type=dxu&refUrl=&vid=30725009062860741001455533000V10&ovsid=ziJGSgz31Ncadn5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 6ADF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0eacd359-ec43-4225-aeba-44ef760beea0
45 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0eacd359-ec43-4225-aeba-44ef760beea0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C173%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C262%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.114.160.25 Chicago, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-114-160-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 25 Jan 2022 01:01:41 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 25 Jan 2022 01:01:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=0eacd359-ec43-4225-aeba-44ef760beea0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
964681
content-length
0
expires
Tue, 25 Jan 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 6ADF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3Dcf6a5d23-7914-4657-a188-1491a4c895...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=058b61ef-4bf3-4c00-894e-359ba6a44298&expires=30&ssp=medianet&bsw_param=cf6a5d23-7914-4657-a188-1491a4c89510&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=cf6a5d23-7914-4657-a188-1491a4c89510&gdpr=0&gdpr_consent=&gdpr_pd=
45 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=cf6a5d23-7914-4657-a188-1491a4c89510&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C173%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C262%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.114.160.25 Chicago, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-114-160-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 25 Jan 2022 01:01:41 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 25 Jan 2022 01:01:41 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=cf6a5d23-7914-4657-a188-1491a4c89510&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Tue, 25 Jan 2022 01:01:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 6ADF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2860741001455533000V10%26type%3Dzem%26refUrl%3D%26vid%3D30725009062860741001455533...
  • https://stags.bluekai.com/site/23178?id=dj36vpd1eyWuOdaoxhXt&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLENIZTM5TQMQYWK6KXOVHWIYLPPBUFQ...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=dj36vpd1eyWuOdaoxhXt&refUrl=&type=zem&vid=30725009062860741001455533000V10&vsid=2860741001455533000V10
45 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=dj36vpd1eyWuOdaoxhXt&refUrl=&type=zem&vid=30725009062860741001455533000V10&vsid=2860741001455533000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C173%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C262%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.114.160.25 Chicago, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-114-160-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 25 Jan 2022 01:01:41 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 25 Jan 2022 01:01:41 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:41 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=dj36vpd1eyWuOdaoxhXt&refUrl=&type=zem&vid=30725009062860741001455533000V10&vsid=2860741001455533000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 6ADF
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2860741001455533000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2860741001455533000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=3e7d8b5f-ba78-4679-9374-3bff24095508&cs=1
45 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=3e7d8b5f-ba78-4679-9374-3bff24095508&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C173%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C262%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.114.160.25 Chicago, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-114-160-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 25 Jan 2022 01:01:41 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 25 Jan 2022 01:01:41 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=3e7d8b5f-ba78-4679-9374-3bff24095508&cs=1
date
Tue, 25 Jan 2022 01:01:41 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
cksync
cs.media.net/ Frame 6ADF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f89d1432-20a9-426f-b10f-e37544ec2e2b
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f89d1432-20a9-426f-b10f-e37544ec2e2b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C173%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C262%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
HTTP/1.1
Server
104.81.240.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 01:01:41 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Tue, 25 Jan 2022 01:01:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f89d1432-20a9-426f-b10f-e37544ec2e2b
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
cksync.php
contextual.media.net/ Frame 6ADF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2860741001455533000V10%26type%3Damb%26refUrl%3D%26vid%3D30725009062860741001455533000V10%26ov...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2860741001455533000V10&type=amb&refUrl=&vid=30725009062860741001455533000V10&ovsid=7073474021275428357
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2860741001455533000V10&type=amb&refUrl=&vid=30725009062860741001455533000V10&ovsid=7073474021275428357
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C173%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C262%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.114.160.25 Chicago, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-114-160-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 25 Jan 2022 01:01:41 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 25 Jan 2022 01:01:41 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=2860741001455533000V10&type=amb&refUrl=&vid=30725009062860741001455533000V10&ovsid=7073474021275428357
pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
PugMaster
image6.pubmatic.com/AdServer/ Frame 02E1 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13034624&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bd933e3575caa591b51fb33f982941559e0a1fdad23b7ba24ce6d1d3c824603c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:39 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
y-hs0ZbxpE2uGTXb0T6MktUCEW0W0K55jV~A~UP5b13d0c1-7d7a-11ec-95b2-02b1c9ea71a3
dmx.districtm.io/s/10051/ Frame 5DEB
Redirect Chain
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP5b13d0c1-7d7a-11ec-95b2-02b1c9ea71a3
  • https://dmx.districtm.io/s/10051/y-hs0ZbxpE2uGTXb0T6MktUCEW0W0K55jV~A~UP5b13d0c1-7d7a-11ec-95b2-02b1c9ea71a3
131 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10051/y-hs0ZbxpE2uGTXb0T6MktUCEW0W0K55jV~A~UP5b13d0c1-7d7a-11ec-95b2-02b1c9ea71a3
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
479d25510d590910b6299bbc7b52a1e561dc81f9ed7f9586150ddbbf017a0d44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 25 Jan 2022 01:01:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d2d925bcb6f334e-EWR

Redirect headers

location
https://dmx.districtm.io/s/10051/y-hs0ZbxpE2uGTXb0T6MktUCEW0W0K55jV~A~UP5b13d0c1-7d7a-11ec-95b2-02b1c9ea71a3
date
Tue, 25 Jan 2022 01:01:41 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
zY2u9c5JdrI7qJX2w01Y
dmx.districtm.io/s/10027/ Frame 5DEB
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=districtm
  • https://us.creativecdn.com/cm-notify?pi=districtm&tc=1
  • https://dmx.districtm.io/s/10027/zY2u9c5JdrI7qJX2w01Y?pi=districtm&tc=1
76 B
192 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10027/zY2u9c5JdrI7qJX2w01Y?pi=districtm&tc=1
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20d959412f74cf38172bafe3e68b97244c2a6439b114c6baad3bd31e50c00488
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 25 Jan 2022 01:01:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d2d925bab44334e-EWR

Redirect headers

location
https://dmx.districtm.io/s/10027/zY2u9c5JdrI7qJX2w01Y?pi=districtm&tc=1
pragma
no-cache
date
Tue, 25 Jan 2022 01:01:41 GMT, Tue, 25 Jan 2022 01:01:41 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
f993fda0-42d5-44ff-8b3d-6c308e681773-61ef4bf5-4341
dmx.districtm.io/s/10001/ Frame 5DEB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96
  • https://dmx.districtm.io/s/10001/f993fda0-42d5-44ff-8b3d-6c308e681773-61ef4bf5-4341
106 B
153 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10001/f993fda0-42d5-44ff-8b3d-6c308e681773-61ef4bf5-4341
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b2b828a35cf11d57bfb251f7914b912a2248b4e163068f35a931c2ecccb13a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 25 Jan 2022 01:01:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d2d925bdb8e334e-EWR

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dmx.districtm.io/s/10001/f993fda0-42d5-44ff-8b3d-6c308e681773-61ef4bf5-4341
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
AAA6m07D3pgAAEFxK6gEmg
dmx.districtm.io/s/10025/ Frame 5DEB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/districtm
  • https://match.prod.bidr.io/cookie-sync/districtm?_bee_ppp=1
  • https://dmx.districtm.io/s/10025/AAA6m07D3pgAAEFxK6gEmg
78 B
132 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10025/AAA6m07D3pgAAEFxK6gEmg
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4161af42caa89aa52b721f6c0fd2d164ec3c7238ba1bd951cc53968d91d7f51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 25 Jan 2022 01:01:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d2d925bfbd5334e-EWR

Redirect headers

location
https://dmx.districtm.io/s/10025/AAA6m07D3pgAAEFxK6gEmg
Date
Tue, 25 Jan 2022 01:01:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
107f1c55-1bbe-48b2-8bba-05cb0953b95a
dmx.districtm.io/s/10059/ Frame 5DEB
Redirect Chain
  • https://match.sharethrough.com/1PQ8qgv7/v1/
  • https://dmx.districtm.io/s/10059/107f1c55-1bbe-48b2-8bba-05cb0953b95a
92 B
142 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10059/107f1c55-1bbe-48b2-8bba-05cb0953b95a
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f951e3a1a2a2ec8addc1ea0006fa62da1b2cd4517538496bcbe74c3edf645ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 25 Jan 2022 01:01:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6d2d925bcb72334e-EWR

Redirect headers

location
https://dmx.districtm.io/s/10059/107f1c55-1bbe-48b2-8bba-05cb0953b95a
date
Tue, 25 Jan 2022 01:01:41 GMT
content-length
0
match
c1.adform.net/serving/cookie/ Frame 45CE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3E8A32ED-6DE8-48EE-AACA-66CCEC6F297D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3E8A32ED-6DE8-48EE-AACA-66CCEC6F297D
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3E8A32ED-6DE8-48EE-AACA-66CCEC6F297D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 25 Jan 2022 01:01:41 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Tue, 25 Jan 2022 01:01:41 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3E8A32ED-6DE8-48EE-AACA-66CCEC6F297D
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 9BA0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ye9L9AABFB0wWQBB&gdpr=0&gdpr_consent=
1 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ye9L9AABFB0wWQBB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 24 Jan 2022 19:06:39 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
va2pug005:0:299
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ye9L9AABFB0wWQBB&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Tue, 25 Jan 2022 01:01:41 GMT
via
1.1 varnish
x-served-by
cache-yul12833-YUL
x-cache
HIT
x-cache-hits
0
x-timer
S1643072501.040180,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame A709
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:058b61ef-4bf3-4c00-894e-359ba6a44298&gdpr=0&gdpr_consent=
42 B
497 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:058b61ef-4bf3-4c00-894e-359ba6a44298&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 24 Jan 2022 19:06:30 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va2pug007:0:620
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 25 Jan 2022 01:01:41 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master iad-pixel-x14 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:058b61ef-4bf3-4c00-894e-359ba6a44298&gdpr=0&gdpr_consent=
Expires
Tue, 25 Jan 2022 01:01:40 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D127
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDY1RVN0QzcGdBQUVDZFFoX0xGdw&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACcTU7D3pgAAECdQh_LFw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partne...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACcTU7D3pgAAECdQh_LFw&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACcTU7D3pgAAECdQh_LFw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_curr...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1938027340317007171
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AACcTU7D3pgAAECdQh_LFw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1938027340317007171%26bee_sync_partners%3Dpm%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?userid=1938027340317007171&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACcTU7D3pgAAECdQh_LFw
42 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACcTU7D3pgAAECdQh_LFw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 24 Jan 2022 19:06:13 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
va2pug001:0:3270
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 25 Jan 2022 01:01:41 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACcTU7D3pgAAECdQh_LFw
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 02E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Pooy7W3oSO6qymbM7G8pfQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Server
104.102.253.5 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-253-5.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:41 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=145049
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 26 Jan 2022 17:19:10 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
396846.gif
idsync.rlcdn.com/ Frame 02E1
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=3E8A32ED-6DE8-48EE-AACA-66CCEC6F297D
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0595ed7d-1171-0f21-305e-3ce6456d6ad0
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0595ed7d-1171-0f21-305e-3ce6456d6ad0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 01:01:41 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 25 Jan 2022 01:01:41 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0595ed7d-1171-0f21-305e-3ce6456d6ad0
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
SPug
image4.pubmatic.com/AdServer/ Frame 02E1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=058b61ef-4bf3-4c00-894e-359ba6a44298
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=058b61ef-4bf3-4c00-894e-359ba6a44298
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 25 Jan 2022 01:01:41 GMT
Server
MT3 4133 baa842e master iad-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=058b61ef-4bf3-4c00-894e-359ba6a44298
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 25 Jan 2022 01:01:40 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 02E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0U4QTMyRUQtNkRFOC00OEVFLUFBQ0EtNjZDQ0VDNkYyOTdE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 20:22:47 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug008:0:376
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 02E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA7LBY429hy9efWOP4-Rf3U&google_cver=1
42 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA7LBY429hy9efWOP4-Rf3U&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:41 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug014:0:2858
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA7LBY429hy9efWOP4-Rf3U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 02E1
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D9CF01CF5CDF4A709152F4177C7AF060
42 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D9CF01CF5CDF4A709152F4177C7AF060
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:41 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug013:0:475
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 25 Jan 2022 01:01:41 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D9CF01CF5CDF4A709152F4177C7AF060
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 24 Jan 2022 01:01:41 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 02E1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7289646803389212165&gdpr=0&gdpr_consent=&us_privacy=
1 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7289646803389212165&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:41 GMT
cache-control
no-store, no-cache, private
x-lat
10:0:433
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7289646803389212165&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 25 Jan 2022 01:01:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 02E1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f89d1432-20a9-426f-b10f-e37544ec2e2b
42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f89d1432-20a9-426f-b10f-e37544ec2e2b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 19:00:47 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug004:0:446
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 25 Jan 2022 01:01:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f89d1432-20a9-426f-b10f-e37544ec2e2b
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
3E8A32ED-6DE8-48EE-AACA-66CCEC6F297D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 02E1 		43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3E8A32ED-6DE8-48EE-AACA-66CCEC6F297D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:efb6:c060:3207:6cbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 02E1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3E8A32ED-6DE8-48EE-AACA-66CCEC6F297D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZkVt5IJE2uXDi_GfoLpsovZ0gDX7urE-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZkVt5IJE2uXDi_GfoLpsovZ0gDX7urE-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZkVt5IJE2uXDi_GfoLpsovZ0gDX7urE-~A&gdpr=0&gdpr_consent=
date
Tue, 25 Jan 2022 01:01:41 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
users
dmx.districtm.io/s/v1/ Frame 5DEB 		0
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jan 2022 01:01:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d2d925d1e3b334e-EWR
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 25 Jan 2022 01:01:41 GMT
cf-ray
6d2d925caf2d8cec-EWR
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
SPug
simage4.pubmatic.com/AdServer/ Frame 02E1 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:01:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
6.adsco.re
URL
https://6.adsco.re/
Domain
4.adsco.re
URL
https://4.adsco.re/
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk
Domain
pippio.com
URL
https://pippio.com/api/sync?pid=5324&it=1&iv=c4120160b022e67307407087e74a7081f1206a730147a2fc6ed5e8fa67a98be2791426b5417dce21&_=2

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 boolean| displayAds function| __d3lUW8vwsKlB__ object| googlefc object| googletag object| pbjs function| refreshSlot function| setMaxBidTargeting object| adLazyLoadQueue function| checkAdUnitView function| checkQueuedAdUnitViews function| gtag object| dataLayer object| amp object| amplitude object| aax function| initDownload object| sticky object| compatSelect object| compat object| nonCompat function| googFooterTranslate function| isWithinRect function| rAb boolean| InfShowNewAds object| allowed undefined| current boolean| isAllowed object| el function| InfCustomFPSTAMobileFunc function| InfCustomSTAMobileFunc function| InfCustomFPSTAFunc function| InfCustomerCallback function| InfPreFastPopAttachCallback function| acceptCookieFooter function| reloadPage function| noop function| ClearStatusMessages function| setCookieSeconds function| Re function| aU function| setCookie function| getCookie function| recordFS function| loadHotjar function| registerGoogleLang function| closeStatusMessage function| showStatusMessage function| trackTurboDownload function| showDesktopDownloadArrow function| hideDesktopDownloadArrow function| onLegacyCopyLink object| __AMPLITUDE__ object| google_tag_manager object| __cfBeacon object| ggeac object| google_js_reporting_queue object| google_tag_data string| GoogleAnalyticsObject function| ga object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked object| MmU5YmQ0NTEzNWY5MDRiYWxvYWRlcl9qcw== string| MmU5YmQ0NTEzNWY5MDRiYWNhY2hlZF9qcw== string| __fcexpdef object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google function| pbjsChunk object| _pbjsGlobals object| mnet object| g367CB268B1094004A3689751E7AC568F number| g object| adscoreVerificationStatus number| freqms number| elapsed number| waitForAdscoreSignature function| UAParser undefined| google_measure_js_timing object| gaplugins object| gaGlobal object| gaData object| closure_lm_964146 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| $jscomp function| $jscomp$lookupPolyfilledValue function| AdscoreInit object| pako string| txt number| a function| ed number| t string| property number| r number| b string| bt object| ampInaboxIframes object| ampInaboxPendingMessages boolean| adscoreInitCalled number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| c42b8cd7-cb51-43fa-a593-4fda57ac4691 object| default_ContributorIabTcfV2SignalJs function| __m0F0sJOg2G__ object| default_ContributorIabCcpaWebSignalJs function| __djmt020195__ object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ object| GoogleGcLKhOms object| google_image_requests

118 Cookies

Domain/Path Name / Value
www.mediafire.com/file/kcomn7v7bfx0r7z/MobiHok-Free-Download-v6-v6,1-Clean.rar Name: g36FastPopSessionRequestNumber
Value: 1
.mediafire.com/ Name: ukey
Value: 1wlyhw9ub1tydpmmrhqw22wxzjib1llu
.mediafire.com/ Name: kcso
Value: 1
.mediafire.com/ Name: conv_tracking_data-2
Value: %7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FChrome%22%2C%22mf_campaign%22%3A%22kcomn7v7bfx0r7z%22%2C%22mf_term%22%3A%221314619a687a9057622cdb57ddd0b7f9%22%7D
.mediafire.com/ Name: __cf_bm
Value: irYO_eiiZ_RBmIlhWfeoXZa8az1rflzwQoLVvYkg_Tg-1643072496-0-AVqv6I+mIjZhDhm60preUZTjPEStbXGElHv1CAQE8tdLgdYOPcbsgbKCNu1GHeAv6nPm4IR5pvE1rSYiZ7g8EDM=
.mediafire.com/ Name: amp_28916b
Value: duJrFMM_5jLDTA2OmJSFjc...1fq7c19gi.1fq7c19gk.0.1.1
.aaxads.com/ Name: aax-vsid
Value: 2860740971455596000V10
.mediafire.com/ Name: _ga
Value: GA1.2.1164219392.1643072498
.mediafire.com/ Name: _gid
Value: GA1.2.183648250.1643072498
.mediafire.com/ Name: _gat_gtag_UA_829541_1
Value: 1
.openx.net/ Name: i
Value: 83ffad42-75b1-06b6-35f1-74fd18d138f5|1643072497
www.mediafire.com/ Name: aasd
Value: 3%7C1643072497591
www.mediafire.com/ Name: __aaxsc
Value: 2
www.mediafire.com/ Name: a
Value: hGxakSVTBgyGdJbwV2AcT4Vm30SBQilx
.casalemedia.com/ Name: CMPS
Value: 469
.casalemedia.com/ Name: CMID
Value: Ye9L8vEu.ZucI7-t1oyNigAA
.casalemedia.com/ Name: CMPRO
Value: 479
.adnxs.com/ Name: uuid2
Value: 8025915137503046458
www.mediafire.com/ Name: token_QlJAAAAAAAAArRMIRsGBk-hpXXMDyS9EWV8qBEI
Value: BAoAYe9L8gFh70vygAGBAcAAIN38sNf9ZuGsbxwDZx_lLhSAJxkfkr3wihB8aZyY_KJswQAgDv9IlCV_Eo61oHGeZtq-RsYi7JDdp8MVDklrxOukZpLCACDILayLqG0f284A33gUQNJCZ86YA6pDdkqxHkIlYQuFrcQAECYHUwAAYHhnAAAAAAAAABHFABDZe6TUsLGYiBW4lXzgI864wwAgem1mrDWptTvJzVOG6Geh3fOyG_FREAIIb4fG3vqmCB4
.doubleclick.net/ Name: IDE
Value: AHWqTUlN8rn6wWiHc2XmV89P4ZiH7zfFoopZPD6FTzhME08DzyzQtJEQLG__kDxvePw
.mediafire.com/ Name: __gads
Value: ID=c9e28495bbbaf22e:T=1643072497:S=ALNI_Ma6OXoxTD9kEmNXeAiK1snewMshnA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IlawRGO2!]tck8i_iqf!oN/@E'zz<*Z0Q89NF-rvgCxk:Nlpr!.Le!:1GD%y#W6j.eVF<QG=%9sk@3@'s>T?wWVT
.casalemedia.com/ Name: CMST
Value: Ye9L8mHvS-MA
.casalemedia.com/ Name: CMRUM3
Value: 2d61ef4bf32760CAESEDZ4YY8vWxoX9XgrtnqbP0Q
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A1262229544965651464
.emxdgt.com/ Name: uid
Value: 57411643072499448912aa
.mathtag.com/ Name: uuid
Value: 058b61ef-4bf3-4c00-894e-359ba6a44298
.mathtag.com/ Name: mt_mop
Value: 4:1643072499
.adsrvr.org/ Name: TDID
Value: f89d1432-20a9-426f-b10f-e37544ec2e2b
.emxdgt.com/ Name: apn_id
Value: 8025915137503046458
.mediafire.com/ Name: FCNEC
Value: [["AKsRol9qsDWh_1Um-wu1mFSuwSw3k2JRLFkt7C8BI5Z9ZC_oNNuIBlyDoqXa4We8gxNZnlENCRuDdz4N9faroygVbfFKcmNm5z6qGTCrr6tBpMQkVPmRO0VPyWoJTAJWDHOhvnNgKOuLL9eqakk5l_W6DD-rTvwhYQ=="],null,[]]
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: id5
Value: 240c6641-0f87-4fd5-8e96-27245cce57ce#1643072500116#1
.socdm.com/ Name: SOC
Value: Ye9L88Co8XUAAFN.YREAAAAA
.id5-sync.com/ Name: 3pi
Value: 0#1643072500227#48
.id5-sync.com/ Name: callback
Value:
.openx.net/ Name: pd
Value: v2|1643072500|vMbwgag2gKvPhEkWgyiK
.openx.net/ Name: univ_id
Value: 537072971|f89d1432-20a9-426f-b10f-e37544ec2e2b|1643072500840455
.media.net/ Name: visitor-id
Value: 2860741001455533000V10
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Ye9L9AABFB0wWQBB
.yahoo.com/ Name: A3
Value: d=AQABBPRL72ECECkHn2jrLYOTrSMD63yDPfgFEgEBAQGd8GH5YQAAAAAA_eMAAA&S=AQAAAoUbVld5WlvItCdRuHT8EYU
.advertising.com/ Name: APID
Value: UP5b13d0c1-7d7a-11ec-95b2-02b1c9ea71a3
.amazon-adsystem.com/ Name: ad-id
Value: A5yr8GmiDUGIjibNz0pbVp4
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.criteo.com/ Name: uid
Value: 0eacd359-ec43-4225-aeba-44ef760beea0
.zemanta.com/ Name: zuid
Value: dj36vpd1eyWuOdaoxhXt
.creativecdn.com/ Name: u
Value: zY2u9c5JdrI7qJX2w01Y
.creativecdn.com/ Name: ts
Value: 1643072501
.go.sonobi.com/ Name: __uis
Value: 001ccc16-7030-4a42-b497-660421669fd4
.go.sonobi.com/ Name: HAPLB8S
Value: s8713|Ye9L9
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3E8A32ED-6DE8-48EE-AACA-66CCEC6F297D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158936:2
.pubmatic.com/ Name: DPSync3
Value: 1644278400%3A201_197%7C1643673600%3A164%7C1643155200%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1644278400%3A13_22_166_7_71_220_21_54%7C1643673600%3A223_2
.sitescout.com/ Name: ssi
Value: f993fda0-42d5-44ff-8b3d-6c308e681773#1643072501020
.bidswitch.net/ Name: tuuid
Value: cf6a5d23-7914-4657-a188-1491a4c89510
.bidswitch.net/ Name: c
Value: 1643072501
.bidswitch.net/ Name: tuuid_lu
Value: 1643072501
.media.net/ Name: data-c
Value: 0eacd359-ec43-4225-aeba-44ef760beea0~~1
.media.net/ Name: data-c-ts
Value: 1643072501
.yahoo.com/ Name: APID
Value: UP5b13d0c1-7d7a-11ec-95b2-02b1c9ea71a3
.yahoo.com/ Name: APIDTS
Value: 1643072501
.sharethrough.com/ Name: stx_user_id
Value: 107f1c55-1bbe-48b2-8bba-05cb0953b95a
.w55c.net/ Name: wfivefivec
Value: ziJGSgz31Ncadn5
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI7NHk64jqrzoQBRIUCgVvcGVueBILCNj9kfiI6q86EAUSFwoIcHVibWF0aWMSCwjI_bj6iOqvOhAFGAEgASgCMgsIyPW7p5_qrzoQBTgBWghwdWJtYXRpY2AC
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~22up
.sitescout.com/ Name: _ssuma
Value: e30
.media.net/ Name: data-so
Value: 001ccc16-7030-4a42-b497-660421669fd4~~8
.rlcdn.com/ Name: rlas3
Value: n/Mua5iYy3aZFIQvw5D6w+o/1YNrrx1Z3eg3XQj7Hxc=
.rlcdn.com/ Name: pxrc
Value: CPSXvY8GEgUI6AcQABIFCOhHEAASBgi46wEQAQ==
.w55c.net/ Name: matchmedianet
Value: 5
.mfadsrvr.com/ Name: tuuid
Value: 3e7d8b5f-ba78-4679-9374-3bff24095508
.mfadsrvr.com/ Name: c
Value: 1643072501
.mfadsrvr.com/ Name: tuuid_lu
Value: 1643072501
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AACcTU7D3pgAAECdQh_LFw
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Ye9L9AABFB0wWQBB&KRTB&22978-Ye9L9AABFB0wWQBB&KRTB&23194-Ye9L9AABFB0wWQBB&KRTB&23209-Ye9L9AABFB0wWQBB
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-f89d1432-20a9-426f-b10f-e37544ec2e2b&KRTB&22918-f89d1432-20a9-426f-b10f-e37544ec2e2b&KRTB&23031-f89d1432-20a9-426f-b10f-e37544ec2e2b
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:058b61ef-4bf3-4c00-894e-359ba6a44298&KRTB&16736-uid:058b61ef-4bf3-4c00-894e-359ba6a44298&KRTB&23019-uid:058b61ef-4bf3-4c00-894e-359ba6a44298&KRTB&23208-uid:058b61ef-4bf3-4c00-894e-359ba6a44298
.turn.com/ Name: uid
Value: 7289646803389212165
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEA7LBY429hy9efWOP4-Rf3U&KRTB&22987-CAESEA7LBY429hy9efWOP4-Rf3U&KRTB&23025-CAESEA7LBY429hy9efWOP4-Rf3U
.mfadsrvr.com/ Name: ssh
Value: !medianet,1643072501
.media.net/ Name: data-xu
Value: ziJGSgz31Ncadn5~~8
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7289646803389212165
.adform.net/ Name: uid
Value: 5362083196132977626
.media.net/ Name: data-amb
Value: 7073474021275428357~~8
.media.net/ Name: data-bs
Value: cf6a5d23-7914-4657-a188-1491a4c89510~~1
.media.net/ Name: data-mf
Value: 3e7d8b5f-ba78-4679-9374-3bff24095508~~1
.simpli.fi/ Name: suid
Value: D9CF01CF5CDF4A709152F4177C7AF060
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:D9CF01CF5CDF4A709152F4177C7AF060
.media.net/ Name: data-ze
Value: dj36vpd1eyWuOdaoxhXt~~8
.media.net/ Name: data-g
Value: CAESEFB0g55ACscRov97Le0n6vo~~8
.contextweb.com/ Name: V
Value: DD3nIjjq3lOP
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1bsk|7dN.0.AACcTU7D3pgAAECdQh_LFw
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d06115e6efc73b50
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrQ0tzA1Nbe0sDCxsDQzNbA0NBLiM9QNNyqxMDYNs4x3cnEDALPZd2ElAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrQ0tzA1Nbe0sDCxsDQzNbA0NBLiM9QNNyqxMDYNs4x3cnGT4jU0MzE2MDcyNTA0MjIEAL13Tiw0AAAA
.media.net/ Name: data-ttd
Value: f89d1432-20a9-426f-b10f-e37544ec2e2b~~1
.media.net/ Name: data-rk
Value: 1978557988489650912~~8
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2FqQXJJR0d6STBRVlJuUkhod2NISklVVTFoVkZkbk9YbEhhMGxMZUhGYVZib0dOd2lSVGhJeVpqazVNMlprWVRBdE5ESmtOUzAwTkdabUxUaGlNMlF0Tm1Nek1EaGxOamd4TnpjekxUWXhaV1kwWW1ZMUxUUXpOREc2QmhzSXFVNFNGa0ZCUVRadE1EZEVNM0JuUVVGRlJuaExObWRGYldlNkJnTUlxazY2QmhrSXEwNFNGSHBaTW5VNVl6VktaSEpKTjNGS1dESjNNREZadWdZRENLNU91Z1lEQ0xCT3VnWlFDTU5PRWt0NUxXaHpNRnBpZUhCRk1uVkhWRmhpTUZRMlRXdDBWVU5GVnpCWE1FczFOV3BXZmtGK1ZWQTFZakV6WkRCak1TMDNaRGRoTFRFeFpXTXRPVFZpTWkwd01tSXhZemxsWVRjeFlUTzZCaWtJeTA0U0pERXdOMll4WXpVMUxURmlZbVV0TkRoaU1pMDRZbUpoTFRBMVkySXdPVFV6WWprMVlRPT0iLCJpYXQiOjE2NDMwNzI1MDF9.HDFyNrh9NL7Nil3G-jeIKLDv5C1wDXeNjSvug-fWHF5r6IYDEW4K4F14ou2zbQ3jBZVS6ntvuqTFMqnvWzMAvQ
.smartadserver.com/ Name: pid
Value: 1938027340317007171
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AACcTU7D3pgAAECdQh_LFw
.technoratimedia.com/ Name: tads_uid
Value: 67195F5150E840A7B9D99FB8EC72047D
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220124200141-0500
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AACcTU7D3pgAAECdQh_LFw
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACcTU7D3pgAAECdQh_LFw
.pubmatic.com/ Name: PugT
Value: 1643051173
.pubmatic.com/ Name: SPugT
Value: 1643072502

1 Console Messages

Source Level URL
Text
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=TEn7zLzlNFunX9pnnbs=&google_push=AYg5qPITcdt-ta5Tv6isFarm9kOb_nVMqbO4zU2lh8CHrzRk63oyWN3yoF8C87DAO5JAj7_3tWvNKhlcitbfN2z7aE4IpQujVZMJ8tk
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
ad.turn.com
ads.pubmatic.com
adsco.re
adservice.google.com
api.amplitude.com
b1sync.zemanta.com
bh.contextweb.com
btlr.sharethrough.com
c.aaxads.com
c.adsco.re
c1.adform.net
cdn.amplitude.com
cdn.districtm.io
cdn.otnolatrnup.com
cm.g.doubleclick.net
contextual.media.net
cs.emxdgt.com
cs.media.net
d13c7cd38934c141d22fee82f591dbbc.safeframe.googlesyndication.com
dis.criteo.com
dmx.districtm.io
dsp.adkernel.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jpb4huqkvfk7.l4.adsco.re
jpb4huqkvfk7.n4.adsco.re
jpb4huqkvfk7.s4.adsco.re
l3.aaxads.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mediafire-d.openx.net
onetag-sys.com
otnolatrnup.com
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel.advertising.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
stags.bluekai.com
static.cloudflareinsights.com
static.mediafire.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.mathtag.com
sync.technoratimedia.com
tg.socdm.com
tpc.googlesyndication.com
translate-pa.googleapis.com
translate.google.com
translate.googleapis.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
www.aaxdetect.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.mediafire.com
x.bidswitch.net
4.adsco.re
6.adsco.re
cm.g.doubleclick.net
pippio.com
104.102.253.5
104.114.160.25
104.16.202.237
104.16.68.69
104.36.115.111
104.36.115.113
104.36.115.114
104.81.240.21
104.91.106.207
104.97.113.145
124.146.215.46
142.250.176.194
142.250.65.162
142.250.80.34
15.197.193.217
151.101.66.49
162.252.214.5
173.223.56.123
174.137.133.49
185.167.164.49
185.184.10.30
185.200.116.90
185.200.118.90
193.122.130.38
198.148.27.140
198.8.71.129
199.187.193.185
207.198.113.179
209.54.180.3
23.52.162.21
2600:1f18:4e9:5a02:efb6:c060:3207:6cbc
2606:4700::6810:5f41
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2606:4700::6813:d625
2606:4700::6813:d725
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200e
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80e::2003
2607:f8b0:4006:816::2003
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2008
2607:f8b0:4006:820::2006
2607:f8b0:4006:822::2001
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::2003
2607:f8b0:4023:1404::9c
2620:100:a001::c
2620:112:f006:bbbb::12
2a03:2880:f112:182:face:b00c:0:25de
34.107.148.139
34.200.124.21
34.236.79.15
34.98.64.218
35.175.84.112
35.190.60.146
35.207.24.140
35.211.178.172
35.244.159.8
38.132.109.186
44.196.51.251
51.222.39.185
52.116.221.248
52.26.226.86
54.175.87.114
54.192.100.135
54.236.200.174
54.85.104.149
64.202.112.95
68.67.181.202
69.166.1.10
74.119.119.150
74.121.140.14
8.28.7.83
00de3a8b534ab3f1eb3e62ef737340a791f5c4408cf651563d441ccb62d6d3da
03c8d2dc7d985c3004ff2cd6d8148dd03560f37ed15efdf6c2d7f4d771d0e599
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf
0a612f80951870a7ce65c815c1ea34349df609519d894ed5dfd2e2308c1664b7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ec47383b2dbdefc49b74d00351f225657afbbaf3946816fc05b78380ef67d82
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9
174d0ce23ddaa3923575af7a8e047e1dbf75199ebee7df1aca5e5713c4a1dd62
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1b2b828a35cf11d57bfb251f7914b912a2248b4e163068f35a931c2ecccb13a0
1d5577e19a9bf74f16bdca1ca37ad3d2da078145c515d98d3052d5c9f067274d
1d8cdffd34822837be8f1505dd8ee799b99300a7afc80a180952b97a032942c0
2039ba642eb72676602b56aeeae8a9953e8c3f87b7d0e9606329174baeac408a
20d959412f74cf38172bafe3e68b97244c2a6439b114c6baad3bd31e50c00488
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
2f951e3a1a2a2ec8addc1ea0006fa62da1b2cd4517538496bcbe74c3edf645ef
338f73e0a5a7977994e85d2e2f8b477377637329f784cc4fe75ebf0fa0a8d582
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
397291ff5a0d91671db16bb187479b58994851ba738cf4a1943879b9b5174f3f
39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699
39fadf30edeffb402b69fd6357a8e812dc14c6c9069975517183ae68d0361705
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
46f889b299c4cf465ea6b35fb7a55d5bc73c39e6a87236b3f605a390153efe62
479d25510d590910b6299bbc7b52a1e561dc81f9ed7f9586150ddbbf017a0d44
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8ca2b68009c58cbbecfe494876ce38cf01cbc2e85ce802924359ada6bcecf0
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b98079945466709a8bdad26b6d2f1fb8b541539cfc5489092d4f251683722d
5916bff90aaf09e8c6d3779bbca63db25278a56ad75afb7c0351c67798048481
5a39730df25a30a8453ed3206ed5d88f56f774f8709c9e9bd59378153c6acf80
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5e46484286c90cb4aea34abdd9b242b4e2ab985af692be837028b37296b2cd83
614133818f8a85903004d8c00b079830eae4a8153004563f64660f2ca8e7bb13
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66b9791ec8c14cbf13a61f92857e84d9c143b2ff278035a90ba86b94b7aa09de
6ada0f58395dc268986c32e5e5348608b43f61564220b6ac70a5df5bc050f84d
6fe62fd17864c09ec63cc8933f9caf84241376e78a3fa604617f2dac71d38702
701b6407a797dae56d36c4fb01962b613c3b33813cacb40fb60b9ff42cf43d5a
713b207214d5d6b43b60c0ddfa6ed0bbeac7ed114a75920591facfffc57e4ad0
720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142
76c3e086b35b8390e03906dfa7e5d9ca47d95ca6ad0be740779b3d922b6f89ed
76d60dac57a96d305da74aef56f2a2a4359bbaacc3433b21541cbe00e8029e38
771c0221504a9f74728817281e5003800cc6c2092d6de69e5dd6bc2758c4ca21
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b3f606f1030774bf92e17751532cb06d78b6f54728c2951ab388c1665b56a2e
7ba1bc2084def769e77a7dbf97cd91d68fe6c6d55b5d183a7d36630da8da2b02
7f5b4871b7127b7f7687c9d07d8c19b0c6d621c06377499407f2c4965d435fe7
82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
872890c5623628fc32f2bfcacd96f0cbf2226304412a28475ef6567a784c4082
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8
9f27e7c7ec3d9d51a783f48a25b27fddd68fe6169347be67b62efce1d443aaa8
9fcfffc318101ed6eb78278335f8e961a3742a3187ec7623749b98406414ceb8
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4161af42caa89aa52b721f6c0fd2d164ec3c7238ba1bd951cc53968d91d7f51
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acf3a01aa1b63a4ab6cca270b4fa30cb7c574166ac4897b25dfa71117cecc637
ad6ed2710d6e44ce6b19f55d0f0830572c34517725b2b4e38cf363aedbccef05
ae184279f2210c81144e51b70c0ec68b30855314f1b69c4fbbd26363366f400a
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b443a19c1ef809ed38af2081695ae0e5e9d90a64b9908b898b9606f5b8653b64
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
b8ab09d4e27b389027f1bc776befc8a0906746972d6017e075391d3c6292af01
b8ca26a9f63c847fd0a4cbee6cb6c6ac75e3c2f0d2a932d48e62fecb05523437
b9e44b7961ec5e28dc6d77d37bb4fc18823ec8eede632efae54487e9a19527a3
bc3577940a2ea0e607e8cbd55536c356c23ece175c027fc9bddd448d10542d56
bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06
bd933e3575caa591b51fb33f982941559e0a1fdad23b7ba24ce6d1d3c824603c
c183665e382cdeb42cbeb72042eaf5610b666059061cac0e998930884b01f8a7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c707353c70c95c839b5743ee973d0f2bb9518adf585a2131a458ba2c8fbb372d
cb17c161c34d66467614bac8254ca44ce6ee01987926b66a1a6f6ec359acc9af
cbb99c4149249b280f1d3d924d9bdd29a4a14cba1e71775fb3bdbdf13ebd5a48
cc2b3ca8c4be2d5c3f446cc98c0bad919f76ce3cda5c097597981b9e26469458
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9b86c8de4422e66eeb0d0ab9074f51434eca690fd0caf96e7eade4ea726e32f
db8cd6869bb01edb47b5de6b8665c2464f7a793508a45944d2911498f70b85c8
dc54b817820f14ce6395ba2a037f37d4bb0af75d5b017336140793fbe2f7f738
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65145e26e15db20dcfcb6b8dda79c3def5a79406206e5c1391c011581cc53fb
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
eac075e804e8b9de8cc97d606eca4d0b15e2fb38bbb612fd72750428fd3ca726
eb13d266821176f5ccc71729d9452a0928c49bfaf06dd09e246567055f41907b
ecae715341645fcb5a95f62c8d6a32f2b8b9e5a3bae5d3430f7d261f0e029cc2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061
fa20878dee0f3bebea0b45af7568851dfc928387483b197fdbe5da34a7bfc467
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505