one.andro.plus Open in urlscan Pro
2606:4700:3032::6815:366f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://one.andro.plus/region.php
Submission: On July 20 via api (July 20th 2023, 4:46:59 am UTC) from US — Scanned from US

Summary HTTP 98 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 18 domains to perform 98 HTTP transactions. The main IP is 2606:4700:3032::6815:366f, located in United States and belongs to CLOUDFLARENET, US. The main domain is one.andro.plus.
TLS certificate: Issued by E1 on June 26th 2023. Valid for: 3 months.

This is the only time one.andro.plus was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3032::6815:366f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:805::2013	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:806::200a	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
9	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:806::2002	15169 (GOOGLE) (GOOGLE)
7	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
27	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
1 3	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	172.217.13.98 172.217.13.98	15169 (GOOGLE) (GOOGLE)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	3.211.253.240 3.211.253.240	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
98	20

3 2606:4700:3032::6815:366f (United States)

ASN13335 (CLOUDFLARENET, US)

one.andro.plus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::2013 (Montreal, Canada)

ASN15169 (GOOGLE, US)

code.getmdl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:806::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:807::2004 (Montreal, Canada) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.253.240 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-253-240.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	criteo.net static.criteo.net — Cisco Umbrella Rank: 595 imageproxy.us.criteo.net — Cisco Umbrella Rank: 2664 csm.us.criteo.net — Cisco Umbrella Rank: 2659	461 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 tpc.googlesyndication.com — Cisco Umbrella Rank: 153	254 KB
15	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 243	60 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	182 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 117 www.google.com — Cisco Umbrella Rank: 3	2 KB
3	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 2578 cat.va.us.criteo.com — Cisco Umbrella Rank: 2505 rtb.va.us.criteo.com — Cisco Umbrella Rank: 6017	67 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74 ajax.googleapis.com — Cisco Umbrella Rank: 406	32 KB
3	andro.plus one.andro.plus	5 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 346	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 386	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	113 KB
2	getmdl.io code.getmdl.io — Cisco Umbrella Rank: 56637	199 KB
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 931	451 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 7130	542 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 5452	620 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 372	863 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1150	603 B
0	yandex.ru Failed an.yandex.ru Failed
98	18

	Domain	Requested by
27	imageproxy.us.criteo.net	ads.us.criteo.com
15	pagead2.googlesyndication.com	one.andro.plus pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com googleads.g.doubleclick.net
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net code.getmdl.io
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
7	static.criteo.net	ads.us.criteo.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	one.andro.plus	one.andro.plus
2	x.bidswitch.net	2 redirects
2	match.adsrvr.org	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	code.getmdl.io	one.andro.plus
2	fonts.googleapis.com	one.andro.plus googleads.g.doubleclick.net
1	trace.mediago.io	1 redirects
1	dsp.adkernel.com	1 redirects
1	fksnk.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	rtb.va.us.criteo.com	googleads.g.doubleclick.net
1	csm.us.criteo.net	ads.us.criteo.com
1	cat.va.us.criteo.com	ads.us.criteo.com
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	one.andro.plus
0	an.yandex.ru Failed	googleads.g.doubleclick.net
98	27

This site contains links to these domains. Also see Links.

Domain
github.com
paypal.me
ali.ski
shrsl.com
amzn.to
fas.st
androplus.org

Subject Issuer	Validity	Valid
andro.plus E1	`2023-06-26` - `2023-09-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
code.getmdl.io GTS CA 1D4	`2023-06-11` - `2023-09-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-27` - `2023-09-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2023-10-13`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-04` - `2023-08-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://one.andro.plus/region.php
Frame ID: DF24B0773A5EA0D0986CDC9FD5C4A50C
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230718/r20190131/zrt_lookup.html
Frame ID: 6007D486071C9439B47158196624A234
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0606165858439985&output=html&adk=1812271804&adf=3025194257&lmt=1689828414&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x945_l%7C356x945_r&format=0x0&url=https%3A%2F%2Fone.andro.plus%2Fregion.php&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689828414458&bpp=4&bdt=966&idt=247&shv=r20230718&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5195813492750&frm=20&pv=2&ga_vid=896067393.1689828415&ga_sid=1689828415&ga_hid=1280605559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441&oid=2&pvsid=1066319279155254&tmod=1372530081&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=271
Frame ID: 9E44B4A8FD2F3B7627439869CF285B3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0606165858439985&output=html&h=280&slotname=4627493881&adk=2842425980&adf=2807604572&pi=t.ma~as.4627493881&w=780&fwrn=4&fwrnh=100&lmt=1689828414&rafmt=1&format=780x280&url=https%3A%2F%2Fone.andro.plus%2Fregion.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689828414462&bpp=2&bdt=970&idt=275&shv=r20230718&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5195813492750&frm=20&pv=1&ga_vid=896067393.1689828415&ga_sid=1689828415&ga_hid=1280605559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441&oid=2&pvsid=1066319279155254&tmod=1372530081&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gTyToZYN7X&p=https%3A//one.andro.plus&dtd=281
Frame ID: 82798653F0716F53DFD4F6149DB2358C
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZLi8PgAMC4MIaBaRAAWTYzk2YEmXVFHJ5giuyA&u=%7CsHXFDXVzhVBxXNULHRMFDvu2o1QkKXgHIdYyeRNeux0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cwEiNEA-rLW0qaIy2FlgcnOOLeQ6LAZ1RDzA1T7s3yrDsA5Odbi9_MoyzQfQkdqxol7tOGO2H0sehEtnrzuxiqRi8D4Uu6KKypL-4i7gIqnfL0aibecwTgGYYciNBDwo3M5IwturaNWKSYzkGRMHw9rBZs9cpDmr87KGLyCg2SAxbto31ejSsaKyNOOhiSDhqU6YZgSf3ukKz5pVw9Qq3ZGNoNRm41OQmtLVNIuWHqJuYQ-sjJgT8HJVwRg7TA48b_1f_ns0jRf_BE8IiqfH_hmzRArkVL081VQ_hnhNO0Dt9xeyb5-Bg4uWN5G4A5OCOuD49UO6jCc6pbl-J0BKjX0sy6U3FK5lxUBw3_aPxwVF05ahPR8M4A6lEtMZwNlVeH47FOvRzLHHTgr0rtGgEPOf3pCdr7ul-IvIz4tyNrdKHMQKZRjy0KBU3DkwGwjLfhZUm5B5_NmOndMLSTeLn_Aov1OYaKEXdS4uEZxpALSHpx8pP4LIIA-Mv6nUokIXO8fdkyiEJVjzmJffUGBS1l1eMJRD2EkjDtgtuNctYxEA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy1JPPry4ZIOXMJGtoPMP46aWsA2cge-wXJKat4ynAcCNtwEQASAAYKECggEXY2EtcHViLTA2MDYxNjU4NTg0Mzk5ODXIAQmoAwHIAwKqBOUBT9Bg8Ii99KM-4JRaaWKtk7RoS6fSMvgEvSUbsS2hnqwpnVMr5SECz7KaoiXDsk0YEkJoxpmA-4uy2IA7YopLYfRedMmN8CikZFyA6WhzMY-4heQ-de0-EvFw7sIG54SQTSfuzotPPknJwyXp3pEmoLitIevkKNmEh_0t7BIsU4gJctAxtIn2m4BCfabxSgV5-h_CGYGxdWapuHsiAjnmy92ruoRTMX-ATYGfir0XgfkBZ_7W9GW-pO9b0Xr14-PBDE7EKzcWVsoIa8osxUo34Fo2_B3vlKBvbNwIkKoPxN_4Mw9RfYAG7q7LzN6986wqoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1zZhYze7vbuP1fW69BN0J0V0kXDA%26client%3Dca-pub-0606165858439985%26adurl%3D
Frame ID: 97230089A64EA68B2F9E21AF7DCE760E
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0606165858439985&output=html&h=280&slotname=4627493881&adk=2842425980&adf=2807604572&pi=t.ma~as.4627493881&w=780&fwrn=4&fwrnh=100&lmt=1689828414&rafmt=1&format=780x280&url=https%3A%2F%2Fone.andro.plus%2Fregion.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689828414462&bpp=2&bdt=970&idt=275&shv=r20230718&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5195813492750&frm=20&pv=1&ga_vid=896067393.1689828415&ga_sid=1689828415&ga_hid=1280605559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441&oid=2&pvsid=1066319279155254&tmod=1372530081&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gTyToZYN7X&p=https%3A//one.andro.plus&dtd=281
Frame ID: D9A502FFA40638D1ADCD3C86024D344B
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7C1BDF00F090E3FF0D70437346A14AC9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4420D2C4C9FBBF82BF52F2B97B866AF9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DC9D854CA3F9AA6B0480CB79AB33CD57
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DF11C33CA17A34E8DE3358562F130C14
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHXiv2Zk-prJL7FgPqrpMWRmFmfvuFMWFBKWE-bwhsU.js
Frame ID: C0BBAE5F93D3320CB8E3FAB8342E4385
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OPLUS Region NetLock Unlock Code Generator

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href="[^"]*material(?:\.[\w]+-[\w]+)?(?:\.min)?\.css
(?:/([\d.]+))?/material(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

98
Requests

92 %
HTTPS

72 %
IPv6

18
Domains

27
Subdomains

20
IPs

2
Countries

1375 kB
Transfer

2460 kB
Size

18
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/sponsors/AndroPlus-org?frequency=one-time
Title: GitHub Sponsors

Search URL Search Domain Scan URL

URL: https://paypal.me/androplus?country.x=US&locale.x=en_US
Title: PayPal

Search URL Search Domain Scan URL

URL: https://ali.ski/gtlTdo
Title: AliExpress

Search URL Search Domain Scan URL

URL: https://shrsl.com/3xwn7
Title: GIZTOP

Search URL Search Domain Scan URL

URL: https://amzn.to/3SnsEuC
Title: Amazon

Search URL Search Domain Scan URL

URL: https://fas.st/KdI_3C
Title: REDMAGIC

Search URL Search Domain Scan URL

URL: https://github.com/AndroPlus-org/magisk-module-oplus-cn2global
Title: my Magisk module

Search URL Search Domain Scan URL

URL: https://androplus.org/en/
Title: AndroPlus

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEm0MzxY9auxnbRVHOpoMqg&google_cver=1&google_push=AaAOQGHjF37iwREI0ku1nrgWN6PkQTLINB9Jx7j8EzcoU3CtF_irAnaiSxWhp2qMl5ya442jc3tYD28QE2hVqZbCwB_SBKtRLLILfLI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGHjF37iwREI0ku1nrgWN6PkQTLINB9Jx7j8EzcoU3CtF_irAnaiSxWhp2qMl5ya442jc3tYD28QE2hVqZbCwB_SBKtRLLILfLI

Request Chain 87

https://match.adsrvr.org/track/cmf/google?google_gid=CAESENycEa3N211bqYXHHNsy79U&google_cver=1&google_push=AaAOQGGbouBSYXauilkyYLwMaG80FyBPhjbSCHNjcTa9Yf15TXCE5Poy0hx_5g986LI3WIS2uFxIEEOu6VmDSHWMqpDdtar1b1AgbmE HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESENycEa3N211bqYXHHNsy79U&google_cver=1&google_push=AaAOQGGbouBSYXauilkyYLwMaG80FyBPhjbSCHNjcTa9Yf15TXCE5Poy0hx_5g986LI3WIS2uFxIEEOu6VmDSHWMqpDdtar1b1AgbmE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzE1ZDc3ODYtYTNiOS00NWMwLTk2ZGItNDcyMGU5N2MwZjQ3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=315d7786-a3b9-45c0-96db-4720e97c0f47

Request Chain 88

https://fksnk.com/cs/google?google_gid=CAESEE12kZgr-KKGk60JnfIKaUM&google_cver=1&google_push=AaAOQGH8OaHqV6cWRRXOBM8Qd1Pb-htNvdMlssSq5cgVvSDU_mPnbEOj-zzHamtPjY0PzYeA4ybDrlJ8moQGt4BoWVtM5ak1lSQlTQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUZFMjY2RkExQTBCMUZGQw==

Request Chain 89

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFA7mMpUTTNrh-Lo6S9y6aQ&google_cver=1&google_push=AaAOQGFCxbQTQoubnM9438HLscpKHfDkdAhpjlUTbXhH1eqOYtLWyYldvaPW0Cf13cuoBjCXf5VJend_e-odeSkHO0L09-na5WYSBbo HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFA7mMpUTTNrh-Lo6S9y6aQ&google_cver=1&google_push=AaAOQGFCxbQTQoubnM9438HLscpKHfDkdAhpjlUTbXhH1eqOYtLWyYldvaPW0Cf13cuoBjCXf5VJend_e-odeSkHO0L09-na5WYSBbo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFCxbQTQoubnM9438HLscpKHfDkdAhpjlUTbXhH1eqOYtLWyYldvaPW0Cf13cuoBjCXf5VJend_e-odeSkHO0L09-na5WYSBbo&google_hm=D97E_8HMRVKbEVrNPFUAbw==

Request Chain 90

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEK9RunTNJBOTQ8PJvjy4TIs&google_cver=1&google_push=AaAOQGEqtCQ0aT-84LFekGqlNBoVssQiOpTjnmNmQMNTKfE2HJjo0QFs0Ggvu5RGWVlnL7tCPxv8NxbSMtf2ABnSB-2eZfh1E9_Ksg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNjAxNTkwOTY3NzU0MzEyMDQ&google_push=AaAOQGEqtCQ0aT-84LFekGqlNBoVssQiOpTjnmNmQMNTKfE2HJjo0QFs0Ggvu5RGWVlnL7tCPxv8NxbSMtf2ABnSB-2eZfh1E9_Ksg

Request Chain 92

https://trace.mediago.io/cs/google?google_gid=CAESEBbFXS0xdkSXVHugLN2vBGw&google_cver=1&google_push=AaAOQGH8xr9l2oFnCzBK6pRezAcTaAZksqGmifn_Gon8npXD4rCh7pTxP0GHwmQx9nMJev1YExpGaeLRC8V9NAjPZMIssFKr5_Q7q28c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGH8xr9l2oFnCzBK6pRezAcTaAZksqGmifn_Gon8npXD4rCh7pTxP0GHwmQx9nMJev1YExpGaeLRC8V9NAjPZMIssFKr5_Q7q28c&google_hm=92aa6130cb0316233e250f3dd400870b

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

98 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request region.php Show response
one.andro.plus/ 6 KB
3 KB 926ms
742ms Document
text/html 2606:4700:3032::6815:366f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one.andro.plus/region.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:366f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

665ed1e0aeda7f229d262bdc5f6cc6560f19141da13113dcda5b2553e1bf0ac8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e98901bcc3617f1-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 04:46:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QS23bNKpb7%2FeXO3mlzuIFraQ81smxoPzBQ0uJv7DhTIyesZlBJLIELi1CVkjY%2F2w0t1zP6cqWVbljluABC%2FW9HiiHh6iAwTntwfbolJhj5ti8BqWHkKjR7mtmf8w0i6b7%2BXbI9WusMTWtvBwkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 icon
fonts.googleapis.com/ 569 B
778 B 140ms
57ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: one.andro.plus
URL: https://one.andro.plus/region.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 04:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 04:46:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 04:46:53 GMT

GET
H2 200 material.blue-indigo.min.css
code.getmdl.io/1.2.1/ 138 KB
138 KB 251ms
123ms Stylesheet
text/css 2607:f8b0:4020:805::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://code.getmdl.io/1.2.1/material.blue-indigo.min.css

Requested by

Host: one.andro.plus
URL: https://one.andro.plus/region.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2013 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

a2875748ea942a66985bf4281a670e92059c656f04f8c162e29500c096be40f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Jul 2023 04:46:53 GMT
last-modified: Thu, 08 Sep 2016 15:28:02 GMT
server: Google Frontend
etag: W/"f067e65b22e332dde6887f89730f9657"
allow: GET, HEAD, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 9d47118e7d02a7bdd2cd309a2c072d0c
cache-control: public,max-age=2592000
x-appengine-log-flush-count: 0
content-length: 141085

GET
H2 200 styles.css
one.andro.plus/ 5 KB
2 KB 724ms
723ms Stylesheet
text/css 2606:4700:3032::6815:366f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one.andro.plus/styles.css

Requested by

Host: one.andro.plus
URL: https://one.andro.plus/region.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:366f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bef73e12d8b89484c67fbdfeda65032c76f268d6ddba9508c4b49797409af691

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/region.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:54 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7809
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 22 Sep 2021 03:59:50 GMT
server: cloudflare
etag: W/"614aaa36-1e81"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFTLSJelg%2FpWcbIRBxRVjtKnYP%2BEJY%2BgdIviUitIUlCP%2B%2FtaNkjbts8B5neHwfPl92nbAPlReiPEzSaBqAIfwLWbUwrwAr8IeQNG3wYrpOpjFcivF3QhmCNb3%2Bg32IqdSaU4iCr%2Bz7KbCX4Qng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2073600
cf-ray: 7e9890206ec517f1-EWR

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 140ms
32ms Script
text/javascript 2607:f8b0:4020:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: one.andro.plus
URL: https://one.andro.plus/region.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 09:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jul 2024 09:18:47 GMT

GET
H2 200 ajax_reg.js Show response
one.andro.plus/ 517 B
596 B 731ms
730ms Script
application/javascript 2606:4700:3032::6815:366f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one.andro.plus/ajax_reg.js

Requested by

Host: one.andro.plus
URL: https://one.andro.plus/region.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:366f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

387d871768fec9f7205db4a8cb7a64eee98614203dc371a9c613b969f48c20a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/region.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 12:32:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f75cc2-205"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQo2UWQrQlzVWpsCUGrUGKCGLcLnULE9bIM2mSeFpYjq%2BdpuNeJJdlFTsZ7K8GvB%2FaPe6YzTBy1AWIT8T%2Bi3aGtgXzQnlg4gNer0HEG6pq6%2FuDh48zawCc5QYMsvodCpp2L0sVtvTmjFqDqIEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2073600
cf-ray: 7e9890206ec617f1-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 174ms
67ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0606165858439985

Requested by

Host: one.andro.plus
URL: https://one.andro.plus/region.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55dd3c545721fe717d92048dffa929444469df632e75fb7b0d1d2166945e3332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one.andro.plus/
Origin: https://one.andro.plus
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50648
x-xss-protection: 0
server: cafe
etag: 14323659583886654616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 04:46:54 GMT

GET
H2 200 material.min.js Show response
code.getmdl.io/1.2.1/ 61 KB
61 KB 183ms
56ms Script
application/javascript 2607:f8b0:4020:805::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://code.getmdl.io/1.2.1/material.min.js

Requested by

Host: one.andro.plus
URL: https://one.andro.plus/region.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2013 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

af8728dd6702d421ac7d9385e2f084b3dda7b4c2e38754e48a55864df57356de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 17 Jul 2023 17:33:39 GMT
last-modified: Thu, 08 Sep 2016 15:28:10 GMT
server: Google Frontend
age: 213194
etag: W/"d535f637e847083f0b71bc442dfece7a"
allow: GET, HEAD, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 8ed0735551567b55f1662abb0e89faeb
cache-control: public,max-age=2592000
x-appengine-log-flush-count: 0
content-length: 62349

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 80ms
24ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://one.andro.plus
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 22:13:59 GMT
x-content-type-options: nosniff
age: 369175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 22:13:59 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/ 359 KB
123 KB 146ms
80ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_fy2021.js?bust=31076187

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0606165858439985

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfa6fe002ae49035b6140f2bef82d3dfd9e5fd56818b85ee7e17d0c48956221e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126053
x-xss-protection: 0
server: cafe
etag: 3996276562299244419
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 04:46:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230718/r20190131/ Frame 6007 10 KB
5 KB 126ms
33ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230718/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0606165858439985

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one.andro.plus/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 28674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 20:49:00 GMT
etag: 12368291122986407432
expires: Wed, 02 Aug 2023 20:49:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 101ms
55ms Image
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=false&frequency=0.01&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441

Requested by

Host: one.andro.plus
URL: https://one.andro.plus/region.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 100ms
55ms Image
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=atf_ad_settings_from_ppabg&p_s=false&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441

Requested by

Host: one.andro.plus
URL: https://one.andro.plus/region.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
55ms Image
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=one.andro.plus&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441

Requested by

Host: one.andro.plus
URL: https://one.andro.plus/region.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
54ms Image
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=2&tms=200&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441

Requested by

Host: one.andro.plus
URL: https://one.andro.plus/region.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
603 B 132ms
51ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=one.andro.plus&callback=_gfp_s_&client=ca-pub-0606165858439985

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_fy2021.js?bust=31076187

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f331635a3f31fe1a4fd346307dcb1c5f29d093b56eb04ad0e70af32cec1e60d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 152ms
55ms Script
application/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=one.andro.plus

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_fy2021.js?bust=31076187

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E44 2 KB
648 B 135ms
134ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0606165858439985&output=html&adk=1812271804&adf=3025194257&lmt=1689828414&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x945_l%7C356x945_r&format=0x0&url=https%3A%2F%2Fone.andro.plus%2Fregion.php&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689828414458&bpp=4&bdt=966&idt=247&shv=r20230718&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5195813492750&frm=20&pv=2&ga_vid=896067393.1689828415&ga_sid=1689828415&ga_hid=1280605559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441&oid=2&pvsid=1066319279155254&tmod=1372530081&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=271

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_fy2021.js?bust=31076187

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484858846dae9c65acf1522c017b2b43e456b0f17314295671d051166df6b515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one.andro.plus/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 446
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 04:46:54 GMT
expires: Thu, 20 Jul 2023 04:46:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
53ms Image
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=0&tms=200&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441

Requested by

Host: one.andro.plus
URL: https://one.andro.plus/region.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8279 34 KB
14 KB 575ms
574ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0606165858439985&output=html&h=280&slotname=4627493881&adk=2842425980&adf=2807604572&pi=t.ma~as.4627493881&w=780&fwrn=4&fwrnh=100&lmt=1689828414&rafmt=1&format=780x280&url=https%3A%2F%2Fone.andro.plus%2Fregion.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689828414462&bpp=2&bdt=970&idt=275&shv=r20230718&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5195813492750&frm=20&pv=1&ga_vid=896067393.1689828415&ga_sid=1689828415&ga_hid=1280605559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441&oid=2&pvsid=1066319279155254&tmod=1372530081&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gTyToZYN7X&p=https%3A//one.andro.plus&dtd=281

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_fy2021.js?bust=31076187

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dba6e86d8e140b2b3aff626217074badc2f58bf494ffd853103e29b4b0ba6843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one.andro.plus/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13844
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 04:46:55 GMT
expires: Thu, 20 Jul 2023 04:46:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
54ms Image
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-0606165858439985&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20230716_103559&sat=1689610553610&afm=0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.191&alldns=0.191&allp=2&fd=(0%2C1%2C0)%2C(1%2C0%2C0)%2C(2%2C1%2C0)&pgh=1463&abl=false&rr=n&su=one.andro.plus&pvc=1066319279155254&r=0.1&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441

Requested by

Host: one.andro.plus
URL: https://one.andro.plus/region.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 9723 267 KB
66 KB 213ms
151ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZLi8PgAMC4MIaBaRAAWTYzk2YEmXVFHJ5giuyA&u=%7CsHXFDXVzhVBxXNULHRMFDvu2o1QkKXgHIdYyeRNeux0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cwEiNEA-rLW0qaIy2FlgcnOOLeQ6LAZ1RDzA1T7s3yrDsA5Odbi9_MoyzQfQkdqxol7tOGO2H0sehEtnrzuxiqRi8D4Uu6KKypL-4i7gIqnfL0aibecwTgGYYciNBDwo3M5IwturaNWKSYzkGRMHw9rBZs9cpDmr87KGLyCg2SAxbto31ejSsaKyNOOhiSDhqU6YZgSf3ukKz5pVw9Qq3ZGNoNRm41OQmtLVNIuWHqJuYQ-sjJgT8HJVwRg7TA48b_1f_ns0jRf_BE8IiqfH_hmzRArkVL081VQ_hnhNO0Dt9xeyb5-Bg4uWN5G4A5OCOuD49UO6jCc6pbl-J0BKjX0sy6U3FK5lxUBw3_aPxwVF05ahPR8M4A6lEtMZwNlVeH47FOvRzLHHTgr0rtGgEPOf3pCdr7ul-IvIz4tyNrdKHMQKZRjy0KBU3DkwGwjLfhZUm5B5_NmOndMLSTeLn_Aov1OYaKEXdS4uEZxpALSHpx8pP4LIIA-Mv6nUokIXO8fdkyiEJVjzmJffUGBS1l1eMJRD2EkjDtgtuNctYxEA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy1JPPry4ZIOXMJGtoPMP46aWsA2cge-wXJKat4ynAcCNtwEQASAAYKECggEXY2EtcHViLTA2MDYxNjU4NTg0Mzk5ODXIAQmoAwHIAwKqBOUBT9Bg8Ii99KM-4JRaaWKtk7RoS6fSMvgEvSUbsS2hnqwpnVMr5SECz7KaoiXDsk0YEkJoxpmA-4uy2IA7YopLYfRedMmN8CikZFyA6WhzMY-4heQ-de0-EvFw7sIG54SQTSfuzotPPknJwyXp3pEmoLitIevkKNmEh_0t7BIsU4gJctAxtIn2m4BCfabxSgV5-h_CGYGxdWapuHsiAjnmy92ruoRTMX-ATYGfir0XgfkBZ_7W9GW-pO9b0Xr14-PBDE7EKzcWVsoIa8osxUo34Fo2_B3vlKBvbNwIkKoPxN_4Mw9RfYAG7q7LzN6986wqoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1zZhYze7vbuP1fW69BN0J0V0kXDA%26client%3Dca-pub-0606165858439985%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0606165858439985&output=html&h=280&slotname=4627493881&adk=2842425980&adf=2807604572&pi=t.ma~as.4627493881&w=780&fwrn=4&fwrnh=100&lmt=1689828414&rafmt=1&format=780x280&url=https%3A%2F%2Fone.andro.plus%2Fregion.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689828414462&bpp=2&bdt=970&idt=275&shv=r20230718&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5195813492750&frm=20&pv=1&ga_vid=896067393.1689828415&ga_sid=1689828415&ga_hid=1280605559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441&oid=2&pvsid=1066319279155254&tmod=1372530081&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gTyToZYN7X&p=https%3A//one.andro.plus&dtd=281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

cb4031be266760c59588e9d69ead6940c535916d31262ad06733edcdd98012dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 04:46:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=AuKWOOkPx9YFWrxHcd7eVDepKS53IHZEsrAiK0R-Lim6Cut3Zoh9Ehqqnc1KFF1xcTIeOtLrNbqTzz7Slk35o00aEDE4lHQqv2pqnGnOAes5nVc2n7z-G-O1yMwzuF0sgl0PzA073rcsg5nE2mkiby1ghQPaGGsR_iTTiZ5u4CdiM9B6cHx4DMs1v7e1or1ILXrfdbbpF5bJXTvirhHThzwvorrVXtn9cr73ylQgXNgUstAfWDaF1AbfXPnyuiKYzT8pAQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 108578323
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 8279 3 KB
1 KB 114ms
33ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 14:18:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 8279 20 KB
9 KB 113ms
31ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 14:18:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8279 179 KB
57 KB 189ms
89ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 04:46:55 GMT

GET
DATA 200
OK truncated
/ Frame 8279 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b657df653f57118d2bc9e61fe9e62c7e3a024de26e410c029ff0dfb103d2b392

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9723 2 KB
1 KB 100ms
29ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZLi8PgAMC4MIaBaRAAWTYzk2YEmXVFHJ5giuyA&u=%7CsHXFDXVzhVBxXNULHRMFDvu2o1QkKXgHIdYyeRNeux0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdn4iCWrkEk_cwEiNEA-rLW0qaIy2FlgcnOOLeQ6LAZ1RDzA1T7s3yrDsA5Odbi9_MoyzQfQkdqxol7tOGO2H0sehEtnrzuxiqRi8D4Uu6KKypL-4i7gIqnfL0aibecwTgGYYciNBDwo3M5IwturaNWKSYzkGRMHw9rBZs9cpDmr87KGLyCg2SAxbto31ejSsaKyNOOhiSDhqU6YZgSf3ukKz5pVw9Qq3ZGNoNRm41OQmtLVNIuWHqJuYQ-sjJgT8HJVwRg7TA48b_1f_ns0jRf_BE8IiqfH_hmzRArkVL081VQ_hnhNO0Dt9xeyb5-Bg4uWN5G4A5OCOuD49UO6jCc6pbl-J0BKjX0sy6U3FK5lxUBw3_aPxwVF05ahPR8M4A6lEtMZwNlVeH47FOvRzLHHTgr0rtGgEPOf3pCdr7ul-IvIz4tyNrdKHMQKZRjy0KBU3DkwGwjLfhZUm5B5_NmOndMLSTeLn_Aov1OYaKEXdS4uEZxpALSHpx8pP4LIIA-Mv6nUokIXO8fdkyiEJVjzmJffUGBS1l1eMJRD2EkjDtgtuNctYxEA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy1JPPry4ZIOXMJGtoPMP46aWsA2cge-wXJKat4ynAcCNtwEQASAAYKECggEXY2EtcHViLTA2MDYxNjU4NTg0Mzk5ODXIAQmoAwHIAwKqBOUBT9Bg8Ii99KM-4JRaaWKtk7RoS6fSMvgEvSUbsS2hnqwpnVMr5SECz7KaoiXDsk0YEkJoxpmA-4uy2IA7YopLYfRedMmN8CikZFyA6WhzMY-4heQ-de0-EvFw7sIG54SQTSfuzotPPknJwyXp3pEmoLitIevkKNmEh_0t7BIsU4gJctAxtIn2m4BCfabxSgV5-h_CGYGxdWapuHsiAjnmy92ruoRTMX-ATYGfir0XgfkBZ_7W9GW-pO9b0Xr14-PBDE7EKzcWVsoIa8osxUo34Fo2_B3vlKBvbNwIkKoPxN_4Mw9RfYAG7q7LzN6986wqoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1zZhYze7vbuP1fW69BN0J0V0kXDA%26client%3Dca-pub-0606165858439985%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Jul 2024 04:46:55 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9723 2 KB
1 KB 105ms
34ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Jul 2024 04:46:55 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9723 308 B
636 B 105ms
35ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 14 Jul 2024 04:46:55 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9723 293 B
621 B 99ms
30ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 14 Jul 2024 04:46:55 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 9723 43 B
348 B 94ms
31ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=f29dTIQoo9ZerrJLsOPhqTuWqGjYrARN8mysWAHkStRNzDArePizek3cm6nOG1hCBslOJvQ_rDcM4TPxtPY-h2uCFqZu_WjDbkyChYpwBNPeATxGjBYlEHuyyHFDEFIKCnPUx3Qf9E_Rw168etxkKwb0oc82COg7KL4CpCJHLFccnV8GVoK_IlbDnrB0GkyE4BbnCl2vCaboAPJe_JkCAPDPgTEVdxRZ0nheUg5jvy4bijQ7qw6MCQjsnXdn3LrLlDsMZr9gl7e8t00Jm9Cis78NDw1S9a-ZVR1gAjipoi5FSvA8M1QVRV1bl9-DrgmUVkvbRsLBj5H_syQ7vfPEoY8AiNRYATL--clfMa0DlO7RPx84Q19W5M_9zwq8-GLCvRAC6UfvNwTLWIf-QOQMMtM2iuej3M5oNoJ24uM19UUyG2n_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2708276
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9723 12 KB
6 KB 32ms
32ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Jul 2024 04:46:55 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 6 KB
7 KB 133ms
68ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=556&m=0&partner=102894&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F102894%2F230531%2Fc56797703dd74c089dd8ce96c3850c2f_microsoftteams-image_1_dd37803f-67c9-4945-adeb-6d672695b9a8.png&v=3&w=196&s=yuerABm3ILs6GRkeKgDrLU76

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

827fbd8bf761e35752c69da1138d038119b35a7f00723973b6a4c137f711be1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 6489
expires: Tue, 25 Jun 2024 03:13:58 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 17 KB
17 KB 119ms
54ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2F55.png%3Fw%3D750%26h%3D750&v=3&w=400&s=P-wuHXVIytqKGazQyW9odVQy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

cb25f19f3376a4d58213010b4ffdfc09ec9dac2e4aab61366f4a28f8027aefa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 17478
expires: Fri, 12 Jul 2024 13:50:30 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 15 KB
16 KB 156ms
91ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2Fb7d9183393e4868c40cbcb483761e73c.jpg%3Fw%3D736%26h%3D736&v=3&w=400&s=RX-qDcBSpzTGeaIW9e1Uc65c&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

fd727179da255b8f6c798cd5cce5b442a9316a4088839782446fcdc47ca32144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 15812
expires: Wed, 26 Jun 2024 11:24:56 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 11 KB
11 KB 136ms
71ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2Fce942e56b79344eeb61c692156b0052f.jpg%3Fw%3D800%26h%3D800&v=3&w=400&s=_PYchK4Kbu4QsXoLLzjYvYPt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4d07f62439c4dd97fa3a9b699e99ab594cf7fcb616cbe488580506bbd073fc79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 10806
expires: Wed, 26 Jun 2024 06:56:44 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 14 KB
14 KB 134ms
69ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2Fde08c14f1d2b4f34a33b0c92d669b415.jpg%3Fw%3D1005%26h%3D1005&v=3&w=400&s=nJeWSB3-7wj1jcEiOW7je-lj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f3540a6f06d629420cdbedf051eb1e3ad8ad81f94a1d2c6eb8e07e7af8a80e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 14346
expires: Wed, 26 Jun 2024 05:45:24 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 13 KB
13 KB 156ms
91ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2F6010ed3127d346fc9ed351569a380950.jpg%3Fw%3D720%26h%3D720&v=3&w=400&s=asnJJcETKAYrmVPCEqQc4Fz9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f6677a167e2da7f981eee0033969baf67b2f3080403ce79340cee28bfdfbd59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 13102
expires: Wed, 26 Jun 2024 00:36:51 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 18 KB
18 KB 75ms
73ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2Fjpg-c5f150de-909f-4a04-8a4b-c1e663b665f6.jpg%3Fw%3D800%26h%3D800&v=3&w=400&s=mQaGkRyelclOaBYUcoZgf9vT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

87483ab3dc417b2fe22c60a2db1ba6083d04092ce81dd936f32b133f76e0f659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 18072
expires: Wed, 26 Jun 2024 02:29:07 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 15 KB
15 KB 81ms
79ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2F53f7f44994ceea6850f2867f1da019fe.jpg%3Fw%3D1000%26h%3D1000&v=3&w=400&s=eCdOoNH1j7F7HxfBWZzO-oAd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2b18c319e34a0f22df74f4fafed6f7b6bb627b3e282a2648a1cc54b444c89008

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 15032
expires: Wed, 26 Jun 2024 01:38:04 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 23 KB
23 KB 85ms
83ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2F0d381e0d62037cc42bb82a2f9ae46a09.jpg%3Fw%3D590%26h%3D590&v=3&w=400&s=lGRi0u1dgfDd7YzWoSfMbxKI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ec542fbe8c4e32564b4821684bd822a911b74fd94c9feb817ab4f6fceb18e036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 23546
expires: Wed, 26 Jun 2024 10:19:15 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 11 KB
11 KB 80ms
78ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2Fbf8a1ad473ba41e580fa23c0e08b6e85.jpg%3Fw%3D800%26h%3D800&v=3&w=400&s=zyzI4escMKvHlKP9NCjw6EFg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

97a5a8b4011368e946c337ff220a3884b75a67bd8b4dad4d97232811756bc3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 10888
expires: Sat, 08 Jun 2024 13:37:21 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 13 KB
13 KB 95ms
93ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2Fcb80814faa9d05dd77af8dddf0279313.jpg%3Fw%3D1200%26h%3D1200&v=3&w=400&s=R2Wg8wsjsdTGwoWZJO6xpN-0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

37ffad52e105bcaae4d8c1c5f992ab127dfb0c5dfe2f54326c7e4df08baa62cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 12838
expires: Tue, 04 Jun 2024 01:44:31 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 16 KB
16 KB 95ms
92ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2F98970af3a7fc4c84b662ad447c2742cc.jpg%3Fw%3D596%26h%3D597&v=3&w=400&s=KUJ9HbKvIiTSI3iXWCJAxJo4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

42e7cf9c0043b5dc41c3fe3cc19f1462b6f8a9570c91828e6200c645849d3482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 15902
expires: Mon, 03 Jun 2024 19:38:24 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 7 KB
7 KB 99ms
97ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2FSKU-04-1166-1-.jpg%3Fw%3D800%26h%3D800&v=3&w=400&s=pXpiGGiX_Z4aKsrx1Wj2eCob&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

cb6bdefd572c5534f88f424b8da1a92e1c56f7ad495b38081d7633219d995e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 7020
expires: Wed, 26 Jun 2024 05:49:55 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 26 KB
26 KB 115ms
112ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2FimageName1683540339716.jpg%3Fw%3D750%26h%3D750&v=3&w=400&s=jnJxfyJxvLirkRR8B9qlv2UC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

08cd23c0f827bedebae20e73be9241232ac3bc15e9785b19c15e53851bcf5703

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 26400
expires: Wed, 26 Jun 2024 05:09:37 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 20 KB
20 KB 122ms
120ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2Fa0939b7bd7064c1c9f4a5ea876fb59bf.jpg%3Fw%3D300%26h%3D300&v=3&w=400&s=0JCqwNZLkSnB9N6Rf5_aPR30&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

80c491c1ac8dd8ad2d90ba3bdb7fb6db18efd1149a67bbafee6beac3738532df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 20650
expires: Mon, 03 Jun 2024 17:03:46 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 15 KB
15 KB 125ms
123ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2F09f45195da2879a4d334f8713309692c697a7e7b.jpg%3Fw%3D800%26h%3D800&v=3&w=400&s=5S02vu87lxGENpQoEfGEEyZQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a0c7e40ec61a0334af8d18bb62840044cb717bc9c4fe6dc2bcfff3127f4a66ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 15550
expires: Wed, 26 Jun 2024 00:51:49 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 11 KB
11 KB 117ms
115ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2F9887236170474cd8a3d5e1f2f19a229a.jpg%3Fw%3D800%26h%3D800&v=3&w=400&s=9GBu4CJP5Oo0PP5MbuZglLqV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2759fd43397b9b6e46f9bd6902862db86e16b247b34394d9d4b37c0f6095142c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 11454
expires: Wed, 26 Jun 2024 08:42:43 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 19 KB
19 KB 120ms
118ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2F11562332376-2019966777.jpg%3Fw%3D800%26h%3D800&v=3&w=400&s=vGhx2NPYuBvKn86sHqfwlP06&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

24dfda978e84747519dff4863a1ecc5f4eac5c2e75e4ed232a24085331962d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 19310
expires: Wed, 26 Jun 2024 04:04:57 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 12 KB
12 KB 112ms
110ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2Fa0f840342833470696988d623f430e00.jpg%3Fw%3D800%26h%3D800&v=3&w=400&s=IawZFpqNZykRBrJ4TUus_Qrc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

adc647610895f198738b5c3b616cf47b524f032b6dc27d94555fd5be675964e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 12004
expires: Thu, 27 Jun 2024 19:47:46 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 12 KB
12 KB 117ms
115ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2F1353b9671214f94af9b5669f707984f9.jpg%3Fw%3D800%26h%3D800&v=3&w=400&s=zdPvugFrTcDDTt1mMWBx2rnq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4c85382fc0be4d8938569b16e673abc851a92e539f930ed2067cc95057fc4852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 12320
expires: Tue, 09 Jul 2024 20:48:34 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 21 KB
21 KB 107ms
105ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2Fe3a6267cfb8c45daa0c7ca09e758afb0.jpg%3Fw%3D800%26h%3D800&v=3&w=400&s=i7_lBpzVNtWGCtEJ6oDFFJRP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

547c755fcba8d42bb84531f27c0a7b2e27bddf0b5ff3f67f78dad4d10496fac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 21696
expires: Thu, 27 Jun 2024 13:25:21 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 35 KB
35 KB 123ms
121ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2F8f4850f7868044fd85990761a7cef8fc.png%3Fw%3D790%26h%3D790&v=3&w=400&s=G-De4zuP5IJOnr9sxINH31Z5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f73fdff7899cd870b02e52814427566f69eedbb221bfab02d4cfdd8d6f0b0395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 35480
expires: Wed, 26 Jun 2024 03:29:48 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 28 KB
28 KB 103ms
101ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2F1096fc88d6834cbb905118dfede7ad76.jpg%3Fw%3D800%26h%3D800&v=3&w=400&s=mV0rQ0V9hQdXBASXeYW3MXBM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0563ad046454fb891a841cc05d7b4e9a93f5a377fc06ca11db143b9769d297af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 28286
expires: Thu, 27 Jun 2024 04:06:29 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 24 KB
24 KB 131ms
129ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2Fa42a70bfebaf493aa595eabe13186ed6.jpg%3Fw%3D800%26h%3D800&v=3&w=400&s=gQJ69V4EAQWTU8oeiFAvKvU4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

475d5a417ffa73c92c661b75a9ac5dd6c3aeeff7b5229f9649e3873fd6c1f0c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 24306
expires: Fri, 28 Jun 2024 14:45:04 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 19 KB
19 KB 132ms
130ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2F3cdaac83e7794f6c840c3bced92a1848.jpg%3Fw%3D1016%26h%3D1016&v=3&w=400&s=dVlYF6wYT_uaXDsFftFkwR8X&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

41cda99039926d80ec47b7db13a609ac18b84c770f4c4c789fb77766098c243d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 19344
expires: Wed, 26 Jun 2024 14:32:11 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 10 KB
11 KB 133ms
132ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2Fcaf00bb688b1419d84d6fec9f59190ce.jpg%3Fw%3D800%26h%3D800&v=3&w=400&s=Cx9wURSyuXxvP7HgHv_gq69g&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

032e4673a5c9b4cbf5c308cdf09f02cf5dd32113999ce1973d95a501b6da7fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 10596
expires: Mon, 03 Jun 2024 16:08:39 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 9723 15 KB
15 KB 135ms
133ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102894&q=80&r=0&u=https%3A%2F%2Fimg-va.myshopline.com%2Fimage%2Fstore%2F2001146336%2F1684132648326%2Ff5bb1a72f7171a41086905bb6ce366b5.jpg%3Fw%3D800%26h%3D800&v=3&w=400&s=z28abs983xHouUQSbp40opGu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

66e3e2b6c9ba9109cf6c8ea8e105f1479fd62bc53c5bd6f35a7c7d595d7f9fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 15162
expires: Tue, 04 Jun 2024 13:18:55 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 9723 0
128 B 90ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=AuKWOOkPx9YFWrxHcd7eVDepKS53IHZEsrAiK0R-Lim6Cut3Zoh9Ehqqnc1KFF1xcTIeOtLrNbqTzz7Slk35o00aEDE4lHQqv2pqnGnOAes5nVc2n7z-G-O1yMwzuF0sgl0PzA073rcsg5nE2mkiby1ghQPaGGsR_iTTiZ5u4CdiM9B6cHx4DMs1v7e1or1ILXrfdbbpF5bJXTvirhHThzwvorrVXtn9cr73ylQgXNgUstAfWDaF1AbfXPnyuiKYzT8pAQ&sds=2&rev=87483&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9723 2 KB
1 KB 30ms
29ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Jul 2024 04:46:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9723 2 KB
1 KB 31ms
30ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Jul 2024 04:46:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8279 0
23 B 67ms
66ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCGzIPry4ZIOXMJGtoPMP46aWsA2cge-wXJKat4ynAcCNtwEQASAAYKECggEXY2EtcHViLTA2MDYxNjU4NTg0Mzk5ODXIAQmoAwHIAwKqBOIBT9Bg8Ii99KM-4JRaaWKtk7RoS6fSMvgEvSUbsS2hnqwpnVMr5SECz7KaoiXDsk0YEkJoxpmA-4uy2IA7YopLYfRedMmN8CikZFyA6WhzMY-4heQ-de0-EvFw7sIG54SQTSfuzotPPknJwyXp3pEmoLitIevkKNmEh_0t7BIsU4gJctAxtIn2m4BCfabxSgV5-h_CGYGxdWapuHsiAjnmy92ruoRTMX-ATYGfir0XgfkBZ_7W9GW-pO9b0Xr1oeHhnuU2ojfV36eEgLClBv0LyFMY5Nl0Z9rmpWIWvLKmEk748IAG7q7LzN6986wqoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0wNjA2MTY1ODU4NDM5OTg1GAA&sigh=Cqd_dVAydqI&uach_m=[UACH]&cid=CAQSGwBpAlJWUUvdl3YtEvNFDmRDoQPx3ObOqsLnRxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0606165858439985&output=html&h=280&slotname=4627493881&adk=2842425980&adf=2807604572&pi=t.ma~as.4627493881&w=780&fwrn=4&fwrnh=100&lmt=1689828414&rafmt=1&format=780x280&url=https%3A%2F%2Fone.andro.plus%2Fregion.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689828414462&bpp=2&bdt=970&idt=275&shv=r20230718&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5195813492750&frm=20&pv=1&ga_vid=896067393.1689828415&ga_sid=1689828415&ga_hid=1280605559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441&oid=2&pvsid=1066319279155254&tmod=1372530081&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gTyToZYN7X&p=https%3A//one.andro.plus&dtd=281
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Jul 2023 04:46:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Jul 2023 04:46:56 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 8279 0
126 B 103ms
31ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k76UF836RIwGmALiIp0XAgAAAAijiM2Ii_QVeFjVbAivy4YQPry4ZGhJIbPLBrgH7HsAABIAAAoKQVFVQkNnRUJDZw&wp=ZLi8PgAMC4MIaBaRAAWTYzk2YEmXVFHJ5giuyA&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:55 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 133137
server: Kestrel
content-length: 0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 8279 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D9A5 112 KB
39 KB 1461ms
1460ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: code.getmdl.io
URL: https://code.getmdl.io/1.2.1/material.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e5dfc6a66b26b283f2070a10bbfd119bc7a2baa2f5cae5d15980420f7fd0040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one.andro.plus/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40259
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 04:46:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 69ms
69ms XHR
application/json 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230718&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_fy2021.js?bust=31076187

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74829b4cd39cb90c67f5ecb87be14e70fba62f6080cc3fc2903fd048b0d6c3f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11738
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 68ms
67ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_fy2021.js?bust=31076187

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 04:46:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7C1B 13 KB
5 KB 31ms
29ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one.andro.plus/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 516570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 05:17:26 GMT
expires: Sat, 13 Jul 2024 05:17:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4420 783 B
1 KB 140ms
58ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eed51bc635e32a7dd25d1af1015fbd5749756a85ae1bb37385d94eb4189c943c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TMAk4XOU8R7P5ohk5WYF_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://one.andro.plus/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 516
content-security-policy: script-src 'report-sample' 'nonce-TMAk4XOU8R7P5ohk5WYF_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 04:46:56 GMT
expires: Thu, 20 Jul 2023 04:46:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cHXiv2Zk-prJL7FgPqrpMWRmFmfvuFMWFBKWE-bwhsU.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C1B 37 KB
14 KB 32ms
32ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHXiv2Zk-prJL7FgPqrpMWRmFmfvuFMWFBKWE-bwhsU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7075e2bf6664fa9ac92fb1603eaae93164661667efb8531614129613e6f086c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:57:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 571795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14623
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 13:57:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4420 0
0 53ms
52ms Image
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230718&jk=1066319279155254&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7C1B 0
10 B 30ms
30ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?07kGuw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
56ms Image
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230718&jk=1066319279155254&bg=!CAulC1_NAAa3SiIRl0o7ADkAdvg8WtLIO-ksFKafVT5mAlWeC4tdI571XCbtiLQcomfgXgaEMpSrpjw7rjtoeIasYYckOrZBSrsCAAAAalIAAAAJaAEHmQKwTvVWcdiOqlXrsK8YVdAgdjnoXwLd5AnrUrHegDiBOIZlM6dBq5t0wA5-NSrg6Zb2FJjmOL6WrpA8RdWGn97QFZntAyxwIE9a6rWbOdSTkRqX4UrOiCQXZg8rizQScBGd9Lxb3KdsUNRBbLxQD8mmNc67qTkkUxKlrqAAMeFdDGC-SCo3Ghu1P3BUwWEST2DJCeuaB14FFerhNScB54GrruOdesTZerKJFKlfTpRJIDOwkGZrLBw2lsjbb6QTqph3RZCA0ItulhqyFMbtV5r4D36MYbziC5bAdxtQ_RTiAN6kwrLc3gD1CDFh_VNH5wuj5hly4qS9g9zQHuide2MbpPT5FHaK5aT36YnM2BENKz9LBAAa14QNquUtbE06XKfQ8uNd7kaZWqurnP4wneny90ms9BG30SOPOO7Xwzz16nv90_wtq4Bv68-ArINdFlcQrLpTQ5nBs9pXS-GB7bGIXa8PER-eamsgIFGnKAZY74FTxbiZfZ7l9zSt-eWA1jcLkEBmyMtx6ID2el5fW2NpB9GCV6l0rYtCddZmQ4zfLAi2rLvZZnfuKV4PbPlttOs4XmzVSozRhYDxGSxLtWys1Un7-VpFc263Q-1P-XoSt6bLcUDVZALwJlzxUr4I9wvDGs4GObMfw78WrP9-2aWe45neUkWTN4E-4A1eSUgpG7Zr4l9QuL0-dL_7GwZ2x0ZAm-iIk-_kC6hUxnu3KZqRNyBORBzzIWsMgcIH9ty8nL6TTmqQeD97Kcd-MaosAXSXcq5gCD61Mm5C899lcOHs7jpe8fIp-TyQXnvKpB1bfSA_UaB6ohBBThF4EnED3eoKIncbxlZ9P_6t75rHMdVJMC-In3oPOxLSrriYKN5cLHEXVx4AFmviXJHU96xLEfZMcBGHaZH-fbihzIzTqHQ1wQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://one.andro.plus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 bd9dfbb5914ff58f8f53260c6898e03c.js Show response
www.gstatic.com/mysidia/ Frame D9A5 9 KB
4 KB 83ms
25ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bd9dfbb5914ff58f8f53260c6898e03c.js?tag=client_fast_engine_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26b4b8a7c7f8c6f3c35d50274738abf52351ddd9561b006002d80e6a48a7305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3957
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:31:58 GMT

GET
H2 200 be1c55307d155d15842552e1d6ad8a78.js Show response
www.gstatic.com/mysidia/ Frame D9A5 10 KB
4 KB 84ms
26ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/be1c55307d155d15842552e1d6ad8a78.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42497b8e4a8a73413b2216469321d125916e92b088a4542339bbb3ec17722ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 18:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4199
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:46:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D9A5 14 KB
1 KB 56ms
55ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 04:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 04:09:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 04:46:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame D9A5 2 KB
892 B 30ms
29ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:19:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 14:19:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/ Frame D9A5 23 KB
9 KB 31ms
29ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 14:18:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame D9A5 3 KB
1 KB 32ms
31ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 14:18:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame D9A5 20 KB
8 KB 29ms
29ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 14:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 14:18:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D9A5 0
0 60ms
58ms Image
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQSrzohZqW8c_s9ExJ99lGZGUucwooavQ3Cma3A_1QV9OGieOQIQNH_cjUY0zbbDHJHm3yZq-HmDDjYgvd_zafNvRodyg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0606165858439985&output=html&h=280&slotname=4627493881&adk=2842425980&adf=2807604572&pi=t.ma~as.4627493881&w=780&fwrn=4&fwrnh=100&lmt=1689828414&rafmt=1&format=780x280&url=https%3A%2F%2Fone.andro.plus%2Fregion.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689828414462&bpp=2&bdt=970&idt=275&shv=r20230718&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5195813492750&frm=20&pv=1&ga_vid=896067393.1689828415&ga_sid=1689828415&ga_hid=1280605559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441&oid=2&pvsid=1066319279155254&tmod=1372530081&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gTyToZYN7X&p=https%3A//one.andro.plus&dtd=281
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D9A5 179 KB
56 KB 93ms
93ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 04:46:57 GMT

GET
H2 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame D9A5 33 KB
14 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:22:21 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DC9D 143 B
166 B 35ms
33ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0606165858439985&output=html&h=280&slotname=4627493881&adk=2842425980&adf=2807604572&pi=t.ma~as.4627493881&w=780&fwrn=4&fwrnh=100&lmt=1689828414&rafmt=1&format=780x280&url=https%3A%2F%2Fone.andro.plus%2Fregion.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689828414462&bpp=2&bdt=970&idt=275&shv=r20230718&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5195813492750&frm=20&pv=1&ga_vid=896067393.1689828415&ga_sid=1689828415&ga_hid=1280605559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441&oid=2&pvsid=1066319279155254&tmod=1372530081&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gTyToZYN7X&p=https%3A//one.andro.plus&dtd=281
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 04:25:49 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DF11 1 KB
643 B 32ms
32ms Document
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 61442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 11:42:55 GMT
etag: 48472445140208031
expires: Thu, 20 Jul 2023 11:42:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D9A5 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fa0384767d48a899a29f66dab000bb887b9bf8c7a2417fa6ad51842ca663393

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DF11
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEm0MzxY9auxnbRVHOpoMqg&google_cver=1&google_push=AaAOQGHjF37iwREI0ku1nrgWN6PkQTLINB9Jx7j8EzcoU3CtF_irAnaiSxWhp2qMl5ya442jc3tYD...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGHjF37iwREI0ku1nrgWN6PkQTLINB9Jx7j8EzcoU3CtF_irAnaiSxWhp2qMl5ya442jc3tYD28QE2hVqZbCwB_SBKtRLLILfLI

170 B
233 B

58ms
57ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGHjF37iwREI0ku1nrgWN6PkQTLINB9Jx7j8EzcoU3CtF_irAnaiSxWhp2qMl5ya442jc3tYD28QE2hVqZbCwB_SBKtRLLILfLI

Requested by

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 20 Jul 2023 04:46:56 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5AD77990A48B4D269571B6380DB3AF34 Ref B: EWR311000101031 Ref C: 2023-07-20T04:46:57Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGHjF37iwREI0ku1nrgWN6PkQTLINB9Jx7j8EzcoU3CtF_irAnaiSxWhp2qMl5ya442jc3tYD28QE2hVqZbCwB_SBKtRLLILfLI
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYA49aThD57wVlZUuj8+Q==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DF11
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESENycEa3N211bqYXHHNsy79U&google_cver=1&google_push=AaAOQGGbouBSYXauilkyYLwMaG80FyBPhjbSCHNjcTa9Yf15TXCE5Poy0hx_5g986LI3WIS2uFxIEEOu6VmDSHWMqp...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESENycEa3N211bqYXHHNsy79U&google_cver=1&google_push=AaAOQGGbouBSYXauilkyYLwMaG80FyBPhjbSCHNjcTa9Yf15TXCE5Poy0hx_5g986LI3WIS2uFxIEEOu6VmDSHWMqp...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzE1ZDc3ODYtYTNiOS00NWMwLTk2ZGItNDcyMGU5N2MwZjQ3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=315d7786-a3b9-45c0-96db-4720e97c0f47

170 B
233 B

59ms
58ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzE1ZDc3ODYtYTNiOS00NWMwLTk2ZGItNDcyMGU5N2MwZjQ3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=315d7786-a3b9-45c0-96db-4720e97c0f47

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:57 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MzE1ZDc3ODYtYTNiOS00NWMwLTk2ZGItNDcyMGU5N2MwZjQ3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=315d7786-a3b9-45c0-96db-4720e97c0f47
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DF11
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEE12kZgr-KKGk60JnfIKaUM&google_cver=1&google_push=AaAOQGH8OaHqV6cWRRXOBM8Qd1Pb-htNvdMlssSq5cgVvSDU_mPnbEOj-zzHamtPjY0PzYeA4ybDrlJ8moQGt4BoWVtM5ak1lSQlTQ
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUZFMjY2RkExQTBCMUZGQw==

170 B
233 B

58ms
58ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUZFMjY2RkExQTBCMUZGQw==

Requested by

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUZFMjY2RkExQTBCMUZGQw==
date: Thu, 20 Jul 2023 04:46:57 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DF11
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFA7mMpUTTNrh-Lo6S9y6aQ&google_cver=1&google_push=AaAOQGFCxbQTQoubnM9438HLscpKHfDkdAhpjlUTbXhH1eqOYtLWyYldvaPW0Cf13cuoBjCXf5VJend_e-odeSkHO0L0...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFA7mMpUTTNrh-Lo6S9y6aQ&google_cver=1&google_push=AaAOQGFCxbQTQoubnM9438HLscpKHfDkdAhpjlUTbXhH1eqOYtLWyYldvaPW0Cf13cuoBjCXf5VJend_e-odeS...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFCxbQTQoubnM9438HLscpKHfDkdAhpjlUTbXhH1eqOYtLWyYldvaPW0Cf13cuoBjCXf5VJend_e-odeSkHO0L09-na5WYSBbo&google_hm=D97E_8HMRVKbEVrNPFUA...

170 B
233 B

59ms
58ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFCxbQTQoubnM9438HLscpKHfDkdAhpjlUTbXhH1eqOYtLWyYldvaPW0Cf13cuoBjCXf5VJend_e-odeSkHO0L09-na5WYSBbo&google_hm=D97E_8HMRVKbEVrNPFUAbw==

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFCxbQTQoubnM9438HLscpKHfDkdAhpjlUTbXhH1eqOYtLWyYldvaPW0Cf13cuoBjCXf5VJend_e-odeSkHO0L09-na5WYSBbo&google_hm=D97E_8HMRVKbEVrNPFUAbw==
Date: Thu, 20 Jul 2023 04:46:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DF11
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEK9RunTNJBOTQ8PJvjy4TIs&google_cver=1&google_push=AaAOQGEqtCQ0aT-84LFekGqlNBoVssQiOpTjnmNmQMNTKfE2HJjo0QFs0Ggvu5RGWVlnL7tCPxv8NxbSMtf2ABnSB-...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNjAxNTkwOTY3NzU0MzEyMDQ&google_push=AaAOQGEqtCQ0aT-84LFekGqlNBoVssQiOpTjnmNmQMNTKfE2HJjo0QFs0Ggvu5RGWVlnL7tCPxv8NxbSMtf2ABnSB-2e...

170 B
330 B

58ms
57ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNjAxNTkwOTY3NzU0MzEyMDQ&google_push=AaAOQGEqtCQ0aT-84LFekGqlNBoVssQiOpTjnmNmQMNTKfE2HJjo0QFs0Ggvu5RGWVlnL7tCPxv8NxbSMtf2ABnSB-2eZfh1E9_Ksg

Requested by

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNjAxNTkwOTY3NzU0MzEyMDQ&google_push=AaAOQGEqtCQ0aT-84LFekGqlNBoVssQiOpTjnmNmQMNTKfE2HJjo0QFs0Ggvu5RGWVlnL7tCPxv8NxbSMtf2ABnSB-2eZfh1E9_Ksg
Date: Thu, 20 Jul 2023 04:46:57 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET CAESEK8hjMfrfGmuOLvwDhMpQxM
an.yandex.ru/mapuid/google/ Frame DF11 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DF11
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEBbFXS0xdkSXVHugLN2vBGw&google_cver=1&google_push=AaAOQGH8xr9l2oFnCzBK6pRezAcTaAZksqGmifn_Gon8npXD4rCh7pTxP0GHwmQx9nMJev1YExpGaeLRC8V9NAjPZMIssFKr5...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGH8xr9l2oFnCzBK6pRezAcTaAZksqGmifn_Gon8npXD4rCh7pTxP0GHwmQx9nMJev1YExpGaeLRC8V9NAjPZMIssFKr5_Q7q28c&google_hm=92aa6130cb...

170 B
233 B

59ms
59ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGH8xr9l2oFnCzBK6pRezAcTaAZksqGmifn_Gon8npXD4rCh7pTxP0GHwmQx9nMJev1YExpGaeLRC8V9NAjPZMIssFKr5_Q7q28c&google_hm=92aa6130cb0316233e250f3dd400870b

Requested by

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGH8xr9l2oFnCzBK6pRezAcTaAZksqGmifn_Gon8npXD4rCh7pTxP0GHwmQx9nMJev1YExpGaeLRC8V9NAjPZMIssFKr5_Q7q28c&google_hm=92aa6130cb0316233e250f3dd400870b
date: Thu, 20 Jul 2023 04:46:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DF11 0
131 B 148ms
54ms Image
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KKX9A-VqGyd8kuLIYcV9XNGGSUYIRdGeXlOMBCdMR0nh6_E9h_iQGoGatHUTp4zvmYsLJ9yig

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:46:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DC9D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
54ms

Document
text/html

2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 04:46:57 GMT
expires: Thu, 20 Jul 2023 04:46:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 04:46:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D9A5 33 KB
33 KB 25ms
24ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 04:45:59 GMT
x-content-type-options: nosniff
age: 518458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jul 2024 04:45:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D9A5 0
19 B 65ms
65ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-llQQLy4ZKHeCYTT_gSjhpzABv6Bn8FxqtyAj9QR8o7W8ZEOEAEgsuCzHWDJ7o6LwKSMEKABg9fn2wPIAQGoAwHIA8sEqgTyAU_Qb8VNt4vwZLxJpna0gzZ8sknUbn7p2TJ6TZscDuKlBWbRZhV9PXaD0yi6QE7GAO9rpEZOijwpI4ecR2pbE-OGR8q86INt__TccJxtokgQZHmXjFK1CwlDEg6GhObtJ7XaS0xklA84ywTLvjfFfoijJf1PWsnu1y3JUPCL7jjXzXPeIOxvEEdYP7khH41l-RL-ulkZ2QQh2t7EkP-sTIz0wynGmoBveV7QyQF6PoNKezXsSIwAyljOjp3Jws8HrU5W3g6bnLWQvFUG7yNU4f32csuCVB7P7rQ4m6tI0tqW1WMoixXvgiz5edgx4LGLl8M8wATzxemevgSSBQQIBBgBkgUECAUYBIAH4N7PpgSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDZvwHSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0wNjA2MTY1ODU4NDM5OTg1GAA&sigh=sUAZFZef7aQ&uach_m=[UACH]&cid=CAQSKQBpAlJW2XrYLt33kEV99pQCUXFz4yngqRzV8bs6D2zo_ycpws1KgvLgGAE&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0606165858439985&output=html&h=280&slotname=4627493881&adk=2842425980&adf=2807604572&pi=t.ma~as.4627493881&w=780&fwrn=4&fwrnh=100&lmt=1689828414&rafmt=1&format=780x280&url=https%3A%2F%2Fone.andro.plus%2Fregion.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689828414462&bpp=2&bdt=970&idt=275&shv=r20230718&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5195813492750&frm=20&pv=1&ga_vid=896067393.1689828415&ga_sid=1689828415&ga_hid=1280605559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441&oid=2&pvsid=1066319279155254&tmod=1372530081&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gTyToZYN7X&p=https%3A//one.andro.plus&dtd=281
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Jul 2023 04:46:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cHXiv2Zk-prJL7FgPqrpMWRmFmfvuFMWFBKWE-bwhsU.js Show response
pagead2.googlesyndication.com/bg/ Frame C0BB 37 KB
14 KB 33ms
32ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHXiv2Zk-prJL7FgPqrpMWRmFmfvuFMWFBKWE-bwhsU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7075e2bf6664fa9ac92fb1603eaae93164661667efb8531614129613e6f086c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:57:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 571796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14623
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 13:57:01 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D9A5 42 B
0 63ms
62ms Fetch
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBe4tIa7mvRDyM-6BAh8QLDkvl2nPejYPD5anWi4gZiWFx9n7TF4X4cL7y-tk-1s0wNxjtDYzzqQXtwDFPJahI2R42M7p8gZi5XD-Ob7XjwwJS2dl5geZmy3ZnlR2v8iTVTFBWjI4XrA&sai=AMfl-YTINO6zlKJsnWuEEIgwCYdE5VLt8PI-LCJneQLyKaovJJl_o7Bt6ZOr4n5-378Hi_PCWbZ45dZamOZbNVowCtXUTgfStrrGluk&sig=Cg0ArKJSzPeE4o87-thTEAE&cid=CAQSKQBpAlJW2XrYLt33kEV99pQCUXFz4yngqRzV8bs6D2zo_ycpws1KgvLgGAE&id=lidar2&mcvt=1000&p=0,0,280,780&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2842425980&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689828416115&rpt=1779&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 04:46:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgHaa11X3NG2Omcdoz2IAIsDBJvV-vT4005v1mzzzzq5S5PYWBjiYuDrWVddooGzafaqDSm3G0ROIEtCqVPwKufBmV&sig=Cg0ArKJSzGJkiSdfrqGlEAE&id=lidartos&mcvt=454&p=0,0,280,780&mtos=454,454,454,454,454&tos=454,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2842425980&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1689828414744&rpt=889&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: an.yandex.ru
URL: https://an.yandex.ru/mapuid/google/CAESEK8hjMfrfGmuOLvwDhMpQxM?ext-param=AaAOQGHQiLYJ-N18WfLo2kc4LV_YRTh-8i6-unayWR7P23uZjzfNdnIa_SD6viE_D6szpELSUWz-FYyG8ENPXpj25HbCoNnTZUD42s0g&partner-tag=yandex_ag&google_cver=1

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.andro.plus/	1970-01-20 22:45:24	Name: __gads Value: ID=9f2b0bec0fe5bbd7-22a507b6d3e200ff:T=1689828414:RT=1689828414:S=ALNI_Ma6E_GXpfkWQTc-VsJvYK63bleP9g
.andro.plus/	1970-01-20 22:45:24	Name: __gpi Value: UID=00000cdde06d4e97:T=1689828414:RT=1689828414:S=ALNI_Mbgq3TTOUSrbHs2OmaJFF1FbfW5Kg
.doubleclick.net/	1970-01-20 22:59:48	Name: IDE Value: AHWqTUmQtb_ZP_507fRypH2x9eBtcPYcXSyYf3OeiEL_C4LccQisn2mWrEmVpTWwOG8
.adkernel.com/	1970-01-20 13:43:58	Name: ADK_EX_11 Value: 1
.adkernel.com/	1970-01-20 14:07:00	Name: ADKUID Value: A4060159096775431204
.mediago.io/	1970-01-20 22:09:24	Name: __mguid_ Value: 92aa6130cb0316233e250f3dd400870b
.doubleclick.net/	1970-01-20 13:23:52	Name: DSID Value: NO_DATA
.linkedin.com/	1970-01-20 22:09:24	Name: bcookie Value: "v=2&cf24558e-5964-4fa3-86e9-98bbb895d922"
.linkedin.com/	1970-01-20 13:25:14	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2955:u=1:x=1:i=1689828417:t=1689914817:v=2:sig=AQHSpouaYaqb1UwdELZWVmZH0CKPAqUj"
fksnk.com/	1970-01-20 13:33:53	Name: AWSALBCORS Value: O3WE8hlkyBgblXYV9MNOYoGkx+k+4eLjnxXH9fUWiPiLexszOG50zJr3YYXB31XSoQbtbXjIezQwU95HtgcQJyJV9cZ9vZFOnIPSuhwp1N40iFo+DVHkuNRXgJRv
.fksnk.com/	1970-01-20 15:33:24	Name: f_001 Value: 1FE266FA1A0B1FFC
.fksnk.com/	1970-01-20 13:25:14	Name: g_001 Value: 1
.adsrvr.org/	1970-01-20 22:10:50	Name: TDID Value: 315d7786-a3b9-45c0-96db-4720e97c0f47
.bidswitch.net/	1970-01-20 22:09:24	Name: tuuid Value: 0fdec4ff-c1cc-4552-9b11-5acd3c55006f
.bidswitch.net/	1970-01-20 22:09:24	Name: c Value: 1689828417
.bidswitch.net/	1970-01-20 22:09:24	Name: tuuid_lu Value: 1689828417
.bidswitch.net/	1970-01-20 13:23:48	Name: google_push Value: AaAOQGFCxbQTQoubnM9438HLscpKHfDkdAhpjlUTbXhH1eqOYtLWyYldvaPW0Cf13cuoBjCXf5VJend_e-odeSkHO0L09-na5WYSBbo
.adsrvr.org/	1970-01-20 22:10:50	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI9vOKncy5hDwQBRgFIAEoAjILCKTCwcniuYQ8EAU4AQ..

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0606165858439985&output=html&h=280&slotname=4627493881&adk=2842425980&adf=2807604572&pi=t.ma~as.4627493881&w=780&fwrn=4&fwrnh=100&lmt=1689828414&rafmt=1&format=780x280&url=https%3A%2F%2Fone.andro.plus%2Fregion.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689828414462&bpp=2&bdt=970&idt=275&shv=r20230718&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5195813492750&frm=20&pv=1&ga_vid=896067393.1689828415&ga_sid=1689828415&ga_hid=1280605559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31076161%2C31076187%2C44788441&oid=2&pvsid=1066319279155254&tmod=1372530081&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gTyToZYN7X&p=https%3A//one.andro.plus&dtd=281 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
adservice.google.com
ajax.googleapis.com
an.yandex.ru
cat.va.us.criteo.com
cm.g.doubleclick.net
code.getmdl.io
csm.us.criteo.net
dsp.adkernel.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.us.criteo.net
match.adsrvr.org
one.andro.plus
pagead2.googlesyndication.com
partner.googleadservices.com
px.ads.linkedin.com
rtb.va.us.criteo.com
static.criteo.net
tpc.googlesyndication.com
trace.mediago.io
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
an.yandex.ru
pagead2.googlesyndication.com
15.197.193.217
172.217.13.98
174.137.133.49
2606:4700:3032::6815:366f
2607:f8b0:4006:80e::2003
2607:f8b0:4006:816::2003
2607:f8b0:4020:804::2002
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::200a
2607:f8b0:4020:805::2013
2607:f8b0:4020:806::2002
2607:f8b0:4020:806::200a
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2004
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:1ec:21::14
3.211.253.240
35.208.249.213
35.211.178.172
74.119.119.147
032e4673a5c9b4cbf5c308cdf09f02cf5dd32113999ce1973d95a501b6da7fe3
0563ad046454fb891a841cc05d7b4e9a93f5a377fc06ca11db143b9769d297af
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
08cd23c0f827bedebae20e73be9241232ac3bc15e9785b19c15e53851bcf5703
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
24dfda978e84747519dff4863a1ecc5f4eac5c2e75e4ed232a24085331962d7c
26b4b8a7c7f8c6f3c35d50274738abf52351ddd9561b006002d80e6a48a7305c
2759fd43397b9b6e46f9bd6902862db86e16b247b34394d9d4b37c0f6095142c
2b18c319e34a0f22df74f4fafed6f7b6bb627b3e282a2648a1cc54b444c89008
2e5dfc6a66b26b283f2070a10bbfd119bc7a2baa2f5cae5d15980420f7fd0040
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37ffad52e105bcaae4d8c1c5f992ab127dfb0c5dfe2f54326c7e4df08baa62cf
387d871768fec9f7205db4a8cb7a64eee98614203dc371a9c613b969f48c20a3
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3fa0384767d48a899a29f66dab000bb887b9bf8c7a2417fa6ad51842ca663393
41cda99039926d80ec47b7db13a609ac18b84c770f4c4c789fb77766098c243d
42497b8e4a8a73413b2216469321d125916e92b088a4542339bbb3ec17722ecc
42e7cf9c0043b5dc41c3fe3cc19f1462b6f8a9570c91828e6200c645849d3482
463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665
475d5a417ffa73c92c661b75a9ac5dd6c3aeeff7b5229f9649e3873fd6c1f0c6
484858846dae9c65acf1522c017b2b43e456b0f17314295671d051166df6b515
4c85382fc0be4d8938569b16e673abc851a92e539f930ed2067cc95057fc4852
4d07f62439c4dd97fa3a9b699e99ab594cf7fcb616cbe488580506bbd073fc79
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
547c755fcba8d42bb84531f27c0a7b2e27bddf0b5ff3f67f78dad4d10496fac1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55dd3c545721fe717d92048dffa929444469df632e75fb7b0d1d2166945e3332
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
665ed1e0aeda7f229d262bdc5f6cc6560f19141da13113dcda5b2553e1bf0ac8
66e3e2b6c9ba9109cf6c8ea8e105f1479fd62bc53c5bd6f35a7c7d595d7f9fd9
7075e2bf6664fa9ac92fb1603eaae93164661667efb8531614129613e6f086c5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74829b4cd39cb90c67f5ecb87be14e70fba62f6080cc3fc2903fd048b0d6c3f6
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
80c491c1ac8dd8ad2d90ba3bdb7fb6db18efd1149a67bbafee6beac3738532df
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
827fbd8bf761e35752c69da1138d038119b35a7f00723973b6a4c137f711be1c
87483ab3dc417b2fe22c60a2db1ba6083d04092ce81dd936f32b133f76e0f659
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
97a5a8b4011368e946c337ff220a3884b75a67bd8b4dad4d97232811756bc3ec
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0c7e40ec61a0334af8d18bb62840044cb717bc9c4fe6dc2bcfff3127f4a66ee
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2875748ea942a66985bf4281a670e92059c656f04f8c162e29500c096be40f1
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
adc647610895f198738b5c3b616cf47b524f032b6dc27d94555fd5be675964e4
af8728dd6702d421ac7d9385e2f084b3dda7b4c2e38754e48a55864df57356de
b657df653f57118d2bc9e61fe9e62c7e3a024de26e410c029ff0dfb103d2b392
bef73e12d8b89484c67fbdfeda65032c76f268d6ddba9508c4b49797409af691
bfa6fe002ae49035b6140f2bef82d3dfd9e5fd56818b85ee7e17d0c48956221e
cb25f19f3376a4d58213010b4ffdfc09ec9dac2e4aab61366f4a28f8027aefa6
cb4031be266760c59588e9d69ead6940c535916d31262ad06733edcdd98012dc
cb6bdefd572c5534f88f424b8da1a92e1c56f7ad495b38081d7633219d995e17
dba6e86d8e140b2b3aff626217074badc2f58bf494ffd853103e29b4b0ba6843
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec542fbe8c4e32564b4821684bd822a911b74fd94c9feb817ab4f6fceb18e036
eed51bc635e32a7dd25d1af1015fbd5749756a85ae1bb37385d94eb4189c943c
f331635a3f31fe1a4fd346307dcb1c5f29d093b56eb04ad0e70af32cec1e60d7
f3540a6f06d629420cdbedf051eb1e3ad8ad81f94a1d2c6eb8e07e7af8a80e5d
f6677a167e2da7f981eee0033969baf67b2f3080403ce79340cee28bfdfbd59b
f73fdff7899cd870b02e52814427566f69eedbb221bfab02d4cfdd8d6f0b0395
fd727179da255b8f6c798cd5cce5b442a9316a4088839782446fcdc47ca32144

one.andro.plus Open in urlscan Pro 2606:4700:3032::6815:366f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

98 Requests

92 %HTTPS

72 %IPv6

18 Domains

27 Subdomains

20 IPs

2 Countries

1375 kBTransfer

2460 kBSize

18 Cookies

8 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

one.andro.plus Open in urlscan Pro
2606:4700:3032::6815:366f Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

92 %
HTTPS

72 %
IPv6

18
Domains

27
Subdomains

20
IPs

2
Countries

1375 kB
Transfer

2460 kB
Size

18
Cookies

98 HTTP transactions
2 data transactions