breezebanking-tz.andro.io Open in urlscan Pro
51.158.189.191 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://breezebanking-tz.andro.io/
Submission: On December 24 via manual (December 24th 2020, 11:37:25 am UTC) from IN

Summary HTTP 54 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 18 domains to perform 54 HTTP transactions. The main IP is 51.158.189.191, located in Paris, France and belongs to Online SAS, FR. The main domain is breezebanking-tz.andro.io.

This is the only time breezebanking-tz.andro.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	51.158.189.191 51.158.189.191	12876 (Online SAS) (Online SAS)
7	2606:4700:303... 2606:4700:3034::681b:95a7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1 9	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	151.101.112.84 151.101.112.84	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
54	19

3 51.158.189.191 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 191-189-158-51.instances.scw.cloud

breezebanking-tz.andro.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3034::681b:95a7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.andro.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.75.88.112 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	andro.io breezebanking-tz.andro.io cdn.andro.io	280 KB
8	addthis.com 1 redirects s7.addthis.com m.addthis.com api-public.addthis.com	192 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	148 KB
5	googleusercontent.com lh3.googleusercontent.com	70 KB
4	doubleclick.net googleads.g.doubleclick.net
3	gstatic.com fonts.gstatic.com	24 KB
2	pinterest.com widgets.pinterest.com	451 B
2	facebook.com www.facebook.com	524 B
2	facebook.net connect.facebook.net	93 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	70 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	803 B
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	638 B
1	addthisedge.com v1.addthisedge.com	895 B
1	moatads.com z.moatads.com	1 KB
54	18

	Domain	Requested by
7	cdn.andro.io	breezebanking-tz.andro.io
5	lh3.googleusercontent.com	breezebanking-tz.andro.io
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	s7.addthis.com	1 redirects breezebanking-tz.andro.io s7.addthis.com
4	pagead2.googlesyndication.com	breezebanking-tz.andro.io pagead2.googlesyndication.com
3	api-public.addthis.com	s7.addthis.com
3	fonts.gstatic.com	fonts.googleapis.com
3	breezebanking-tz.andro.io	breezebanking-tz.andro.io
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	widgets.pinterest.com	breezebanking-tz.andro.io
2	www.facebook.com	breezebanking-tz.andro.io
2	connect.facebook.net	breezebanking-tz.andro.io connect.facebook.net
2	www.google-analytics.com	breezebanking-tz.andro.io www.google-analytics.com
2	maxcdn.bootstrapcdn.com	breezebanking-tz.andro.io maxcdn.bootstrapcdn.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	ajax.googleapis.com	breezebanking-tz.andro.io
1	fonts.googleapis.com	breezebanking-tz.andro.io
54	23

This site contains links to these domains. Also see Links.

Domain
andro.io
app-fzb.andro.io
mecare-platform.andro.io
human-android.andro.io
vuitton-android.andro.io
mobihome-xraycamprank.andro.io
www.addthis.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://breezebanking-tz.andro.io/
Frame ID: 11640C1D5AA2415F74A895BB7CBE9354
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 1738F5C11401B53FF034B0143F57C5B9
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 09C43C94E9E3AFF1E10B9CF6A1EBD954
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7390D47D907C000340D9A3EA8A023C95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3746326561778403&output=html&h=280&slotname=5915702172&adk=2323240474&adf=175616407&pi=t.ma~as.5915702172&w=360&fwrn=4&fwrnh=100&lmt=1608809827&rafmt=1&psa=0&format=360x280&url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608809827590&bpp=15&bdt=178&idt=165&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4834608435816&frm=20&pv=2&ga_vid=1031521675.1608809828&ga_sid=1608809828&ga_hid=1058014522&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067982%2C21068945&oid=2&pvsid=3294062481629878&pem=156&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EATJ2zzTQd&p=http%3A//breezebanking-tz.andro.io&dtd=187
Frame ID: A3BA9F6F8ACFA2B0CDC9A10DA1C42D25
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3746326561778403&output=html&h=280&slotname=8209752975&adk=1293588966&adf=3175363789&pi=t.ma~as.8209752975&w=1200&fwrn=4&fwrnh=100&lmt=1608809827&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608809827606&bpp=3&bdt=193&idt=190&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=360x280&correlator=4834608435816&frm=20&pv=1&ga_vid=1031521675.1608809828&ga_sid=1608809828&ga_hid=1058014522&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067982%2C21068945&oid=2&pvsid=3294062481629878&pem=156&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=c0Mf4KKY8r&p=http%3A//breezebanking-tz.andro.io&dtd=195
Frame ID: 8A0735E32436DB3D2228157263DA2A8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3746326561778403&output=html&adk=1812271804&adf=3025194257&lmt=1608809827&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608809827712&bpp=1&bdt=299&idt=97&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=360x280%2C1200x280&nras=1&correlator=4834608435816&frm=20&pv=1&ga_vid=1031521675.1608809828&ga_sid=1608809828&ga_hid=1058014522&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067982%2C21068945&oid=2&pvsid=3294062481629878&pem=156&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=104
Frame ID: FDFF1699C5E5B9B1A56AA9E2525DE5FB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 83A1FCAD54E48CEAC4B67A0EA9F31CE3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Page Statistics

54
Requests

57 %
HTTPS

72 %
IPv6

18
Domains

23
Subdomains

19
IPs

6
Countries

959 kB
Transfer

2261 kB
Size

13
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://andro.io/out/playmarket/231031
Title:

Search URL Search Domain Scan URL

URL: http://app-fzb.andro.io/
Title: FundzBazar

Search URL Search Domain Scan URL

URL: http://mecare-platform.andro.io/
Title: Moikit

Search URL Search Domain Scan URL

URL: http://human-android.andro.io/
Title: Human - Activity tracker

Search URL Search Domain Scan URL

URL: http://vuitton-android.andro.io/
Title: Louis Vuitton Pass

Search URL Search Domain Scan URL

URL: http://mobihome-xraycamprank.andro.io/
Title: X-ray Cam Prank

Search URL Search Domain Scan URL

URL: http://andro.io/
Title: Androio

Search URL Search Domain Scan URL

URL: http://andro.io/free-mobile-app-sites
Title: Create free website for mobile app

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 23

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 24

http://connect.facebook.net/en_US/fbevents.js HTTP 307
https://connect.facebook.net/en_US/fbevents.js

Request Chain 43

http://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&callback=window._ate.cbs.rcb_841u0 HTTP 307
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&callback=window._ate.cbs.rcb_841u0

Request Chain 46

http://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fbreezebanking-tz.andro.io%2F&callback=window._ate.cbs.rcb_gvm0 HTTP 307
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fbreezebanking-tz.andro.io%2F&callback=window._ate.cbs.rcb_gvm0

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
breezebanking-tz.andro.io/ 22 KB
7 KB 144ms
93ms Document
text/html 51.158.189.191
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://breezebanking-tz.andro.io/
Protocol: HTTP/1.1
Server: 51.158.189.191 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 191-189-158-51.instances.scw.cloud
Software: nginx/1.14.2 /
Resource Hash: e4a419ef0d28d5ccd7bd4a941ccb7f4b78c62533d497dff53fbc03a5630de60a

Request headers

Host: breezebanking-tz.andro.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.14.2
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Date: Thu, 24 Dec 2020 11:37:07 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjJEYlVaMXFxVmxZSE1DNE5MMTV1ZFE9PSIsInZhbHVlIjoieGFvVDh4RGJWV1wvRXpuUU9hbEhmdGdUXC8ybnh3bmlqbjM1a3AyU3pRM2tyVFdSYis1dHdIWmk3bmhtaWh2VDltNk5BWEJKZ1d4SkcyUjdlZGRPcHl4dz09IiwibWFjIjoiZDE3MDA2YjBkZmY3NTI2MmViMDRmMjJjZmViNTBiYzQ4MTk0NmE3ZDI0ZDQ2NWZiYThjMDIxZTZkOWJlZWM5NiJ9; expires=Fri, 25-Dec-2020 07:37:07 GMT; Max-Age=72000; path=/; domain=.andro.io laravel_session=eyJpdiI6IjdFc0Myc2FzUHI5RmJUVGRFWUVcL3JRPT0iLCJ2YWx1ZSI6ImkyMG52YU1vYVl3c3g2RGM1ang4YStKN3IyQVdtV0xpR1Z3Ukk2cmgzaHV3dXdSYUozd2I1Y0t4cjdDVG5jWGRcL0p3ZXMrXC9zUVZIY21WZUhscFVKdXc9PSIsIm1hYyI6IjdlZWFiY2U5NDFhOGIyYWUwYjYwOGExOTBmNjFmNjRhZDRhYjlmMDJjMjkwN2FjMjM0MmQyOTA3M2ZjNjFiODkifQ%3D%3D; expires=Fri, 25-Dec-2020 07:37:07 GMT; Max-Age=72000; path=/; domain=.andro.io; HttpOnly
Content-Encoding: gzip

GET
H/1.1 200
OK bootstrap.css
cdn.andro.io/static/appsites/xawesome/assets/css/ 134 KB
20 KB 75ms
20ms Stylesheet
text/css 2606:4700:3034::681b:95a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.andro.io/static/appsites/xawesome/assets/css/bootstrap.css
Requested by: Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:95a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99d290a34abaed938e19c68e54ff19cc23ac158d4bc0a050697f48f6a8b3b0ea

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1201
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 073622e48c0000c2f4f7945000000001
Last-Modified: Wed, 04 Oct 2017 12:00:12 GMT
Server: cloudflare
ETag: W/"59d4cd4c-21976"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0rGmVH79t0jICTRAZAuCl%2Fvhrqz9ToMt0V8lDDQgasbbY5c69JqbALnVkKGMVS1s3AFVmCe91KomW91QYwsdXtoJd721RuBpwfk7TF4u%2BoE2vLJ566IngZU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
CF-RAY: 606a074dafbcc2f4-FRA

GET
H/1.1 200
OK landing-page.css
cdn.andro.io/static/appsites/xawesome/assets/css/ 44 KB
9 KB 72ms
17ms Stylesheet
text/css 2606:4700:3034::681b:95a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.andro.io/static/appsites/xawesome/assets/css/landing-page.css?v=42
Requested by: Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:95a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52e1ca2db7d02a8ee2eca2dcb54a56fc6ac11a379e772e73b17b972a1d97068b

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1201
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 073622e48c00004abd66b8f000000001
Last-Modified: Wed, 04 Oct 2017 12:00:12 GMT
Server: cloudflare
ETag: W/"59d4cd4c-b0f8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pO0%2BHQGooGPmrYfDsZC99MrqVrqu2u9ULqTXE4MQDbllmT8YFy%2FdiRvJxb%2B89btsJlfUN22dQCEVtxa41MtHhQpkx%2F665uVO8WGt8P1cUiRYUMtlBtc%2BZxg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
CF-RAY: 606a074dad694abd-FRA

GET
H/1.1 200
OK owl.carousel.css
cdn.andro.io/static/appsites/atom/assets/plugins/owl-carousel/ 1 KB
1 KB 70ms
16ms Stylesheet
text/css 2606:4700:3034::681b:95a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.andro.io/static/appsites/atom/assets/plugins/owl-carousel/owl.carousel.css
Requested by: Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:95a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1201
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 073622e48d00001752e0ad5000000001
Last-Modified: Wed, 04 Oct 2017 12:00:11 GMT
Server: cloudflare
ETag: W/"59d4cd4b-5c4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KqDMQUfih0RrtEowHSYgKK5dkR9LCdoqS5YQ8Wx1MHWInkaTkdKcWKuvDwoKaJurC10MPBBbE%2BhQi0XBUyFeL0TgGFi4x7hIcV2ZheDOJhuQI2iZGEYosG8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
CF-RAY: 606a074dadf41752-FRA

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
5 KB 15ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:35:19 GMT
ETag: "1544639719"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 5041

GET
H/1.1 200
OK css
fonts.googleapis.com/ 6 KB
1 KB 19ms
16ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:300italic,400,300

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f999ed3b8c7407b22a68ed137df30e845de4fe7b06af0aa8ad102b052474412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Dec 2020 11:37:07 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Thu, 24 Dec 2020 11:37:07 GMT

GET
H/1.1 200
OK 3FcGTIlFKYXCEYmjN6bhovKqbKgMeX6vOJ1dtt4v1ovFWizn_RG0bS0PpsQEIHG3cYU=w300
lh3.googleusercontent.com/ 19 KB
20 KB 108ms
100ms Image
image/png 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.googleusercontent.com/3FcGTIlFKYXCEYmjN6bhovKqbKgMeX6vOJ1dtt4v1ovFWizn_RG0bS0PpsQEIHG3cYU=w300

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

93beb8d68972c5ee82ce16576e267ae598cbbc9e3136430199043e61cfe3d08b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v1"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="unnamed.png"
Timing-Allow-Origin: *
Content-Length: 19616
X-XSS-Protection: 0
Expires: Fri, 25 Dec 2020 11:37:07 GMT

GET
H/1.1 200
OK blja6SYRcTivLZhUBf-dF7VFiuilfpqMEU-WGYyx-511KzdnLghryYhOY1IZ5uQOCw=w310
lh3.googleusercontent.com/ 12 KB
13 KB 379ms
371ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.googleusercontent.com/blja6SYRcTivLZhUBf-dF7VFiuilfpqMEU-WGYyx-511KzdnLghryYhOY1IZ5uQOCw=w310

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c53241932fcbbd05ebc2c11f0fc7e72ddafa5ba9f758ddb8b6bf6c587ff78a48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v1"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="unnamed.jpg"
Timing-Allow-Origin: *
Content-Length: 12688
X-XSS-Protection: 0
Expires: Fri, 25 Dec 2020 11:37:07 GMT

GET
H/1.1 200
OK android.png
cdn.andro.io/static/appsites/xawesome/assets/img/template/ 179 KB
180 KB 33ms
33ms Image
image/png 2606:4700:3034::681b:95a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.andro.io/static/appsites/xawesome/assets/img/template/android.png
Requested by: Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:95a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2759a3318bb6282be37c979f146e326ab3bbcf80c652f6aee410b622fe3acecf

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 04 Oct 2017 12:00:12 GMT
Server: cloudflare
ETag: "59d4cd4c-2ccf2"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8YdlrRAt%2FDweiOByVUPvcCNR%2B%2FCltT5b3q9tZ6LqNqpNl%2FQUGTiVeTuV1hbVguE7uFV%2BE%2FR2NmMWE%2FM8fqTtYznRMMRFQ%2FeuCVDgPVQlvwfBYNSSgpKkxik%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 606a074dced02bf2-FRA
Content-Length: 183538
cf-request-id: 073622e49c00002bf21e361000000001

GET
H/1.1 200
OK oyhbFSvy65Iier0Se4Iy0DmTCmr8Yyt1Ink3l95GkO6R4ptVd8xFH3cCPmcq9Sujdw=w310
lh3.googleusercontent.com/ 11 KB
11 KB 320ms
313ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.googleusercontent.com/oyhbFSvy65Iier0Se4Iy0DmTCmr8Yyt1Ink3l95GkO6R4ptVd8xFH3cCPmcq9Sujdw=w310

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ed9b958805aa856aedf5702dd7d2173857c3c24a2891aff082519ce153b7e851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v1"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="unnamed.jpg"
Timing-Allow-Origin: *
Content-Length: 11193
X-XSS-Protection: 0
Expires: Fri, 25 Dec 2020 11:37:07 GMT

GET
H/1.1 200
OK 97RUHiEWSVfZSJAjwxGTt8g1nf6Rkul6RjyCGlN6hG6nhVZFbQwk_VrYNOwJKvFa3wcW=w310
lh3.googleusercontent.com/ 13 KB
13 KB 297ms
290ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.googleusercontent.com/97RUHiEWSVfZSJAjwxGTt8g1nf6Rkul6RjyCGlN6hG6nhVZFbQwk_VrYNOwJKvFa3wcW=w310

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

54c6eca325222210f6c3e7fcdc7e07c1243826d929f0599b25a5c41b13f5e695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v1"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="unnamed.jpg"
Timing-Allow-Origin: *
Content-Length: 12839
X-XSS-Protection: 0
Expires: Fri, 25 Dec 2020 11:37:07 GMT

GET
H/1.1 200
OK blja6SYRcTivLZhUBf-dF7VFiuilfpqMEU-WGYyx-511KzdnLghryYhOY1IZ5uQOCw=h900
lh3.googleusercontent.com/ 13 KB
13 KB 370ms
363ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.googleusercontent.com/blja6SYRcTivLZhUBf-dF7VFiuilfpqMEU-WGYyx-511KzdnLghryYhOY1IZ5uQOCw=h900

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7297eb81f6c829713d5a882195a9c5e1cf46c15badf3338153e7c10e72ee4ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v1"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="unnamed.jpg"
Timing-Allow-Origin: *
Content-Length: 13043
X-XSS-Protection: 0
Expires: Fri, 25 Dec 2020 11:37:07 GMT

GET
H/1.1 200
OK playmarket-en.svg
breezebanking-tz.andro.io/static/imgs/ 38 KB
38 KB 29ms
28ms Image
image/svg+xml 51.158.189.191
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://breezebanking-tz.andro.io/static/imgs/playmarket-en.svg
Requested by: Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/
Protocol: HTTP/1.1
Server: 51.158.189.191 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 191-189-158-51.instances.scw.cloud
Software: nginx/1.14.2 /
Resource Hash: 2e20ec0a98b4d8fcc60bf70107f3bd3bad82c04f98b4312f9e878ba190173293

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
Last-Modified: Wed, 04 Oct 2017 12:00:12 GMT
Server: nginx/1.14.2
ETag: "59d4cd4c-968f"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38543

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 29ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 24 Dec 2020 11:37:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13290078405355148527
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 47107
X-XSS-Protection: 0
Expires: Thu, 24 Dec 2020 11:37:07 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
30 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 23:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303813
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Dec 2021 23:13:34 GMT

GET
H/1.1 200
OK bootstrap.js Show response
cdn.andro.io/static/appsites/xawesome/assets/js/ 64 KB
14 KB 71ms
18ms Script
application/javascript 2606:4700:3034::681b:95a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.andro.io/static/appsites/xawesome/assets/js/bootstrap.js
Requested by: Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:95a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e5884d1be3041eafbab27d898b8e401e0263c5bebaba17c97d82240064a362c

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1201
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 073622e48d00002c32d711c000000001
Last-Modified: Wed, 04 Oct 2017 12:00:12 GMT
Server: cloudflare
ETag: W/"59d4cd4c-10115"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EsREZ3NaBXnzlRC6TPXUpvWtZdD5qX0aCc0JLKtycOb1aIExxvvLphrPeinhk%2Fl7PrEyu1CxV0f5Mzo2ZKLhuSL8xB8IL9mFwK69d9%2B%2BeqlT1BjVVkfSqOI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 606a074dacaa2c32-FRA

GET
H/1.1 200
OK owl.carousel.js Show response
cdn.andro.io/static/appsites/atom/assets/plugins/owl-carousel/ 52 KB
9 KB 68ms
15ms Script
application/javascript 2606:4700:3034::681b:95a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.andro.io/static/appsites/atom/assets/plugins/owl-carousel/owl.carousel.js
Requested by: Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:95a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1201
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 073622e48d00002bf24e215000000001
Last-Modified: Wed, 04 Oct 2017 12:00:11 GMT
Server: cloudflare
ETag: W/"59d4cd4b-ce3d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=etmbX9cY2tzhdinuDVmNYN6nA3YiqiDLUnEz6vbkGcaIXkdV%2B9twBYckasbCam6mb4oOrEDqg2MnE36VAwOQa%2Fk1ld4G3%2BVwrrFLcnvI5Z8BmuyH7iAG4l8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 606a074daebf2bf2-FRA

GET
H/1.1 200
OK owl-custom.js Show response
cdn.andro.io/static/appsites/atom/assets/js/ 301 B
1 KB 70ms
17ms Script
application/javascript 2606:4700:3034::681b:95a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.andro.io/static/appsites/atom/assets/js/owl-custom.js
Requested by: Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:95a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90a851012f902d53f77ed93698a8a47b7520010ca3dc249153b433d2af75809

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1201
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 073622e48d00004a62cc0d2000000001
Last-Modified: Wed, 04 Oct 2017 12:00:11 GMT
Server: cloudflare
ETag: W/"59d4cd4b-12d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZGBiQJ3crtUa%2FsUs7gG0Wx8CRxCLOwmQiXpncjg0fuXEGzcaqWqOYnOuntSSIpk2rczlvVlq5%2BOkFJj1gF4eh4nw3lAtDg9d9HC9QxJPOMBISe6xCdnaiKc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 606a074dadcc4a62-FRA

GET
H/1.1 200
OK pixel.gif
breezebanking-tz.andro.io/track/ 43 B
1 KB 67ms
66ms Image
text/html 51.158.189.191
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://breezebanking-tz.andro.io/track/pixel.gif?r=14567
Requested by: Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/
Protocol: HTTP/1.1
Server: 51.158.189.191 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 191-189-158-51.instances.scw.cloud
Software: nginx/1.14.2 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
Cache-Control: no-cache
Server: nginx/1.14.2
Connection: keep-alive
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

103ms
42ms

Script
application/javascript

104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 24 Dec 2020 11:37:07 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400,300

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://breezebanking-tz.andro.io
Referer: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 07:01:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:28 GMT
Server: sffe
Age: 102922
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9132
X-XSS-Protection: 0
Expires: Thu, 23 Dec 2021 07:01:45 GMT

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/ 5 KB
6 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400,300

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://breezebanking-tz.andro.io
Referer: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Dec 2020 02:10:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:19 GMT
Server: sffe
Age: 552427
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 5608
X-XSS-Protection: 0
Expires: Sat, 18 Dec 2021 02:10:00 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 64 KB
64 KB 1740ms
1484ms Font
font/woff 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: http://breezebanking-tz.andro.io
Referer: http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 11:37:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:35:44 GMT
ETag: "1544639744"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: font/woff
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 65464

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400,300

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://breezebanking-tz.andro.io
Referer: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 17:21:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:16 GMT
Server: sffe
Age: 152117
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9016
X-XSS-Protection: 0
Expires: Wed, 22 Dec 2021 17:21:50 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

46 KB
18 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6393
date: Thu, 24 Dec 2020 09:50:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 24 Dec 2020 11:50:34 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2

200

fbevents.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/fbevents.js
https://connect.facebook.net/en_US/fbevents.js

90 KB
24 KB

19ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23470
x-fb-rlafr: 0
pragma: public
x-fb-debug: jX0glBWurKun/kmbLODhDwILDcRQ3ziUVZqHEVz4UdqtSatrbj58+2t68zt5X2zu5qeCQkkzft86i8kQgIgyew==
x-fb-trip-id: 436667874
x-frame-options: DENY
date: Thu, 24 Dec 2020 11:37:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/fbevents.js
Non-Authoritative-Reason: HSTS

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 234 KB
88 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 11:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Dec 2020 11:37:07 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 1738 0
0 6ms
5ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://breezebanking-tz.andro.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://breezebanking-tz.andro.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 24 Dec 2020 09:58:13 GMT
expires: Thu, 07 Jan 2021 09:58:13 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
age: 5934
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
394 B 38ms
12ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1058014522&t=pageview&_s=1&dl=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&ul=en-us&de=UTF-8&dt=SC%20Mobile%20Tanzania%20website%20-%20free%20download%20.apk%20for%20android&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=412961388&gjid=327820392&cid=1031521675.1608809828&tid=UA-2422930-59&_gid=525759458.1608809828&_r=1&_slc=1&z=898343047

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 11:37:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://breezebanking-tz.andro.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 93ms
32ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 11:37:07 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=58671
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-56c492ef607a1338/ 2 KB
895 B 226ms
224ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-56c492ef607a1338/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7736d95c535a3badba2444a8d13ea5f6d4a0d678b3c812b03b62e7771ef99ce3

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 11:37:07 GMT
content-encoding: gzip
etag: 1724455329--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 720

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 129ms
126ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5fe47d63aba99ec1&bkl=0&bl=1&pdt=215&sid=5fe47d63aba99ec1&pub=ra-56c492ef607a1338&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=breezebanking-tz.andro.io&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1608809827722&jsl=1&uvs=5fe47d63d24e692d000&skipb=1&callback=addthis.cbs.jsonp__334964792997684450
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c4e11837ccadf44b70cdb708bfb291a81b7ad8bf2322d81ba003b30eacc75dff

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 11:37:07 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 09C4 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 7390 0
0 34ms
34ms Document
text/html 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://breezebanking-tz.andro.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://breezebanking-tz.andro.io/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 24 Dec 2020 11:37:07 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 1512343335741503 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1512343335741503?v=2.9.31&r=stable

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

520e7d92758ec91c517e18b9039405e88026f6f98af187b32415b05119788c3b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70181
x-fb-rlafr: 0
pragma: public
x-fb-debug: VxH4obSmR1DqnlC/Fx3NoIWIKiWRAjlehdYX8wWnJgcgsZyAgZNNOmY9M5bloXRr/+q4okk1QYA9plNG4XuOEg==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 24 Dec 2020 11:37:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 42300229
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 198 B
638 B 153ms
53ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=breezebanking-tz.andro.io&callback=_gfp_s_&client=ca-pub-3746326561778403

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

111c9a820e3254977e02eaac3bc3eef51b37978e97c792f5fda6a42d507775a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 11:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 35ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=breezebanking-tz.andro.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Dec 2020 11:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 36ms
14ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=breezebanking-tz.andro.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Dec 2020 11:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame A3BA 0
0 107ms
92ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3746326561778403&output=html&h=280&slotname=5915702172&adk=2323240474&adf=175616407&pi=t.ma~as.5915702172&w=360&fwrn=4&fwrnh=100&lmt=1608809827&rafmt=1&psa=0&format=360x280&url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608809827590&bpp=15&bdt=178&idt=165&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4834608435816&frm=20&pv=2&ga_vid=1031521675.1608809828&ga_sid=1608809828&ga_hid=1058014522&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067982%2C21068945&oid=2&pvsid=3294062481629878&pem=156&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EATJ2zzTQd&p=http%3A//breezebanking-tz.andro.io&dtd=187

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3746326561778403&output=html&h=280&slotname=5915702172&adk=2323240474&adf=175616407&pi=t.ma~as.5915702172&w=360&fwrn=4&fwrnh=100&lmt=1608809827&rafmt=1&psa=0&format=360x280&url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608809827590&bpp=15&bdt=178&idt=165&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4834608435816&frm=20&pv=2&ga_vid=1031521675.1608809828&ga_sid=1608809828&ga_hid=1058014522&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067982%2C21068945&oid=2&pvsid=3294062481629878&pem=156&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EATJ2zzTQd&p=http%3A//breezebanking-tz.andro.io&dtd=187
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://breezebanking-tz.andro.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://breezebanking-tz.andro.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Dec 2020 11:37:07 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Dec-2020 11:52:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Dec 2020 11:37:07 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 11:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Thu, 24 Dec 2020 11:37:07 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8A07 0
0 84ms
82ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3746326561778403&output=html&h=280&slotname=8209752975&adk=1293588966&adf=3175363789&pi=t.ma~as.8209752975&w=1200&fwrn=4&fwrnh=100&lmt=1608809827&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608809827606&bpp=3&bdt=193&idt=190&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=360x280&correlator=4834608435816&frm=20&pv=1&ga_vid=1031521675.1608809828&ga_sid=1608809828&ga_hid=1058014522&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067982%2C21068945&oid=2&pvsid=3294062481629878&pem=156&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=c0Mf4KKY8r&p=http%3A//breezebanking-tz.andro.io&dtd=195

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3746326561778403&output=html&h=280&slotname=8209752975&adk=1293588966&adf=3175363789&pi=t.ma~as.8209752975&w=1200&fwrn=4&fwrnh=100&lmt=1608809827&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608809827606&bpp=3&bdt=193&idt=190&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=360x280&correlator=4834608435816&frm=20&pv=1&ga_vid=1031521675.1608809828&ga_sid=1608809828&ga_hid=1058014522&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067982%2C21068945&oid=2&pvsid=3294062481629878&pem=156&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=c0Mf4KKY8r&p=http%3A//breezebanking-tz.andro.io&dtd=195
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://breezebanking-tz.andro.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://breezebanking-tz.andro.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Dec 2020 11:37:07 GMT
server: cafe
content-length: 198
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Dec-2020 11:52:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Dec 2020 11:37:07 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame FDFF 0
0 81ms
80ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3746326561778403&output=html&adk=1812271804&adf=3025194257&lmt=1608809827&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608809827712&bpp=1&bdt=299&idt=97&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=360x280%2C1200x280&nras=1&correlator=4834608435816&frm=20&pv=1&ga_vid=1031521675.1608809828&ga_sid=1608809828&ga_hid=1058014522&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067982%2C21068945&oid=2&pvsid=3294062481629878&pem=156&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=104

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3746326561778403&output=html&adk=1812271804&adf=3025194257&lmt=1608809827&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1608809827712&bpp=1&bdt=299&idt=97&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=360x280%2C1200x280&nras=1&correlator=4834608435816&frm=20&pv=1&ga_vid=1031521675.1608809828&ga_sid=1608809828&ga_hid=1058014522&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067982%2C21068945&oid=2&pvsid=3294062481629878&pem=156&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://breezebanking-tz.andro.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://breezebanking-tz.andro.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Dec 2020 11:37:07 GMT
server: cafe
content-length: 4268
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Dec-2020 11:52:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Dec 2020 11:37:07 GMT
cache-control: private

GET
H2 200 /
www.facebook.com/tr/ 44 B
378 B 20ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1512343335741503&ev=PageView&dl=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&rl=&if=false&ts=1608809827837&sw=1600&sh=1200&v=2.9.31&r=stable&ec=0&o=30&fbp=fb.1.1608809827835.324958173&it=1608809827739&coo=false&rqm=GET

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 11:37:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 24 Dec 2020 11:37:07 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 33ms
33ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 24 Dec 2020 11:37:07 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2

200

count.json Show response
widgets.pinterest.com/v1/urls/
Redirect Chain

http://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&callback=window._ate.cbs.rcb_841u0
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&callback=window._ate.cbs.rcb_841u0

80 B
144 B

194ms
130ms

Script
application/javascript

151.101.112.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&callback=window._ate.cbs.rcb_841u0

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8ebcbd8b9a912444b4b10106b51ad69f1a76e13c9e4c0504f6316b074296c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 11:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 2
accept-ranges: none
x-pinterest-rid: 4582747492700348
expires: Thu, 24 Dec 2020 11:52:08 GMT

Redirect headers

Location: https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&callback=window._ate.cbs.rcb_841u0
Non-Authoritative-Reason: HSTS

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 32 B
288 B 220ms
218ms Script
application/json 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&callback=_ate.cbs.rcb_j1n0

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e91de9bb0ba1442d794a9218c26fc0f1b6ae282c070f09e1c3117f7d8976aef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: breezebanking-tz.andro.io/
last-modified: Thu, 24 Dec 2020 11:37:08 GMT
server: nginx/1.15.8
date: Thu, 24 Dec 2020 11:37:08 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 52

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
268 B 200ms
198ms XHR
application/json 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fbreezebanking-tz.andro.io%2F

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://breezebanking-tz.andro.io/
last-modified: Thu, 24 Dec 2020 11:00:00 GMT
server: nginx/1.15.8
date: Thu, 24 Dec 2020 11:37:08 GMT
content-type: application/json
access-control-allow-origin: http://breezebanking-tz.andro.io
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2

200

count.json Show response
widgets.pinterest.com/v1/urls/
Redirect Chain

http://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fbreezebanking-tz.andro.io%2F&callback=window._ate.cbs.rcb_gvm0
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fbreezebanking-tz.andro.io%2F&callback=window._ate.cbs.rcb_gvm0

80 B
307 B

189ms
125ms

Script
application/javascript

151.101.112.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fbreezebanking-tz.andro.io%2F&callback=window._ate.cbs.rcb_gvm0

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e28fdedc442ca71f484d820c6b20128fb4392cfaa1a97b41fcefdef8ae1934e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 11:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 5680883064529755
expires: Thu, 24 Dec 2020 11:52:08 GMT

Redirect headers

Location: https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fbreezebanking-tz.andro.io%2F&callback=window._ate.cbs.rcb_gvm0
Non-Authoritative-Reason: HSTS

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
289 B 203ms
202ms Script
application/json 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fbreezebanking-tz.andro.io%2F&callback=_ate.cbs.rcb_4o280

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

a48dc4813383ca6ae6b28131d5590c1cb025c3c5f17c6b4dbca51e39621bd89b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: breezebanking-tz.andro.io/
last-modified: Thu, 24 Dec 2020 11:37:08 GMT
server: nginx/1.15.8
date: Thu, 24 Dec 2020 11:37:08 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1512343335741503&ev=Microdata&dl=http%3A%2F%2Fbreezebanking-tz.andro.io%2F&rl=&if=false&ts=1608809828341&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SC%20Mobile%20Tanzania%20website%20-%20free%20download%20.apk%20for%20android%20%22%2C%22meta%3Adescription%22%3A%22download%20SC%20Mobile%20Tanzania%20app%20for%20Android%20phone%20%26%20tablet%5Cn%20%20%20%20%20%20%20%20%20%20%20%20and%20other%20Android%20devices%20%20.%5Cn%5Ct%5Ct%20%20%20%20%20%20%20%20%20%20%20%20SC%20Mobile%20Tanzania%20-%20Google%20Play%20market%20trended%20app%20from%20%20%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22SC%20Mobile%20Tanzania%20by%20%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22%2F%2Flh3.googleusercontent.com%2F3FcGTIlFKYXCEYmjN6bhovKqbKgMeX6vOJ1dtt4v1ovFWizn_RG0bS0PpsQEIHG3cYU%3Dw300%22%2C%22og%3Adescription%22%3A%22download%20SC%20Mobile%20Tanzania%20app%20for%20Android%20phone%20%26%20tablet%5Cn%20%20%20%20%20%20%20%20%20%20%20%20and%20other%20Android%20devices%20%20.%5Cn%5Ct%5Ct%20%20%20%20%20%20%20%20%20%20%20%20SC%20Mobile%20Tanzania%20-%20Google%20Play%20market%20trended%20app%20from%20%20%22%2C%22og%3Asite_name%22%3A%22breezebanking-tz.andro.io%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Asite%22%3A%22%40andro_io%22%2C%22twitter%3Atitle%22%3A%22SC%20Mobile%20Tanzania%20by%20%22%2C%22twitter%3Adescription%22%3A%22download%20SC%20Mobile%20Tanzania%20app%20for%20Android%20phone%20%26%20tablet%5Cn%20%20%20%20%20%20%20%20%20%20%20%20and%20other%20Android%20devices%20%20.%5Cn%5Ct%5Ct%20%20%20%20%20%20%20%20%20%20%20%20SC%20Mobile%20Tanzania%20-%20Google%20Play%20market%20trended%20app%20from%20%20%22%2C%22twitter%3Aimage%22%3A%22%2F%2Flh3.googleusercontent.com%2F3FcGTIlFKYXCEYmjN6bhovKqbKgMeX6vOJ1dtt4v1ovFWizn_RG0bS0PpsQEIHG3cYU%3Dw300%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.31&r=stable&ec=1&o=30&fbp=fb.1.1608809827835.324958173&it=1608809827739&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: breezebanking-tz.andro.io
URL: http://breezebanking-tz.andro.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 11:37:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 24 Dec 2020 11:37:08 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 47ms
33ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f31b1426abe85134ad021e9d667087956d401d63d9d09cdf1becd05bd5b3176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Dec 2020 11:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 11:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 24 Dec 2020 11:37:09 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 83A1 0
0 34ms
20ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://breezebanking-tz.andro.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://breezebanking-tz.andro.io/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 24 Dec 2020 09:14:47 GMT
expires: Fri, 24 Dec 2021 09:14:47 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8542
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
200 B 15ms
15ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=3294062481629878&bg=!b2ylbEzNAAXKjztByliuqsGFlmtpaQIAAABKUgAAAAxoAQcKAVY4t7fI3hh-RoK66beorjuxMwPSukcn7kK6NKdQOVQQSwQEHFSn9D536-hUyRuCSh3tUuPNU0duTFls0WR08qDbL3LFCQToX5t6kjVbD89SoUpaPtQcwlVJT5EWLMx23U6XA--sErrBqM5odPFYSbgb6H6a9_6hSGJ0VmR8Hof82_yPg4w0O1jOiY61ZRTGO1h3y65bTDjgXKZjs5_nYP4iEa1z1QhLN8Tw-Go2msGnxfQ8WAE0Fc_MSnnrOTbfX1Fod3vqjDu48bR4BkNhsXBmNzQZcs6I8AZYajQh4R0kPyunvqVOPlK7t8opdYO4Xs4ipyaigei_3GSh0dq0p5zDI1TV7eCAGJ2TGcwvmnVH8yZTxiOjKS8W5OmnM2hlwY_flG3qrT7wcUbNAU4areIrBztwUihvopD7L-o_s_4EOY8DmV7n_qh8ktpfVEptAQToDrLTzR2ZAcHhrl42TJFhG4Uoh4ia0WOFzFXZSW5ErIlJoc_u3k-OXLXcMAZVrrYrRKQkJXukqv03aURmEZII2Qe6LnuZc37byxPS_dTzpCOzqTRzFCK9yrA9bqqdBv0PW55uDrweDSI_DeUs6DniVEx52w7VKO27W3a3oU8XzcKYfSBXSXu4gM5V_KCZp5ikq1VgWUJejU7Kb_g0XlakSXHOZ5rnDHVoTHbQg7W7JJ8an4g_6i7xzpmozjVK6n2WghJo0TB1CxctVppxd1IPM9hJe10JH4Jx8cplOnwoZdYLkArzuFzy-AKBcMdKadgdZB87qUK8V3rqeQDabu28Fw78dwe4psmB4PAd7OdxmaTM1k9m6DYrBLGUlc0f9W0VA5HtjDa97ex64BMabz_wmZ4-8lKhREN3EWICfW8x6LyAt4hHBQQz85qXTHjOYaxG0rm7J587Xl_C4PHoYzXieuvaqcXw_ZeX4U4KVkchvUNro6DwRZsZCkiu8DReGUrbzyMLjqGI_Uv-CgzvJTzgt8FJ0AlvAeKqM4NqHzERRj227hpG8aIaVeg1stwesAVORw8TbnnwJxDgjom3k5rQjrjLeOxpgnO0Hg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://breezebanking-tz.andro.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 11:37:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addthis.com/	1970-01-20 00:23:44	Name: uvc Value: 1%7C52
.andro.io/	1970-01-19 14:54:41	Name: laravel_session Value: eyJpdiI6Iklvc1VCKyswbmxCclZyVFZYcDB4aEE9PSIsInZhbHVlIjoiVDVBUGluMCtSaERtOXUrNXhITTNEejNrWmNIcWluXC80c21JRnZwUURTNEpXM0R3elliTGxcL1FWa1poK2IwQnhrcCtZR0lXNFlWK3RpSGEycXc2K2dtdz09IiwibWFjIjoiYTQ0NWY2NzVkN2NmNDU1NzJkNTcyNWQyN2RlNzAwZjRhYWEwZjIzMTYxZjQ3NDQxYWVmMDA5NWMzZWE0ODg4MSJ9
.andro.io/	1970-01-20 08:24:41	Name: _ga Value: GA1.2.1031521675.1608809828
.doubleclick.net/	1970-01-19 14:53:30	Name: test_cookie Value: CheckForPermission
breezebanking-tz.andro.io/	1970-01-19 14:53:31	Name: __atuvs Value: 5fe47d63d24e692d000
.andro.io/	1970-01-19 14:54:56	Name: _gid Value: GA1.2.525759458.1608809828
breezebanking-tz.andro.io/	1970-01-20 00:23:44	Name: __atuvc Value: 1%7C52
.andro.io/	1970-01-20 00:15:05	Name: __gads Value: ID=f9596d60f72ae8ad-224277da91a60054:T=1608809827:RT=1608809827:S=ALNI_MYxaiQOF06mXyr1dzpqXBJ6XC53-g
.andro.io/	1970-01-19 14:53:29	Name: _gat Value: 1
.addthis.com/	1970-01-20 00:23:44	Name: loc Value: MDAwMDBFVURLODIyMzYxMTkwMjAwMzAwMDBDSA==
.andro.io/	1970-01-19 17:03:05	Name: _fbp Value: fb.1.1608809827835.324958173
.andro.io/	1970-01-19 14:54:41	Name: XSRF-TOKEN Value: eyJpdiI6IlRhMlNBNWV0VHVcL0NpTlYyQjFoWW1RPT0iLCJ2YWx1ZSI6ImI4dWx1ZzlUZUNjOVwvWDNjV09MeFVZYjJcL2J1ejkraTE4MTlGTUlUNzc1M1wvMVhINmxSZEVTemlqWG4zNW5PU2lFcEp6encwam50cnZuN0liT0JOSkJRPT0iLCJtYWMiOiIxMGE1NDdjNTAyYWZlZDViZmE1ZDU1NzJmNTQ4ZDYxZWMzNjMxM2FiOTVhY2EzYWVmNGM4M2NhMzczYzgyMjgyIn0%3D
.andro.io/	1970-01-19 15:36:41	Name: __cfduid Value: d03381a91e253ac2e465f5e15ce5665851608809827

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
api-public.addthis.com
breezebanking-tz.andro.io
cdn.andro.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lh3.googleusercontent.com
m.addthis.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
s7.addthis.com
tpc.googlesyndication.com
v1.addthisedge.com
widgets.pinterest.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
z.moatads.com
s7.addthis.com
104.75.88.112
151.101.112.84
172.217.23.98
2.18.235.40
2001:4de0:ac19::1:b:1b
2606:4700:3034::681b:95a7
2a00:1450:4001:801::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:815::2001
2a00:1450:4001:81d::2001
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2002
2a00:1450:4001:820::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
51.158.189.191
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0f999ed3b8c7407b22a68ed137df30e845de4fe7b06af0aa8ad102b052474412
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111c9a820e3254977e02eaac3bc3eef51b37978e97c792f5fda6a42d507775a7
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
2759a3318bb6282be37c979f146e326ab3bbcf80c652f6aee410b622fe3acecf
2e20ec0a98b4d8fcc60bf70107f3bd3bad82c04f98b4312f9e878ba190173293
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702
4f31b1426abe85134ad021e9d667087956d401d63d9d09cdf1becd05bd5b3176
520e7d92758ec91c517e18b9039405e88026f6f98af187b32415b05119788c3b
52e1ca2db7d02a8ee2eca2dcb54a56fc6ac11a379e772e73b17b972a1d97068b
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54c6eca325222210f6c3e7fcdc7e07c1243826d929f0599b25a5c41b13f5e695
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
7297eb81f6c829713d5a882195a9c5e1cf46c15badf3338153e7c10e72ee4ff8
7736d95c535a3badba2444a8d13ea5f6d4a0d678b3c812b03b62e7771ef99ce3
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8e5884d1be3041eafbab27d898b8e401e0263c5bebaba17c97d82240064a362c
9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d
93beb8d68972c5ee82ce16576e267ae598cbbc9e3136430199043e61cfe3d08b
99d290a34abaed938e19c68e54ff19cc23ac158d4bc0a050697f48f6a8b3b0ea
a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a48dc4813383ca6ae6b28131d5590c1cb025c3c5f17c6b4dbca51e39621bd89b
a90a851012f902d53f77ed93698a8a47b7520010ca3dc249153b433d2af75809
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
c4e11837ccadf44b70cdb708bfb291a81b7ad8bf2322d81ba003b30eacc75dff
c53241932fcbbd05ebc2c11f0fc7e72ddafa5ba9f758ddb8b6bf6c587ff78a48
e28fdedc442ca71f484d820c6b20128fb4392cfaa1a97b41fcefdef8ae1934e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4a419ef0d28d5ccd7bd4a941ccb7f4b78c62533d497dff53fbc03a5630de60a
e8ebcbd8b9a912444b4b10106b51ad69f1a76e13c9e4c0504f6316b074296c3e
e91de9bb0ba1442d794a9218c26fc0f1b6ae282c070f09e1c3117f7d8976aef5
ed9b958805aa856aedf5702dd7d2173857c3c24a2891aff082519ce153b7e851
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

breezebanking-tz.andro.io Open in urlscan Pro 51.158.189.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

54 Requests

57 %HTTPS

72 %IPv6

18 Domains

23 Subdomains

19 IPs

6 Countries

959 kBTransfer

2261 kBSize

13 Cookies

9 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

breezebanking-tz.andro.io Open in urlscan Pro
51.158.189.191 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

57 %
HTTPS

72 %
IPv6

18
Domains

23
Subdomains

19
IPs

6
Countries

959 kB
Transfer

2261 kB
Size

13
Cookies

54 HTTP transactions
1 data transactions