stresser.beauty Open in urlscan Pro
2606:4700:3030::6815:4d8c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://stresser.beauty/
Submission: On February 08 via api (February 8th 2024, 4:45:33 am UTC) from US — Scanned from US

Summary HTTP 39 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3030::6815:4d8c, located in United States and belongs to CLOUDFLARENET, US. The main domain is stresser.beauty.
TLS certificate: Issued by GTS CA 1P5 on February 6th 2024. Valid for: 3 months.

This is the only time stresser.beauty was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3030::6815:4d8c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	1.194.250.6 1.194.250.6	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
9	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1 5	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.80.2 142.250.80.2	15169 (GOOGLE) (GOOGLE)
39	9

5 2606:4700:3030::6815:4d8c (United States)

ASN13335 (CLOUDFLARENET, US)

stresser.beauty	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 1.194.250.6 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
PTR: 194.1.broad.ha.dynamic.163data.com.cn

static.oneinstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:822::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.2 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	305 KB
9	oneinstack.com static.oneinstack.com	1 MB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	44 KB
5	stresser.beauty stresser.beauty	6 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	65 KB
39	7

	Domain	Requested by
9	pagead2.googlesyndication.com	static.oneinstack.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	static.oneinstack.com	stresser.beauty
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
5	stresser.beauty	static.oneinstack.com
2	www.googleadservices.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
39	8

This site contains links to these domains. Also see Links.

Domain
lempstack.com
oneinstack.com
linuxeye.com
www.alibabacloud.com
filezilla-project.org
docs.aws.amazon.com
docs.microsoft.com
t.me

Subject Issuer	Validity	Valid
stresser.beauty GTS CA 1P5	`2024-02-06` - `2024-05-06`	3 months	crt.sh
static.oneinstack.com Encryption Everywhere DV TLS CA - G1	`2023-05-03` - `2024-05-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://stresser.beauty/
Frame ID: 9C8061A1FAADCD3573028C9F4CAD8995
Requests: 13 HTTP requests in this frame

Frame: https://static.oneinstack.com/ad_buttom.html
Frame ID: 8AD821D9C9F4F777213EC709D8238270
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 646DBC87DB57AF14BC3D00FBDAA68544
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707367526688&bpp=1211&bdt=253&idt=1501&shv=r20240206&mjsv=m202401310101&ptt=5&saldr=sd&correlator=3975842216537&frm=22&ife=1&pv=2&ga_vid=1758291604.1707367528&ga_sid=1707367528&ga_hid=334239391&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44808398%2C31080793%2C31080797%2C31080820%2C44809003%2C95322433%2C95320378%2C95324155%2C95324161%2C31080873&oid=2&pvsid=4193388572329359&tmod=1651578808&uas=0&nvt=1&top=https%3A%2F%2Fstresser.beauty%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.goaqvexa8p5q&fsb=1&dtd=1521
Frame ID: 54025DE015E5BD46995CBF6B1342AFA3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2CE89A4AF3BFB85BE7C265E05887ACC9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js
Frame ID: 6889381391D4807510327CB6721B1762
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4918E9FB69DF42E223ACA2D84DEBEF52
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D49F09086E49490B10182A8E527BCA64
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to use OneinStack

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

39
Requests

97 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

1564 kB
Transfer

2544 kB
Size

5
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://lempstack.com/
Title: OneinStack

Search URL Search Domain Scan URL

URL: https://lempstack.com/install/
Title: Install & Docs

Search URL Search Domain Scan URL

URL: https://lempstack.com/faq/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://lempstack.com/changelog/
Title: ChangeLog

Search URL Search Domain Scan URL

URL: https://oneinstack.com/
Title: OneinStack

Search URL Search Domain Scan URL

URL: https://linuxeye.com/
Title: Linux

Search URL Search Domain Scan URL

URL: https://www.alibabacloud.com/help/faq-detail/35854.htm
Title: BROWSE DOCS

Search URL Search Domain Scan URL

URL: https://filezilla-project.org/download.php
Title: Download address

Search URL Search Domain Scan URL

URL: https://lempstack.com/question/display-default-mysql-root-password/
Title: Display default MySQL root password

Search URL Search Domain Scan URL

URL: https://lempstack.com/question/how-to-setup-a-remote-mysql-connection/
Title: How to setup a remote MySQL connection?

Search URL Search Domain Scan URL

URL: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html
Title: AWS Security groups

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/azure/virtual-network/security-overview
Title: Azure Security groups

Search URL Search Domain Scan URL

URL: https://www.alibabacloud.com/help/doc-detail/58746.htm
Title: Alibabacloud Security group

Search URL Search Domain Scan URL

URL: https://t.me/oneinstack
Title: t.me/oneinstack

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 27

https://googleads.g.doubleclick.net/pagead/adview?ai=CNB7raFzEZcvQIvPQoPMPp_eO-A2G2aWjddi78-uGEpClkMeLDhABIPbBmBVgyYaAgNyjxBCgAfGaoNAByAECqAMByAPJBKoE1AFP0N2zmHws_7KYVAf9_3we-RWD0w5WOmRfHE6zoICn7qkIcYCiPnSJZgRJx28uz5OnpzEeYXOu4LNEpA8SDzcfGJXcmd7i4vW8Dw8U9bNHu3WDpsN3IIWOys9Q6PpwCkTc7tw4ar7habBMru56sRzyH2-LF0y9u_WzXR_g8oJbp9U5eP1mP9vxYFqB1N1nuWVKwFGCPQv3vme0hcH1wiTKmjX_Vz-bThXdln9pWtE6J0_H2XSxQ2PjKY8C7NHK5M4vqpZ8Kne82lD-NF3LfW0KU9a7lsAEzI-ziMkEiAXE2Y_nTZIFBAgEGAGSBQQIBRgEoAYCgAf35N-vAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKeMWNIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOljF_anY95qEA5oJH2h0dHBzOi8vZG93bmxvYWQud2F2ZWJyb3dzZXIuY2-ACgHICwHaDBAKChCQ2M_m7-uotHcSAgED2BMM0BUBmBYBgBcBshccChoIABIUcHViLTQxNTcxMTMyNjYwMDE3ODIYAA&sigh=AJx8GW80nRw&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_Nn-jLzjWQ9xNtXfhEwNHxYFuiWQoatsHpmOomuAvGpWL58nxBdDQgS315scOkzFN9HH594hR-_7Zn8Rn_7mrJrsiSe4hh_9KuBgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb2a747ae091dd1790000000000000000%22,%222%22:%220xca4470497395a1930000000000000000%22,%223%22:%220xb54e98b8a68cdb690000000000000000%22,%224%22:%220xa0c024cb3239990a0000000000000000%22,%225%22:%220xfbc64bc7ed7ae1200000000000000000%22},%22debug_key%22:%227050871180140382086%22,%22debug_reporting%22:true,%22destination%22:%22https://wavebrowser.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22436735345%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228764785848763867041%22}&andc=true

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
stresser.beauty/ 16 KB
4 KB 250ms
175ms Document
text/html 2606:4700:3030::6815:4d8c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stresser.beauty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4d8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc51f006228bcd7055417eb4adeec52553940ee227ee1b5af9a57ab8af88c64e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85213914da415c6a-MIA
content-encoding: br
content-type: text/html
date: Thu, 08 Feb 2024 04:45:24 GMT
last-modified: Sun, 04 Feb 2024 21:05:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQg7BSVdB4fHyBJ%2BDCVFx%2FDeEDPf0XRs%2F8wwGPDCRUaIelwh8WQhbzfz5X7DjwuQr1L8%2BQpmp7raYx6bp%2FR4x07tz6YmpPuA%2Bjt37MPY07B6Z8e4uypjBhv9yh3THBJBtWod%2BrIjm0JEET55QXM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK ois.css
static.oneinstack.com/assets/ 139 KB
22 KB 1593ms
284ms Stylesheet
text/css 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.oneinstack.com/assets/ois.css

Requested by

Host: stresser.beauty
URL: https://stresser.beauty/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://stresser.beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 10:22:27 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Age: 1275779
x-link-via: xxct03:443;lismp12:443;
X-Cache-Status: HIT from KS-CLOUD-LIS-MP-12-35, HIT from KS-CLOUD-XX-CT-03-07
Connection: keep-alive
Content-Length: 21572
Last-Modified: Thu, 17 Aug 2023 03:45:47 GMT
Server: nginx
ETag: W/"64dd97eb-22ce3"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
X-Cdn-Request-ID: 85d0b5d09f5df5bd6350a76996520583
Expires: Fri, 23 Feb 2024 10:22:27 GMT

GET
H/1.1 200
OK vhost.png
static.oneinstack.com/images/ 379 KB
380 KB 1631ms
306ms Image
image/png 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/vhost.png

Requested by

Host: stresser.beauty
URL: https://stresser.beauty/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

84c830ca02a2494c46380db44abafa1fac571b0d80123941439597adc285f513

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://stresser.beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 10:22:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:53 GMT
Server: nginx
Age: 1275780
x-link-via: xxct03:443;ldmp12:443;
ETag: "64dd97f1-5ece5"
X-Cache-Status: HIT from KS-CLOUD-LD-MP-12-18, HIT from KS-CLOUD-XX-CT-03-19
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: df4a4f080b3097093e1c0576d2d3295e
Content-Length: 388325
Expires: Fri, 23 Feb 2024 10:22:26 GMT

GET
H/1.1 200
OK vhost_del.png
static.oneinstack.com/images/ 47 KB
48 KB 1647ms
299ms Image
image/png 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/vhost_del.png

Requested by

Host: stresser.beauty
URL: https://stresser.beauty/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

49f92e9795d87035ec87b7f6e1fac330ae32968e38c6d0d4686a4f556d269bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://stresser.beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 13:47:27 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:53 GMT
Server: nginx
Age: 1436279
x-link-via: xxct03:443;whmp01:443;
ETag: "64dd97f1-bd02"
X-Cache-Status: HIT from KS-CLOUD-WH-MP-01-02, HIT from KS-CLOUD-XX-CT-03-22
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: 66528f0ae7397a6b9edf3bb48f1c9f7d
Content-Length: 48386
Expires: Wed, 21 Feb 2024 13:47:27 GMT

GET
H/1.1 200
OK pureftpd.png
static.oneinstack.com/images/ 131 KB
132 KB 1629ms
300ms Image
image/png 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/pureftpd.png

Requested by

Host: stresser.beauty
URL: https://stresser.beauty/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

b723df4db73313a01f5e2f807c069567c1a1942001ba97fd90c8a01aad18ba02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://stresser.beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 10:22:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:52 GMT
Server: nginx
Age: 1275780
x-link-via: xxct03:443;lymp01:443;
ETag: "64dd97f0-20c9f"
X-Cache-Status: HIT from KS-CLOUD-LY-MP-01-25, HIT from KS-CLOUD-XX-CT-03-27
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: 22fe3257681afa7c504b252b56592938
Content-Length: 134303
Expires: Fri, 23 Feb 2024 10:22:26 GMT

GET
H/1.1 200
OK backup_setup.png
static.oneinstack.com/images/ 118 KB
119 KB 1893ms
292ms Image
image/png 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/backup_setup.png

Requested by

Host: stresser.beauty
URL: https://stresser.beauty/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

434de1f778f8606a5bbaca450e1a3c52489871a58c94f27ab3f91f4206dc9340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://stresser.beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 10:22:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:48 GMT
Server: nginx
Age: 1275780
x-link-via: xxct03:443;whmp01:443;
ETag: "64dd97ec-1d97f"
X-Cache-Status: HIT from KS-CLOUD-WH-MP-01-12, HIT from KS-CLOUD-XX-CT-03-08
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: dd5b1f35b69872dd5d23b2e3873f029c
Content-Length: 121215
Expires: Fri, 23 Feb 2024 10:22:26 GMT

GET
H/1.1 200
OK upgrade.png
static.oneinstack.com/images/ 145 KB
146 KB 1865ms
290ms Image
image/png 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/upgrade.png

Requested by

Host: stresser.beauty
URL: https://stresser.beauty/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

2531d3aa1e0ad4b47128bd65ebef65024ed7d3b4c38c3960d715266adde3a919

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://stresser.beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 10:22:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:52 GMT
Server: nginx
Age: 1275780
x-link-via: xxct03:443;jnmp22:443;
ETag: "64dd97f0-24505"
X-Cache-Status: HIT from KS-CLOUD-JN-MP-22-08, HIT from KS-CLOUD-XX-CT-03-22
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: 017d4656cfc03ee76f5be0eae530ebee
Content-Length: 148741
Expires: Fri, 23 Feb 2024 10:22:26 GMT

GET
H/1.1 200
OK uninstall.png
static.oneinstack.com/images/ 234 KB
235 KB 305ms
304ms Image
image/png 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/uninstall.png

Requested by

Host: stresser.beauty
URL: https://stresser.beauty/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

9ad7d8b0735087d6c9840b8bf3874a59c1360324284a2a193ca5913aae7b6195

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://stresser.beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 10:22:27 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:52 GMT
Server: nginx
Age: 1275779
x-link-via: xxct03:443;jnmp13:443;
ETag: "64dd97f0-3a9a8"
X-Cache-Status: HIT from KS-CLOUD-JN-MP-13-18, HIT from KS-CLOUD-XX-CT-03-25
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: 4191381db9fc8bd51ee888edf1b08c80
Content-Length: 240040
Expires: Fri, 23 Feb 2024 10:22:27 GMT

GET
H/1.1 200
OK ois20190114.js Show response
static.oneinstack.com/assets/ 203 KB
61 KB 1590ms
299ms Script
application/javascript 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.oneinstack.com/assets/ois20190114.js

Requested by

Host: stresser.beauty
URL: https://stresser.beauty/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://stresser.beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 00:09:09 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Age: 1226177
x-link-via: xxct03:443;lismp12:443;
X-Cache-Status: HIT from KS-CLOUD-LIS-MP-12-04, HIT from KS-CLOUD-XX-CT-03-20
Connection: keep-alive
Content-Length: 62047
Last-Modified: Thu, 17 Aug 2023 03:45:47 GMT
Server: nginx
ETag: W/"64dd97eb-32de6"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
X-Cdn-Request-ID: 538a3e219a3be386f0dc28e4382c0b3a
Expires: Sat, 24 Feb 2024 00:09:09 GMT

GET
H/1.1 200
OK ad_buttom.html Show response
static.oneinstack.com/ Frame 8AD8 629 B
963 B 1568ms
265ms Document
text/html 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.oneinstack.com/ad_buttom.html

Requested by

Host: stresser.beauty
URL: https://stresser.beauty/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://stresser.beauty/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 740062
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 403
Content-Type: text/html
Date: Tue, 30 Jan 2024 15:11:04 GMT
ETag: W/"64dd97eb-275"
Expires: Thu, 29 Feb 2024 15:11:04 GMT
Last-Modified: Thu, 17 Aug 2023 03:45:47 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding
X-Cache-Status: HIT from KS-CLOUD-NT-MP-01-30 HIT from KS-CLOUD-XX-CT-03-21
X-Cdn-Request-ID: 6d4ae92ed3291d7900fe643b9d6354a2
x-link-via: xxct03:443;ntmp01:443;

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 8AD8 26 KB
11 KB 240ms
96ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: static.oneinstack.com
URL: https://static.oneinstack.com/ad_buttom.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b2ff911d1c4875b214ba2b2f73786afbcdeb36c7eaf7302f23f073c9739783a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 04:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10683
x-xss-protection: 0
server: cafe
etag: 1789151595526125919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 04:45:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8AD8 146 KB
50 KB 134ms
131ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e12b2805ae78ae5e7058a36754dde2b996d73b2e0f1580e09ace1a3b5f0d0dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 04:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51259
x-xss-protection: 0
server: cafe
etag: 15504431408839936019
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 08 Feb 2024 04:45:26 GMT

HEAD
H2 200 phpinfo.php Show response
stresser.beauty/ 0
303 B 175ms
174ms XHR
text/html 2606:4700:3030::6815:4d8c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stresser.beauty/phpinfo.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4d8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://stresser.beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 04:45:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5L6TuskFgplfrihKzCyqEHBPq2OOdfSnmzOJa8Hl3LIoUYbE1DyX5%2BoV7vG743X5R8FWR3Y%2BU4CQGE10wv95Ll9mMf5yUs7Iiza%2FHPXzqZe44d1H0nm4IoBoHCkHRyDyQHcmkxqSSQe4pFjmIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 852139230c7b5c6a-MIA
alt-svc: h3=":443"; ma=86400

HEAD
H3 404 ocp.php Show response
stresser.beauty/ 0
461 B 303ms
303ms XHR
text/html 2606:4700:3030::6815:4d8c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stresser.beauty/ocp.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4d8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://stresser.beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 04:45:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BSB9SXQ8hDoBuu2NFUd%2B7AhBJ0De1KhK4Hz4mtQmdqcyIpfNofSmtgJFNLUCINnuON2yfDBTClk64KsCpsfmivJNhnxxee8zHupeAYA4U%2FNLkenRtb4uJEj%2BKkE2Jdl%2BVE%2FQu9FxVSKbiyD650%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 852139241a817479-MIA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 index.php Show response
stresser.beauty/phpMyAdmin/ 0
1 KB 309ms
308ms XHR
text/html 2606:4700:3030::6815:4d8c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stresser.beauty/phpMyAdmin/index.php

Requested by

Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:4d8c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Content-Security-Policy	default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://stresser.beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
date: Thu, 08 Feb 2024 04:45:27 GMT
content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-ob_mode: 1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Thu, 08 Feb 2024 04:45:27 +0000
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/html; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQx8h%2FDUMLIh9OWXyUgPK996M2G3tKlIeRre7Gt3nvbYTTgHGWyBnK4DYSt%2F1d41WxkRQKIwQDqEj2wGKZ%2BxnmpAJaxEPqdKDaNhk6UdI3ciRJ5ljv06%2BDqYU6AE5SOGG%2F1mUjDuEmopId%2BwI6g%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
x-robots-tag: noindex, nofollow
cf-ray: 852139261d367479-MIA
x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
expires: Thu, 08 Feb 2024 04:45:27 +0000

HEAD
H3 200 xprober.php Show response
stresser.beauty/ 0
421 B 189ms
189ms XHR
text/html 2606:4700:3030::6815:4d8c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stresser.beauty/xprober.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4d8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://stresser.beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 04:45:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqm2PydviV07gzEMJFrPXodbGoiK7MK9aEWk%2FQ6nsq7%2BcQrEj5cjGyG5ob9514nvOygYJHMZ0Ph6gpIkOkOqF0%2BtB9ycKhbEf39vQGw97loJw7rRG76j9Lsx33uWLTyeV1O1vuZQllhE2dX4mGc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 85213927ffd17479-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/ Frame 8AD8 406 KB
138 KB 116ms
116ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95e8e437ad976e8fdad829236ee7050014f08bd8198ee38ce890db5daa9e0847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 04:45:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140860
x-xss-protection: 0
server: cafe
etag: 10363590103107343315
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 04:45:27 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/ Frame 646D 9 KB
5 KB 222ms
67ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 41154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 17:19:34 GMT
etag: 3890843268177463596
expires: Wed, 21 Feb 2024 17:19:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5402 104 KB
39 KB 399ms
394ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707367526688&bpp=1211&bdt=253&idt=1501&shv=r20240206&mjsv=m202401310101&ptt=5&saldr=sd&correlator=3975842216537&frm=22&ife=1&pv=2&ga_vid=1758291604.1707367528&ga_sid=1707367528&ga_hid=334239391&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44808398%2C31080793%2C31080797%2C31080820%2C44809003%2C95322433%2C95320378%2C95324155%2C95324161%2C31080873&oid=2&pvsid=4193388572329359&tmod=1651578808&uas=0&nvt=1&top=https%3A%2F%2Fstresser.beauty%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.goaqvexa8p5q&fsb=1&dtd=1521

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a067ef2e175b7123489da73388423c3e0bd6c46dfdb27e2d4a0504fe28a9d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39761
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 04:45:28 GMT
expires: Thu, 08 Feb 2024 04:45:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9660379555207882433
tpc.googlesyndication.com/daca_images/simgad/ Frame 5402 14 KB
14 KB 367ms
214ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9660379555207882433

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707367526688&bpp=1211&bdt=253&idt=1501&shv=r20240206&mjsv=m202401310101&ptt=5&saldr=sd&correlator=3975842216537&frm=22&ife=1&pv=2&ga_vid=1758291604.1707367528&ga_sid=1707367528&ga_hid=334239391&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44808398%2C31080793%2C31080797%2C31080820%2C44809003%2C95322433%2C95320378%2C95324155%2C95324161%2C31080873&oid=2&pvsid=4193388572329359&tmod=1651578808&uas=0&nvt=1&top=https%3A%2F%2Fstresser.beauty%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.goaqvexa8p5q&fsb=1&dtd=1521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8741b15b2c0f2f74bebf2e25a8b2671307a0c8130e97db764f95e3a9cf5766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 10:35:30 GMT
date: Thu, 01 Feb 2024 10:35:30 GMT
x-content-type-options: nosniff
age: 583799
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14268
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 05:59:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame 5402 23 KB
9 KB 362ms
212ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2CE8 143 B
166 B 69ms
67ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707367526688&bpp=1211&bdt=253&idt=1501&shv=r20240206&mjsv=m202401310101&ptt=5&saldr=sd&correlator=3975842216537&frm=22&ife=1&pv=2&ga_vid=1758291604.1707367528&ga_sid=1707367528&ga_hid=334239391&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44808398%2C31080793%2C31080797%2C31080820%2C44809003%2C95322433%2C95320378%2C95324155%2C95324161%2C31080873&oid=2&pvsid=4193388572329359&tmod=1651578808&uas=0&nvt=1&top=https%3A%2F%2Fstresser.beauty%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.goaqvexa8p5q&fsb=1&dtd=1521
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 04:26:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 5402 3 KB
1 KB 223ms
75ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 5402 20 KB
9 KB 215ms
68ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:49:08 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5402 205 KB
65 KB 236ms
90ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 04:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66416
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707309907044448"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 04:45:29 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 5402 36 KB
15 KB 222ms
77ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

083453bf4d12b9c46f44e3b434994e63ab8d8507300e67eaa25d9c7a9c0354bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:53:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14866
x-xss-protection: 0
server: cafe
etag: 15811255140505289687
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 20:53:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2CE8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

84ms
83ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 04:45:29 GMT
expires: Thu, 08 Feb 2024 04:45:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 04:45:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5402 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf3342ffb77b3271c4763d5e86982f5427330a6382380845f3bb126e6183249c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5402
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CNB7raFzEZcvQIvPQoPMPp_eO-A2G2aWjddi78-uGEpClkMeLDhABIPbBmBVgyYaAgNyjxBCgAfGaoNAByAECqAMByAPJBKoE1AFP0N2zmHws_7KYVAf9_3we-RWD0w5WOmRfHE6zoICn7qk...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb2a747ae091dd1790000000000000000%22,%222%22:%220xca4470497395a1930000000000000000%22,%223%22:%220xb54e98...

0
0

356ms
125ms

Fetch
text/css

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb2a747ae091dd1790000000000000000%22,%222%22:%220xca4470497395a1930000000000000000%22,%223%22:%220xb54e98b8a68cdb690000000000000000%22,%224%22:%220xa0c024cb3239990a0000000000000000%22,%225%22:%220xfbc64bc7ed7ae1200000000000000000%22},%22debug_key%22:%227050871180140382086%22,%22debug_reporting%22:true,%22destination%22:%22https://wavebrowser.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22436735345%22],%2222%22:[%22true%22],%224%22:[%2202-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228764785848763867041%22}&andc=true

Requested by

Protocol

Server

142.250.80.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 04:45:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xb2a747ae091dd1790000000000000000","2":"0xca4470497395a1930000000000000000","3":"0xb54e98b8a68cdb690000000000000000","4":"0xa0c024cb3239990a0000000000000000","5":"0xfbc64bc7ed7ae1200000000000000000"},"debug_key":"7050871180140382086","debug_reporting":true,"destination":"https://wavebrowser.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["436735345"],"22":["true"],"4":["02-08"],"6":["true"]},"priority":"500","source_event_id":"8764785848763867041"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Feb 2024 04:45:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 08 Feb 2024 04:45:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xb2a747ae091dd1790000000000000000","2":"0xca4470497395a1930000000000000000","3":"0xb54e98b8a68cdb690000000000000000","4":"0xa0c024cb3239990a0000000000000000","5":"0xfbc64bc7ed7ae1200000000000000000"},"debug_key":"7050871180140382086","debug_reporting":true,"destination":"https://wavebrowser.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["436735345"],"22":["true"],"4":["02-08"],"6":["true"]},"priority":"500","source_event_id":"8764785848763867041"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 264ms
124ms Preflight
text/html 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 08 Feb 2024 04:45:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8AD8 16 KB
12 KB 335ms
198ms XHR
application/json 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240206&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef9990b4533d0500adf65ecc08abae89bb164469ae4c9a823bbbd61cc7b6bd85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 04:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12317
x-xss-protection: 0

GET
H3 200 Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6889 51 KB
19 KB 70ms
70ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

233fc91d5e25e5f647da5130b91a631da3c73565301438608bbe09605b272d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:21:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19746
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 17:21:53 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8AD8 17 KB
7 KB 120ms
120ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 04:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 04:45:30 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4918 13 KB
5 KB 65ms
64ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 31110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:07:00 GMT
expires: Thu, 06 Feb 2025 20:07:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D49F 829 B
999 B 91ms
90ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e19f74db473eaadd9903eff56466833ae1b5d99271889cec0fc19bd94628cf2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-APQB9Y_6Q06CLuH7wCHPEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-APQB9Y_6Q06CLuH7wCHPEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 04:45:30 GMT
expires: Thu, 08 Feb 2024 04:45:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4918 39 KB
15 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 20:07:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D49F 0
0 119ms
119ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240206&jk=4193388572329359&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4918 0
10 B 64ms
64ms Image
text/plain 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2_AyVA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 04:45:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5402 42 B
64 B 98ms
97ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssceopfaTxp9lFARb73wGuywLk_SjCLpBfMCYdPeakRtg-Ui1pJCgkdWL7O3z6Fpx8-hnDvJmZBsv6eDX_cGLDGP_BywImyVDvt_id3jb9h3f50zYrdbiKm-GQ6pBb3s8m7-8uKpw2UL-Gm-t0sOluKmc6dnLmVhEM&sai=AMfl-YTbPVG90bnp0_IZmTWhUtnhGiWO_ZPY9Fr5ZI5pL6sQ7QIEjElHfHC20MzPSZlonF56uaWWQ-KqMwrrEo5chJwUx-wy7BiUL16pNOenn4i4QAF7ylBT-nGYULlykLXwXuu66Ya4C8oNz0hIVRT4&sig=Cg0ArKJSzFbR8RPd0fKtEAE&cid=CAQSTgAvHhf_Nn-jLzjWQ9xNtXfhEwNHxYFuiWQoatsHpmOomuAvGpWL58nxBdDQgS315scOkzFN9HH594hR-_7Zn8Rn_7mrJrsiSe4hh_9KuBgB&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3616527039&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=330032900&rst=1707367528213&rpt=1158&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Feb 2024 04:45:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8AD8 0
0 94ms
93ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240206&jk=4193388572329359&bg=!IyClIG_NAAaxkZ3akZE7ADQBe5WfOJjo1qB8cAe3l22td2wW3PhAgvMl8CLosxgY0QAH0JivbGAj3fcY6nBmAV4YJQ8yAgAAAFtSAAAAAmgBBwoAODNo2KHa75EVtHFTMmjtadhAhjfjgy0qAFu3pcZgNe639ic8eZ0wDfdyrgZPMd74CiLPJ3zrIzwDmQLo7QvsbvXGX6s-ZnApXnrsJUM1ZRPGvDlLVUXQOw-5HL2OFu5Xf-dVGJKk7oNlrZoB7jv4TnQnG94forSunkzsCrzK1MWOPa3nDNZ5YxkSLI0fr8gi5nlSpe0Ml9WHlOCCBdomDb0nI5KC6Syi_xXfBUZKh6oulAiJQceFXj1pyrqqGGs5K19Gnw23ZRx2uuK5cK7zMkTWObuGzy0JXTqoEvOrR9LskHSqycM5tfIP5CvDieeCFkaRQRxqbYOMA5HOmy6hHYFgr-6uvAP0psECXbdnRuysJa2cyDXFyZ08XFGy6TqS7qajCGHqpxpVVLIPM95PQjFpNst7cho8dtTA8-QSJd2had_XYbGn7H52jgn4LoWQckHtOY6XQaUT6RVkz4bmmhaOTazSyLeitrax4t4AuK-4nJQOWByBiJJyj9NIsDtj-rMwOtDZdifqeNkWUpw1XWmnVAJaPEWF6pR0Yc_F8TitWMtCDPp2uDAUcsf5uSzA_Gi_sHkCwUQ4XB72FDAd8TelBVB0SjO2MOsli4wE8IIzDBAiD0KMySUN0ZeYkO0oIyXFknxUhwKZFdYj2-C-PifbvR75iAudY0B1RLzuUeeux0LqGVPyei3G_OvROWI_pvDrhJZavgbZ2yR6AsPsa9fvkH87ESxgd9fmTYV8sV6FWbFctI-I1ye0JCn1vc9k_cqgDiV7RtGvkjA3O5Mm6Viw_R-uwTl9jenXqojPsN0puyQAuA6PHJi7ok2yxaOwUnIt6-w0yCVaQKvy777-mmC9CmZhSSvOzd6l58djVHhiTtFXnZoj55w6xwrrBHXZpfsbzLPhJeS6njAozxwK5wjE5ACE902n6ycXmv5MUeygOViZat7ucPzoErRrZAE30hEGMaykai7Sg7VlN-SuC6FTeluhG2-jvgFgz6jQ8WL1fPn-41t1aTnGupqbG3ixUqltJH7IwRjlPVvJIuFznNK5V49ggFx25KsCQdXoJuZMApte
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
stresser.beauty/phpMyAdmin/	1970-01-20 18:59:19	Name: pma_lang_https Value: en
stresser.beauty/phpMyAdmin/	1969-12-31 23:59:59	Name: phpMyAdmin_https Value: gr0b75ngr8da20q09bo9476gjn
.doubleclick.net/	1970-01-21 03:52:07	Name: IDE Value: AHWqTUlnimEueDjMsQElyGmyGVOKuY-UVKg6OkYHsQdTqEQu7h8M11ledUAKq2bU840
.doubleclick.net/	1970-01-20 18:16:11	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 20:25:43	Name: ar_debug Value: 1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.oneinstack.com/assets/ois20190114.js(Line 36) Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://stresser.beauty/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://stresser.beauty/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://stresser.beauty/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://stresser.beauty/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://stresser.beauty/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://stresser.beauty/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://stresser.beauty/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://stresser.beauty/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
pagead2.googlesyndication.com
static.oneinstack.com
stresser.beauty
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
1.194.250.6
142.250.80.2
2606:4700:3030::6815:4d8c
2607:f8b0:4006:809::2002
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80f::2004
2607:f8b0:4006:81e::2002
2607:f8b0:4006:822::2002
083453bf4d12b9c46f44e3b434994e63ab8d8507300e67eaa25d9c7a9c0354bf
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e19f74db473eaadd9903eff56466833ae1b5d99271889cec0fc19bd94628cf2
233fc91d5e25e5f647da5130b91a631da3c73565301438608bbe09605b272d87
2531d3aa1e0ad4b47128bd65ebef65024ed7d3b4c38c3960d715266adde3a919
2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
434de1f778f8606a5bbaca450e1a3c52489871a58c94f27ab3f91f4206dc9340
49f92e9795d87035ec87b7f6e1fac330ae32968e38c6d0d4686a4f556d269bca
4a067ef2e175b7123489da73388423c3e0bd6c46dfdb27e2d4a0504fe28a9d12
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7b2ff911d1c4875b214ba2b2f73786afbcdeb36c7eaf7302f23f073c9739783a
7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
7f8741b15b2c0f2f74bebf2e25a8b2671307a0c8130e97db764f95e3a9cf5766
84c830ca02a2494c46380db44abafa1fac571b0d80123941439597adc285f513
95e8e437ad976e8fdad829236ee7050014f08bd8198ee38ce890db5daa9e0847
9ad7d8b0735087d6c9840b8bf3874a59c1360324284a2a193ca5913aae7b6195
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b723df4db73313a01f5e2f807c069567c1a1942001ba97fd90c8a01aad18ba02
bc51f006228bcd7055417eb4adeec52553940ee227ee1b5af9a57ab8af88c64e
cf3342ffb77b3271c4763d5e86982f5427330a6382380845f3bb126e6183249c
e12b2805ae78ae5e7058a36754dde2b996d73b2e0f1580e09ace1a3b5f0d0dd5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9990b4533d0500adf65ecc08abae89bb164469ae4c9a823bbbd61cc7b6bd85
f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f

stresser.beauty Open in urlscan Pro 2606:4700:3030::6815:4d8c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

97 %HTTPS

75 %IPv6

7 Domains

8 Subdomains

9 IPs

2 Countries

1564 kBTransfer

2544 kBSize

5 Cookies

14 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

stresser.beauty Open in urlscan Pro
2606:4700:3030::6815:4d8c Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

97 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

1564 kB
Transfer

2544 kB
Size

5
Cookies

39 HTTP transactions
1 data transactions