www.dosebaiauto.com Open in urlscan Pro
2606:4700:3033::6815:5e4b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dosebaiauto.com/
Submission: On October 31 via api (October 31st 2023, 1:39:24 pm UTC) from US — Scanned from US

Summary HTTP 39 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3033::6815:5e4b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dosebaiauto.com.
TLS certificate: Issued by GTS CA 1P5 on October 30th 2023. Valid for: 3 months.

This is the only time www.dosebaiauto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3033::6815:5e4b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	8.218.140.53 8.218.140.53	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
10	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
1 5	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4004:c07::67	15169 (GOOGLE) (GOOGLE)
2	142.251.111.155 142.251.111.155	15169 (GOOGLE) (GOOGLE)
39	8

5 2606:4700:3033::6815:5e4b (United States)

ASN13335 (CLOUDFLARENET, US)

www.dosebaiauto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 8.218.140.53 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

static.oneinstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c09::9c (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::67 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.111.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	292 KB
9	oneinstack.com static.oneinstack.com	1 MB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	43 KB
5	dosebaiauto.com www.dosebaiauto.com	6 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	59 KB
39	7

	Domain	Requested by
9	pagead2.googlesyndication.com	static.oneinstack.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	static.oneinstack.com	www.dosebaiauto.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.dosebaiauto.com	static.oneinstack.com
2	www.googleadservices.com
2	www.google.com	1 redirects tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
39	8

This site contains links to these domains. Also see Links.

Domain
lempstack.com
oneinstack.com
linuxeye.com
www.alibabacloud.com
filezilla-project.org
docs.aws.amazon.com
docs.microsoft.com
t.me

Subject Issuer	Validity	Valid
dosebaiauto.com GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
static.oneinstack.com Encryption Everywhere DV TLS CA - G1	`2023-05-03` - `2024-05-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.dosebaiauto.com/
Frame ID: 6311F0B6D5365DDD5EC1B22BF39ADE57
Requests: 13 HTTP requests in this frame

Frame: https://static.oneinstack.com/ad_buttom.html
Frame ID: B6427AEA84D7F1BDCA9952FCC6FA5EA0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Frame ID: 32AC0650AAD9D17F68670D599B9514EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692279947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698759557062&bpp=175&bdt=187&idt=407&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&correlator=7022258502096&frm=22&ife=1&pv=2&ga_vid=2097070884.1698759557&ga_sid=1698759557&ga_hid=1600911509&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079079%2C31079080%2C31079082%2C31079087%2C44801485%2C44805934%2C44807047%2C31078301%2C21065725%2C31079247&oid=2&pvsid=2005545664994770&tmod=1192712626&uas=0&nvt=1&top=https%3A%2F%2Fwww.dosebaiauto.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lko0kknoycnl&fsb=1&xpc=AlxOFiTIfa&p=https%3A//static.oneinstack.com&dtd=422
Frame ID: 5D75944C84129F6AE9C368FA54B83FC0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DFE0D60C83800C6254FF7D05D97AB5BB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EHo6i7O_0JOvtrr8dxlkDoYuw_rm2628d10tqmkoAl4.js
Frame ID: 821F7C4778305A749CA53A63C1564BA5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78775C8D19E9669C60AD35DD47B00827
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A4C31A1B7AE0710BB73FC0EB199B9D46
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to use OneinStack

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

39
Requests

97 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

1542 kB
Transfer

2492 kB
Size

5
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://lempstack.com/
Title: OneinStack

Search URL Search Domain Scan URL

URL: https://lempstack.com/install/
Title: Install & Docs

Search URL Search Domain Scan URL

URL: https://lempstack.com/faq/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://lempstack.com/changelog/
Title: ChangeLog

Search URL Search Domain Scan URL

URL: https://oneinstack.com/
Title: OneinStack

Search URL Search Domain Scan URL

URL: https://linuxeye.com/
Title: Linux

Search URL Search Domain Scan URL

URL: https://www.alibabacloud.com/help/faq-detail/35854.htm
Title: BROWSE DOCS

Search URL Search Domain Scan URL

URL: https://filezilla-project.org/download.php
Title: Download address

Search URL Search Domain Scan URL

URL: https://lempstack.com/question/display-default-mysql-root-password/
Title: Display default MySQL root password

Search URL Search Domain Scan URL

URL: https://lempstack.com/question/how-to-setup-a-remote-mysql-connection/
Title: How to setup a remote MySQL connection?

Search URL Search Domain Scan URL

URL: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html
Title: AWS Security groups

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/azure/virtual-network/security-overview
Title: Azure Security groups

Search URL Search Domain Scan URL

URL: https://www.alibabacloud.com/help/doc-detail/58746.htm
Title: Alibabacloud Security group

Search URL Search Domain Scan URL

URL: https://t.me/oneinstack
Title: t.me/oneinstack

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 27

https://googleads.g.doubleclick.net/pagead/adview?ai=CAEUHhQNBZYG4IKmno9kP5_is0Ai0iN2dcbacv97-EbCQHxABIPbBmBVgyYaAgNyjxBCgAffim7QoyAECqAMByAPJBKoEjgJP0ArMS_2ajKRCeBz53ljuFI8ItmDSUWuFJsKF9CJHbhzX59SUchYIXLPPhDiDvIuPg3hVawyS3DE9k0HROIRlMwgi3d_0jNcELQGOgNnkyFlc_UBFl2vcjeIQc2X_KkZyvfvcKhcOYFoig-rBhwbOHNyrggr_os75spPKqU4geBIi940LnWqrss6anbdmBOMiHUo2nP_A1DPRxskDQ5VobaJ74dsIBb7duBl2Gb_K6Hn2ptEfdpmTqABtCOD8Da2yJNBP5dncSlGnFBciWe15HZsD5aQS5xqaHS1TlOYmJKFR1OwBKV98wxlk-BMPdIm2koMdJ7iKAWIR65Y5_Cl2718KY0tTP3F7fVVOoNbABOH39-GBBIgFl5vrkUOSBQQIBBgBkgUECAUYBKAGAoAH95rskwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRCJjoAB0ggUCIBhEAEYHzICigI6AoBASL39wTqaCURodHRwczovL2ZyZWUud2ViY29tcGFuaW9uLmNvbS9taW5pbWUvP2J0bj1zdGFydCZjYW1wYWlnbj0xODAyMjU4MzcwM4AKAcgLAaIMDCoKCgjktLEC7rWxAtoMEQoLENCz2bjNlYv_3wESAgED2BMN0BUBgBcBshccChoIABIUcHViLTQxNTcxMTMyNjYwMDE3ODIYAA&sigh=qv-5BzFOyf4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaND_zHvcXEy0S3mZpRyVSwq6kFlCmhZsgbhpDbgarbv3TWJB8Sm9d1MM-D5Gd4usQfn3LMKSUamkL4WU3n0xz4D2uBmuPJPwMYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb80d6ab23a6b29a00000000000000000%22,%222%22:%220x28a166a589d1a3690000000000000000%22,%223%22:%220x75e7cdc47a0f00fd0000000000000000%22,%224%22:%220x2cd83705141fef60000000000000000%22,%225%22:%220x76b1db6ef683f6480000000000000000%22},%22debug_key%22:%2217740582416430163779%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221350941797052724721%22}&andc=true

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.dosebaiauto.com/ 16 KB
4 KB 416ms
339ms Document
text/html 2606:4700:3033::6815:5e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dosebaiauto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5e4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc51f006228bcd7055417eb4adeec52553940ee227ee1b5af9a57ab8af88c64e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81ec4d956e8edac5-MIA
content-encoding: br
content-type: text/html
date: Tue, 31 Oct 2023 13:39:15 GMT
last-modified: Fri, 27 Oct 2023 08:18:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yG%2FEW1XUXO9552Z91CeK7%2FWQjfdq42RFKMh6lhWjY0pt45punLp2uw%2BXXTPlUQSzFJfNtOfTU45myrVUxfy2NUwxqIo%2BPk%2FwOVMokU9nqpPMNOq9cwcoPzNP7ZTxvUoBwNYBA4t86YWcqglyQWI9wSIU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ois.css
static.oneinstack.com/assets/ 139 KB
21 KB 1123ms
233ms Stylesheet
text/css 8.218.140.53
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.oneinstack.com/assets/ois.css

Requested by

Host: www.dosebaiauto.com
URL: https://www.dosebaiauto.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.218.140.53 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dosebaiauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:16 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Thu, 17 Aug 2023 03:45:47 GMT
server: nginx
etag: W/"64dd97eb-22ce3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 07 Nov 2023 13:39:16 GMT

GET
H2 200 vhost.png
static.oneinstack.com/images/ 379 KB
380 KB 1581ms
691ms Image
image/png 8.218.140.53
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/vhost.png

Requested by

Host: www.dosebaiauto.com
URL: https://www.dosebaiauto.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.218.140.53 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

84c830ca02a2494c46380db44abafa1fac571b0d80123941439597adc285f513

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dosebaiauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:16 GMT
strict-transport-security: max-age=15768000
last-modified: Thu, 17 Aug 2023 03:45:53 GMT
server: nginx
etag: "64dd97f1-5ece5"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 388325
expires: Thu, 30 Nov 2023 13:39:16 GMT

GET
H2 200 vhost_del.png
static.oneinstack.com/images/ 47 KB
48 KB 1581ms
691ms Image
image/png 8.218.140.53
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/vhost_del.png

Requested by

Host: www.dosebaiauto.com
URL: https://www.dosebaiauto.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.218.140.53 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

49f92e9795d87035ec87b7f6e1fac330ae32968e38c6d0d4686a4f556d269bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dosebaiauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:16 GMT
strict-transport-security: max-age=15768000
last-modified: Thu, 17 Aug 2023 03:45:53 GMT
server: nginx
etag: "64dd97f1-bd02"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 48386
expires: Thu, 30 Nov 2023 13:39:16 GMT

GET
H2 200 pureftpd.png
static.oneinstack.com/images/ 131 KB
132 KB 1580ms
691ms Image
image/png 8.218.140.53
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/pureftpd.png

Requested by

Host: www.dosebaiauto.com
URL: https://www.dosebaiauto.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.218.140.53 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

b723df4db73313a01f5e2f807c069567c1a1942001ba97fd90c8a01aad18ba02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dosebaiauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:16 GMT
strict-transport-security: max-age=15768000
last-modified: Thu, 17 Aug 2023 03:45:52 GMT
server: nginx
etag: "64dd97f0-20c9f"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 134303
expires: Thu, 30 Nov 2023 13:39:16 GMT

GET
H2 200 backup_setup.png
static.oneinstack.com/images/ 118 KB
119 KB 1580ms
691ms Image
image/png 8.218.140.53
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/backup_setup.png

Requested by

Host: www.dosebaiauto.com
URL: https://www.dosebaiauto.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.218.140.53 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

434de1f778f8606a5bbaca450e1a3c52489871a58c94f27ab3f91f4206dc9340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dosebaiauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:16 GMT
strict-transport-security: max-age=15768000
last-modified: Thu, 17 Aug 2023 03:45:48 GMT
server: nginx
etag: "64dd97ec-1d97f"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 121215
expires: Thu, 30 Nov 2023 13:39:16 GMT

GET
H2 200 upgrade.png
static.oneinstack.com/images/ 145 KB
146 KB 1579ms
690ms Image
image/png 8.218.140.53
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/upgrade.png

Requested by

Host: www.dosebaiauto.com
URL: https://www.dosebaiauto.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.218.140.53 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

2531d3aa1e0ad4b47128bd65ebef65024ed7d3b4c38c3960d715266adde3a919

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dosebaiauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:16 GMT
strict-transport-security: max-age=15768000
last-modified: Thu, 17 Aug 2023 03:45:52 GMT
server: nginx
etag: "64dd97f0-24505"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 148741
expires: Thu, 30 Nov 2023 13:39:16 GMT

GET
H2 200 uninstall.png
static.oneinstack.com/images/ 234 KB
235 KB 497ms
496ms Image
image/png 8.218.140.53
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/uninstall.png

Requested by

Host: www.dosebaiauto.com
URL: https://www.dosebaiauto.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.218.140.53 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

9ad7d8b0735087d6c9840b8bf3874a59c1360324284a2a193ca5913aae7b6195

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dosebaiauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:17 GMT
strict-transport-security: max-age=15768000
last-modified: Thu, 17 Aug 2023 03:45:52 GMT
server: nginx
etag: "64dd97f0-3a9a8"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 240040
expires: Thu, 30 Nov 2023 13:39:17 GMT

GET
H2 200 ois20190114.js Show response
static.oneinstack.com/assets/ 203 KB
61 KB 1328ms
463ms Script
application/javascript 8.218.140.53
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.oneinstack.com/assets/ois20190114.js

Requested by

Host: www.dosebaiauto.com
URL: https://www.dosebaiauto.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.218.140.53 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dosebaiauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:16 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Thu, 17 Aug 2023 03:45:47 GMT
server: nginx
etag: W/"64dd97eb-32de6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Tue, 07 Nov 2023 13:39:16 GMT

GET
H2 200 ad_buttom.html Show response
static.oneinstack.com/ Frame B642 629 B
568 B 1116ms
230ms Document
text/html 8.218.140.53
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.oneinstack.com/ad_buttom.html

Requested by

Host: www.dosebaiauto.com
URL: https://www.dosebaiauto.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.218.140.53 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.dosebaiauto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 31 Oct 2023 13:39:16 GMT
etag: W/"64dd97eb-275"
last-modified: Thu, 17 Aug 2023 03:45:47 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B642 23 KB
10 KB 177ms
71ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: static.oneinstack.com
URL: https://static.oneinstack.com/ad_buttom.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c0798f55830fb3763021fb723a16e791226e378e23092af1ead4627ddae633e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 6254008949441972657
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:39:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B642 145 KB
50 KB 84ms
83ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8640341c2dde3d7473c123ab1bb5c7ae3305030e1cecb2d22404b48c92ae9f13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51147
x-xss-protection: 0
server: cafe
etag: 14732350951497772337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:39:17 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ Frame B642 395 KB
134 KB 110ms
110ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60d62d1b3ea61511280cbfe81b17de29464134c54e7c807425eca37605be3079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137184
x-xss-protection: 0
server: cafe
etag: 3620482402017452842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:39:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/ Frame 32AC 10 KB
5 KB 160ms
53ms Document
text/html 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 43855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 01:28:22 GMT
etag: 4569948109300706969
expires: Tue, 14 Nov 2023 01:28:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D75 101 KB
38 KB 405ms
404ms Document
text/html 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692279947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698759557062&bpp=175&bdt=187&idt=407&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&correlator=7022258502096&frm=22&ife=1&pv=2&ga_vid=2097070884.1698759557&ga_sid=1698759557&ga_hid=1600911509&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079079%2C31079080%2C31079082%2C31079087%2C44801485%2C44805934%2C44807047%2C31078301%2C21065725%2C31079247&oid=2&pvsid=2005545664994770&tmod=1192712626&uas=0&nvt=1&top=https%3A%2F%2Fwww.dosebaiauto.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lko0kknoycnl&fsb=1&xpc=AlxOFiTIfa&p=https%3A//static.oneinstack.com&dtd=422

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a6804ec7e309b03e7ac7b4cdb034c3556026e9ca5ddca51b74c98977c3079f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38403
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 13:39:17 GMT
expires: Tue, 31 Oct 2023 13:39:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H2 200 phpinfo.php Show response
www.dosebaiauto.com/ 0
301 B 188ms
188ms XHR
text/html 2606:4700:3033::6815:5e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dosebaiauto.com/phpinfo.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5e4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dosebaiauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBsmTfX7LJWvW3meJO0ou9kQh6CQxOrteZAT18669Uoxb4dZwGIg62i1x1P9D1WgSFXBMZ12YQDMjAV1i2YM8HqcnjjzuQ1raAA%2Fm%2B8ho8WUfo6SFocJd4MLVbi3zCW0IS3LwiICqCeqMS2Y8byH7CEq"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 81ec4da30c7adac5-MIA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 ocp.php Show response
www.dosebaiauto.com/ 0
462 B 338ms
338ms XHR
text/html 2606:4700:3033::6815:5e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dosebaiauto.com/ocp.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5e4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dosebaiauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ap6FIvQcE%2FwlWccdpFqIsodmkUcHwsedjZeFdjzH3RJFrOvfJ8pV4qQZd8BMguZwf05XVwTbhZFF1ZU80faFdqt81OQI%2BTbbLsLnxqqOJkkQFsiySxCClHwqrxvIXU9Ajo%2BuoyMeDEPT9cH%2BiiqLYWS5"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 81ec4da43d6d2233-MIA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 index.php Show response
www.dosebaiauto.com/phpMyAdmin/ 0
1 KB 205ms
205ms XHR
text/html 2606:4700:3033::6815:5e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dosebaiauto.com/phpMyAdmin/index.php

Requested by

Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Content-Security-Policy	default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dosebaiauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
date: Tue, 31 Oct 2023 13:39:18 GMT
content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-ob_mode: 1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Tue, 31 Oct 2023 13:39:18 +0000
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/html; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fx7xo4KLc3zTQdwsIX6NS2NNeMXVT8IVxEwGHX0rhYpOLhFGWgnlvIQ%2BDabON5oG5nb%2FJqY05PWHmf%2Fg50UOIg3y8Uym9jTLM62R8GLsgUbeSYVSDdZ8qA%2FhP02G%2F14ERcUDp84WK4VEX644CXeTODiq"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
x-robots-tag: noindex, nofollow
cf-ray: 81ec4da6582d2233-MIA
x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
expires: Tue, 31 Oct 2023 13:39:18 +0000

HEAD
H3 200 xprober.php Show response
www.dosebaiauto.com/ 0
425 B 188ms
187ms XHR
text/html 2606:4700:3033::6815:5e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dosebaiauto.com/xprober.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5e4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dosebaiauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVHmUaoUnwQaS8ypmkZjLTJUtyh3VUixvvOF3VNdyXC6OfD3oZhPYWq45MJPAXF3sviVQ60l5i7f0v7YY8%2Ffaz4N6QJgeoqE%2B%2BvbYyx43bgqjXgGYj0GCHMCBJaO4%2Bn43pMAobzPsI50TTk1iUPxINf0"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 81ec4da7a9ee2233-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 6037295749612901032
tpc.googlesyndication.com/daca_images/simgad/ Frame 5D75 11 KB
11 KB 197ms
59ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6037295749612901032

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692279947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698759557062&bpp=175&bdt=187&idt=407&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&correlator=7022258502096&frm=22&ife=1&pv=2&ga_vid=2097070884.1698759557&ga_sid=1698759557&ga_hid=1600911509&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079079%2C31079080%2C31079082%2C31079087%2C44801485%2C44805934%2C44807047%2C31078301%2C21065725%2C31079247&oid=2&pvsid=2005545664994770&tmod=1192712626&uas=0&nvt=1&top=https%3A%2F%2Fwww.dosebaiauto.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lko0kknoycnl&fsb=1&xpc=AlxOFiTIfa&p=https%3A//static.oneinstack.com&dtd=422

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62dc9d76b5d861c7b7ffcb74620def984288966d08bf6ad0fb80ce72900644f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 05:08:25 GMT
x-content-type-options: nosniff
age: 30653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11281
x-xss-protection: 0
last-modified: Sat, 05 Nov 2022 17:14:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Oct 2024 05:08:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame 5D75 23 KB
9 KB 239ms
102ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 10:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 10:30:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 5D75 3 KB
1 KB 240ms
117ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:18:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 5D75 20 KB
9 KB 195ms
58ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:18:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D75 188 KB
59 KB 60ms
58ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:39:18 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 5D75 35 KB
14 KB 241ms
118ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c0eb210ca9d9770dd1e6fb58b73fe67f07f592487e0244a46477f41ae12332c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14506
x-xss-protection: 0
server: cafe
etag: 4792826524176232586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:24:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DFE0 143 B
166 B 53ms
53ms Document
text/html 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692279947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698759557062&bpp=175&bdt=187&idt=407&shv=r20231026&mjsv=m202310240101&ptt=5&saldr=sd&correlator=7022258502096&frm=22&ife=1&pv=2&ga_vid=2097070884.1698759557&ga_sid=1698759557&ga_hid=1600911509&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079079%2C31079080%2C31079082%2C31079087%2C44801485%2C44805934%2C44807047%2C31078301%2C21065725%2C31079247&oid=2&pvsid=2005545664994770&tmod=1192712626&uas=0&nvt=1&top=https%3A%2F%2Fwww.dosebaiauto.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lko0kknoycnl&fsb=1&xpc=AlxOFiTIfa&p=https%3A//static.oneinstack.com&dtd=422
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2965
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 12:49:53 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DFE0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

72ms
72ms

Document
text/html

2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 13:39:18 GMT
expires: Tue, 31 Oct 2023 13:39:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 13:39:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5D75 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a95928f0d96a378483918a36c6e8bfb572bd64fb895cbc6a3821b251d3d62245

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5D75
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CAEUHhQNBZYG4IKmno9kP5_is0Ai0iN2dcbacv97-EbCQHxABIPbBmBVgyYaAgNyjxBCgAffim7QoyAECqAMByAPJBKoEjgJP0ArMS_2ajKRCeBz53ljuFI8ItmDSUWuFJsKF9CJHbhzX59S...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb80d6ab23a6b29a00000000000000000%22,%222%22:%220x28a166a589d1a3690000000000000000%22,%223%22:%220x75e7cd...

0
0

168ms
66ms

Fetch
text/css

142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb80d6ab23a6b29a00000000000000000%22,%222%22:%220x28a166a589d1a3690000000000000000%22,%223%22:%220x75e7cdc47a0f00fd0000000000000000%22,%224%22:%220x2cd83705141fef60000000000000000%22,%225%22:%220x76b1db6ef683f6480000000000000000%22},%22debug_key%22:%2217740582416430163779%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221350941797052724721%22}&andc=true

Protocol

Server

142.251.111.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xb80d6ab23a6b29a00000000000000000","2":"0x28a166a589d1a3690000000000000000","3":"0x75e7cdc47a0f00fd0000000000000000","4":"0x2cd83705141fef60000000000000000","5":"0x76b1db6ef683f6480000000000000000"},"debug_key":"17740582416430163779","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["10-31"],"6":["true"]},"priority":"500","source_event_id":"1350941797052724721"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Oct 2023 13:39:19 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Oct 2023 13:39:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xb80d6ab23a6b29a00000000000000000","2":"0x28a166a589d1a3690000000000000000","3":"0x75e7cdc47a0f00fd0000000000000000","4":"0x2cd83705141fef60000000000000000","5":"0x76b1db6ef683f6480000000000000000"},"debug_key":"17740582416430163779","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["10-31"],"6":["true"]},"priority":"500","source_event_id":"1350941797052724721"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B642 16 KB
12 KB 181ms
76ms XHR
application/json 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231026&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c007051772bd5c5c7fdf851ae48b520197cb0f502623b22272609d4e6c91889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12367
x-xss-protection: 0

GET
H3 200 EHo6i7O_0JOvtrr8dxlkDoYuw_rm2628d10tqmkoAl4.js Show response
pagead2.googlesyndication.com/bg/ Frame 821F 38 KB
15 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EHo6i7O_0JOvtrr8dxlkDoYuw_rm2628d10tqmkoAl4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

107a3a8bb3bfd093afb6bafc7719640e862ec3fae6dbadbc775d2daa6928025e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 06:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 370547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15078
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 06:43:31 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 170ms
65ms Preflight
text/html 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 31 Oct 2023 13:39:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B642 17 KB
7 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 13:39:19 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7877 13 KB
5 KB 54ms
52ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 29320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 05:30:39 GMT
expires: Wed, 30 Oct 2024 05:30:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A4C3 829 B
996 B 69ms
68ms Document
text/html 2607:f8b0:4004:c07::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

790aa06f0a5349a46b13b4643eabce613df193c45a935b53851d2b2db415eae6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aMturZD-IpVi559zD1mXYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aMturZD-IpVi559zD1mXYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 13:39:19 GMT
expires: Tue, 31 Oct 2023 13:39:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7877 38 KB
15 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 13:00:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Oct 2024 13:00:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A4C3 0
0 67ms
67ms Image
text/html 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231026&jk=2005545664994770&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7877 0
10 B 52ms
51ms Image
text/plain 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-1XSSQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:39:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5D75 42 B
64 B 111ms
111ms Fetch
image/gif 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5dG14wOj77EQL124jEVwS8OKnc7o0ZHa-sU7CoZT9LPY1xf369KWMFesayL6gReAxPqVgBz0L64h3Q0qKExPjWvCIwPCrv19ixYZRhrcbL_cV_SYAl5rDHqHWN6Y0q8YjA55zVzh-wg&sai=AMfl-YRK1Nx7Gk7R_upuuWLOsdFLDMcYXM9E3_ZKcP834OJDr-_ECU8RNgTRPpIUVd8lW5iTGbwDXnQD5oUZEA-_g2ednK3-7GynClg5KHByn9rchzpFm3PkmQnPdQGybd7b--TN_InkkXkRpmKVIg&sig=Cg0ArKJSzN6A068Bm85qEAE&cid=CAQSTADICaaND_zHvcXEy0S3mZpRyVSwq6kFlCmhZsgbhpDbgarbv3TWJB8Sm9d1MM-D5Gd4usQfn3LMKSUamkL4WU3n0xz4D2uBmuPJPwMYAQ&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3616527039&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698759557486&rpt=1326&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 13:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B642 0
0 69ms
68ms Image
text/html 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231026&jk=2005545664994770&bg=!ubqluvXNAAbo5yKYyOc7ADQBe5WfOAuyJJeMiRKKCvCFxfKkW_pJGOCESy3YaiaGOeYYjtxYJbHx2gIm5vbWV8aIqWhxAgAAAERSAAAABGgBB5kC6BUl-LBPZlQmQeqgaBnQDA7-ZQ_k-3NsltvB5DI3eNQNefozimc6exIlzqpMInVrJVmdBgcPCh4lb1Q0opNLMQtVudv9RGYG4PmoeZAJlc75Hr4AzmdMTiNlzkbH18eZOhbvyGN4oJNAiXMcqaRpFNh0tEdBjimGQpTclZuu12IdX1j8AXdf4wjzzuVQhZOArzRjUnVJDWoavwUaTlvttcwXyCZKc8gf2vQNFudmF6aCFRsdwYV-rlrWOEpD1GvUVlMkuVV9j_GMCDMqyheegbSEGr0MXCbJeKp6nyI1c0uWrvYlzsSJY0wtuOzhyntvXzCZfN1v7FiM8_INXEbWYXDx8Sh1rgNg9TF8mUXoz8OUaUjh1Xr66zk-oTCBXlgV2OoDEzmUpOsbee7i7QiTlIGwGSMtuXXLC6e6e389a6r9l3s1G8geGmzmuTLb5JQmd_cR0kyMoS41V7_b3DQDacE3oEMiWkjSeAhB8Hz-9MBf-42OIZsEed_70pRe0avk2OPCkNtCFVJPuirVdRUpnO3m0FQtEJHaqlI3WuP-M1NB0sBhPrztdLJ0XMQ6FxMW1vnZvqvn9-CJAHImnlKzSLEt7pX4H3HPpxzzOy-SQl9ZmWT2kDItFbU0U1PV_v7BIyDHUdvSwIBfGg4cn27I8-Z87k9n6RRiVjjX8H9qdo1VwekhOaPNkPN3dMwZOvGxQ5kSzF93xujmu6-0M1kT98Si-tsrvmX1qm2Wrn795jpMItpLJBfPxMcdYl1301jODRWpsFd_cLy9TL6CZ1EAPw08v6XrqAx79Z_ZMaOGsVKF750mUfgCT5qLoqroNVcuDFLftA-VAUHo3ezyKab5Qo6M5k85gco1hiN_pjZApYLSUedJwhNfDvWuMop6zRfwuoA60yny5yBY8A3LTqFnwLvYpQ8nkAgdpWXde45PQrcASinXqPFo9X92DNZbGiOF_wBlQSEnofyuwGZb1NbzcpgB04x8sqF5eg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.dosebaiauto.com/phpMyAdmin/	1970-01-20 16:35:51	Name: pma_lang_https Value: en
www.dosebaiauto.com/phpMyAdmin/	1969-12-31 23:59:59	Name: phpMyAdmin_https Value: 6evrf6t2ujbk13ltp11nggjrhu
.doubleclick.net/	1970-01-20 15:52:43	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 01:28:39	Name: IDE Value: AHWqTUkUOufGFqgnLlXSDsjM1uuhYc1jT9ybv9P7KSmXd6zKnsjMepq0ooET8m6NWjc
.googleadservices.com/	1970-01-20 18:02:15	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
pagead2.googlesyndication.com
static.oneinstack.com
tpc.googlesyndication.com
www.dosebaiauto.com
www.google.com
www.googleadservices.com
www.googletagservices.com
142.251.111.155
2606:4700:3033::6815:5e4b
2607:f8b0:4004:c07::67
2607:f8b0:4004:c08::84
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c1b::9d
8.218.140.53
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
107a3a8bb3bfd093afb6bafc7719640e862ec3fae6dbadbc775d2daa6928025e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2531d3aa1e0ad4b47128bd65ebef65024ed7d3b4c38c3960d715266adde3a919
2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
434de1f778f8606a5bbaca450e1a3c52489871a58c94f27ab3f91f4206dc9340
49f92e9795d87035ec87b7f6e1fac330ae32968e38c6d0d4686a4f556d269bca
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a6804ec7e309b03e7ac7b4cdb034c3556026e9ca5ddca51b74c98977c3079f0
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
5c007051772bd5c5c7fdf851ae48b520197cb0f502623b22272609d4e6c91889
60d62d1b3ea61511280cbfe81b17de29464134c54e7c807425eca37605be3079
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62dc9d76b5d861c7b7ffcb74620def984288966d08bf6ad0fb80ce72900644f8
790aa06f0a5349a46b13b4643eabce613df193c45a935b53851d2b2db415eae6
7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea
7c0eb210ca9d9770dd1e6fb58b73fe67f07f592487e0244a46477f41ae12332c
84c830ca02a2494c46380db44abafa1fac571b0d80123941439597adc285f513
8640341c2dde3d7473c123ab1bb5c7ae3305030e1cecb2d22404b48c92ae9f13
8c0798f55830fb3763021fb723a16e791226e378e23092af1ead4627ddae633e
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9ad7d8b0735087d6c9840b8bf3874a59c1360324284a2a193ca5913aae7b6195
a95928f0d96a378483918a36c6e8bfb572bd64fb895cbc6a3821b251d3d62245
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b723df4db73313a01f5e2f807c069567c1a1942001ba97fd90c8a01aad18ba02
bc51f006228bcd7055417eb4adeec52553940ee227ee1b5af9a57ab8af88c64e
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f

www.dosebaiauto.com Open in urlscan Pro 2606:4700:3033::6815:5e4b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

97 %HTTPS

71 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

1542 kBTransfer

2492 kBSize

5 Cookies

14 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.dosebaiauto.com Open in urlscan Pro
2606:4700:3033::6815:5e4b Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

97 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

1542 kB
Transfer

2492 kB
Size

5
Cookies

39 HTTP transactions
1 data transactions