google-usz.com Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://google-usz.com/
Effective URL:
https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&ch...
Submission Tags: @phishunt_io
Submission: On June 25 via api (June 25th 2024, 2:06:03 pm UTC) from DE — Scanned from NL

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 12 domains to perform 73 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is google-usz.com.
TLS certificate: Issued by WE1 on June 25th 2024. Valid for: 3 months.

This is the only time google-usz.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:303... 2606:4700:3037::6815:2a35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2016	15169 (GOOGLE) (GOOGLE)
13	172.67.157.31 172.67.157.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	172.67.74.152 172.67.74.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	43.131.10.207 43.131.10.207	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
10	104.126.37.146 104.126.37.146	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
7	142.250.186.118 142.250.186.118	15169 (GOOGLE) (GOOGLE)
1	52.95.178.26 52.95.178.26	16509 (AMAZON-02) (AMAZON-02)
2	172.67.202.152 172.67.202.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	43.132.32.113 43.132.32.113	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
73	17

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

google-usz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3037::6815:2a35 (United States)

ASN13335 (CLOUDFLARENET, US)

www.vofzhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.67.157.31 (United States)

ASN13335 (CLOUDFLARENET, US)

www.vofzhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.131.10.207 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

s1.kwai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.126.37.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-146.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.118 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f22.1e100.net

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.178.26 (Jakarta, Indonesia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-3.amazonaws.com

appdv76.s3.ap-southeast-3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.202.152 (United States)

ASN13335 (CLOUDFLARENET, US)

game99.feiwindevelopment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.132.32.113 (Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

api.mythad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	vofzhq.com www.vofzhq.com	3 MB
11	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 112 play-lh.googleusercontent.com — Cisco Umbrella Rank: 534	6 KB
10	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 787	246 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	443 KB
2	feiwindevelopment.com game99.feiwindevelopment.com	585 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81 Failed	115 KB
2	google-usz.com google-usz.com	53 KB
1	mythad.com api.mythad.com — Cisco Umbrella Rank: 32965	733 B
1	kwai.net s1.kwai.net — Cisco Umbrella Rank: 21860	27 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	59 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2418 Failed	156 B
1	amazonaws.com appdv76.s3.ap-southeast-3.amazonaws.com Failed	565 B
73	12

	Domain	Requested by
22	www.vofzhq.com	google-usz.com
10	analytics.tiktok.com	google-usz.com analytics.tiktok.com
9	play-lh.googleusercontent.com	google-usz.com
5	fonts.gstatic.com	www.vofzhq.com
2	game99.feiwindevelopment.com	analytics.tiktok.com
2	lh3.googleusercontent.com	google-usz.com
2	www.googletagmanager.com	google-usz.com
2	google-usz.com	google-usz.com
1	www.gstatic.com
1	api.mythad.com	analytics.tiktok.com
1	s1.kwai.net	google-usz.com
1	connect.facebook.net	google-usz.com
1	api.ipify.org	google-usz.com
1	appdv76.s3.ap-southeast-3.amazonaws.com	google-usz.com
73	14

This site contains no links.

Subject Issuer	Validity	Valid
google-usz.com WE1	`2024-06-25` - `2024-09-23`	3 months	crt.sh
vofzhq.com WE1	`2024-06-23` - `2024-09-21`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
edgestatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
ipify.org GTS CA 1P5	`2024-05-19` - `2024-08-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-03` - `2024-07-02`	3 months	crt.sh
*.kwai.net GlobalSign RSA OV SSL CA 2018	`2023-10-26` - `2024-11-26`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.s3.ap-southeast-3.amazonaws.com Amazon RSA 2048 M01	`2023-12-12` - `2024-11-23`	a year	crt.sh
feiwindevelopment.com GTS CA 1P5	`2024-05-20` - `2024-08-18`	3 months	crt.sh
*.mythad.com GlobalSign GCC R3 DV TLS CA 2020	`2024-03-12` - `2025-04-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Frame ID: BFF393E307AE22FEB2DFDCE3212FAB0C
Requests: 72 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

7276 – Apps on Google Play

Page URL History Show full URLs

https://google-usz.com/ Page URL
https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=990... Page URL

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

73
Requests

82 %
HTTPS

44 %
IPv6

12
Domains

14
Subdomains

17
IPs

5
Countries

3663 kB
Transfer

6969 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://google-usz.com/ Page URL
https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
google-usz.com/ 241 KB
27 KB 842ms
783ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://google-usz.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97345231261554cadfea643b3d5d2f75422b1f0db9c591e726aeed585a03e141

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 899583982ba58eda-FRA
content-encoding: br
content-type: text/html
date: Tue, 25 Jun 2024 14:05:43 GMT
last-modified: Tue, 25 Jun 2024 11:52:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J2m4hkJhuoih2rosuhLXqBRel%2BEIED2V0hOQknAEktHq60VFUAb%2B0HWQuYyA2aXnbNRLPLnh2Y7oFJJWc03OQ0ak%2BXM4NsFJLbCorXpRbOKs%2BygLN8X1lZ4%2FbrtBtW%2Bi3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.css
www.vofzhq.com/resource/save4/assets/css/ 658 KB
104 KB 1832ms
1429ms Stylesheet
text/css 2606:4700:3037::6815:2a35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vofzhq.com/resource/save4/assets/css/style.css
Requested by: Host: google-usz.com
URL: https://google-usz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2a35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b194e068c2bf442d79b2562b36bae41830948922e6461366f747ea5ef31280ee

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf21-a4798"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mZ1rh84iF38sGPPQ%2BMXk9x%2BQwjM2bmn4AQLH4NKYm3CU0d%2FpBCtnvl9SShGyR5ctqGh4aWs%2FCnaKC%2B82DvAK1KqJHMi40JsFYz471c5USxCG8soU3z6QJv9aixrsfAo9BXUwOdmg3ryW90X6dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 899583a0caa89256-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jun 2024 02:05:44 GMT

GET
H2 200 clipboard.min.js
www.vofzhq.com/resource/save4/assets/js/ 18 KB
5 KB 2546ms
2143ms Script
application/javascript 2606:4700:3037::6815:2a35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vofzhq.com/resource/save4/assets/js/clipboard.min.js
Requested by: Host: google-usz.com
URL: https://google-usz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2a35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf32-4950"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sO%2FvpDAFQYec0CAs1LE9YK39nJ4TlXppR6so%2B%2BVDgPTsZUYozIG1sbK9gTINLG65UOQwm5tc6NV95zW%2Fyp%2BiF2cFDiE%2B6GJV9EDQiGTEe6oAFD9xk9n8JfJ6ZqLHx5y0oEdohYbcSHTCnKxznQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 899583a0caaa9256-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jun 2024 02:05:44 GMT

GET adjust-latest.min.js
www.vofzhq.com/resource/save4/assets/js/ 0
0

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H2 200 ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
lh3.googleusercontent.com/a/ 2 KB
3 KB 433ms
30ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo

Requested by

Host: google-usz.com
URL: https://google-usz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fa8124ac4fe21c49f2bb4373761e0550e03306f125522ef08a114288fb74e8c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 10:58:14 GMT
x-content-type-options: nosniff
age: 11250
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2384
x-xss-protection: 0
server: fife
etag: "v18"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jun 2024 10:58:14 GMT

GET
H2 200 _KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
play-lh.googleusercontent.com/ 222 B
520 B 285ms
27ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw

Requested by

Host: google-usz.com
URL: https://google-usz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 13:50:23 GMT
x-content-type-options: nosniff
age: 921
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 222
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jun 2024 13:50:23 GMT

GET
H2 200 s7-1.png
www.vofzhq.com/resource/save4/assets/image/ 223 KB
0 1091ms
1090ms Image
image/png 2606:4700:3037::6815:2a35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/s7-1.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2a35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf2f-5e5eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fThhMEJKadKSyGBIHccGhXBPnYp%2FMnzTNayO5cS%2B5nrM74ACG7FT0Ziaq0n3PH%2B%2FhLEkcDvg1FilhGnvxhkgFNjE93pmIVeRvKpOGF8jC%2BNrikMmLZmFw%2BiEibfEUfJmdScTocG6Koknw5bXdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 899583a11b1a9256-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 14:05:45 GMT

GET
H2 200 s7-2.png
www.vofzhq.com/resource/save4/assets/image/ 326 KB
326 KB 1030ms
1030ms Image
image/png 2606:4700:3037::6815:2a35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/s7-2.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2a35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e81a6112423a16742c1b94f60fcf2f1dcd4a82d42a000c10d3406a5186e2b4f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf30-518b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=08L%2BR5OMNPTozpQSwYMYX7bjxQMz2Zb7wrOLszUw2TA%2B69uCqhynNJSNw%2Bj4nwOIA3tn4C7NVmUFeRv4ehtOi%2FbdluZ%2FG2CpjK%2Bwum9kQmNl75Bl%2FDwVkLx4s3mdaW1JvxIsqvQz0UUADQSang%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 899583a11b1d9256-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 14:05:45 GMT

GET s7-3.png
www.vofzhq.com/resource/save4/assets/image/ 0
0

GET s7-4.png
www.vofzhq.com/resource/save4/assets/image/ 0
0

GET s7-5.png
www.vofzhq.com/resource/save4/assets/image/ 0
0

GET iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
play-lh.googleusercontent.com/ 0
0

GET 12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
play-lh.googleusercontent.com/ 0
0

GET W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
play-lh.googleusercontent.com/ 0
0

GET ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
play-lh.googleusercontent.com/ 0
0

GET indonesia.png
www.vofzhq.com/resource/save4/assets/image/ 0
0

GET
H2 200 email-decode.min.js
www.vofzhq.com/resource/save4/assets/js/ 1 KB
1011 B 750ms
749ms Script
application/javascript 2606:4700:3037::6815:2a35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vofzhq.com/resource/save4/assets/js/email-decode.min.js
Requested by: Host: google-usz.com
URL: https://google-usz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2a35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:47 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf32-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTCls0xr%2BIGWhj47ChhOpAGz1u4wp2S6qDTaSF0Xp%2BvsfGezCQSIDzR81ZXKrnfOppmRvzAnumDJh3T%2BNYt6IngWWfXYcxBxTly3U5i9jxJmT3etlUoYAUV9WBB0AquDUBNCPqyWfWto2QTItg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 899583adcd959256-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jun 2024 02:05:47 GMT

GET 7276.js
appdv76.s3.ap-southeast-3.amazonaws.com/download-app/ 0
0

GET /
api.ipify.org/ 0
0

GET /
google-usz.com/ 0
0

GET
H3 200 Primary Request / Show response
google-usz.com/ 241 KB
27 KB 741ms
740ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Requested by: Host: google-usz.com
URL: https://google-usz.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97345231261554cadfea643b3d5d2f75422b1f0db9c591e726aeed585a03e141

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://google-usz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 899583ae48338eda-FRA
content-encoding: br
content-type: text/html
date: Tue, 25 Jun 2024 14:05:47 GMT
last-modified: Tue, 25 Jun 2024 11:52:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iYaE%2BC1a5%2F58KTOYC3tNlp%2BvIn5NHwqGNunMP6JhgzBqLDsjqNa8goPWirWTZ0jYh%2Fp9upwyUVc1miPDfabfeRbU2qukJeemEijCdvp14LwSHcrIHkqpuRRi5Ue29YD5JA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.css
www.vofzhq.com/resource/save4/assets/css/ 658 KB
0 5ms
5ms Stylesheet
text/css 2606:4700:3037::6815:2a35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vofzhq.com/resource/save4/assets/css/style.css
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2a35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b194e068c2bf442d79b2562b36bae41830948922e6461366f747ea5ef31280ee

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf21-a4798"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mZ1rh84iF38sGPPQ%2BMXk9x%2BQwjM2bmn4AQLH4NKYm3CU0d%2FpBCtnvl9SShGyR5ctqGh4aWs%2FCnaKC%2B82DvAK1KqJHMi40JsFYz471c5USxCG8soU3z6QJv9aixrsfAo9BXUwOdmg3ryW90X6dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 899583a0caa89256-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jun 2024 02:05:44 GMT

GET
H2 200 clipboard.min.js Show response
www.vofzhq.com/resource/save4/assets/js/ 18 KB
0 6ms
6ms Script
application/javascript 2606:4700:3037::6815:2a35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vofzhq.com/resource/save4/assets/js/clipboard.min.js
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2a35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf32-4950"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sO%2FvpDAFQYec0CAs1LE9YK39nJ4TlXppR6so%2B%2BVDgPTsZUYozIG1sbK9gTINLG65UOQwm5tc6NV95zW%2Fyp%2BiF2cFDiE%2B6GJV9EDQiGTEe6oAFD9xk9n8JfJ6ZqLHx5y0oEdohYbcSHTCnKxznQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 899583a0caaa9256-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jun 2024 02:05:44 GMT

GET
H3 200 adjust-latest.min.js Show response
www.vofzhq.com/resource/save4/assets/js/ 90 KB
32 KB 2141ms
2107ms Script
application/javascript 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vofzhq.com/resource/save4/assets/js/adjust-latest.min.js
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00870e3c1034202dcd8dbce87276fa59681fecbfc01c3637f64dad8f767b574

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:49 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf32-16660"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63zx4S%2BhBmC3diYSdOQ5RpFoGpQWSFnV6pSUvwT44YkXxX4vrTaMpxAzpoH8W8DLzyf7Fr6HxQ0fcFcGFtebWAz4VsYRsbrRv6vGHyBAlBR%2FcZU9Ki0713I3iGK4xSuGkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 899583b40db703ac-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jun 2024 02:05:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
49 KB 142ms
63ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c74ad66c22f05cf782dba9b81ba62c36c9c0d19eb577c9a3ff787636365b8e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49746
x-xss-protection: 0
last-modified: Tue, 25 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jun 2024 14:05:47 GMT

GET
H2 200 ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
lh3.googleusercontent.com/a/ 2 KB
0 6ms
6ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo

Requested by

Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fa8124ac4fe21c49f2bb4373761e0550e03306f125522ef08a114288fb74e8c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 10:58:14 GMT
x-content-type-options: nosniff
age: 11250
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2384
x-xss-protection: 0
server: fife
etag: "v18"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jun 2024 10:58:14 GMT

GET
H2 200 / Show response
api.ipify.org/ 22 B
156 B 524ms
472ms Fetch
application/json 172.67.74.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2de14746137fc099576d3f3607b3f7767871eb50a20fa3b4e0da3359d4489af3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
cf-ray: 899583b40b3b694b-FRA
content-length: 22

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 183 KB
66 KB 151ms
91ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NNS8L2MD

Requested by

Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb52d5507dce843dc910b016aa4f98f340ca5dea659b3d1e5b5f714c18d0b066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67575
x-xss-protection: 0
last-modified: Tue, 25 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jun 2024 14:05:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 282ms
0ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jun 2024 14:05:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=15, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: N/mPuzbZPDnBLSzLYy36Eiz5DnrJwwssl/vr4WBxayEN+rqyic06OsMBRslxxjmfW6zGENtZCE6r3c5WP2RXcg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK events-nr.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/custom/ 85 KB
27 KB 1171ms
28ms Script
application/javascript 43.131.10.207
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/custom/events-nr.js?sdkid=null&lib=kwaiq
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.131.10.207 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 2e66a4315d0abf76f37d99e9f7595f43ab23965947fa90ab49a2e816700a02df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 212.7.210.181
Date: Fri, 21 Jun 2024 20:33:06 GMT
Content-Encoding: gzip
x-oss-request-id: 6675E3826BD2703539EAEB16
X-Cache-Lookup: Cache Hit
Content-MD5: x86LJmssF7vaKM9QVjRYhA==
kwaisign: NULL
Connection: keep-alive
Content-Length: 26731
X-Ks-Request-ID: 6442249714307096321
X-Ks-Cache: Hit from 43.131.10.207
x-oss-object-type: Normal
Last-Modified: Mon, 03 Jul 2023 07:01:20 GMT
Server: Lego Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 6442249714307096321
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 11580523396097584336
x-oss-server-time: 61
Expires: Sun, 21 Jul 2024 20:33:06 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 406ms
94ms Script
application/javascript 104.126.37.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=null&lib=ttq
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dd58e173db0554fedaa502ad9769e4eef77981332c4619b7d6ef71945e482e3c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: d7bf888d.d69984e
date: Tue, 25 Jun 2024 14:05:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240625140547133886A1C7379141990D-6E192F7A48388498-00
x-cache: TCP_MISS from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 95,104.126.37.142
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=7, inner; dur=4
content-length: 1445
pragma: no-cache
server: nginx
x-tt-logid: 20240625140547133886A1C7379141990D
x-cache-remote: TCP_MISS from a23-48-200-203.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.48.200.203
x-tt-trace-host: 01268123201fab57cd6bfb59223eb974e3cc50a7716b2568cdd3a65b90b222dbf49e82c0ce72336a18e5866011e14bf4df78bf57ee22b59cde8230ef75159aaa6aabf0cbdf2ac81cf867398f78e335ab351f61a4ced92fc5e61dc464d65a79b74495b46bd6249b80b2d232cc24fec0bf2f
expires: Tue, 25 Jun 2024 14:05:47 GMT

GET
H2 200 4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2
fonts.gstatic.com/s/googlesans/v29/ 24 KB
24 KB 286ms
55ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v29/4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2

Requested by

Host: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save4/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.vofzhq.com/
Origin: https://google-usz.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:58:11 GMT
x-content-type-options: nosniff
age: 97656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24652
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 01:47:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Jun 2025 10:58:11 GMT

GET
H2 200 Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
fonts.gstatic.com/s/googlematerialicons/v137/ 227 KB
227 KB 308ms
78ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlematerialicons/v137/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2

Requested by

Host: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save4/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.vofzhq.com/
Origin: https://google-usz.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:52:53 GMT
x-content-type-options: nosniff
age: 601974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232676
x-xss-protection: 0
last-modified: Mon, 08 May 2023 17:53:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:52:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 279ms
49ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save4/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.vofzhq.com/
Origin: https://google-usz.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:59:09 GMT
x-content-type-options: nosniff
age: 601598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:59:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
16 KB 231ms
48ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save4/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.vofzhq.com/
Origin: https://google-usz.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 21:31:20 GMT
x-content-type-options: nosniff
age: 318867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Jun 2025 21:31:20 GMT

GET
H2 200 _KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
play-lh.googleusercontent.com/ 222 B
0 68ms
68ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw

Requested by

Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 13:50:23 GMT
x-content-type-options: nosniff
age: 921
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 222
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jun 2024 13:50:23 GMT

GET
H3 200 s7-1.png
www.vofzhq.com/resource/save4/assets/image/ 377 KB
373 KB 1532ms
1474ms Image
image/png 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/s7-1.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee83373c5d6c67b60f6aadd8b6ed1f573a25ffe53379788d8f4dd671b861088b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:49 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf2f-5e5eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BXtVUbtoVgcUyL056Fo8kSfMCIojz3WFRonyxm94cCOcpedcPvfP4%2BN4sxp4eU6j%2FG4e3zh5CBb5NCTAA%2FQ1pteT2vMYEBMIPMKDUIcTfdIFy0PRBqhzfDjtSJbGqj4cXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 899583b60a4d03ac-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 14:05:48 GMT

GET
H2 200 s7-2.png
www.vofzhq.com/resource/save4/assets/image/ 326 KB
0 66ms
66ms Image
image/png 2606:4700:3037::6815:2a35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/s7-2.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2a35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e81a6112423a16742c1b94f60fcf2f1dcd4a82d42a000c10d3406a5186e2b4f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf30-518b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=08L%2BR5OMNPTozpQSwYMYX7bjxQMz2Zb7wrOLszUw2TA%2B69uCqhynNJSNw%2Bj4nwOIA3tn4C7NVmUFeRv4ehtOi%2FbdluZ%2FG2CpjK%2Bwum9kQmNl75Bl%2FDwVkLx4s3mdaW1JvxIsqvQz0UUADQSang%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 899583a11b1d9256-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 14:05:45 GMT

GET
H3 200 s7-3.png
www.vofzhq.com/resource/save4/assets/image/ 271 KB
270 KB 753ms
698ms Image
image/png 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/s7-3.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fb4e1565ee11145ccf8da1119e8812bc3cd513e8b15f2621a14bd43c06fc5a7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 25 Jun 2024 11:51:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"667aaf30-43b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bbc8FkW2CQ%2BcgwOwMpRaP7J7kqwwIjRhnrhHQzUB4Fh48v9LwI0bsqQkg2rqqQyU9JGVycbljqNlOkTDAI6r0iZ8iLEqUXpj0LHOjhX5nzWQqtMsiqmLWUeouSQt7ldIkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 899583b60a5103ac-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 14:05:47 GMT

GET
H3 200 s7-4.png
www.vofzhq.com/resource/save4/assets/image/ 261 KB
254 KB 752ms
696ms Image
image/png 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/s7-4.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d20d4d8d667aade2afaf1d0d29993fe69c38672bd6a07129cf2ec31c93ca22a5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 25 Jun 2024 11:51:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"667aaf30-412e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F7Jfg%2BjfWZCXeyWOVOoc9F59%2F9x0y2hgPNMKAK5gGGT7Od4EQSmqRZklgJMRgArpL1CaGoF0cdSgdF1eD%2B8mb2hIhoc%2BuQ3T%2Bvx%2FL1IgbjDHiPg6fr8H4SlHTRvp9OOW6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 899583b60a5603ac-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 14:05:47 GMT

GET
H3 200 s7-5.png
www.vofzhq.com/resource/save4/assets/image/ 379 KB
379 KB 681ms
639ms Image
image/png 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/s7-5.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f53c074f3aa414973be092bb5a5b8f016db40f7156954284e1b117c4fe3572c5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 25 Jun 2024 11:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"667aaf31-5ecb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ee6EzqlYs9G5slv81VChy4nkKoPZWaM3JPTTXt5wf3EsVvSpqIpW78rrZBZA%2BKcOx6cHWnYrWilfeS%2F9jVnu6xkONn4CfIf%2BvfzoNp1B0OXGopKjcC3VuhsjGj5dLYqiWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 899583b60a5703ac-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 14:05:47 GMT

GET
H3 200 iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
play-lh.googleusercontent.com/ 200 B
225 B 135ms
97ms Image
image/webp 142.250.186.118
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw

Requested by

Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.118 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f22.1e100.net

Software

fife /

Resource Hash

8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 13:59:13 GMT
x-content-type-options: nosniff
age: 394
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jun 2024 13:59:13 GMT

GET
H3 200 12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
play-lh.googleusercontent.com/ 244 B
269 B 134ms
97ms Image
image/webp 142.250.186.118
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw

Requested by

Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.118 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f22.1e100.net

Software

fife /

Resource Hash

6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 13:59:13 GMT
x-content-type-options: nosniff
age: 394
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jun 2024 13:59:13 GMT

GET
H3 200 W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
play-lh.googleusercontent.com/ 202 B
227 B 138ms
100ms Image
image/webp 142.250.186.118
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw

Requested by

Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.118 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f22.1e100.net

Software

fife /

Resource Hash

ec7079f564b373b25697d50497ace94e23b2208bd15ca06f9458a4fde31bee23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 13:59:13 GMT
x-content-type-options: nosniff
age: 394
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jun 2024 13:59:13 GMT

GET
H3 200 ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
play-lh.googleusercontent.com/ 164 B
189 B 134ms
95ms Image
image/webp 142.250.186.118
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw

Requested by

Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.118 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f22.1e100.net

Software

fife /

Resource Hash

de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 13:59:13 GMT
x-content-type-options: nosniff
age: 394
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jun 2024 13:59:13 GMT

GET
H2 200 kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 159 KB
159 KB 184ms
127ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2

Requested by

Host: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save4/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.vofzhq.com/
Origin: https://google-usz.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:04:34 GMT
x-content-type-options: nosniff
age: 601273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162924
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:15:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:04:34 GMT

GET
H3 200 ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw
play-lh.googleusercontent.com/a-/ 454 B
478 B 475ms
434ms Image
image/webp 142.250.186.118
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw

Requested by

Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.118 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f22.1e100.net

Software

fife /

Resource Hash

f2582ba55ec07d7ae8bfe3ee0b769103e8870156ad832faf74324d1ec75355d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:48 GMT
x-content-type-options: nosniff
server: fife
etag: "v69"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 454
x-xss-protection: 0
expires: Wed, 26 Jun 2024 14:05:48 GMT

GET
H3 200 ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo
play-lh.googleusercontent.com/a/ 302 B
327 B 161ms
120ms Image
image/webp 142.250.186.118
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a/ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo

Requested by

Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.118 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f22.1e100.net

Software

fife /

Resource Hash

89b9444fa3a554de0694fc69ea67ea030af61f4f65dfd6e741f573bca8133b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 13:31:03 GMT
x-content-type-options: nosniff
age: 2084
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 302
x-xss-protection: 0
server: fife
etag: "v0"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jun 2024 13:31:03 GMT

GET
H3 200 ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw
play-lh.googleusercontent.com/a-/ 1 KB
1 KB 160ms
120ms Image
image/webp 142.250.186.118
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a-/ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw

Requested by

Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.118 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f22.1e100.net

Software

fife /

Resource Hash

84f31b21d000c3456ba14c06e3a59d50c4a83bf871a40ca04eabd7b033d10952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:47 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1124
x-xss-protection: 0
server: fife
etag: "vc"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jun 2024 14:05:47 GMT

GET
H3 200 indonesia.png
www.vofzhq.com/resource/save4/assets/image/ 192 B
692 B 264ms
236ms Image
image/png 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/indonesia.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3575ac0087b76854e36690ae29a45b5c0cefdf6a0a9de6e38516a0fddfc08689

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 192
last-modified: Tue, 25 Jun 2024 11:50:57 GMT
server: cloudflare
etag: "667aaf21-c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2zhHDpGDjPq82lrDydLFzMgnJvLghZzlBr4BJUa6G8gaLNEdxZ2jNb48OnO99UC5DVoAgv%2F65AHGAFcojL%2FDZ6LbDUUNScE6qukb91iYIHV1TzEfH74jiGiXFhaXY4wcTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 899583b69b6003ac-FRA
expires: Thu, 25 Jul 2024 14:05:47 GMT

GET
H2 200 email-decode.min.js Show response
www.vofzhq.com/resource/save4/assets/js/ 1 KB
0 36ms
36ms Script
application/javascript 2606:4700:3037::6815:2a35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vofzhq.com/resource/save4/assets/js/email-decode.min.js
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2a35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:47 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf32-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTCls0xr%2BIGWhj47ChhOpAGz1u4wp2S6qDTaSF0Xp%2BvsfGezCQSIDzR81ZXKrnfOppmRvzAnumDJh3T%2BNYt6IngWWfXYcxBxTly3U5i9jxJmT3etlUoYAUV9WBB0AquDUBNCPqyWfWto2QTItg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 899583adcd959256-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jun 2024 02:05:47 GMT

GET
H/1.1 200
OK 7276.js Show response
appdv76.s3.ap-southeast-3.amazonaws.com/download-app/ 158 B
565 B 365ms
324ms Script
application/javascript 52.95.178.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/download-app/7276.js
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.95.178.26 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 15ff4dffcd2275bde1cb9763e9d70dc4b3837333354301ee58a73d63107577ac

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 14:05:49 GMT
Last-Modified: Mon, 24 Jun 2024 14:53:12 GMT
Server: AmazonS3
x-amz-request-id: ZB5RFSY3X1DE5RZF
ETag: "760ccf02ac9cd32530e1d2511edb8a59"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 158
x-amz-id-2: h9JRUlkVrw9c1ns6Vio54+21557OxGMausMgnSoB/YHkxSyssCmXrNVB7CnTUm1Di3NtFtUZgn0=

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 318ms
274ms Script
application/javascript 104.126.37.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CO4DTPRC77UF68P83BQG&lib=ttq
Requested by: Host: google-usz.com
URL: https://google-usz.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 56c16d63110e6829e9e1fbd0a239dc54750300ac8d5a21193997747e2e6ede8f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1782d1cf.d699c37
date: Tue, 25 Jun 2024 14:05:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240625140548B28CFDB7B07F03E0B960-59A6AA3A5FEEDAA1-00
x-cache: TCP_MISS from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 242,104.126.37.142
server-timing: cdn-cache; desc=MISS, edge; dur=228, origin; dur=14, inner; dur=4
content-length: 1894
pragma: no-cache
server: nginx
x-tt-logid: 20240625140548B28CFDB7B07F03E0B960
x-cache-remote: TCP_MISS from a23-218-222-73.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.218.222.73
x-tt-trace-host: 01268123201fab57cd6bfb59223eb974e3cc50a7716b2568cdd3a65b90b222dbf4354d752c9611867a16b6c7021d6e6c5bf0893a5542d6af5eb278e8b95e5d061defaf51b1a19237a838a059f266b43316ac78f495061ab7feb38079205c7aa78100f0c8e2eda3433305770e6d76d0f33c
expires: Tue, 25 Jun 2024 14:05:48 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 177ms
135ms Script
application/javascript 104.126.37.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNIPJBBC77U8IUSPI43G&lib=ttq
Requested by: Host: google-usz.com
URL: https://google-usz.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fae63f6a2db54a0cbd743ad20afff2b23b8d6e63639010d40957a7da730cf8e0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: d699c39
date: Tue, 25 Jun 2024 14:05:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24062514054894D6DDA298C84DD1B5E5-10BF567069C64213-00
x-cache: TCP_MISS from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=3, origin; dur=91
content-length: 1913
pragma: no-cache
server: nginx
x-tt-logid: 2024062514054894D6DDA298C84DD1B5E5
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 92,104.126.37.142
x-tt-trace-host: 01268123201fab57cd6bfb59223eb974e3eaf11ba2519c10f567254ec8ef7f72c163b66df49f171917c4af49f0f0136e13484f6f1f9f2aa72acbfd746adfae4091fad76a59568098380d5a6d47c96af11edfed54b34752c29e5ef16f57c6d17f50
expires: Tue, 25 Jun 2024 14:05:48 GMT

GET
H2 200 main.MTU0NDc1MDUxMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 339 KB
97 KB 103ms
76ms Script
application/javascript 104.126.37.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=null&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 47d3e5c22630f08413d65b1507e3c2600f0dea1ae83f045f9f1a0be5514efee2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: d699c3a
date: Tue, 25 Jun 2024 14:05:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202406201513552ABA51BFC68D8BB3299D
x-tt-trace-id: 00-2406201513552ABA51BFC68D8BB3299D-5542D1B57959ED52-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0103cfc208c8d18a57d6c366ef5db4ecd186ae08269b272c1fe5c05951e003020248b992f8f1920bb8fdea3d4b9a287408b5b344dc140b3eb6fd5fa972815f110f66ee3151eb3d134fdc5e20b8596e12d649b49d295d3be19083b69fbaa608c90f
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
content-length: 98665

GET
H2 200 main.MTU0NDc1MDUxMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 344 KB
99 KB 66ms
27ms Script
application/javascript 104.126.37.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNIPJBBC77U8IUSPI43G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 52960b56e4d4fbf39e5cae2833367131bb2354c69ab5d9eb296d82733f62923d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: d699edc
date: Tue, 25 Jun 2024 14:05:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202406201513550CA1A3A8B9ADDD88360D
x-tt-trace-id: 00-2406201513550CA1A3A8B9ADDD88360D-35104E36EBCFA987-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e6a69d95811160597f3158129679eac07c8ef387ddb30328870914962ec38ef9600348835b14a3d6c1d8f6e683c5948caf639bb8d3422661b99b2b070ee25cb5c61f57148bd6311e792f2dca67d3aa1909acaf563d5b786d74466c34aea99039
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 101132

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 37ms
31ms Script
application/javascript 104.126.37.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: d699fc5
date: Tue, 25 Jun 2024 14:05:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024052114000028360ABE5A822A9D157C
x-tt-trace-id: 00-24052114000028360ABE5A822A9D157C-65016C1984D6CF15-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014a16450144a70267c8331d4ff43712d8e1aa548e71da4501fa7daafd5dc4fa2e2bfc0ce1813575125b39d9c0622b18aa7a2faed0f58404ba50a9eb55dc4b0a6f83daf2b9d2bf3c974a7138e6f9d1152019d91868398d1a2c7281abe5fab4e5ef
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 39703

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
704 B 194ms
180ms Ping
text/plain 104.126.37.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d69a080
date: Tue, 25 Jun 2024 14:05:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240625140548DA36CE72AEA5CCD626AF-57878A833B34C505-00
x-cache: TCP_MISS from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=26, cdn-cache; desc=MISS, edge; dur=13, origin; dur=131
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240625140548DA36CE72AEA5CCD626AF
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 132,104.126.37.142
x-tt-trace-host: 01268123201fab57cd6bfb59223eb974e3eaf11ba2519c10f567254ec8ef7f72c1b66c455dc1d356bc46b81f353c8bc17f97a31477cc0af75f99b2d8f7cf886b2ea2d5672436822a8be559f831751bd180e27edfe313179ccfe23e4f551b65b1cb
access-control-allow-headers: Authorization,*
expires: Tue, 25 Jun 2024 14:05:48 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
845 B 225ms
212ms Ping
text/plain 104.126.37.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 9fa859c.d69a081
date: Tue, 25 Jun 2024 14:05:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240625140548D4CD9FD37FCD4C48262C-4B77F66A22FC8860-00
x-cache: TCP_MISS from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 170,104.126.37.142
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=80, inner; dur=77
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240625140548D4CD9FD37FCD4C48262C
x-cache-remote: TCP_MISS from a104-78-78-108.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 80,104.78.78.108
x-tt-trace-host: 01268123201fab57cd6bfb59223eb974e3eaf11ba2519c10f567254ec8ef7f72c10e99ce5917ac2e21da36953be20f299fe18eab2a98d02b5d12e3a3685ca74d31adc5f055a1b42d64d6f0f308ea57e0d1f1def0e3dd955536a7f83aaf61deaba5b9128ac4e818478b7fffaeff83ce10fa
access-control-allow-headers: Authorization,*
expires: Tue, 25 Jun 2024 14:05:48 GMT

POST
H3 200 tiktok Show response
game99.feiwindevelopment.com/game99-platform-app/s2s/ 109 B
585 B 289ms
288ms Fetch
application/json 172.67.202.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game99.feiwindevelopment.com/game99-platform-app/s2s/tiktok
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee660b9ef1bf8766fb46c9ce9a110e8fe21ee648957fa443861b3044b9a578f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 25 Jun 2024 14:05:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MZOpk8F7b4Ad2jVlWb97VNeaYE5d58UifeCCnDO%2BASDj6OGGf3hd5FUR88YUJPxccpAItayL1bShv8rIiHQWCaN%2F%2FXz6xGyrTWQYa0vBAHO3XzMvW6AKUudkDvMcfh%2BrR6Z5yMlxF2hiDgsQDtMU"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cf-ray: 899583bd99eb2bae-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 s7.png
www.vofzhq.com/resource/save4/assets/image/ 364 KB
364 KB 1104ms
1103ms Image
image/png 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/s7.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eafea0e6977d05bf745afdd4f3b36c665a32caa7fbd6fd2e1a444ee4a0238ded

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:49 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf31-5ae6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wwAIP470yOvcxlTvDX47qNiRxFVPiWlZ5DE26c%2FSOz5IARGHxY7KFb7u1ZJC9RduUMaW8GNU23P%2Fk0nS0NDXoFT51nA6Hl3vR0lyjG7dTU6FSXeSgWAPteQpdXmQrlBNWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 899583b988bc03ac-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 14:05:48 GMT

OPTIONS
H3 200 tiktok
game99.feiwindevelopment.com/game99-platform-app/s2s/ 0
0 656ms
541ms Preflight 172.67.202.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game99.feiwindevelopment.com/game99-platform-app/s2s/tiktok
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://google-usz.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 899583ba3d1a2bae-FRA
content-length: 0
date: Tue, 25 Jun 2024 14:05:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJF2KsCYigjS75HIxNA5AXPLUD31BG5vr1%2Bf%2F3MOuCYEJBiIrO53rZvo2xBR%2FHancZSHhmB5GwNee7TibBlHZc2NqA5YNBBQxftFhVQZZj1OI%2B9Ceo%2F56LZgf%2BT6Np8hZDR2jpy7ckNe7oBsTLCv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
704 B 144ms
144ms Ping
text/plain 104.126.37.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d69a1c2
date: Tue, 25 Jun 2024 14:05:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240625140548B37E12BDE008EEDB3DD9-5D623B5133E7C83D-00
x-cache: TCP_MISS from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing: inner; dur=20, cdn-cache; desc=MISS, edge; dur=10, origin; dur=109
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240625140548B37E12BDE008EEDB3DD9
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 109,104.126.37.142
x-tt-trace-host: 01268123201fab57cd6bfb59223eb974e3eaf11ba2519c10f567254ec8ef7f72c1b66c455dc1d356bc46b81f353c8bc17fc03be62108f34047c3c84553a2274b16e54e71866823f73799a752136417e6c0a02324e3ec72565a0d17803dec2f6b19
access-control-allow-headers: Authorization,*
expires: Tue, 25 Jun 2024 14:05:48 GMT

GET
H3 200 s1.png
www.vofzhq.com/resource/save4/assets/image/ 102 KB
102 KB 1094ms
1093ms Image
image/png 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/s1.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6359730448551bba0d86f19fcab39ed5e43b68b047e9c50bfc26751867bac0b7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:49 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf24-19618"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h5YQnSizp%2FErvCTTAsOYmXhCCisBMFsWSKKCRallFK8xx3Zew0TEXswl50iJ1h1AbmKCEd4vrBXSjXTu2QKnNMOEWrb1J7SkapTzbgGi3NeAyFK5ckVa%2FFMNLnOj4Yrr1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 899583ba19fb03ac-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 14:05:49 GMT

GET
H3 200 s2.png
www.vofzhq.com/resource/save4/assets/image/ 87 KB
87 KB 1101ms
1101ms Image
image/png 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/s2.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a62c574fd79e739c2c9f74e33ab2479c6b8c418090abb5ae151b1f43622e88f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:49 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf26-15a06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tgpIdUBMc7Wn8lmOxa52JhgIDqOMsMZN6jVKjoomDnfI%2BhuNkt1OWbiPwAFnS9r3C%2F0RsunDssupQx%2ByzvXSMEPpNt7LqrjkAroTMYom70curPwB%2FzOYGhY5oiNqRTvxUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 899583ba1a0003ac-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 14:05:49 GMT

GET
H3 200 s3.png
www.vofzhq.com/resource/save4/assets/image/ 100 KB
100 KB 1437ms
1437ms Image
image/png 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/s3.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fda578c8b2454a91dd915904ee6cb2f8517609067f12a8d195b2d7185da670d3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:49 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf28-18ec5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t0O3%2BincODUMUfpcecKo1MdsOGUHpuQZQ5qCnNAGvNP8%2BYEqxhLZDhbMX8DggXm1jA0xvPDLAsKg%2F9IaW8uNGBfucUT2WTE8SMoH3l3S%2B%2FbpY%2FCtvpCAvsIhEdWNYGi5ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 899583ba1a0303ac-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 14:05:49 GMT

GET
H3 200 s4.png
www.vofzhq.com/resource/save4/assets/image/ 103 KB
103 KB 1078ms
1078ms Image
image/png 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/s4.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ebe83d4c779d73aa32492ee896280033b6e37aad7ae1a3f0b86e0ddcf887a02

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:49 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf2b-19b3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d52SBrbx5xu7qAF%2FwtT4NqvhVo5sEBCSgEe3Ov8JToj4esJ2oQygNDoGVnt4rj3TeVHwWnlRUtYDzrRK%2F6WLdxv2mA3widAqGru92k5WtNEo5UbC6YNh7kUAFKl4DseE1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 899583ba1a0903ac-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 14:05:49 GMT

GET
H3 200 s5.png
www.vofzhq.com/resource/save4/assets/image/ 107 KB
108 KB 1079ms
1079ms Image
image/png 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/s5.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f32ffbe78af2ae4ffe1bc3e97d4e5083826cb93c6f69e3a1da7fe30e0d50f51

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:49 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf2d-1ada6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wmzKnrywZsAsy9JH4XDTDo3wV4z05qjoLp1jVW0REDa7thMi0TzSAs0hHj4tmR3HuV%2B6XKbYL5QNxRave8ksaYsHAFYXp713oLpGOxsywWEB1nRY6dUyYGZK3PK1D0FiNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 899583ba1a0b03ac-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 14:05:49 GMT

GET
H3 200 s6.png
www.vofzhq.com/resource/save4/assets/image/ 103 KB
104 KB 1027ms
1027ms Image
image/png 172.67.157.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vofzhq.com/resource/save4/assets/image/s6.png
Requested by: Host: google-usz.com
URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a470aee42951c22167312e9862033578ea4eb0140f0a5d52ed38c15630982bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:05:49 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 11:51:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667aaf2f-19c80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NWuDAf8Rgysttu3K%2FyaVmnhXNkBksuNMJe9b9iTFBNildOCMpa8w46yguScD7AYLYwhc4WyAOpcTSvrfT4X6wGMz10vheDS10iWlR8uh2o%2FTJ3ZIGTIOJ0ztqHWEZt1cOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 899583ba1a0e03ac-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jul 2024 14:05:49 GMT

GET
H/1.1 200 getPixelConfig Show response
api.mythad.com/rest/n/adintl/ad/ 139 B
733 B 717ms
211ms XHR
application/json 43.132.32.113
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=null
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: /
Resource Hash: 81f19844a2982f73e56b70b096d2c3e37945c929b09ae4d765337821a530d77a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 25 Jun 2024 14:05:49 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://google-usz.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Alt-Svc: quic=":443";ma=2592000;v="43"

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
846 B 207ms
206ms Ping
text/plain 104.126.37.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1784cf23.d69a773
date: Tue, 25 Jun 2024 14:05:49 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240625140548199171765DA543DBC8B1-47342FDA073B730B-00
x-cache: TCP_MISS from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time: 159,104.126.37.142
server-timing: cdn-cache; desc=MISS, edge; dur=133, origin; dur=41, inner; dur=36
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240625140548199171765DA543DBC8B1
x-cache-remote: TCP_MISS from a23-218-222-73.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 41,23.218.222.73
x-tt-trace-host: 01268123201fab57cd6bfb59223eb974e3cc50a7716b2568cdd3a65b90b222dbf4354d752c9611867a16b6c7021d6e6c5ba394b34566007f438c07cbaf174309f83de8581e9b596d478fafb8c894f2d6e38934ac01931a28ee51e11d38be7d399e2ae63167cbad2f32e7d8b2291c7367e2
access-control-allow-headers: Authorization,*
expires: Tue, 25 Jun 2024 14:05:49 GMT

GET
H2 200 favicon_v3.ico
www.gstatic.com/android/market_images/web/ 4 KB
1 KB 114ms
32ms Other
image/x-icon 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/android/market_images/web/favicon_v3.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f343b3015d0545a7d5b719a434135bcae2ac766ed459aeea671e3688b79d1875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://google-usz.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 05:34:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117064
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 841
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 19:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/x-icon
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 24 Jun 2025 05:34:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save4/assets/js/adjust-latest.min.js

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=

Domain: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save4/assets/image/s7-3.png

Domain: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save4/assets/image/s7-4.png

Domain: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save4/assets/image/s7-5.png

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw

Domain: www.vofzhq.com
URL: https://www.vofzhq.com/resource/save4/assets/image/indonesia.png

Domain: appdv76.s3.ap-southeast-3.amazonaws.com
URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/download-app/7276.js

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Domain: google-usz.com
URL: https://google-usz.com/?id=s7

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tiktok.com/	1970-01-21 06:57:00	Name: _ttp Value: 2iNHvlybUfuaY0edZGBLx5JOGhn
.google-usz.com/	1970-01-21 06:57:00	Name: _tt_enable_cookie Value: 1
.google-usz.com/	1970-01-21 06:57:00	Name: _ttp Value: ylpITVSBJRAZtbQ6onceslSWyAx
.mythad.com/	1970-01-21 07:11:24	Name: kwai_ckid Value: 1719324349295_7093547659429402

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.ipify.org
api.mythad.com
appdv76.s3.ap-southeast-3.amazonaws.com
connect.facebook.net
fonts.gstatic.com
game99.feiwindevelopment.com
google-usz.com
lh3.googleusercontent.com
play-lh.googleusercontent.com
s1.kwai.net
www.googletagmanager.com
www.gstatic.com
www.vofzhq.com
api.ipify.org
appdv76.s3.ap-southeast-3.amazonaws.com
google-usz.com
play-lh.googleusercontent.com
www.googletagmanager.com
www.vofzhq.com
104.126.37.146
142.250.186.118
172.67.157.31
172.67.202.152
172.67.74.152
188.114.96.3
2606:4700:3037::6815:2a35
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:827::2001
2a00:1450:4001:829::2016
2a00:1450:4001:82f::2003
2a03:2880:f084:105:face:b00c:0:3
43.131.10.207
43.132.32.113
52.95.178.26
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0c74ad66c22f05cf782dba9b81ba62c36c9c0d19eb577c9a3ff787636365b8e9
15ff4dffcd2275bde1cb9763e9d70dc4b3837333354301ee58a73d63107577ac
1a62c574fd79e739c2c9f74e33ab2479c6b8c418090abb5ae151b1f43622e88f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2de14746137fc099576d3f3607b3f7767871eb50a20fa3b4e0da3359d4489af3
2e66a4315d0abf76f37d99e9f7595f43ab23965947fa90ab49a2e816700a02df
3575ac0087b76854e36690ae29a45b5c0cefdf6a0a9de6e38516a0fddfc08689
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
47d3e5c22630f08413d65b1507e3c2600f0dea1ae83f045f9f1a0be5514efee2
4f32ffbe78af2ae4ffe1bc3e97d4e5083826cb93c6f69e3a1da7fe30e0d50f51
4fb4e1565ee11145ccf8da1119e8812bc3cd513e8b15f2621a14bd43c06fc5a7
52960b56e4d4fbf39e5cae2833367131bb2354c69ab5d9eb296d82733f62923d
56c16d63110e6829e9e1fbd0a239dc54750300ac8d5a21193997747e2e6ede8f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6359730448551bba0d86f19fcab39ed5e43b68b047e9c50bfc26751867bac0b7
6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284
7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
81f19844a2982f73e56b70b096d2c3e37945c929b09ae4d765337821a530d77a
84f31b21d000c3456ba14c06e3a59d50c4a83bf871a40ca04eabd7b033d10952
857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba
89b9444fa3a554de0694fc69ea67ea030af61f4f65dfd6e741f573bca8133b94
8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627
97345231261554cadfea643b3d5d2f75422b1f0db9c591e726aeed585a03e141
9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf
9e81a6112423a16742c1b94f60fcf2f1dcd4a82d42a000c10d3406a5186e2b4f
9ebe83d4c779d73aa32492ee896280033b6e37aad7ae1a3f0b86e0ddcf887a02
9ee660b9ef1bf8766fb46c9ce9a110e8fe21ee648957fa443861b3044b9a578f
a470aee42951c22167312e9862033578ea4eb0140f0a5d52ed38c15630982bb3
b194e068c2bf442d79b2562b36bae41830948922e6461366f747ea5ef31280ee
cb52d5507dce843dc910b016aa4f98f340ca5dea659b3d1e5b5f714c18d0b066
d20d4d8d667aade2afaf1d0d29993fe69c38672bd6a07129cf2ec31c93ca22a5
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
dd58e173db0554fedaa502ad9769e4eef77981332c4619b7d6ef71945e482e3c
de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec
e00870e3c1034202dcd8dbce87276fa59681fecbfc01c3637f64dad8f767b574
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eafea0e6977d05bf745afdd4f3b36c665a32caa7fbd6fd2e1a444ee4a0238ded
ec7079f564b373b25697d50497ace94e23b2208bd15ca06f9458a4fde31bee23
ee83373c5d6c67b60f6aadd8b6ed1f573a25ffe53379788d8f4dd671b861088b
f2582ba55ec07d7ae8bfe3ee0b769103e8870156ad832faf74324d1ec75355d1
f343b3015d0545a7d5b719a434135bcae2ac766ed459aeea671e3688b79d1875
f53c074f3aa414973be092bb5a5b8f016db40f7156954284e1b117c4fe3572c5
fa8124ac4fe21c49f2bb4373761e0550e03306f125522ef08a114288fb74e8c9
fae63f6a2db54a0cbd743ad20afff2b23b8d6e63639010d40957a7da730cf8e0
fda578c8b2454a91dd915904ee6cb2f8517609067f12a8d195b2d7185da670d3

google-usz.com Open in urlscan Pro 188.114.96.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

82 %HTTPS

44 %IPv6

12 Domains

14 Subdomains

17 IPs

5 Countries

3663 kBTransfer

6969 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

google-usz.com Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

82 %
HTTPS

44 %
IPv6

12
Domains

14
Subdomains

17
IPs

5
Countries

3663 kB
Transfer

6969 kB
Size

4
Cookies

73 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!