howtoflashdroid.info Open in urlscan Pro
2606:4700:3035::ac43:a661 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://howtoflashdroid.info/
Effective URL:
https://howtoflashdroid.info/
Submission: On July 17 via manual (July 17th 2023, 10:18:40 am UTC) from SG — Scanned from SG

Summary HTTP 187 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 35 IPs in 8 countries across 36 domains to perform 187 HTTP transactions. The main IP is 2606:4700:3035::ac43:a661, located in United States and belongs to CLOUDFLARENET, US. The main domain is howtoflashdroid.info.
TLS certificate: Issued by GTS CA 1P5 on June 8th 2023. Valid for: 3 months.

This is the only time howtoflashdroid.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::6815:b9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 18	2606:4700:303... 2606:4700:3035::ac43:a661	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2404:6800:400... 2404:6800:4003:c05::5e	15169 (GOOGLE) (GOOGLE)
29	2404:6800:400... 2404:6800:4003:c11::9d	15169 (GOOGLE) (GOOGLE)
1 7	88.208.46.40 88.208.46.40	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
16	2404:6800:400... 2404:6800:4003:c02::9d	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c04::9b	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c1a::9a	15169 (GOOGLE) (GOOGLE)
26	2404:6800:400... 2404:6800:4003:c00::84	15169 (GOOGLE) (GOOGLE)
2 5	2404:6800:400... 2404:6800:4003:c02::68	15169 (GOOGLE) (GOOGLE)
2 5	185.196.197.130 185.196.197.130	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	2404:6800:400... 2404:6800:4003:c06::5f	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4003:c02::5e	15169 (GOOGLE) (GOOGLE)
6 13	142.251.10.157 142.251.10.157	15169 (GOOGLE) (GOOGLE)
3 5	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	104.254.151.69 104.254.151.69	29990 (ASN-APPNEX) (ASN-APPNEX)
32	2404:6800:400... 2404:6800:4003:c03::95	15169 (GOOGLE) (GOOGLE)
1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	2001:df2:a300... 2001:df2:a300:bbbb::135	6336 (TURN-US-ASN) (TURN-US-ASN)
2 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
1	133.186.161.89 133.186.161.89	45974 (NHN-AS-KR...) (NHN-AS-KR NHNCLOUD)
1 2	23.35.185.50 23.35.185.50	16625 (AKAMAI-AS) (AKAMAI-AS)
2	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	124.146.215.48 124.146.215.48	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	124.146.153.152 124.146.153.152	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
3 3	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	52.197.0.12 52.197.0.12	16509 (AMAZON-02) (AMAZON-02)
1 1	18.176.234.133 18.176.234.133	16509 (AMAZON-02) (AMAZON-02)
1	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
4 4	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
1 1	81.171.9.38 81.171.9.38	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	83.149.70.184 83.149.70.184	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	85.192.12.174 85.192.12.174	12695 (DINET-AS) (DINET-AS)
1	37.230.131.22 37.230.131.22	200197 (HYBRID-PO...) (HYBRID-POLAND)
1	83.222.114.190 83.222.114.190	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
1 1	167.235.14.51 167.235.14.51	24940 (HETZNER-AS) (HETZNER-AS)
1 2	185.15.175.134 185.15.175.134	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	142.251.12.155 142.251.12.155	() ()
187	35

1 2606:4700:3036::6815:b9b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

howtoflashdroid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3035::ac43:a661 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

howtoflashdroid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c05::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2404:6800:4003:c11::9d (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 88.208.46.40 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

bakibarus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4003:c02::9d (Singapore)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::9b (Singapore)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c1a::9a (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2404:6800:4003:c00::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c02::68 (Singapore) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.196.197.130 (Amsterdam, Netherlands) 2 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c06::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:c02::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.251.10.157 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.5.84.243 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.254.151.69 (Los Angeles, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2404:6800:4003:c03::95 (Singapore)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:df2:a300:bbbb::135 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.186.161.89 (Japan)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)

app.cauly.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.185.50 (Tseung Kwan O, Hong Kong) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-185-50.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.48 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.152 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

gdn.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.12.39 (Tokyo, Japan) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.197.0.12 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-0-12.ap-northeast-1.compute.amazonaws.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.176.234.133 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com

cs.r-ad.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.95.102.105 (Russian Federation) 4 redirects

ASN48347 (MTW-AS, RU)

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.171.9.38 (Renswoude, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.adtarget.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.149.70.184 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.adtwister.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)

dmpprof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.230.131.22 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.222.114.190 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

rtb.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.14.51 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.51.14.235.167.clients.your-server.de

match.ohmy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.134 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.155 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160 ade.googlesyndication.com	503 KB
32	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	412 KB
31	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346	214 KB
19	howtoflashdroid.info 2 redirects howtoflashdroid.info	245 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	187 KB
8	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
7	bakibarus.com 1 redirects bakibarus.com	25 KB
6	uuidksinc.net 2 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10937 uuidksinc.net — Cisco Umbrella Rank: 10920 d.uuidksinc.net — Cisco Umbrella Rank: 344032	2 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	4 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	280 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	5 KB
4	gnezdo.ru 4 redirects fcgi4.gnezdo.ru — Cisco Umbrella Rank: 51481	1 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com — Cisco Umbrella Rank: 1946	2 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	3 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
2	digitaltarget.ru 1 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 21230	735 B
2	dmpprof.com dmpprof.com — Cisco Umbrella Rank: 22858	1 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5907	1 KB
2	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1109 gdn.socdm.com — Cisco Umbrella Rank: 87824	2 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1425	649 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 383	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1067 r.turn.com — Cisco Umbrella Rank: 3947	869 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9378	1 KB
1	ohmy.bid 1 redirects match.ohmy.bid — Cisco Umbrella Rank: 46528	280 B
1	com.ru rtb.com.ru — Cisco Umbrella Rank: 73602	110 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 12102	375 B
1	adtwister.me z.cdn.adtwister.me — Cisco Umbrella Rank: 227105	246 B
1	adtarget.me 1 redirects z.cdn.adtarget.me — Cisco Umbrella Rank: 81820	101 B
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 9084	233 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	r-ad.ne.jp 1 redirects cs.r-ad.ne.jp — Cisco Umbrella Rank: 74722	684 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2276	173 B
1	cauly.co.kr app.cauly.co.kr — Cisco Umbrella Rank: 69071	161 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 6406	641 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	610 B
0	atdmt.com Failed ad.atdmt.com Failed
187	36

	Domain	Requested by
32	s0.2mdn.net	howtoflashdroid.info s0.2mdn.net
26	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net howtoflashdroid.info
24	pagead2.googlesyndication.com	howtoflashdroid.info pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
19	howtoflashdroid.info	2 redirects howtoflashdroid.info
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
13	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	www.gstatic.com	googleads.g.doubleclick.net
7	bakibarus.com	1 redirects howtoflashdroid.info bakibarus.com
6	fonts.gstatic.com	howtoflashdroid.info fonts.googleapis.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
5	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
4	fcgi4.gnezdo.ru	4 redirects
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
3	d.uuidksinc.net	uuidksinc.net
3	x.bidswitch.net	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
2	dmg.digitaltarget.ru	1 redirects uuidksinc.net
2	dmpprof.com	uuidksinc.net
2	pool.admedo.com	2 redirects
2	googleads4.g.doubleclick.net	howtoflashdroid.info
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	match.adsrvr.org	2 redirects
2	s.tribalfusion.com	googleads.g.doubleclick.net
2	a.tribalfusion.com	2 redirects
2	s.uuidksinc.net	2 redirects
2	counter.yadro.ru	1 redirects
1	ade.googlesyndication.com
1	match.ohmy.bid	1 redirects
1	rtb.com.ru	uuidksinc.net
1	dm-eu.hybrid.ai	uuidksinc.net
1	z.cdn.adtwister.me	uuidksinc.net
1	z.cdn.adtarget.me	1 redirects
1	dsp.adkernel.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	cs.r-ad.ne.jp	1 redirects
1	gdn.socdm.com
1	tg.socdm.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	app.cauly.co.kr	googleads.g.doubleclick.net
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	uuidksinc.net	bakibarus.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	ad.atdmt.com Failed	googleads.g.doubleclick.net
187	47

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
howtoflashdroid.info GTS CA 1P5	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
bakibarus.com R3	`2023-06-22` - `2023-09-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
uuidksinc.net R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2022-10-05` - `2023-11-06`	a year	crt.sh
*.cauly.co.kr Sectigo RSA Organization Validation Secure Server CA	`2023-02-17` - `2024-03-06`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
dmpprof.com R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
rtb.com.ru R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://howtoflashdroid.info/
Frame ID: 69FA3EAB317FF22ACD7C274951ECE09A
Requests: 32 HTTP requests in this frame

Frame: https://howtoflashdroid.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
Frame ID: E3ADFDDFA4767DA5D72EE36999FE901E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Frame ID: 1D2A006AA298F803C1BD0517D8BBC803
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&adk=1812271804&adf=3025194257&lmt=1689589106&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fhowtoflashdroid.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589106517&bpp=10&bdt=877&idt=80&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=505721281860&frm=20&pv=2&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=102
Frame ID: 1AEFF03AD14FF08D20D65835715E83E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=280&adk=2505405984&adf=1186654364&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589106&rafmt=1&to=qs&pwprc=9981741498&format=1200x280&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589106527&bpp=3&bdt=887&idt=100&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y1HqWh2t48&p=https%3A//howtoflashdroid.info&dtd=104
Frame ID: 4C4A8855226D2055E236991A08FB012F
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0488901BF02100568C26DBAFF61FDFC0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 93F3A35C2DE2E231691BE65F64526982
Requests: 2 HTTP requests in this frame

Frame: https://bakibarus.com/js/cs?uuid=edda242b-bcf1-47c5-bd3e-d14542b569ca&oid=qbDuYzF89gk2YflBuwx0
Frame ID: E80B708039E126FAFD8A79258F4B81DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=280&adk=2767623100&adf=1730821504&pi=t.aa~a.372871807~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x280&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2050&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280&nras=3&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6VyUwa08gq&p=https%3A//howtoflashdroid.info&dtd=5
Frame ID: F101F8F13712B56A996E4C1AC65EE648
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3130937508&adf=226233620&pi=t.aa~a.105094540~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2051&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2nG1oajVom&p=https%3A//howtoflashdroid.info&dtd=8
Frame ID: 99B9E485B8AD7F3D6F6DC411CB91C3C9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3070604948&adf=871259380&pi=t.aa~a.912149262~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2050&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LGDti6X9zP&p=https%3A//howtoflashdroid.info&dtd=12
Frame ID: A226D572471E1E2137F9B2F173DD4C5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0C9122EB28403F0095392C8CB1125A8C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9E77BBF3132734FEE5D46172B59AA8CD
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F2381D5DC1C7F6FAAF97C28E09D21B61
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: A7973A325C01816DE08D62F98C59410B
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: 37FC5DBA72229E00114AC65F5FDB33F4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: D8FE0960F9895CF1DE07265FF7FC20C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxD4m84CGI-AkvABMAE&v=APEucNWMMQmxXACsj3JMNXiL9LAQF_QoF_gBlRc2W0C4izaiRlcnZHi8u2WLoy5KBnISpmNTZIRVb93W9LnhEB-lIKGZ2utAtQ
Frame ID: E4006C9206927C54DB1CD709D94E697C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 97998E7A9C046B3665BD05B2EACD66F2
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: 070CA439911615DEFF662B753AE099A7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2267C07FC94251B02288D9AAA71900B8
Requests: 9 HTTP requests in this frame

Frame: https://uuidksinc.net/matchx
Frame ID: 510CE0E892F94BE10DD02DAC63AF0183
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8A6C7A8B1398740F6A6E35F453FFB64A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 917EA570FFE4F4782BEB610229082CF7
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
Frame ID: F15531065EEB33351B7FF75C731A2F8D
Requests: 31 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6378EF7245FF4BA978D1BC56610F1B4B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: 80A2875713CC15D07F66835D45B59309
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Как прошить Android смартфон. Как установить Android 13, 12, 11, 10

Page URL History Show full URLs

http://howtoflashdroid.info/ HTTP 301
https://howtoflashdroid.info/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

187
Requests

89 %
HTTPS

33 %
IPv6

36
Domains

47
Subdomains

35
IPs

8
Countries

1882 kB
Transfer

4374 kB
Size

41
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://howtoflashdroid.info/ HTTP 301
https://howtoflashdroid.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://howtoflashdroid.info/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://howtoflashdroid.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js

Request Chain 17

https://counter.yadro.ru/hit?t44.17;r;s1600*1200*24;uhttps%3A//howtoflashdroid.info/;h%u041A%u0430%u043A%20%u043F%u0440%u043E%u0448%u0438%u0442%u044C%20Android%20%u0441%u043C%u0430%u0440%u0442%u0444%u043E%u043D.%20%u041A%u0430%u043A%20%u0443%u0441%u0442%u0430%u043D%u043E%u0432%u0438%u0442%u044C%20Android%2013%2C%2012%2C%2011%2C%2010;0.1382882614768579 HTTP 302
https://counter.yadro.ru/hit?q;t44.17;r;s1600*1200*24;uhttps%3A//howtoflashdroid.info/;h%u041A%u0430%u043A%20%u043F%u0440%u043E%u0448%u0438%u0442%u044C%20Android%20%u0441%u043C%u0430%u0440%u0442%u0444%u043E%u043D.%20%u041A%u0430%u043A%20%u0443%u0441%u0442%u0430%u043D%u043E%u0432%u0438%u0442%u044C%20Android%2013%2C%2012%2C%2011%2C%2010;0.1382882614768579

Request Chain 34

https://bakibarus.com/js/cs?uuid=edda242b-bcf1-47c5-bd3e-d14542b569ca HTTP 302
https://s.uuidksinc.net/match/1165/?remote_uid=edda242b-bcf1-47c5-bd3e-d14542b569ca&cb_url=https%3A%2F%2Fbakibarus.com%2Fjs%2Fcs%3Fuuid%3Dedda242b-bcf1-47c5-bd3e-d14542b569ca%26oid%3D%5BUID%5D HTTP 302
https://bakibarus.com/js/cs?uuid=edda242b-bcf1-47c5-bd3e-d14542b569ca&oid=qbDuYzF89gk2YflBuwx0

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvRl2eRVC1okjqefXGddsY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvRl2eRVC1okjqefXGddsY&google_cver=1&C=1

Request Chain 88

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLUVdMj1kRSLjEXDURy6oAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMOgwSYxkZ9gLmuINLgMm3U&google_cver=1

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECwliBHg6NYk5CTmWS-PSIk&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECwliBHg6NYk5CTmWS-PSIk%26google_cver%3D1

Request Chain 90

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwNTc2MTc5MTQ0Mjc1Njc2Nw%3D%3D

Request Chain 118

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOasDtCX2cvBWZ9LKa4m318&google_cver=1&google_push=AaAOQGHOz6rq4GFObnlimzsOS2mCqvO45ytqdgO9CLRnZ1UPQlxfCeqPcbDJfiBRbmfsRHQz1S-IpVKGNdLFT8NcaNukFuzKgPon7ZfM59jVGGFchKG9-F6xd7fOM_54_kH0Qh6L7gs6i1p0F9AYsCvFIhH2qA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY4Mjg0MjcyNjc2MjMwNzI4OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMuGowL33NEsKdu3ffWbx7Q&google_cver=1

Request Chain 119

https://a.tribalfusion.com/i.match?p=b6&u=CAESELuqJmNeb_0oeQl-weHqd8o&google_cver=1&google_push=AaAOQGHE7YM9UtuSzQ4_vsBonbLYQmgv_ZFBOU2JnsLVpoHE6QAFzDeoJd4ciY1MUmXDPc-mjdrlYMmV7K-ciRBHoGGeJdctnoFZHQNXejtXUyFxk9UK4KiQ1b6YF-85Tl_Z68fY3I0TRoP5aMkDOtHESwvVIw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHE7YM9UtuSzQ4_vsBonbLYQmgv_ZFBOU2JnsLVpoHE6QAFzDeoJd4ciY1MUmXDPc-mjdrlYMmV7K-ciRBHoGGeJdctnoFZHQNXejtXUyFxk9UK4KiQ1b6YF-85Tl_Z68fY3I0TRoP5aMkDOtHESwvVIw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELuqJmNeb_0oeQl-weHqd8o&google_cver=1&google_push=AaAOQGHE7YM9UtuSzQ4_vsBonbLYQmgv_ZFBOU2JnsLVpoHE6QAFzDeoJd4ciY1MUmXDPc-mjdrlYMmV7K-ciRBHoGGeJdctnoFZHQNXejtXUyFxk9UK4KiQ1b6YF-85Tl_Z68fY3I0TRoP5aMkDOtHESwvVIw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHE7YM9UtuSzQ4_vsBonbLYQmgv_ZFBOU2JnsLVpoHE6QAFzDeoJd4ciY1MUmXDPc-mjdrlYMmV7K-ciRBHoGGeJdctnoFZHQNXejtXUyFxk9UK4KiQ1b6YF-85Tl_Z68fY3I0TRoP5aMkDOtHESwvVIw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 120

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBEKv1sN8am-Jxy0L8Ax5mU&google_cver=1&google_push=AaAOQGE6b2iVZ7COg-hwfd_EgmdNMDpHODS9FkOt_Ewdjns2WP3ycX9EKqvuveqeRzyuH7ZrfCu1LgAtK5l8VY7ImVsXroaD2AxkKsLqqdqtS67ZYKO4jDBnb5BGVxG1DwqshSxVjb7AXbmgl7LvWkk6Zh7m HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEBEKv1sN8am-Jxy0L8Ax5mU&google_cver=1&google_push=AaAOQGE6b2iVZ7COg-hwfd_EgmdNMDpHODS9FkOt_Ewdjns2WP3ycX9EKqvuveqeRzyuH7ZrfCu1LgAtK5l8VY7ImVsXroaD2AxkKsLqqdqtS67ZYKO4jDBnb5BGVxG1DwqshSxVjb7AXbmgl7LvWkk6Zh7m HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=N2Y1OGQ3ZjctMzc2MS00YzIxLWI1OWUtMjU4Y2Y3Y2I0N2Fi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=7f58d7f7-3761-4c21-b59e-258cf7cb47ab

Request Chain 122

https://s.uuidksinc.net/match/47/?remote_uid=CAESEBzpsjgSJbwYhTRFNfhcjE0&c_param1=AaAOQGGuNmZHqQSAetLKxy1sKYAPcz4KzD5eRjHQ9Eq0qAt0OCukjaMq4uS3vBc2cUOhrX2aVGgcQhGV45ObZTjcHaVvpbjm7unCs8cdG22dthcPo4lJH9E_o8N7iANcCx5FVQbNant4gizg9XoGoiw7HCvhdg&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AaAOQGGuNmZHqQSAetLKxy1sKYAPcz4KzD5eRjHQ9Eq0qAt0OCukjaMq4uS3vBc2cUOhrX2aVGgcQhGV45ObZTjcHaVvpbjm7unCs8cdG22dthcPo4lJH9E_o8N7iANcCx5FVQbNant4gizg9XoGoiw7HCvhdg

Request Chain 124

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIXZzRua0Lz-zwaK5qYBgl4&google_cver=1&google_push=AaAOQGGmul8rgHOUNFY7FMr5T9II2jjcDjU__hfYKdbE4U2P5Szm8_t4uTXI7EeV5ZA3aDeX3m_-gYtkSBSpWd4Xcnu5800pz0b397sCWkIQxZHeBGra2hglzSUoaxQDKbbWVDHMtumwZRSzJjWjn6m3lS8jmA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MGNiZTQ0MzQtYWI0NC00ZmE5LWE5NTQtNzk0MDUyMzEzM2Q3&google_push=AaAOQGGmul8rgHOUNFY7FMr5T9II2jjcDjU__hfYKdbE4U2P5Szm8_t4uTXI7EeV5ZA3aDeX3m_-gYtkSBSpWd4Xcnu5800pz0b397sCWkIQxZHeBGra2hglzSUoaxQDKbbWVDHMtumwZRSzJjWjn6m3lS8jmA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 161

https://a.tribalfusion.com/i.match?p=b6&u=CAESENFVRUSciNFdo-lO7T4eoRY&google_cver=1&google_push=AaAOQGGLT1yUh49fbqfDQdhXmm5_H22Kv2dFH-Aes-OhSh5J2k86-51HIN3_2b7GFNybB7bkv3PyDqZPW_9Da9i7dE6DX8fFhXw46Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGLT1yUh49fbqfDQdhXmm5_H22Kv2dFH-Aes-OhSh5J2k86-51HIN3_2b7GFNybB7bkv3PyDqZPW_9Da9i7dE6DX8fFhXw46Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENFVRUSciNFdo-lO7T4eoRY&google_cver=1&google_push=AaAOQGGLT1yUh49fbqfDQdhXmm5_H22Kv2dFH-Aes-OhSh5J2k86-51HIN3_2b7GFNybB7bkv3PyDqZPW_9Da9i7dE6DX8fFhXw46Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGLT1yUh49fbqfDQdhXmm5_H22Kv2dFH-Aes-OhSh5J2k86-51HIN3_2b7GFNybB7bkv3PyDqZPW_9Da9i7dE6DX8fFhXw46Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 163

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEOHxV2Z6PFfK8T8t8CiyOrk&google_cver=1&google_push=AaAOQGGCA2Cp6T_sOdg3maVas6WChUmlpKUVkhr8TB8eVES9Cn4gtDhoMkzlKt4gEJRbHJl9Jwlo7gbOLMVY3_86l7aLRRMl5AVldnY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WkxVVmRNQ284WUVBQUphOEo2UUFBQUFB HTTP 302
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOHxV2Z6PFfK8T8t8CiyOrk&google_cver=1

Request Chain 164

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGvhGib6EBgOKtIKOD2VeXU&google_cver=1&google_push=AaAOQGE_uuFLno7Libyv1NHmj2THhfAJ-0p1MQrHXPMxgVrT9ziFn64qHhzFBD5fn7tlIu-98bBUOOv-eE9pexOI3SLXD9GkEu7rwDE HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGvhGib6EBgOKtIKOD2VeXU&google_cver=1&google_push=AaAOQGE_uuFLno7Libyv1NHmj2THhfAJ-0p1MQrHXPMxgVrT9ziFn64qHhzFBD5fn7tlIu-98bBUOOv-eE9pexOI3SLXD9GkEu7rwDE HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fc7872ca-7ba9-4d76-af28-03f3d6085cc4 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fc7872ca-7ba9-4d76-af28-03f3d6085cc4 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=1daed1ad-3329-414b-a075-73d67cbdd6cf&user_group=1&ssp=google&bsw_param=fc7872ca-7ba9-4d76-af28-03f3d6085cc4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGE_uuFLno7Libyv1NHmj2THhfAJ-0p1MQrHXPMxgVrT9ziFn64qHhzFBD5fn7tlIu-98bBUOOv-eE9pexOI3SLXD9GkEu7rwDE&google_hm=_HhyynupTXavKAPz1ghcxA==

Request Chain 165

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECbxuAdstFY_v7uuavDktWo&google_cver=1&google_push=AaAOQGEpjyn0ueD6CJhtKV-1qvnFKXbUxRDZ1zxBJENt5yz2Lgtl4JX_v0UcNuxFopa2hOTpEjgy4wR4hOncjedcO2tK1VcO3R3jXv8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AaAOQGEpjyn0ueD6CJhtKV-1qvnFKXbUxRDZ1zxBJENt5yz2Lgtl4JX_v0UcNuxFopa2hOTpEjgy4wR4hOncjedcO2tK1VcO3R3jXv8&google_hm=NTVQQUlTMDFjQkREYTAwN0FlMTk

Request Chain 170

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 176

https://fcgi4.gnezdo.ru/cookie_matching/kadam/qbDuYzF89gk2YflBuwx0 HTTP 302
https://fcgi4.gnezdo.ru/cookie_matching/kadam/qbDuYzF89gk2YflBuwx0/?redirect=1 HTTP 302
https://d.uuidksinc.net/match/216/?remote_uid=XV9maWS1FXUw36JhBFJmAg==

Request Chain 177

https://z.cdn.adtarget.me/smc?s=22&u=qbDuYzF89gk2YflBuwx0 HTTP 302
https://z.cdn.adtwister.me/smc?s=3&u=qbDuYzF89gk2YflBuwx0

Request Chain 181

https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/qbDuYzF89gk2YflBuwx0 HTTP 302
https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/qbDuYzF89gk2YflBuwx0/?redirect=1 HTTP 302
https://d.uuidksinc.net/match/493/?remote_uid=XV9maWS1FXUw36JhBFJmAg==

Request Chain 183

https://match.ohmy.bid/cm?ssp=kadam HTTP 302
https://d.uuidksinc.net/match/585/?remote_uid=d75cae39-f774-45e6-92a7-0c816b11e301

Request Chain 184

https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=qbDuYzF89gk2YflBuwx0&i=0.6145006919223752 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1689589109340&a=662&e=qbDuYzF89gk2YflBuwx0&i=0.6145006919223752

187 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
howtoflashdroid.info/
Redirect Chain

http://howtoflashdroid.info/
https://howtoflashdroid.info/

33 KB
7 KB

391ms
375ms

Document
text/html

2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://howtoflashdroid.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 1e7e9290128eeab27ddee2d798aa9dfa9c9dda30a2c5b9ada03db89ddf915b0d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e81bda3ed565626-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 17 Jul 2023 10:18:25 GMT
link: <https://howtoflashdroid.info/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dHK6wjEXSbCtItxI0tGZscVGvazzI0ZtsTfSeFf%2BHRr8t3Uy9BuSN6W30idJOkMwHY285PNksdF0xyyDWryqrYW7Ybd8XLz4XQ0QZH79s98ugXI%2BPrN3IqNNRQBICK7sRqd%2BaUYF54V7RwNQOdovgq22w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Cookie
x-powered-by: PHP/7.4.28

Redirect headers

CF-RAY: 7e81bda3bf183f76-SIN
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 17 Jul 2023 10:18:25 GMT
Expires: Mon, 17 Jul 2023 11:18:25 GMT
Location: https://howtoflashdroid.info/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDB1t0Hgl%2FsWop1OnAz8DvRnsBjfUp1vlTDnXeHEfadLvU1b3eNoIDCOpin3hmQYCsFaDPa%2FbKn%2F1l6JjvNyhdJ%2Fz3WtCsXcsed0roOOpsQKPexBCsr0CLhYO2tsH3lCdWVWLyZcmLJypsZQhkW%2BENceCw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 ac3ef64cabd9fbaa061f0b9c3c9fd3f5.css
howtoflashdroid.info/wp-content/cache/scripts/ 187 KB
30 KB 522ms
521ms Stylesheet
text/css 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://howtoflashdroid.info/wp-content/cache/scripts/ac3ef64cabd9fbaa061f0b9c3c9fd3f5.css
Requested by: Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68a26b08cde6288800b69bf8cd88b91bcfdff8a8cc60ab48ba50c29ed8243043

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Mon, 17 Jul 2023 10:18:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Dec 2022 15:26:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6399eb31-2ea8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5xYffDjC6eFlFQIjdK351S2%2F8nLgR9fq45D2WJa3sf%2F7adP0d2AHd5h%2FHPj5cbvmHkULWEoId3oKS4tLh77zuGgkfDoBmadVi5vWyy2u%2BkVyfOXoFY5zyQKOKf7Vf4re3gHCVmkJjOjZZ8Pm9l54ZvEVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 7e81bda64ed45626-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo2.png
howtoflashdroid.info/wp-content/uploads/2018/11/ 5 KB
5 KB 367ms
367ms Image
image/png 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://howtoflashdroid.info/wp-content/uploads/2018/11/logo2.png
Requested by: Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69796621f817f0bc4092ce77682c1823f3b1b86e3b73f37cec578fe7c5d43a9a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4981
pragma: public
last-modified: Fri, 23 Nov 2018 11:56:18 GMT
server: cloudflare
etag: "5bf7eae2-1375"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5tx9dCq4ExMlZiwBzIEuxjtn3mx%2FBjUXI7VVF1PtXgKfV%2BOYDVQSdhgt9P3nKubpkYgtSRgLG76RY%2BmokQAKFUCiVzk8dtJk3Rqh%2FZBnS08NLi%2Ft7QWEsMN1GffUoJkwEb4lV1w%2FCORLSi1ZqdzVEYe5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7e81bda64ed65626-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rocket-loader.min.js Show response
howtoflashdroid.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 6ms
6ms Script
application/javascript 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://howtoflashdroid.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jul 2023 16:27:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ad82fd-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXnh6uxRwpxA%2B0WurJnnQXu0JFKL0NLN2pbXe6%2FzSPQPsEJJUAENiQrKmWLGOAnKR4HnsMKoBZtUtuejTtITp7k%2BbkXNn3wxoFVDaMijhbtc3rYzwzl5BnveL2hdJ1SjQzXttjvyXPI9jjgtZ5nnZwl9Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7e81bda64eda5626-SIN
expires: Wed, 19 Jul 2023 10:18:25 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 31 KB
21 KB 18ms
5ms Font
font/ttf 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf

Requested by

Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/wp-content/cache/scripts/ac3ef64cabd9fbaa061f0b9c3c9fd3f5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

294ed1734fd63bdeca41e4ac6d668c513ea6932b0030ee10c605d09efba1900e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://howtoflashdroid.info/
Origin: https://howtoflashdroid.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 12:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21006
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jul 2024 12:10:38 GMT

GET
H3 200 fontawesome-webfont.woff2
howtoflashdroid.info/wp-content/themes/colormag/fontawesome/fonts/ 75 KB
76 KB 12ms
11ms Font
font/woff2 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://howtoflashdroid.info/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/wp-content/cache/scripts/ac3ef64cabd9fbaa061f0b9c3c9fd3f5.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://howtoflashdroid.info/wp-content/cache/scripts/ac3ef64cabd9fbaa061f0b9c3c9fd3f5.css
Origin: https://howtoflashdroid.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53943
alt-svc: h3=":443"; ma=86400
content-length: 77160
pragma: public
last-modified: Wed, 26 Feb 2020 21:11:06 GMT
server: cloudflare
etag: "5e56deea-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXAK%2Bzv37W45IaG0CXBOBYm4bhvbkegw8oL8jy6Y%2BBFXWJCKiSWu8x2yuW%2Fp%2FOJx3f4nyvwPs2PSXKE1MDqKiU%2F%2Fd%2FJr5yXtA0HVoZuUvja%2B1uB4UkGgShZOQ1fZBSb%2FuE%2F6nlr%2FrdYZACf1c7y%2BLM9vQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7e81bda9bffb4c59-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 31 KB
21 KB 10ms
8ms Font
font/ttf 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVc.ttf

Requested by

Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/wp-content/cache/scripts/ac3ef64cabd9fbaa061f0b9c3c9fd3f5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c632bd9c762bc146066f2ccf9ec7e37b71fa26df06345845e2e189b5f7e2990a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://howtoflashdroid.info/
Origin: https://howtoflashdroid.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20969
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:16:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jul 2024 11:59:34 GMT

GET
H3 200 1-6.jpg
howtoflashdroid.info/wp-content/uploads/2019/10/ 14 KB
15 KB 504ms
503ms Image
image/jpeg 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://howtoflashdroid.info/wp-content/uploads/2019/10/1-6.jpg
Requested by: Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4df9fe334dc221b6118b48dda7c22cce97dc5dd14239344aec58dde896caa0d4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 14651
pragma: public
last-modified: Thu, 03 Oct 2019 21:43:04 GMT
server: cloudflare
etag: "5d966b68-393b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xd3z0rhIu466ZmOBzsfzQj9yAtUJ0XQwdgNztc%2BJ1d7%2Bok7xDtGliqr0G8GvMhJSEiTYb1kTrt3OtpkTo46AW9o6hNktdcbUEszF2utMe0ONKuak3DrtG7pkyyk47Vb65OL%2BKvpbWxsoAWFi%2B%2FaacGU0oA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7e81bda9e8174c59-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 4-5.jpg
howtoflashdroid.info/wp-content/uploads/2019/10/ 17 KB
17 KB 508ms
507ms Image
image/jpeg 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://howtoflashdroid.info/wp-content/uploads/2019/10/4-5.jpg
Requested by: Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f20e01d6ac32aba2f27f356fac29d35fdd9939dc02615a4b451430d4655f5fa

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 17384
pragma: public
last-modified: Thu, 03 Oct 2019 21:23:12 GMT
server: cloudflare
etag: "5d9666c0-43e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTLV5VrAg318X0A9E90eXEn%2Biv0diW%2F6t0r3TRBLeSXPMQoHwxlCj88kIyXxvvHjWrLVICevwQ1g2q2Aiuk4n8ek3UGdnIvhsYf2%2BAuYFVGMi2a5uxzXJnW0mpmz%2F8Ec97u4A4hGA8M8zzxT3eXEDHbqzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7e81bda9e8184c59-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1-6-390x205.jpg
howtoflashdroid.info/wp-content/uploads/2019/10/ 10 KB
10 KB 11ms
9ms Image
image/jpeg 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://howtoflashdroid.info/wp-content/uploads/2019/10/1-6-390x205.jpg
Requested by: Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fb991b077f3f76c35ce273155e820f13b099b06de23bf0de1f4425a9546a76c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53974
alt-svc: h3=":443"; ma=86400
content-length: 10057
pragma: public
last-modified: Thu, 03 Oct 2019 21:43:04 GMT
server: cloudflare
etag: "5d966b68-2749"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyt87SvRYN0IZmsNP8thd%2FTSNEjBvJSeT5W9JBZFkSadL8cuX%2F67rKSi6bWhQwqWItl8XUVEQXOQ2gi%2Fdfvqn%2BRzyq1VgroaxWmWNsXz65vuDWpJzcYtQcAID3tBbiU02%2BM0P1jqyjZEpCAeM043ZGDd4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7e81bda9e8194c59-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 4-5-130x90.jpg
howtoflashdroid.info/wp-content/uploads/2019/10/ 2 KB
3 KB 11ms
10ms Image
image/jpeg 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://howtoflashdroid.info/wp-content/uploads/2019/10/4-5-130x90.jpg
Requested by: Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c2f7ad76a0204f22afbccd16edc26daaf9e62c2f075816a1e6663eaffdc042

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53943
alt-svc: h3=":443"; ma=86400
content-length: 2537
pragma: public
last-modified: Thu, 03 Oct 2019 21:23:12 GMT
server: cloudflare
etag: "5d9666c0-9e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkHv%2BtI6p9rBFghM3BbsqIEv1pL5xlTFmzlSm3R%2BSs6YRIS6hNsYQCxhh%2BUTNH3G29%2FnJ0JB897JcfpjEMAQuBdl9%2FaHRGmjXp%2Ffz0oT%2BFsa8c52PHZZXNTgQ70o4DLzbBA1PxnrxRMYc2abVfFDXVfNPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7e81bda9e81b4c59-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 12-6-130x90.jpg
howtoflashdroid.info/wp-content/uploads/2019/10/ 2 KB
3 KB 367ms
366ms Image
image/jpeg 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://howtoflashdroid.info/wp-content/uploads/2019/10/12-6-130x90.jpg
Requested by: Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c077edfeaae78671fb834c7742d6d0da4c78c039d4c9e8775f88609441afa2a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2167
pragma: public
last-modified: Thu, 03 Oct 2019 20:53:06 GMT
server: cloudflare
etag: "5d965fb2-877"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VR%2BhEft%2BG%2Fcim%2BPBBIa6WqFRikP%2FLsJPZWbw8cFjRKXDNRY3zodm1ERGI4qOCmpxx4E0%2FwxFmplyxqAPdyUkzFXkoSEmXAPRxFWJu1ZN1BhFWa0Av9lt%2BwFSdyl%2BuM8DCDzLtiNCZ0uHDwbNLJheXhWrjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7e81bda9e81c4c59-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 12-5-130x90.jpg
howtoflashdroid.info/wp-content/uploads/2019/10/ 2 KB
3 KB 353ms
352ms Image
image/jpeg 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://howtoflashdroid.info/wp-content/uploads/2019/10/12-5-130x90.jpg
Requested by: Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c077edfeaae78671fb834c7742d6d0da4c78c039d4c9e8775f88609441afa2a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2167
pragma: public
last-modified: Thu, 03 Oct 2019 20:19:04 GMT
server: cloudflare
etag: "5d9657b8-877"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=792tiHRVhJkN3K4DZ32h2tSGR%2FSurJZWpdikPKDdS%2FWWsHM9gqq8LsbAMh5yJOqLGIWGS970dorXOXPOPhe9x6c4WSPSAO89V0Dlq1Y1dlVV0WqPnsR3PynE3bNmIt3E6pitDKMTZV2y4EwKDVpkOJ5qOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7e81bda9e81d4c59-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 33ms
19ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c17352e5633ec80b4119d0de6423c132f5367f1a0c247823b0d0bca07e382ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50939
x-xss-protection: 0
server: cafe
etag: 349882628353704421
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 10:18:26 GMT

GET
H3 200 332a7eb93ae47c80eb1d9b5044fed9d8-deanedwards.js Show response
howtoflashdroid.info/wp-content/cache/scripts/ 135 KB
46 KB 14ms
14ms Script
application/javascript 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://howtoflashdroid.info/wp-content/cache/scripts/332a7eb93ae47c80eb1d9b5044fed9d8-deanedwards.js
Requested by: Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec548fede039c2734706b5b5f5ff19d9f57523dec90c99ce99524a97599b47f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53939
cf-polished: origSize=139665
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Wed, 14 Dec 2022 15:26:43 GMT
server: cloudflare
etag: W/"6399eb33-22191"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUFZuMj5FTsNrwpynr%2BEgS0A0IROkbYWjYWz3sS0b0lWS5vZ5DrSDiyCrwDF9R%2Fw4%2Fu1FmR%2F%2F%2BcgdohVAPFqNLddrCM5b%2FjtD%2BDbVRkiyOA4jBSodTSz%2Br7xTXXloNe5gd65g787RZwm18FyyW9YUesDNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 7e81bdaa08304c59-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

200

invisible.js Show response
howtoflashdroid.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/ Frame E3AD
Redirect Chain

https://howtoflashdroid.info/cdn-cgi/challenge-platform/scripts/invisible.js
https://howtoflashdroid.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js

7 KB
4 KB

8ms
8ms

Script
application/javascript

2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://howtoflashdroid.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js

Protocol

Server

2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0742df10943a9aa9c8ff0c9d87af05d5d550c9f8ae6eb1752ea08b9fc933096

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hy%2ByRdqDN%2Fz7vVLJ0ZtiXiNB6pgHpwA0fogD4p6W%2FvHDShaK8FQzzmmoVOIkUFuUM1RxcU2LpuQjFl8ipbOW8pCT%2Fa%2Ft9xuUbgZZRAoY5mXwy1SyrLs3slowEcCZ5hpQtOiRP4LoAcOot3pFSvvqT8a11w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7e81bdaa38514c59-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 17 Jul 2023 10:18:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLko%2FdKgcCwkkxsgK2eCeQyyNCxl55KHiiOSRekYwxL2MuLbVSh771%2FagjY8yrMCT2GP%2BLeeGdl6DxuUkyQmISxTJWpSM8Fjf8ELsNXkIjxtFFf%2BNok4Rcxmgc0T1c5qUJ59ueI8RO5mhHMaDZn9lZ41mw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
cache-control: max-age=300, public
cf-ray: 7e81bdaa183d4c59-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-emoji-release.min.js Show response
howtoflashdroid.info/wp-includes/js/ 18 KB
5 KB 10ms
10ms Script
application/javascript 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://howtoflashdroid.info/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53008
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Wed, 14 Dec 2022 15:26:38 GMT
server: cloudflare
etag: W/"6399eb2e-48b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRRA%2FSpbBde7ftXeOmCYtQiaHLMwpQL5e6aULl4apYhT%2FG%2Bzv9MVmZ%2FJx4sU7R5RoQYtDeQPitheMLkQq8ohy4wtQmOAdLaJSIQvZIduTGAqVKz8xw1DldjCk07D2hkBhBFDyxoO25dJa6UwvLoj0gLsgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 7e81bdaa284a4c59-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 24784.js Show response
bakibarus.com/ 42 KB
17 KB 649ms
319ms Script
application/javascript 88.208.46.40
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bakibarus.com/24784.js
Requested by: Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.40 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0334c0c2d70c970191f851e9112a742e154e604681f9a8d3be74d0ffdd59ba67

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jul 2023 10:18:26 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t44.17;r;s1600*1200*24;uhttps%3A//howtoflashdroid.info/;h%u041A%u0430%u043A%20%u043F%u0440%u043E%u0448%u0438%u0442%u044C%20Android%20%u0441%u043C%u0430%u0440%u0442%u044...
https://counter.yadro.ru/hit?q;t44.17;r;s1600*1200*24;uhttps%3A//howtoflashdroid.info/;h%u041A%u0430%u043A%20%u043F%u0440%u043E%u0448%u0438%u0442%u044C%20Android%20%u0441%u043C%u0430%u0440%u0442%u0...

132 B
618 B

193ms
193ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t44.17;r;s1600*1200*24;uhttps%3A//howtoflashdroid.info/;h%u041A%u0430%u043A%20%u043F%u0440%u043E%u0448%u0438%u0442%u044C%20Android%20%u0441%u043C%u0430%u0440%u0442%u0444%u043E%u043D.%20%u041A%u0430%u043A%20%u0443%u0441%u0442%u0430%u043D%u043E%u0432%u0438%u0442%u044C%20Android%2013%2C%2012%2C%2011%2C%2010;0.1382882614768579

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

28189aac6589c2ef067cb62642a1f56778434bbb67a33c797b0267a905b40869

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jul 2023 10:18:26 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 132
Expires: Sat, 16 Jul 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Jul 2023 10:18:26 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t44.17;r;s1600*1200*24;uhttps%3A//howtoflashdroid.info/;h%u041A%u0430%u043A%20%u043F%u0440%u043E%u0448%u0438%u0442%u044C%20Android%20%u0441%u043C%u0430%u0440%u0442%u0444%u043E%u043D.%20%u041A%u0430%u043A%20%u0443%u0441%u0442%u0430%u043D%u043E%u0432%u0438%u0442%u044C%20Android%2013%2C%2012%2C%2011%2C%2010;0.1382882614768579
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sat, 16 Jul 2022 21:00:00 GMT

POST
H3 200 7e81bda3ed565626 Show response
howtoflashdroid.info/cdn-cgi/challenge-platform/h/b/cv/result/ Frame E3AD 0
595 B 21ms
20ms XHR
text/plain 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://howtoflashdroid.info/cdn-cgi/challenge-platform/h/b/cv/result/7e81bda3ed565626
Requested by: Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qn3wwC2rwufpwQp5LJZjvXFtM6%2BwqeNEr%2FtrRwY8Uyvq9Mwo0jCmo%2BHSR1XuSYDcBQGM3pCA%2BKJ1IfRDGCE5VvZAjM7rWGdGaGCXz%2B84MKum4KBdfPWeBsRQyEF6wxF%2FoRbgSimYAq8OpLdVQHI5n41qJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7e81bdab08f94c59-SIN
alt-svc: h3=":443"; ma=86400

POST
H3 200 7e81bda3ed565626 Show response
howtoflashdroid.info/cdn-cgi/challenge-platform/h/b/cv/result/ Frame E3AD 0
599 B 17ms
17ms XHR
text/plain 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://howtoflashdroid.info/cdn-cgi/challenge-platform/h/b/cv/result/7e81bda3ed565626
Requested by: Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mb0WGCycqyVUQ%2BRO77jKr9rhY86MxvZasPxePKqoXrUYnBFxYTOjfOJD8%2FgTuR2%2FVtDJwu9ZnG%2FIdzVe67V%2BB3KLc8bxRLMbunxPDYFkxQ2XMtv8PPWXrl%2BB8Uzh%2Bl9nYvgCgqiukqVEvI35whXf7yNVfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7e81bdaba94a4c59-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ 356 KB
123 KB 52ms
51ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0ef67cc3529a22527f581d3a94e900f25eed25d8686c26222a09600976edf6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125318
x-xss-protection: 0
server: cafe
etag: 16928222363850727788
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 10:18:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/ Frame 1D2A 10 KB
5 KB 31ms
6ms Document
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://howtoflashdroid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 48858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 20:44:08 GMT
etag: 12368291122986407432
expires: Sun, 30 Jul 2023 20:44:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 407 B
610 B 15ms
6ms Script
text/javascript 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=howtoflashdroid.info&callback=_gfp_s_&client=ca-pub-2889761674757889

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51ae4fda41a62ad134c5fb0c2ffe04c05e4171c8a2b2652c870911220bba3d93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 21ms
5ms Script
application/javascript 2404:6800:4003:c1a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=howtoflashdroid.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AEF 325 KB
74 KB 1009ms
1008ms Document
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&adk=1812271804&adf=3025194257&lmt=1689589106&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Fhowtoflashdroid.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589106517&bpp=10&bdt=877&idt=80&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=505721281860&frm=20&pv=2&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=102

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4901e3553f4cc0f20b164fe027dcc0aca8a81cc2de3018cabce7c96c86d7708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://howtoflashdroid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 75816
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 10:18:27 GMT
expires: Mon, 17 Jul 2023 10:18:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 19ms
11ms XHR
application/json 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf39820e113b583cda9e8114c125379fe110f27c6e9c1e0aa1ad51ebd64dabbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11803
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C4A 102 KB
36 KB 1450ms
1450ms Document
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=280&adk=2505405984&adf=1186654364&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589106&rafmt=1&to=qs&pwprc=9981741498&format=1200x280&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589106527&bpp=3&bdt=887&idt=100&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y1HqWh2t48&p=https%3A//howtoflashdroid.info&dtd=104

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7fadac05aecc75ead64f983f91be82591522f3213186c444ca97bc533f1993d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://howtoflashdroid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36389
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 10:18:28 GMT
expires: Mon, 17 Jul 2023 10:18:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 16ms
4ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 10:18:26 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0488 13 KB
5 KB 4ms
3ms Document
text/html 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://howtoflashdroid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 335592
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 13:05:14 GMT
expires: Fri, 12 Jul 2024 13:05:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 93F3 783 B
1 KB 16ms
7ms Document
text/html 2404:6800:4003:c02::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5198aed4d088436c25d6cacfb20bcaa6114c3c63fe5b39093b6a67449a5246d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-URAzrVBryXScL_5ZuNU49A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://howtoflashdroid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-URAzrVBryXScL_5ZuNU49A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 10:18:26 GMT
expires: Mon, 17 Jul 2023 10:18:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 0488 37 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 328433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:04:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 93F3 0
0 5ms
4ms Image
text/html 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=2543743248634620&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0488 0
10 B 4ms
3ms Image
text/plain 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?P0xgTA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK 59037 Show response
bakibarus.com/ 5 KB
6 KB 179ms
178ms Fetch
application/json 88.208.46.40
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bakibarus.com/59037
Requested by: Host: bakibarus.com
URL: https://bakibarus.com/24784.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.40 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: da0533fdaa03a916b497503f459f37d21a6d78fa4b11b70bf33c655d71375d42

Request headers

Referer: https://howtoflashdroid.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 17 Jul 2023 10:18:27 GMT
Server: nginx
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://howtoflashdroid.info
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H/1.1

200
OK

cs Show response
bakibarus.com/js/ Frame E80B
Redirect Chain

https://bakibarus.com/js/cs?uuid=edda242b-bcf1-47c5-bd3e-d14542b569ca
https://s.uuidksinc.net/match/1165/?remote_uid=edda242b-bcf1-47c5-bd3e-d14542b569ca&cb_url=https%3A%2F%2Fbakibarus.com%2Fjs%2Fcs%3Fuuid%3Dedda242b-bcf1-47c5-bd3e-d14542b569ca%26oid%3D%5BUID%5D
https://bakibarus.com/js/cs?uuid=edda242b-bcf1-47c5-bd3e-d14542b569ca&oid=qbDuYzF89gk2YflBuwx0

43 B
491 B

301ms
164ms

Document
image/gif

88.208.46.40
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bakibarus.com/js/cs?uuid=edda242b-bcf1-47c5-bd3e-d14542b569ca&oid=qbDuYzF89gk2YflBuwx0
Requested by: Host: bakibarus.com
URL: https://bakibarus.com/24784.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.40 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://howtoflashdroid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Connection: keep-alive
Content-Type: image/gif
Date: Mon, 17 Jul 2023 10:18:28 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

content-length: 0
date: Mon, 17 Jul 2023 10:18:27 GMT
location: https://bakibarus.com/js/cs?uuid=edda242b-bcf1-47c5-bd3e-d14542b569ca&oid=qbDuYzF89gk2YflBuwx0
server: nginx/1.23.2

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 7ms
7ms Image
text/html 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=2543743248634620&bg=!ammlaT3NAAb90kgr3dI7ADkAdvg8Wgj9gYV416-c2ZwhA_kn7tF1LxeLN60sDF0d5iO5PV0krH3cQG-HrkOU29Mj6P12pC8c59sCAAAAYFIAAAAIaAEHCgCNV71lwYD0GkdV5JhpB2XuB0eKP7UiahTlni79x4g_88HBs3XsW9wRLvrkBk8h24-dOWiMXaTU1kRCUeFbjNcGSwj-QbJ4yj0L6TQHCwDFcs_WhHU11rbJpox_Gxa4ZouaKRo5JjmoEBz29-sV9_zgUKaz8DCBFUa_dndoO3Bu1K9HDB_MqMaEg25VFVWWmQKtiGqwqyd0uQJ3YShoNY0OHWQ6HbVwYez3y9nJd1t9xBjgB8_9qsJzZE8f9VY-On50u4y6A0biGBeIyGio9dhCuXBVl12CxIDI5bkHDQCJNfRhqh4Y_8TqJYhKA3yj0_FQNOykuKRDWYbkPOhh0lO_Eze2HJlCRmnZNih2u3CkMGmC5MMLb0violdGAWVRIR5bOaWNH-hdCvn3fbtY7icfovmODHv6U40_rk92IG3gRt0Coo-a-sB__5YvygW3F-Xw9hplspvgHU2oBxN3pts9eAR7PZLYbgWcxmHBhDcWcjf6gYRTjgtPsCU5LHqHbKjFPNZvKO_9ftiOZ_FypwRH91XVF7rf57v2UnrYG8zicB9FBcSRvJSnU6YuNbWWkk7__zT3JWcukmumBxGeJAcWv2T1ImpmjYvzbPqmSrahbjoUqn2Qfflq4GTO0DsLjnhWxwRd1Y1DZsIaM58ssaRWQ_tGREnbjWSCAiTnARUhXQ0BINYuX7MecwAXuFmtdtRViMBRNIU21CEG6Q-IC0Yvj9WOhExHrGpf0-zgBKn-o-h3NrI57mKO8SW9oo5v5TPbJUgeoHgdDCcbHlXGfBJ9N1m680-W2VUy0ENDHLrQpLmDt2Ky6tjUgf7W0bjMYPKD9zsyTFHqXO0hq0Jpi7k8QHW73VhpXthF5rYdt4isCfdvtsQ1K8TRLaNtUjtXXXimnWFFP8oDWfIRClg8OXw-D9z9flB0hpGFiAHeLSjO54oqKntDWgmE0LpIGmaF-cBfiTdd_2aEIWWfsYTbWqipUiJ37tDhE3hNlELcO2u7kWGPJU0OqwCccYnrlQrdz4dZCYAGhWXXlDErQ-uNmavINFlz9955gudAPcivPzbrKd4iSVjsm4Nwi4XEuzN2a3e26whDVAftAcBWy-tudg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ 154 KB
52 KB 26ms
26ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f018c8e57de79fe1f8a29552474241b6073230a5c19666d56a939df3876ed9c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53504
x-xss-protection: 0
server: cafe
etag: 12695765388807021746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 10:18:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 6ms
6ms Script
application/javascript 2404:6800:4003:c1a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=howtoflashdroid.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F101 436 B
238 B 522ms
521ms Document
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=280&adk=2767623100&adf=1730821504&pi=t.aa~a.372871807~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x280&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2050&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280&nras=3&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6VyUwa08gq&p=https%3A//howtoflashdroid.info&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58bad43fcbcba5e30bbe58e0aff4cee6719859286059dadce0a0c6633d1163a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://howtoflashdroid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 10:18:28 GMT
expires: Mon, 17 Jul 2023 10:18:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 99B9 111 KB
40 KB 534ms
533ms Document
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3130937508&adf=226233620&pi=t.aa~a.105094540~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2051&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2nG1oajVom&p=https%3A//howtoflashdroid.info&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d8b11622797e1dd73c57159fafd4a6938714f95228288530a876065baadc13c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://howtoflashdroid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40609
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 10:18:28 GMT
expires: Mon, 17 Jul 2023 10:18:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A226 27 KB
12 KB 381ms
381ms Document
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3070604948&adf=871259380&pi=t.aa~a.912149262~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2050&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LGDti6X9zP&p=https%3A//howtoflashdroid.info&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5824baec71ad985b33b6e305ae78e2cd757342b48464153551beeae9421eb88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://howtoflashdroid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11895
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 10:18:28 GMT
expires: Mon, 17 Jul 2023 10:18:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK set
bakibarus.com/event/ 0
0 164ms
164ms Fetch
text/html 88.208.46.40
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bakibarus.com/event/set
Requested by: Host: bakibarus.com
URL: https://bakibarus.com/24784.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.40 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://howtoflashdroid.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 17 Jul 2023 10:18:27 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://howtoflashdroid.info
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

POST
H/1.1 200
OK set
bakibarus.com/event/ 0
849 B 486ms
161ms Ping
text/html 88.208.46.40
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bakibarus.com/event/set
Requested by: Host: bakibarus.com
URL: https://bakibarus.com/24784.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.40 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://howtoflashdroid.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 17 Jul 2023 10:18:28 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://howtoflashdroid.info
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

POST
H/1.1 200
OK set
bakibarus.com/event/ 0
0 324ms
161ms Fetch
text/html 88.208.46.40
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bakibarus.com/event/set
Requested by: Host: bakibarus.com
URL: https://bakibarus.com/24784.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.40 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://howtoflashdroid.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 17 Jul 2023 10:18:27 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://howtoflashdroid.info
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 6ms
6ms Script
application/javascript 2404:6800:4003:c1a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=howtoflashdroid.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/ Frame 0C91 10 KB
4 KB 4ms
4ms Document
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://howtoflashdroid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 47388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 21:08:39 GMT
etag: 12368291122986407432
expires: Sun, 30 Jul 2023 21:08:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/ Frame 9E77 10 KB
4 KB 4ms
3ms Document
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://howtoflashdroid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 47388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jul 2023 21:08:39 GMT
etag: 12368291122986407432
expires: Sun, 30 Jul 2023 21:08:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 0C91 4 KB
1 KB 18ms
8ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jul 2023 10:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 08:43:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jul 2023 10:18:27 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0C91 205 B
652 B 14ms
4ms Image
image/png 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 09:55:59 GMT
x-content-type-options: nosniff
age: 433348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 11 Jul 2024 09:55:59 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0C91 604 B
696 B 14ms
5ms Image
image/png 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 23:49:22 GMT
x-content-type-options: nosniff
age: 124145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 14 Jul 2024 23:49:22 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 0C91 20 KB
8 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 19:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8599
x-xss-protection: 0
server: cafe
etag: 12796843930313450165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 19:42:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9E77 14 KB
1 KB 14ms
9ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jul 2023 10:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 09:23:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jul 2023 10:18:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 9E77 2 KB
892 B 8ms
8ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19999
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 9E77 23 KB
9 KB 7ms
7ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F238 143 B
166 B 9ms
4ms Document
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 3150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 09:25:57 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 9E77 3 KB
1 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19999
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 9E77 20 KB
8 KB 12ms
7ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19993
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E77 179 KB
56 KB 11ms
5ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jul 2023 10:18:27 GMT

GET
H2 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 9E77 33 KB
14 KB 8ms
4ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 20:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 20:46:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 20:25:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A797 6 KB
779 B 8ms
7ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jul 2023 10:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 09:18:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jul 2023 10:18:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame A797 2 KB
892 B 4ms
4ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19999
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame A797 23 KB
9 KB 9ms
7ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame A797 3 KB
1 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19999
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame A797 20 KB
8 KB 9ms
8ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19993
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A797 179 KB
56 KB 10ms
9ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jul 2023 10:18:27 GMT

GET
H3 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame A797 33 KB
14 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 20:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 20:46:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 20:25:51 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F238
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

5ms
5ms

Document
text/html

2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 10:18:27 GMT
expires: Mon, 17 Jul 2023 10:18:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 10:18:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 37FC 37 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 328434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:04:33 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame D8FE 37 KB
14 KB 4ms
3ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 328434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:04:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4C4A 6 KB
706 B 8ms
8ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=280&adk=2505405984&adf=1186654364&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589106&rafmt=1&to=qs&pwprc=9981741498&format=1200x280&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589106527&bpp=3&bdt=887&idt=100&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y1HqWh2t48&p=https%3A//howtoflashdroid.info&dtd=104

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jul 2023 10:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 09:17:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jul 2023 10:18:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 4C4A 2 KB
892 B 5ms
4ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 4C4A 23 KB
9 KB 13ms
13ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 4C4A 3 KB
1 KB 13ms
13ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 4C4A 20 KB
8 KB 7ms
7ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C4A 179 KB
56 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jul 2023 10:18:28 GMT

GET
H3 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 4C4A 33 KB
14 KB 12ms
12ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 20:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 20:46:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 20:25:51 GMT

GET
H3 200 3304226765405740827
tpc.googlesyndication.com/simgad/ Frame 4C4A 5 KB
5 KB 22ms
22ms Image
image/jpeg 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3304226765405740827?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b15de03b3fa5761bc5bcded219f4e5107bd4a903689bd753a631235db70bd931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:28 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5012
x-xss-protection: 0
last-modified: Fri, 05 May 2023 15:33:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 Jul 2024 10:18:28 GMT

GET
H3 200 18236571667553822875
tpc.googlesyndication.com/simgad/ Frame 4C4A 1000 B
1 KB 5ms
5ms Image
image/png 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18236571667553822875?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e35e63b6a2ac56baab0026a5a3fbf5e24961e88dd700645942b9b5886b2eec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:29:22 GMT
x-content-type-options: nosniff
age: 6546
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1000
x-xss-protection: 0
last-modified: Fri, 05 May 2023 15:31:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 Jul 2024 08:29:22 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E400 624 B
242 B 14ms
12ms Document
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxD4m84CGI-AkvABMAE&v=APEucNWMMQmxXACsj3JMNXiL9LAQF_QoF_gBlRc2W0C4izaiRlcnZHi8u2WLoy5KBnISpmNTZIRVb93W9LnhEB-lIKGZ2utAtQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3070604948&adf=871259380&pi=t.aa~a.912149262~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2050&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LGDti6X9zP&p=https%3A//howtoflashdroid.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3070604948&adf=871259380&pi=t.aa~a.912149262~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2050&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LGDti6X9zP&p=https%3A//howtoflashdroid.info&dtd=12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 10:18:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9799 85 KB
29 KB 12ms
12ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 10:18:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 9799 3 KB
1 KB 10ms
9ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 9799 20 KB
8 KB 9ms
8ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9799 0
0 49ms
48ms Image
text/html 2404:6800:4003:c02::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlyc09E7LDoU2dosNgMJ0MQdKIzX74_ADczfJ9BLWoRYjryjKes8aDPjrq-cMn6ciAf-wf9_LAOW8yTt0LV029sXsjnA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3070604948&adf=871259380&pi=t.aa~a.912149262~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2050&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LGDti6X9zP&p=https%3A//howtoflashdroid.info&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9799 179 KB
56 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jul 2023 10:18:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9799 42 B
63 B 6ms
5ms Image
image/gif 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEZjP50intiHsnA6ajzgXy4zoQpcGdrWQu3qO1UxLzUwLhBd9X53vso3bYNruvuf8ArWee0AvolDKtxYjqMUVKiCmiCykSnXutwQQR1cIzzungEmE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9799 0
20 B 8ms
8ms Image
image/gif 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12231226478374161435&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4C4A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7f1dc4fdf54b2f9ad3c116d82a514d4a5262a057ee29052f5d1dd56b645f5ab

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E400
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvRl2eRVC1okjqefXGddsY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvRl2eRVC1okjqefXGddsY&google_cver=1&C=1

43 B
766 B

36ms
36ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvRl2eRVC1okjqefXGddsY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxD4m84CGI-AkvABMAE&v=APEucNWMMQmxXACsj3JMNXiL9LAQF_QoF_gBlRc2W0C4izaiRlcnZHi8u2WLoy5KBnISpmNTZIRVb93W9LnhEB-lIKGZ2utAtQ
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jul 2023 10:18:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 17 Jul 2023 10:18:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESELvRl2eRVC1okjqefXGddsY&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E400
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLUVdMj1kRSLjEXDURy6oAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMOgwSYxkZ9gLmuINLgMm3U&google_cver=1

43 B
766 B

36ms
36ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMOgwSYxkZ9gLmuINLgMm3U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxD4m84CGI-AkvABMAE&v=APEucNWMMQmxXACsj3JMNXiL9LAQF_QoF_gBlRc2W0C4izaiRlcnZHi8u2WLoy5KBnISpmNTZIRVb93W9LnhEB-lIKGZ2utAtQ
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jul 2023 10:18:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMOgwSYxkZ9gLmuINLgMm3U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame E400
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECwliBHg6NYk5CTmWS-PSIk&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECwliBHg6NYk5CTmWS-PSIk%26google_cver%3D1

43 B
898 B

164ms
163ms

Image
image/gif

104.254.151.69
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECwliBHg6NYk5CTmWS-PSIk%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxD4m84CGI-AkvABMAE&v=APEucNWMMQmxXACsj3JMNXiL9LAQF_QoF_gBlRc2W0C4izaiRlcnZHi8u2WLoy5KBnISpmNTZIRVb93W9LnhEB-lIKGZ2utAtQ

Protocol

Server

104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
an-x-request-uuid: 15a5c829-a534-441b-a6f9-de7c00861384
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 103.254.153.226; 103.254.153.226; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
an-x-request-uuid: ddaae892-bb5e-4bce-b78f-8cef361d214d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECwliBHg6NYk5CTmWS-PSIk%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 103.254.153.226; 103.254.153.226; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E400
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwNTc2MTc5MTQ0Mjc1Njc2Nw%3D%3D

170 B
188 B

9ms
8ms

Image
image/png

142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwNTc2MTc5MTQ0Mjc1Njc2Nw%3D%3D

Requested by

Protocol

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
an-x-request-uuid: 2ba5a041-b3a6-40d5-a170-f7e81751cff4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAwNTc2MTc5MTQ0Mjc1Njc2Nw%3D%3D
x-proxy-origin: 103.254.153.226; 103.254.153.226; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9799 0
20 B 5ms
5ms Ping
image/gif 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1173719105276&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9799 0
20 B 5ms
4ms Ping
image/gif 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1173719105276&version=m202306200101&ct=76&x=1&cor=12231226478374162000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9799 91 KB
37 KB 51ms
50ms Script
text/javascript 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CX1AXU_m83blDZLsMqZhiES1iSHlDtgu3VgUKqUj7hQU8FksiE9Y-JdFBS86pAgL_Z28lObVitoKhqXZ7oP0dTkQJ3Zw&cry=1&dbm_d=AKAmf-D-h1Qbtq6ERVtitYBBnE9l_3vVGws3_HjA9Q28IrivZxkdIASk0YbDvccjsERpRxfPDyZKmgvpv2dzAkRcYs_ptpGF_aTSMEuvBRAmthFcIWubyBSCGMju9Q7JaV8VUINeGk-wcklRtXGh_0dHlGbfAAIfZOl3NW3wRE0atFEO5ugGZ2_KCqldoUJ9F9CG79PkxI7M1YEBFlHSSM8d5Oqj3Silz_ly47XuzVLwPsOTdYiOo7NHgRsWysucyEeSw9KT2j1IrNzQp_rYe8u8EFsFvniGHarMp7ui3m9RbqUtr2g2uP699RJwHxdF7c5cZomyn9nilUOnO4072E5rIB5qOhZ7Lfa3tI_HXklDqcZ6kwGagGL_MwI9jWHLeRaOQ4E2dn5BtnyyWihrlJ0Ise_DotWD9V6Bq9qYxwjRIC-kNPMriDuK2ImnYcJm0xdk_7V-u1VqSrAypvu7EuGe8JqhviplyTxccgK4AMW7ASW8f62jNb7lmwFjIe39Zlakmt0rXoDGmW3TMSxvEijToIpS7KatmoeeXF-WocD9pbrW-8eTiSNPESbFNTteJdHWKg3gX-bikhMtl5T0hwiWE_d9OII_Dh4q9cNSVneOitAN9QeJQut3DKUPXG0a-Vs_bTR7VIJzVX3UA2rtCSNWxy3wRKemYBcKi3HKPiCrw67aBw-IzR_nuFB3nplAjvDvJSI_lA6Ua7HYewjgDZG28RJ3e7PBlE1zYdW3LH2QT11U51Yme7pSPp4cngtbPYA8ErFuIkhYGze9awPZf2pgNXNijBiRBABIQKYHcEJ81iABw-va6RsMbhLYWADN6xoguc2OT9g5Gu7QJWwWWdL455sFCFgTjTHoHTo6iqVL4Y37zN7Btcqc3ZqBD_brTJaUrLCIDKX9BN0qLVkuLE1nKOQQQOscCxFOfbO0PoXPu0EpDWFy_bqXfMIMU6YCxIkwsC3POzFe2FSSSzNU645HsRJdqIpwSSrEo8QSzWNhA8OkPtESRDvRvOjy8UIvR50Vk9KE_A-N3_0Gq4rXA8M0QUgbJpSaOFoZ3Jumy4V5KRMei0GFw59IP4n0gObV4yM2QAAPvXWEFETl7HgWY90VM-oT7dlnaeHP-KurEcOhsiDv2XTqhbUm3fYdBJWlPKTNaWcFuEeG8eOlp2GBjkgeJQlCM1LsN7oVnq_Z0nY8fjRYpBslQSkPiygV8Ef3KdAo2OYGjxQHiK8AVmylSwtCZenFhS8F1jZOOzfTZG3gAk1BGBdmSXOMKtUVn4XuZjPxtqadGFfOcPrDNeIkcmi1vd83monKWl_J4YazPD-qyM_lwYjyFYVLdRi_kUrmZ0I3M6-L9s6BkJM8Lo04nNTc3hIGJpg4l9KJsV_9Q1ov-jSy475OtZ38M7Aj-GJi5ak0Y-TChy6ekFaBRdp_XEQcwKbmG0zUvV7EtDqwYTNvljhAQVeAI5evyMK9boBtg0Ii0uXIopsxCEdsOXDuwdCcj1YuB-lOm9n4yko1OYVvxmyGewM9JGYBnOG4J3AjNqn4UjCRM6hI0GR4gAOCJ0jE8aUjSivFY5Chy_EBD3_z3fBCJo9MN7HF12DnQsLaothBV3k0qVMb1sUYxHAXB_7obzo-uVHeVl1myiFvBuyl7xqoG_suCyj_44P7HHcV_qmVzDYscR_eWQj9lC3gUz5TPaZPGcBYIF9Gp7U-TUEMawarRmSKuRC4PJSb5w4CFJzqTNN-iyPxazgaNmALCGcVjOPAiuqM3CdB4NnD2dnUR_f7UDpqY_EneCfSzFowW0vSpmRuxovOt1tI3xx564XLYBJ6SbV0ARcDPDXn0_pgb2Uphwo67zooPVxiVyXY3a6DC_2EVRAqWtwVspgb3Le5HfyXhqjSyOMeY0ZhaX6556BALpqKoXvezu1byAk1c83vao9FKsQ0sCtKKBojHLYWD08sbK_TJk9662qUHm8k_T8rctep5mD0WXRNN1iWIbl1YkxtPMtsIao3BlMAiihuGVlKPExlCE_aljVL6PE7JLnj81ZAz0W-GrDMpdxHODdg-TRhkhb3sTOZeN4U2nJXFZjjxBmgTwFjzhbsWyz3SYsEmVRYMB2W1RW7kJmcDYJ9NfnHGiPs4-iIYkzDbuwqC48R5sRXE3m1SH55x3nyY0adO0g1ucwCPmVen9gOSy3YfgDFuq5dkR9GZXRBBhQQt9ze7YlUfuB5JYo8L3h3dLkJIciTSvubhmKzbUxivvfWzTjwSJcwFToxFt04TEfXhamXzjufuJRRF6jig9eeKXXEXSGl1iTHHojPn_3CEziepZvaew7WktFWQthHEuGPQtg_NJ8Sv4Hb2MdaVvtd3Rj6GZNaJaxoAIbA8YmuVw50W_vJxmxuZOLmMgQjVOQVv21lYdd6IaUR4KUX3MfVZkL7aYaXXx8jNF_TjPkOepdqkzkNJpFRXv6ERUDPJNtidv0zNiA09orXg4WtyfajeR5AaGBWqC40IiMeSdjca_lm0kBOsJFbyLGSIGX4uOa9LWtiacX5IaHyirfcx1gBo1bjPo2mKmPlaoST-11gs7r5aZKU_Xelg4zKVr1XkWdaWdtVhV7sCoiEZJaWqYIGsU3_2Nagc2L3BYdGA0HUD8U0UAtaiO65ej2My-kgIuqgz4gw49uoMq058PiJrT-qWxlADDAfW1GfAq5XZEIc7qMinzs_j_55G7ZPUIZMf3HTzQ9POwErsSPvf4h5L2oD-1w7k4hc3C44y1GpCdoEIcZNm0xL_IedoBulpbWNbjbgZCWBwOXnctavn9Yma93GZ-szH0g-2BoWZiIx9B1bkdONEhjdbceFyzEgCPMCff7-jbjDXuJas255pYzEY_zPkqB3Xhpv2r5h6wweqyb05bR7CJIO7s4uJv-D_oiIsrPhAEVEMsDqOzvCD6K25GO9zm6hh3J7bMM8dDY9LlPcka9TR-KB37wmkJ2WXkURNSn-7bfeVrC0H6JY3ersNZKiC_srZqzyBlVWn0Zb8oAIonzKjTg_F1S3nV-ObbcW4Ag2Bt4QX58EyiGQVv1MYTWghH__SHyIVrqsQ6oxX0tmaiILtwW-FA_klYa0wZmkZ2jKs_MHodXHFAPeVpdbFKYRWMKN5YmrTXKP0BZbEz7SG8RNfoUAqqc1u-WvtIOOLnUUfCg2qL6CZhMEyqFmS9fIgnu3LTb1AvjI06ehDPRssXFSjtyMnK2HGoRwoF5S1DT3E8y2qj9fLIimN-yoR6IYVyIe2gCDK2Y7iDp5kdEvtdaRMioTbPFXVU6yyV3m6UY0XenTWwKgAJYaiWIhH1CBVU8g9g3kSdxKyPadIYJH6-RUEPmx24clXVc1WEtASZSiMucpqCbwZ6LE4TOCQWfU2C_rOi1-tuJlTQw79CtjPV689Q1JsLLWO6bBM31CF3cqRYP6Jk1cdICpHdwYTJlz8VMxBxIPXqA&cid=CAQSOwBpAlJWPcsF60-ogAsWoICg4-e51gmgqbtKGsIchJMKKz6KD8ig6cVBCAqzVxcgoWpdeNkMvCb4jNRlGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fhowtoflashdroid.info%2F&ds=l&xdt=1&iif=1&cor=12231226478374162000&adk=929882891&idt=14&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b0a51a5c6139abb628bfa38b8df9320fd77759660a90fc88269aa4f3d04d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3070604948&adf=871259380&pi=t.aa~a.912149262~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2050&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LGDti6X9zP&p=https%3A//howtoflashdroid.info&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37906
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4C4A 15 KB
15 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 11:56:05 GMT
x-content-type-options: nosniff
age: 512543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jul 2024 11:56:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4C4A 15 KB
16 KB 5ms
5ms Font
font/woff2 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:41:43 GMT
x-content-type-options: nosniff
age: 315405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jul 2024 18:41:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4C4A 15 KB
15 KB 7ms
6ms Font
font/woff2 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:36:49 GMT
x-content-type-options: nosniff
age: 315699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jul 2024 18:36:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4C4A 0
19 B 17ms
16ms Image
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CP4c5chW1ZOP4J5GMrQG-i6_gCYTVioNx-s-MlssR0fTxnY0OEAEg2PHMI2CBBKAB3u24zSnIAQmpAnKZAbhI1rI-qAMByAPLBKoE6gFP0ESGwIpl3QhonkCmk528iGA8_n4nvGcASQ5jT1RseHoDPy7maJnhV9CyIfKnhZ5iaOltvZ-3puQyLbxdAviBG1Mn9nz6qXfytP1S4Wzry_N-9cj-AfaroJEvevPuQqnh6Pvg5G0tQ2sJd7gDTDd-K4vOwxTG5sdfkHSJ6z-AjyH_0fYKEG4kzjqvAgpLrQFHEgaM_wSpY5P9jIyTl5jFI0ehc8OrTTObO5uf87lnylBFB8iSdCAqZva9t7OHb8KMn8zaRzK08ELZWbmcJoiGjvxheKk_bpRTE-xtRjbl07X74EOGa1-72bfABOrF9IudBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfepYmtBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEN2pF9IIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsBuBPkA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yODg5NzYxNjc0NzU3ODg5GAA&sigh=6VuRFGxZiG4&uach_m=[UACH]&cid=CAQSGwBpAlJWJkubYxRZF-q-QtBUHBXznY-NUro4zxgB&template_id=484&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=280&adk=2505405984&adf=1186654364&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589106&rafmt=1&to=qs&pwprc=9981741498&format=1200x280&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589106527&bpp=3&bdt=887&idt=100&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y1HqWh2t48&p=https%3A//howtoflashdroid.info&dtd=104
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 17 Jul 2023 10:18:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 90cda0d4b2e9798013d5ae8e8588fe0b.js Show response
www.gstatic.com/mysidia/ Frame 99B9 9 KB
4 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/90cda0d4b2e9798013d5ae8e8588fe0b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3130937508&adf=226233620&pi=t.aa~a.105094540~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2051&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2nG1oajVom&p=https%3A//howtoflashdroid.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 02:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3972
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 07:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 02:36:43 GMT

GET
H3 200 369d21e23798e41a4bd263e83a9ef671.js Show response
www.gstatic.com/mysidia/ Frame 99B9 10 KB
4 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/369d21e23798e41a4bd263e83a9ef671.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffeca646555545c8fb0fb9fc1d08b6e9481509b0f0fb78b4243807ca076410c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 05:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4215
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 07:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 05:35:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 99B9 14 KB
1 KB 10ms
8ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jul 2023 10:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 09:15:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jul 2023 10:18:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 99B9 2 KB
892 B 7ms
6ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 99B9 23 KB
9 KB 8ms
4ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 99B9 3 KB
1 KB 9ms
5ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 99B9 20 KB
8 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 04:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 04:45:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 99B9 0
0 61ms
57ms Image
text/html 2404:6800:4003:c02::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfuXBq44DV9Bv9liDe4IeF3dGbIEA-NHqXA-tHotFtVvCoOgNUkH1ccHo700DfDegnP7YSCP9mKLM2V2DD9oYe8vV-Vg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3130937508&adf=226233620&pi=t.aa~a.105094540~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2051&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2nG1oajVom&p=https%3A//howtoflashdroid.info&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 99B9 179 KB
56 KB 9ms
7ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jul 2023 10:18:28 GMT

GET
H3 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 99B9 33 KB
14 KB 10ms
6ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 20:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 20:46:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 20:25:51 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 070C 37 KB
14 KB 6ms
4ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 328435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:04:33 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9799 111 KB
39 KB 28ms
8ms Script
text/javascript 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 21:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Jul 2023 21:31:57 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 9799 11 KB
4 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CX1AXU_m83blDZLsMqZhiES1iSHlDtgu3VgUKqUj7hQU8FksiE9Y-JdFBS86pAgL_Z28lObVitoKhqXZ7oP0dTkQJ3Zw&cry=1&dbm_d=AKAmf-D-h1Qbtq6ERVtitYBBnE9l_3vVGws3_HjA9Q28IrivZxkdIASk0YbDvccjsERpRxfPDyZKmgvpv2dzAkRcYs_ptpGF_aTSMEuvBRAmthFcIWubyBSCGMju9Q7JaV8VUINeGk-wcklRtXGh_0dHlGbfAAIfZOl3NW3wRE0atFEO5ugGZ2_KCqldoUJ9F9CG79PkxI7M1YEBFlHSSM8d5Oqj3Silz_ly47XuzVLwPsOTdYiOo7NHgRsWysucyEeSw9KT2j1IrNzQp_rYe8u8EFsFvniGHarMp7ui3m9RbqUtr2g2uP699RJwHxdF7c5cZomyn9nilUOnO4072E5rIB5qOhZ7Lfa3tI_HXklDqcZ6kwGagGL_MwI9jWHLeRaOQ4E2dn5BtnyyWihrlJ0Ise_DotWD9V6Bq9qYxwjRIC-kNPMriDuK2ImnYcJm0xdk_7V-u1VqSrAypvu7EuGe8JqhviplyTxccgK4AMW7ASW8f62jNb7lmwFjIe39Zlakmt0rXoDGmW3TMSxvEijToIpS7KatmoeeXF-WocD9pbrW-8eTiSNPESbFNTteJdHWKg3gX-bikhMtl5T0hwiWE_d9OII_Dh4q9cNSVneOitAN9QeJQut3DKUPXG0a-Vs_bTR7VIJzVX3UA2rtCSNWxy3wRKemYBcKi3HKPiCrw67aBw-IzR_nuFB3nplAjvDvJSI_lA6Ua7HYewjgDZG28RJ3e7PBlE1zYdW3LH2QT11U51Yme7pSPp4cngtbPYA8ErFuIkhYGze9awPZf2pgNXNijBiRBABIQKYHcEJ81iABw-va6RsMbhLYWADN6xoguc2OT9g5Gu7QJWwWWdL455sFCFgTjTHoHTo6iqVL4Y37zN7Btcqc3ZqBD_brTJaUrLCIDKX9BN0qLVkuLE1nKOQQQOscCxFOfbO0PoXPu0EpDWFy_bqXfMIMU6YCxIkwsC3POzFe2FSSSzNU645HsRJdqIpwSSrEo8QSzWNhA8OkPtESRDvRvOjy8UIvR50Vk9KE_A-N3_0Gq4rXA8M0QUgbJpSaOFoZ3Jumy4V5KRMei0GFw59IP4n0gObV4yM2QAAPvXWEFETl7HgWY90VM-oT7dlnaeHP-KurEcOhsiDv2XTqhbUm3fYdBJWlPKTNaWcFuEeG8eOlp2GBjkgeJQlCM1LsN7oVnq_Z0nY8fjRYpBslQSkPiygV8Ef3KdAo2OYGjxQHiK8AVmylSwtCZenFhS8F1jZOOzfTZG3gAk1BGBdmSXOMKtUVn4XuZjPxtqadGFfOcPrDNeIkcmi1vd83monKWl_J4YazPD-qyM_lwYjyFYVLdRi_kUrmZ0I3M6-L9s6BkJM8Lo04nNTc3hIGJpg4l9KJsV_9Q1ov-jSy475OtZ38M7Aj-GJi5ak0Y-TChy6ekFaBRdp_XEQcwKbmG0zUvV7EtDqwYTNvljhAQVeAI5evyMK9boBtg0Ii0uXIopsxCEdsOXDuwdCcj1YuB-lOm9n4yko1OYVvxmyGewM9JGYBnOG4J3AjNqn4UjCRM6hI0GR4gAOCJ0jE8aUjSivFY5Chy_EBD3_z3fBCJo9MN7HF12DnQsLaothBV3k0qVMb1sUYxHAXB_7obzo-uVHeVl1myiFvBuyl7xqoG_suCyj_44P7HHcV_qmVzDYscR_eWQj9lC3gUz5TPaZPGcBYIF9Gp7U-TUEMawarRmSKuRC4PJSb5w4CFJzqTNN-iyPxazgaNmALCGcVjOPAiuqM3CdB4NnD2dnUR_f7UDpqY_EneCfSzFowW0vSpmRuxovOt1tI3xx564XLYBJ6SbV0ARcDPDXn0_pgb2Uphwo67zooPVxiVyXY3a6DC_2EVRAqWtwVspgb3Le5HfyXhqjSyOMeY0ZhaX6556BALpqKoXvezu1byAk1c83vao9FKsQ0sCtKKBojHLYWD08sbK_TJk9662qUHm8k_T8rctep5mD0WXRNN1iWIbl1YkxtPMtsIao3BlMAiihuGVlKPExlCE_aljVL6PE7JLnj81ZAz0W-GrDMpdxHODdg-TRhkhb3sTOZeN4U2nJXFZjjxBmgTwFjzhbsWyz3SYsEmVRYMB2W1RW7kJmcDYJ9NfnHGiPs4-iIYkzDbuwqC48R5sRXE3m1SH55x3nyY0adO0g1ucwCPmVen9gOSy3YfgDFuq5dkR9GZXRBBhQQt9ze7YlUfuB5JYo8L3h3dLkJIciTSvubhmKzbUxivvfWzTjwSJcwFToxFt04TEfXhamXzjufuJRRF6jig9eeKXXEXSGl1iTHHojPn_3CEziepZvaew7WktFWQthHEuGPQtg_NJ8Sv4Hb2MdaVvtd3Rj6GZNaJaxoAIbA8YmuVw50W_vJxmxuZOLmMgQjVOQVv21lYdd6IaUR4KUX3MfVZkL7aYaXXx8jNF_TjPkOepdqkzkNJpFRXv6ERUDPJNtidv0zNiA09orXg4WtyfajeR5AaGBWqC40IiMeSdjca_lm0kBOsJFbyLGSIGX4uOa9LWtiacX5IaHyirfcx1gBo1bjPo2mKmPlaoST-11gs7r5aZKU_Xelg4zKVr1XkWdaWdtVhV7sCoiEZJaWqYIGsU3_2Nagc2L3BYdGA0HUD8U0UAtaiO65ej2My-kgIuqgz4gw49uoMq058PiJrT-qWxlADDAfW1GfAq5XZEIc7qMinzs_j_55G7ZPUIZMf3HTzQ9POwErsSPvf4h5L2oD-1w7k4hc3C44y1GpCdoEIcZNm0xL_IedoBulpbWNbjbgZCWBwOXnctavn9Yma93GZ-szH0g-2BoWZiIx9B1bkdONEhjdbceFyzEgCPMCff7-jbjDXuJas255pYzEY_zPkqB3Xhpv2r5h6wweqyb05bR7CJIO7s4uJv-D_oiIsrPhAEVEMsDqOzvCD6K25GO9zm6hh3J7bMM8dDY9LlPcka9TR-KB37wmkJ2WXkURNSn-7bfeVrC0H6JY3ersNZKiC_srZqzyBlVWn0Zb8oAIonzKjTg_F1S3nV-ObbcW4Ag2Bt4QX58EyiGQVv1MYTWghH__SHyIVrqsQ6oxX0tmaiILtwW-FA_klYa0wZmkZ2jKs_MHodXHFAPeVpdbFKYRWMKN5YmrTXKP0BZbEz7SG8RNfoUAqqc1u-WvtIOOLnUUfCg2qL6CZhMEyqFmS9fIgnu3LTb1AvjI06ehDPRssXFSjtyMnK2HGoRwoF5S1DT3E8y2qj9fLIimN-yoR6IYVyIe2gCDK2Y7iDp5kdEvtdaRMioTbPFXVU6yyV3m6UY0XenTWwKgAJYaiWIhH1CBVU8g9g3kSdxKyPadIYJH6-RUEPmx24clXVc1WEtASZSiMucpqCbwZ6LE4TOCQWfU2C_rOi1-tuJlTQw79CtjPV689Q1JsLLWO6bBM31CF3cqRYP6Jk1cdICpHdwYTJlz8VMxBxIPXqA&cid=CAQSOwBpAlJWPcsF60-ogAsWoICg4-e51gmgqbtKGsIchJMKKz6KD8ig6cVBCAqzVxcgoWpdeNkMvCb4jNRlGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fhowtoflashdroid.info%2F&ds=l&xdt=1&iif=1&cor=12231226478374162000&adk=929882891&idt=14&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:34:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 14:34:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 9799 30 KB
11 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 14:51:29 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9799 41 KB
13 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 06:45:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12762
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jul 2024 06:45:46 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2267 1 KB
643 B 8ms
4ms Document
text/html 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 1902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 09:46:46 GMT
etag: 48472445140208031
expires: Tue, 18 Jul 2023 09:46:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9799 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf4a3d7e03480df4e0de5f2dcd5674097cd0bd0e853b6833f14cfc14065dddb4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 matchx Show response
uuidksinc.net/ Frame 510C 3 KB
1 KB 493ms
160ms Document
text/html 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uuidksinc.net/matchx
Requested by: Host: bakibarus.com
URL: https://bakibarus.com/24784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: f0062998045896ff945ab94cb4bb5d79f48ca948dc5bdaba7f8356e9ebb8beae

Request headers

Referer: https://howtoflashdroid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 17 Jul 2023 10:18:28 GMT
server: nginx/1.23.2
vary: Accept-Encoding

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8A6C 143 B
166 B 6ms
4ms Document
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3130937508&adf=226233620&pi=t.aa~a.105094540~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2051&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2nG1oajVom&p=https%3A//howtoflashdroid.info&dtd=8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 3151
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 09:25:57 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 917E 1 KB
643 B 4ms
3ms Document
text/html 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 1902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 09:46:46 GMT
etag: 48472445140208031
expires: Tue, 18 Jul 2023 09:46:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2267
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOasDtCX2cvBWZ9LKa4m318&google_cver=1&google_push=AaAOQGHOz6rq4GFObnlimzsOS2mCqvO45ytqdgO9CLRnZ1UPQlxfCeqPcbDJfiBRbmfsRHQz1S-IpVKGNdLFT8NcaNukFuzKgPon7...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY4Mjg0MjcyNjc2MjMwNzI4OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMuGowL33NEsKdu3ffWbx7Q&google_cver=1

43 B
398 B

337ms
34ms

Image
image/gif

2001:df2:a300:bbbb::135
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMuGowL33NEsKdu3ffWbx7Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3070604948&adf=871259380&pi=t.aa~a.912149262~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2050&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LGDti6X9zP&p=https%3A//howtoflashdroid.info&dtd=12
Protocol: H2
Server: 2001:df2:a300:bbbb::135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMuGowL33NEsKdu3ffWbx7Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 2267
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESELuqJmNeb_0oeQl-weHqd8o&google_cver=1&google_push=AaAOQGHE7YM9UtuSzQ4_vsBonbLYQmgv_ZFBOU2JnsLVpoHE6QAFzDeoJd4ciY1MUmXDPc-mjdrlYMmV7K-ciRBHoGGeJdctnoFZH...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELuqJmNeb_0oeQl-weHqd8o&google_cver=1&google_push=AaAOQGHE7YM9UtuSzQ4_vsBonbLYQmgv_ZFBOU2JnsLVpoHE6QAFzDeoJd4ciY1MUmXDPc-mjdrlYMmV7K-ciRBHoGGeJdctnoF...

43 B
416 B

197ms
183ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELuqJmNeb_0oeQl-weHqd8o&google_cver=1&google_push=AaAOQGHE7YM9UtuSzQ4_vsBonbLYQmgv_ZFBOU2JnsLVpoHE6QAFzDeoJd4ciY1MUmXDPc-mjdrlYMmV7K-ciRBHoGGeJdctnoFZHQNXejtXUyFxk9UK4KiQ1b6YF-85Tl_Z68fY3I0TRoP5aMkDOtHESwvVIw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHE7YM9UtuSzQ4_vsBonbLYQmgv_ZFBOU2JnsLVpoHE6QAFzDeoJd4ciY1MUmXDPc-mjdrlYMmV7K-ciRBHoGGeJdctnoFZHQNXejtXUyFxk9UK4KiQ1b6YF-85Tl_Z68fY3I0TRoP5aMkDOtHESwvVIw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3070604948&adf=871259380&pi=t.aa~a.912149262~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2050&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LGDti6X9zP&p=https%3A//howtoflashdroid.info&dtd=12
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e81bdb95bc58859-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 91
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELuqJmNeb_0oeQl-weHqd8o&google_cver=1&google_push=AaAOQGHE7YM9UtuSzQ4_vsBonbLYQmgv_ZFBOU2JnsLVpoHE6QAFzDeoJd4ciY1MUmXDPc-mjdrlYMmV7K-ciRBHoGGeJdctnoFZHQNXejtXUyFxk9UK4KiQ1b6YF-85Tl_Z68fY3I0TRoP5aMkDOtHESwvVIw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHE7YM9UtuSzQ4_vsBonbLYQmgv_ZFBOU2JnsLVpoHE6QAFzDeoJd4ciY1MUmXDPc-mjdrlYMmV7K-ciRBHoGGeJdctnoFZHQNXejtXUyFxk9UK4KiQ1b6YF-85Tl_Z68fY3I0TRoP5aMkDOtHESwvVIw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e81bdb7da3c8859-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2267
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBEKv1sN8am-Jxy0L8Ax5mU&google_cver=1&google_push=AaAOQGE6b2iVZ7COg-hwfd_EgmdNMDpHODS9FkOt_Ewdjns2WP3ycX9EKqvuveqeRzyuH7ZrfCu1LgAtK5l8VY7ImV...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEBEKv1sN8am-Jxy0L8Ax5mU&google_cver=1&google_push=AaAOQGE6b2iVZ7COg-hwfd_EgmdNMDpHODS9FkOt_Ewdjns2WP3ycX9EKqvuveqeRzyuH7ZrfCu1LgAtK5l8VY7ImV...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=N2Y1OGQ3ZjctMzc2MS00YzIxLWI1OWUtMjU4Y2Y3Y2I0N2Fi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=7f58d7f7-3761-4c21-b59e-258cf7cb47ab

170 B
188 B

12ms
8ms

Image
image/png

142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=N2Y1OGQ3ZjctMzc2MS00YzIxLWI1OWUtMjU4Y2Y3Y2I0N2Fi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=7f58d7f7-3761-4c21-b59e-258cf7cb47ab

Requested by

Protocol

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=N2Y1OGQ3ZjctMzc2MS00YzIxLWI1OWUtMjU4Y2Y3Y2I0N2Fi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=7f58d7f7-3761-4c21-b59e-258cf7cb47ab
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 2267 43 B
641 B 215ms
69ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEI1El7nBACOYAUx8sYspd4M&google_cver=1&google_push=AaAOQGEk6A5V-qkf292QqHRv4Q12flv7vbH61HTkkkr3ZH4OJPSzCiTNW-gXSfItrjiPmKWUhLKbznR717jveHo_F3Uz_3AYJjAmCb6tumnkBFae2eaHPKagmX0HRV7DJDQdOLmD2vm8TonP6P0iiVVy0hiYAA

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 10:18:28 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2267
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEBzpsjgSJbwYhTRFNfhcjE0&c_param1=AaAOQGGuNmZHqQSAetLKxy1sKYAPcz4KzD5eRjHQ9Eq0qAt0OCukjaMq4uS3vBc2cUOhrX2aVGgcQhGV45ObZTjcHaVvpbjm7unCs8cdG22dthcPo4l...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AaAOQGGuNmZHqQSAetLKxy1sKYAPcz4KzD5eRjHQ9Eq0qAt0OCukjaMq4uS3vBc2cUOhrX2aVGgcQhGV45ObZTjcHaVvpbjm7unCs8cdG22dthcPo4lJH9E_o8N7iANcCx5FV...

170 B
188 B

9ms
8ms

Image
image/png

142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AaAOQGGuNmZHqQSAetLKxy1sKYAPcz4KzD5eRjHQ9Eq0qAt0OCukjaMq4uS3vBc2cUOhrX2aVGgcQhGV45ObZTjcHaVvpbjm7unCs8cdG22dthcPo4lJH9E_o8N7iANcCx5FVQbNant4gizg9XoGoiw7HCvhdg

Requested by

Protocol

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AaAOQGGuNmZHqQSAetLKxy1sKYAPcz4KzD5eRjHQ9Eq0qAt0OCukjaMq4uS3vBc2cUOhrX2aVGgcQhGV45ObZTjcHaVvpbjm7unCs8cdG22dthcPo4lJH9E_o8N7iANcCx5FVQbNant4gizg9XoGoiw7HCvhdg
date: Mon, 17 Jul 2023 10:18:28 GMT
server: nginx/1.23.2
content-length: 0

GET
H/1.1 404
Not Found doubleclick
app.cauly.co.kr/idsync_ssp/ Frame 2267 0
161 B 304ms
99ms Image
application/xml 133.186.161.89
NHN-AS-KR NHNCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEFq7xLMgSKTeoIUVGP8si6o&google_cver=1&google_push=AaAOQGE2xF-dBxtPFvnNMsFLVzICupsREjKT7WU4lU7XexJX_9oRsZ_JVVTRiPHB1welR9t3PoVgmCbxAvTNUrNdX-iRMpgNSimLryHOzOBGfONxb1HyOR-lGilUro1oyVu3ni1aiw3ymwXQRdOQE5a4MbYD
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3070604948&adf=871259380&pi=t.aa~a.912149262~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2050&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LGDti6X9zP&p=https%3A//howtoflashdroid.info&dtd=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 133.186.161.89 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 10:18:28 GMT
Server: nginx
Connection: close
Content-Length: 0
Content-Type: Application/xml;charset=UTF-8

GET
H2

200

report
sync.teads.tv/um/ Frame 2267
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIXZzRua0Lz-...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MGNiZTQ0MzQtYWI0NC00ZmE5LWE5NTQtNzk0MDUyMzEzM2Q3&google_push=AaAOQGGmul8rgHOUNFY7FMr5T9II2jjcDjU__hfYKdbE4U2P5Szm8_t4uTXI7EeV5ZA3a...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

102ms
102ms

Image
image/gif

23.35.185.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3070604948&adf=871259380&pi=t.aa~a.912149262~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2050&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LGDti6X9zP&p=https%3A//howtoflashdroid.info&dtd=12
Protocol: H2
Server: 23.35.185.50 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-185-50.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Mon, 17 Jul 2023 10:18:28 GMT
pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2267 0
50 B 8ms
6ms Image
text/html 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYshr1khqQCr8Fsr-yWZfNof8jpkxhRrQehJ1Upf4HzQWf5bzmSr2895SDn-5XIiMGjKSePA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6297180037871304704/ Frame F155 39 KB
9 KB 11ms
4ms Document
text/html 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08615884da35954d08671f202529ef0a73dd61b61eb3ba1713e7a6582efd92a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8701
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 08:01:18 GMT
expires: Tue, 16 Jul 2024 08:01:18 GMT
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9799 0
0 34ms
18ms Fetch
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqOSZ1PTykXk8HpX752W-VSPV3xTxYlDAvKxOGijA559ptx5VvP5izfP4zMVWrzVVFlwyaOUgYoYuS0J0JP6g_BldSBzU4WPLLWI00EyvCa12R8hl2WSLvv07tMUiK1Q4lLtnfQxaespmc1n40T0_pD85Pa4uZaZ7ZfAswm-PKK2gv2EOKFEqhtjoNyPvDSiu7rbtUMaWvFRKwu69YUSj4YuKh-TSq1uBOYFThcK1cSttsnDLw1bguasCsrBx6AxXVkoZOWloeKQk5MA7Qp1OkUYz40nVyq6ogJAK8hpByCp_Cy18tCMyIouWs0IJSMjJw9rZodX5jnVNWrCYqg_5ov50Kyql60WGAp57LRBi1ozMQ6b8cNcr6lhhRSdfO1ctjerl1iIL9vyzOwPD5fUZL3c1wfr5LFRDe8mJJZ7f3NsHVbxRzF_OhNP5pTJ09gw_lFL9lZFo9da5fwhHpc3Gpc1EkCUGP2U2UnrH2lV2986w_r7xWuENT47Ht7Swk7YWv4GhccLVhwXL06vAZ1qJbtODrHdB2orl53ycSz46DKB3kF-i_T-CWb7poeTz6gKpV2PMXEwPAtSDq-LLMkOgm2PH5UNgtdlNPumyW7EKah96t51hqfqfYwfRKjxe_hzVfOGpoxVGgrk-p3fyho4dVr7VG8dExBmau96xSHQPRj7HTsIPGMgiCXLVDMwpYsXdJ8PwjVhvFD84JYytZtilwshBEh7-3ziSiKE3kdij2GDkFUpmV682Su6tt-GN16m6qAjIBlUIP5RkOwu6dWGOvtITbRf40-SKTSOF45nXGSRpAOizVmVBm-GgS9XeGsV8Uyg2JW4FZ7kFrP9fxpxsHInjSA9Edi_Ohhp8rBstxfdKtje5LyenPFEhdpWVG2HvZYGQoNOl8XNMb88KTC9EjTEyUq2NXU4d8FTr6X_7G5riVDv5RcswWXOi6scaFCGj_bKH4441Abnap1UmUmwo5we3WxabxY_7MMdqGb0DK1xP7IULrl_qd-xSTqUbRDdyhDj_mG5O1fo6Pxf55rabPNwUAcSyHpJC2nLQE4jF9GUkIJnQIL8Y-etAFnd4PAUw7dDYtbSejn9LSLldnrUMZVxDg35kHuMDBvwk8cb5V921GjXwbVU5RvIaOQsln8yydPOeNDjRXnGU6KPYXw2b5ntlk_LXvbAihNelW_sYbbui2hkw6ixliO0G2ogsAnvaIoRY2BEaBA0B2DEFqrh2fHz1u5p-87taXeSxt2cL-egIGMSHW_Qf6ZZp4Xs1rA4_BtzQ4&sai=AMfl-YTqnaJMqsre9hPOjt8hNwgR3SvVLH-LTUYNT53Btk8J74x7oggKhUrm5puIaWxdKsAR695FL4OnfLIK2075rUNYk28xA3wuq6Ml4Tyha940hXIsvDQEdQXHkYTfjEliHwjIZvY8i_ipXaJBcyWfULs8EHBFqOGwHEJi1MKsSLag2vcrKOiPy14B13cm3yY2vEmOP3JEcARWLqzIIvNGESm0UhAspRHqZrZz6GAGu--x3-PUvJM1RBynvDc4HoMZKmoZ&sig=Cg0ArKJSzGhR10Ef1LeTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=150&cbvp=1&cstd=147&cisv=r20230711.96108&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 17 Jul 2023 10:18:28 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 17 Jul 2023 10:18:28 GMT

GET img;adv=11072226225113;ec=11072243362951;adv.a=9328736;c.a=30252084;s.a=4528092;p.a=370905656;a.a=562001338;cache=1656224812;
ad.atdmt.com/i/ Frame 9799 0
0

GET
DATA 200
OK truncated
/ Frame 99B9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 990608a3eadd5c8cfb12dccddaa7a3de19c2b24cc72130cd48470862d2243257

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6378 22 KB
8 KB 4ms
4ms Document
text/html 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 12762
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 06:45:46 GMT
expires: Tue, 16 Jul 2024 06:45:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bd01879d.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 19 KB
19 KB 8ms
7ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/bd01879d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f484a9625fbdcc9a551878e222f3c011d9493a69fd44cca1c735becd76c1aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 15:54:44 GMT
x-content-type-options: nosniff
age: 239024
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19020
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jul 2024 15:54:44 GMT

GET
H3 200 1d2e0030.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 85 KB
85 KB 16ms
9ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/1d2e0030.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35358fdad65fcca1fd4e6469dd2c40841fc68f6d16b17158e94def7eacf42d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87318
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 30de56b0.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 128 KB
128 KB 31ms
24ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/30de56b0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2baf3671158281db6e5dd56f401b6c97ea4b6250fadbc0fe799f7c529a33954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130988
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 6da4de0c.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 14 KB
14 KB 32ms
24ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/6da4de0c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42236227f44359bb084c21684d213ce111a972cb15542fd0e88a605452b7c917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 08:20:03 GMT
x-content-type-options: nosniff
age: 179905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14791
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Jul 2024 08:20:03 GMT

GET
H3 200 370a757c.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 12 KB
12 KB 30ms
23ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/370a757c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23dd244610d71c5a5d46af19adf2822276cc438c978cc9bcb009bde0a1028271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11857
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 42043938.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 13 KB
13 KB 30ms
23ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/42043938.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8230215aa4d483f91d3840c7acbcf271390c4fcde182de98ceedaa6433e44887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13308
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 f2accffe.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 8 KB
8 KB 29ms
22ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/f2accffe.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e2b5f86b95f0f80cbef98923497c389df01262bedddc80c14b61542988a3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 03:35:39 GMT
x-content-type-options: nosniff
age: 283369
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7889
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jul 2024 03:35:39 GMT

GET
H3 200 5ab0a996.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 36 KB
36 KB 28ms
21ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/5ab0a996.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df73d956eff8fc9016fe8d23c2338a67d39a1df3dcc8f12b947e1538b1163baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36352
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 5e83534b.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 2 KB
3 KB 28ms
22ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/5e83534b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2dd9edf3e5a74f7b692b0706f037c829673ec089589d2b8be7495bfa297a00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2549
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 d18857c1.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 5 KB
5 KB 25ms
18ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/d18857c1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5a9350768a03bcf6ffe28cd0c4660f1320ad607bbbb38b438187d7cf66dcc99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4651
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 5d5f1b37.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 4 KB
4 KB 23ms
17ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/5d5f1b37.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dd2fb63b8f2b24da4e95f6e5fd2e8b83489e3a9c9836b9d20b2bbcec1d41784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 23:37:02 GMT
x-content-type-options: nosniff
age: 211286
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jul 2024 23:37:02 GMT

GET
H3 200 a0a08a9f.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 6 KB
6 KB 21ms
14ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/a0a08a9f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d03e9a5a2529edb052980e3611509b61ef23d2a39a6dae5485a696278911558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6410
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 739e461b.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 2 KB
2 KB 40ms
34ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/739e461b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13f073249036352d689faf66d543b2c0207632287cd56059c5b400d935872c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1705
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 8923e342.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 3 KB
3 KB 39ms
33ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/8923e342.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9941202f9efd6961e3e7cb01c3347e95a204e6c94e215381369182c3db43f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2876
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 e4e0d708.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 1 KB
1 KB 39ms
33ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/e4e0d708.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a4673f867a23a93a2bab0d46a310509187c30b86dc7241365939118165280f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 18:27:00 GMT
x-content-type-options: nosniff
age: 229888
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1211
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jul 2024 18:27:00 GMT

GET
H3 200 eff6d5f4.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 2 KB
3 KB 38ms
33ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/eff6d5f4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130ec31c9d8a7b78de0fba2a0d27ba5fb815f915aa1fd4c5aabc53d65356ed24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2533
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 205a8e6d.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 1 KB
1 KB 38ms
32ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/205a8e6d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84ea4047816c8928943257669d444012cc4c9fd70f500d6d4cd1b5104c647b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1453
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 26d44eff.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 2 KB
2 KB 37ms
31ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/26d44eff.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

086f28f4fc5c91f0eb055ca750a4cbf931f7181aa95f93d9184a3c40bfddf3a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2381
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 24e089af.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 415 B
442 B 36ms
31ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/24e089af.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72e543a774e41e2e6ea0eeee2f237ac17ef1c0458d0cef7bc620ba6328ab6f54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 415
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 b91a7e20.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 838 B
865 B 36ms
30ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/b91a7e20.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f580e5520c394d593225ae7248e6df1457840ebfa56db9b3d2651ce413e883ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 838
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 7de3b5c7.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 1012 B
1 KB 35ms
30ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/7de3b5c7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce9d8e24963e63f769d4746976af3a5f127276efa690e5f468483348dfd2f020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 10:02:52 GMT
x-content-type-options: nosniff
age: 173736
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1012
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Jul 2024 10:02:52 GMT

GET
H3 200 a95ba6cb.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 2 KB
2 KB 34ms
29ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/a95ba6cb.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92c8f8c7932f976730f3b153100ac3ebbb1b413b81866c63cadcf24d43e2a6f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1627
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 fb2326ac.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 2 KB
2 KB 34ms
28ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/fb2326ac.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

680c3022cc282fcd77065fb1426440aad21211d33c54235539e7966fd581214b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2520
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 d7a796c9.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 4 KB
4 KB 33ms
27ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/d7a796c9.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a8c8adb1a70fa3e854a1523820a4bb582205bf371c9230a4ff997677c100eb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 d52ca93f.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 493 B
520 B 32ms
26ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/d52ca93f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e1907636f0d73d2c5e00379f84e680c350405ea0e12b8c044bd0d62bb50a542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 493
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 c9c113a2.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 833 B
860 B 33ms
27ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/c9c113a2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91d9866c20a98f0d6fc4a8f54f8b05a37664ca1b82590e04a51635f388d3dd0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 833
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 dddb9e36.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 2 KB
2 KB 32ms
26ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/dddb9e36.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c87875b1cf77a07133664677898d1dded80132428a2347db53cb93c68052220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2322
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 de6f187f.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 4 KB
4 KB 31ms
26ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/de6f187f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

418647ed5b3463861f4923340539235a52100797a7f178e9e007cc40c2059a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3835
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 0aa07769.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 1 KB
1 KB 30ms
25ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/0aa07769.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

180cea6780fa0cfeced6b1d0213ee23234b8c9f3d5004d8021f932027e53e065

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1097
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H3 200 aa3824cf.png
s0.2mdn.net/sadbundle/6297180037871304704/images/ Frame F155 2 KB
2 KB 31ms
25ms Image
image/png 2404:6800:4003:c03::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6297180037871304704/images/aa3824cf.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a07d2eee90344a59202f9295e4c3cf6cc183b00a02c7ae78a05631dee7243393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6297180037871304704/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:01:19 GMT
x-content-type-options: nosniff
age: 8229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1828
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 11:24:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:01:19 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 917E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENFVRUSciNFdo-lO7T4eoRY&google_cver=1&google_push=AaAOQGGLT1yUh49fbqfDQdhXmm5_H22Kv2dFH-Aes-OhSh5J2k86-51HIN3_2b7GFNybB7bkv3PyDqZPW_9Da9i7dE6DX8fFhXw46...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENFVRUSciNFdo-lO7T4eoRY&google_cver=1&google_push=AaAOQGGLT1yUh49fbqfDQdhXmm5_H22Kv2dFH-Aes-OhSh5J2k86-51HIN3_2b7GFNybB7bkv3PyDqZPW_9Da9i7dE6DX8fFhXw...

43 B
388 B

261ms
261ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENFVRUSciNFdo-lO7T4eoRY&google_cver=1&google_push=AaAOQGGLT1yUh49fbqfDQdhXmm5_H22Kv2dFH-Aes-OhSh5J2k86-51HIN3_2b7GFNybB7bkv3PyDqZPW_9Da9i7dE6DX8fFhXw46Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGLT1yUh49fbqfDQdhXmm5_H22Kv2dFH-Aes-OhSh5J2k86-51HIN3_2b7GFNybB7bkv3PyDqZPW_9Da9i7dE6DX8fFhXw46Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e81bdb97bd78859-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 312
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENFVRUSciNFdo-lO7T4eoRY&google_cver=1&google_push=AaAOQGGLT1yUh49fbqfDQdhXmm5_H22Kv2dFH-Aes-OhSh5J2k86-51HIN3_2b7GFNybB7bkv3PyDqZPW_9Da9i7dE6DX8fFhXw46Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGLT1yUh49fbqfDQdhXmm5_H22Kv2dFH-Aes-OhSh5J2k86-51HIN3_2b7GFNybB7bkv3PyDqZPW_9Da9i7dE6DX8fFhXw46Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e81bdb84a938859-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 917E 0
173 B 50ms
7ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE8F2-eQwQAtcBrm7FwNfjc&google_cver=1&google_push=AaAOQGG6Rf-ABkPi0Hp611CR1OwaX7VtVqv6KwMwR8Rk7Zk2G6aJWHK6I7LwNhm0nC8HuKqcvcdWVZeZNJtrKiFqscIycX2tujjgRgc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3130937508&adf=226233620&pi=t.aa~a.105094540~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2051&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2nG1oajVom&p=https%3A//howtoflashdroid.info&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

sync
gdn.socdm.com/rtb/ Frame 917E
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEOHxV2Z6PFfK8T8t8CiyOrk&google_cver=1&google_push=AaAOQGGCA2Cp6T_sOdg3maVas6WChUmlpKUVkhr8TB8eVES9Cn4gtDhoMkzlKt4gEJRbH...
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WkxVVmRNQ284WUVBQUphOEo2UUFBQUFB
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOHxV2Z6PFfK8T8t8CiyOrk&google_cver=1

43 B
949 B

226ms
74ms

Image
image/gif

124.146.153.152
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOHxV2Z6PFfK8T8t8CiyOrk&google_cver=1
Protocol: HTTP/1.1
Server: 124.146.153.152 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 10:18:28 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEOHxV2Z6PFfK8T8t8CiyOrk&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.226","key":"ZLUVdMCo8YEAAJa8J6QAAAAA","privacy_sensitive":false,"uid":"ZLUVdMCo8YEAAJa8J6QAAAAA","upstream_id":"m-ad443"}
X-SO-Key: ZLUVdMCo8YEAAJa8J6QAAAAA
X-SO-Upstream-ID: m-ad443
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad443.dc4p.scaleout.jp
X-SO-UID: ZLUVdMCo8YEAAJa8J6QAAAAA
Connection: keep-alive
Content-Length: 43
X-SO-IP: 103.254.153.226
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: image/gif
Cache-Control: private
X-SO-Ads-Time: 2
X-SO-LB-Hostname: m-ng38.dc4p.scaleout.jp

Redirect headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOHxV2Z6PFfK8T8t8CiyOrk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 917E
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGvhGib6EBgOKtIKOD2VeXU&google_cver=1&google_push=AaAOQGE_uuFLno7Libyv1NHmj2THhfAJ-0p1MQrHXPMxgVrT9ziFn64qHhzFBD5fn7tlIu-98bBUOOv-eE9pexOI3SLX...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGvhGib6EBgOKtIKOD2VeXU&google_cver=1&google_push=AaAOQGE_uuFLno7Libyv1NHmj2THhfAJ-0p1MQrHXPMxgVrT9ziFn64qHhzFBD5fn7tlIu-98bBUOOv-eE9pex...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fc7872ca-7ba9-4d76-af28-03f3d6085cc4
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fc7872ca-7ba9-4d76-af28-03f3d6085cc4
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=1daed1ad-3329-414b-a075-73d67cbdd6cf&user_group=1&ssp=google&bsw_param=fc7872ca-7ba9-4d76-af28-03f3d6085cc4
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGE_uuFLno7Libyv1NHmj2THhfAJ-0p1MQrHXPMxgVrT9ziFn64qHhzFBD5fn7tlIu-98bBUOOv-eE9pexOI3SLXD9GkEu7rwDE&google_hm=_HhyynupTXavKAPz1ghc...

170 B
188 B

9ms
8ms

Image
image/png

142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGE_uuFLno7Libyv1NHmj2THhfAJ-0p1MQrHXPMxgVrT9ziFn64qHhzFBD5fn7tlIu-98bBUOOv-eE9pexOI3SLXD9GkEu7rwDE&google_hm=_HhyynupTXavKAPz1ghcxA==

Protocol

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGE_uuFLno7Libyv1NHmj2THhfAJ-0p1MQrHXPMxgVrT9ziFn64qHhzFBD5fn7tlIu-98bBUOOv-eE9pexOI3SLXD9GkEu7rwDE&google_hm=_HhyynupTXavKAPz1ghcxA==
Date: Mon, 17 Jul 2023 10:18:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 917E
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECbxuAdstFY_v7uuavDktWo&google_cver=1&google_push=AaAOQGEpjyn0ueD6CJhtKV-1qvnFKXbUxRDZ1zxBJENt5yz2Lgtl4JX_v0UcNuxFopa2hOTpEjgy4wR4hOncjedcO2tK1VcO3R3jXv8
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AaAOQGEpjyn0ueD6CJhtKV-1qvnFKXbUxRDZ1zxBJENt5yz2Lgtl4JX_v0UcNuxFopa2hOTpEjgy4wR4hOncjedcO2tK1VcO3R3jXv8&google_hm=NTVQQUlTMDFjQkREYTAw...

170 B
188 B

9ms
8ms

Image
image/png

142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AaAOQGEpjyn0ueD6CJhtKV-1qvnFKXbUxRDZ1zxBJENt5yz2Lgtl4JX_v0UcNuxFopa2hOTpEjgy4wR4hOncjedcO2tK1VcO3R3jXv8&google_hm=NTVQQUlTMDFjQkREYTAwN0FlMTk

Protocol

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Mon, 17 Jul 2023 10:18:28 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AaAOQGEpjyn0ueD6CJhtKV-1qvnFKXbUxRDZ1zxBJENt5yz2Lgtl4JX_v0UcNuxFopa2hOTpEjgy4wR4hOncjedcO2tK1VcO3R3jXv8&google_hm=NTVQQUlTMDFjQkREYTAwN0FlMTk
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 917E 43 B
363 B 45ms
3ms Image
image/gif 182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESENOrRqmmMGcHkF7prVcVfwA&google_cver=1&google_push=AaAOQGGd-huMoNZ3v6VRVDAYgEiSXigywnakVkX4ktTCuXR6k3gg9JxJqAfLS93shUr9j-sqkVxyaCcWzeo36GWSi00ysRmYcJO0Yqs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:27 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 379518
expires: Mon, 17 Jul 2023 00:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 917E 42 B
233 B 720ms
238ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEPoGOcR6lzNf_UJebMz7ICk&google_cver=1&google_push=AaAOQGED_SlAaBhYdZXedy7tseowm3ReyjI2yML9VZPLP9dG4IjvRlaEKq3F2dKVOq75NPiysrAFWqPj3zuu3FqXvmHVtNbv-i0nK-g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3130937508&adf=226233620&pi=t.aa~a.105094540~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2051&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2nG1oajVom&p=https%3A//howtoflashdroid.info&dtd=8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jul 2023 10:18:29 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 917E 0
12 B 9ms
5ms Image
text/html 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KOwQt10o8kI-JV3AJx2_MVdPsHRtZx0Mc_2ioxJCB_flhTm1UbFOZh9FwmzY4SRhgo-in2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 99B9 33 KB
33 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 12:09:18 GMT
x-content-type-options: nosniff
age: 511750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jul 2024 12:09:18 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8A6C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

8ms
7ms

Document
text/html

2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 10:18:28 GMT
expires: Mon, 17 Jul 2023 10:18:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 10:18:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 6378 37 KB
14 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 328435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:04:33 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9799 0
0 11ms
8ms Fetch
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqOSZ1PTykXk8HpX752W-VSPV3xTxYlDAvKxOGijA559ptx5VvP5izfP4zMVWrzVVFlwyaOUgYoYuS0J0JP6g_BldSBzU4WPLLWI00EyvCa12R8hl2WSLvv07tMUiK1Q4lLtnfQxaespmc1n40T0_pD85Pa4uZaZ7ZfAswm-PKK2gv2EOKFEqhtjoNyPvDSiu7rbtUMaWvFRKwu69YUSj4YuKh-TSq1uBOYFThcK1cSttsnDLw1bguasCsrBx6AxXVkoZOWloeKQk5MA7Qp1OkUYz40nVyq6ogJAK8hpByCp_Cy18tCMyIouWs0IJSMjJw9rZodX5jnVNWrCYqg_5ov50Kyql60WGAp57LRBi1ozMQ6b8cNcr6lhhRSdfO1ctjerl1iIL9vyzOwPD5fUZL3c1wfr5LFRDe8mJJZ7f3NsHVbxRzF_OhNP5pTJ09gw_lFL9lZFo9da5fwhHpc3Gpc1EkCUGP2U2UnrH2lV2986w_r7xWuENT47Ht7Swk7YWv4GhccLVhwXL06vAZ1qJbtODrHdB2orl53ycSz46DKB3kF-i_T-CWb7poeTz6gKpV2PMXEwPAtSDq-LLMkOgm2PH5UNgtdlNPumyW7EKah96t51hqfqfYwfRKjxe_hzVfOGpoxVGgrk-p3fyho4dVr7VG8dExBmau96xSHQPRj7HTsIPGMgiCXLVDMwpYsXdJ8PwjVhvFD84JYytZtilwshBEh7-3ziSiKE3kdij2GDkFUpmV682Su6tt-GN16m6qAjIBlUIP5RkOwu6dWGOvtITbRf40-SKTSOF45nXGSRpAOizVmVBm-GgS9XeGsV8Uyg2JW4FZ7kFrP9fxpxsHInjSA9Edi_Ohhp8rBstxfdKtje5LyenPFEhdpWVG2HvZYGQoNOl8XNMb88KTC9EjTEyUq2NXU4d8FTr6X_7G5riVDv5RcswWXOi6scaFCGj_bKH4441Abnap1UmUmwo5we3WxabxY_7MMdqGb0DK1xP7IULrl_qd-xSTqUbRDdyhDj_mG5O1fo6Pxf55rabPNwUAcSyHpJC2nLQE4jF9GUkIJnQIL8Y-etAFnd4PAUw7dDYtbSejn9LSLldnrUMZVxDg35kHuMDBvwk8cb5V921GjXwbVU5RvIaOQsln8yydPOeNDjRXnGU6KPYXw2b5ntlk_LXvbAihNelW_sYbbui2hkw6ixliO0G2ogsAnvaIoRY2BEaBA0B2DEFqrh2fHz1u5p-87taXeSxt2cL-egIGMSHW_Qf6ZZp4Xs1rA4_BtzQ4&sai=AMfl-YTqnaJMqsre9hPOjt8hNwgR3SvVLH-LTUYNT53Btk8J74x7oggKhUrm5puIaWxdKsAR695FL4OnfLIK2075rUNYk28xA3wuq6Ml4Tyha940hXIsvDQEdQXHkYTfjEliHwjIZvY8i_ipXaJBcyWfULs8EHBFqOGwHEJi1MKsSLag2vcrKOiPy14B13cm3yY2vEmOP3JEcARWLqzIIvNGESm0UhAspRHqZrZz6GAGu--x3-PUvJM1RBynvDc4HoMZKmoZ&sig=Cg0ArKJSzGhR10Ef1LeTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=269&vt=11&dtpt=119&dett=3&cstd=147&cisv=r20230711.96108&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: howtoflashdroid.info
URL: https://howtoflashdroid.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 17 Jul 2023 10:18:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 99B9 0
19 B 15ms
15ms Image
text/html 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CT98fcxW1ZJLZK8qXjMwP6aq8wAjcsaTYa8_Ord6UEaTn8u2VAhABINjxzCNgvwWgAfaXsbICyAEBqAMByAPDBKoE5wFP0AI91X1fmnkALKGj2DKPLRaOUbyy3B8YvX1MdJrUC8EMJ2UJI3vtcRTW4qSUl_UJtre2Vwm0jFxDuve8vVAKbC_bzxdkwpA6wg276R7tJu1aQN3mHQdApcOD47Y3mj_RnNYT_mCaBG9AW3mgTCwSPpCxooUJnKz0tbwEIvL9mCnUBmCzG1PzFP16qT-y6qavxKPL_OsvJ6fqMP8asA4Z86lpxXim67fWQ0u2WSp6giJjaluCew9WWmvMtPcpyPFfcHEsseFRgJ6PYJQoBnj7Z-boAa4_1k_fbd1l9oepPZNAXvP9-lPABPy4srmSBJIFBAgEGAGSBQQIBRgEoAZmgAfwt-bAA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEJA10ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTAogUENAVAYAXAbIXHAoaCAASFHB1Yi0yODg5NzYxNjc0NzU3ODg5GAA&sigh=AWzds_WbEGo&uach_m=[UACH]&cid=CAQSOwBpAlJWmDKGwTmhc72oiKIjeEeZTuyJLDgDdUX3j2B0qid-0RQSQTxo1Kxi3wlbKXghlbSIN1284cMfGAE&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2889761674757889&output=html&h=90&adk=3130937508&adf=226233620&pi=t.aa~a.105094540~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689589107&rafmt=1&to=qs&pwprc=9981741498&format=1200x90&url=https%3A%2F%2Fhowtoflashdroid.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689589107690&bpp=1&bdt=2051&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D405312fa17c6c0c2-22a4d67abbe200db%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg&gpic=UID%3D00000c218656f05e%3AT%3D1689589106%3ART%3D1689589106%3AS%3DALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=505721281860&frm=20&pv=1&ga_vid=765391587.1689589107&ga_sid=1689589107&ga_hid=1668951181&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31075880%2C42531705%2C44788441&oid=2&pvsid=2543743248634620&tmod=775080442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2nG1oajVom&p=https%3A//howtoflashdroid.info&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 17 Jul 2023 10:18:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 80A2 37 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 328435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:04:33 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6378 0
20 B 7ms
7ms Image
image/gif 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXNRtdBW1ZI7tDv-OmsMPiaKG6A0AAAAAOAHgBAI&bg=!ysmlyZ3NAAb90kgr3dI7ADkAdvg8WhGJbH7PnEZBpTgsAMBoovUwX2_v-hRv7NR3jhaBNhl8-8gSAKZ9yUQkBkkmOUZtYRdl3KQCAAAAjVIAAAAFaAEHmQL-f21-2pTkMcSXavXA583-gs03nBa8k4nzMLeqgvjMCFPOxrJcskOAlwAHR2Fs4Z-_aIMukanTcVBy3Hankj5luEMURNxoOPRZl3aB0gD2o3_GsyL7mHCJdzuMNojeYMAu0Kz7C4uB27ysoAxFyVtTYEg69yLt1TzlojqS60UwAN3S3WWXoIYo_YECyVp1PQY7YtmLRXKOUvYAdFcABmZw140R4RuQP6BBh-QmRCFJ5Z5bijWZGsUK3LCstSBjbKIxQ4mmQq5kw9JQX2idEqV-z615yYzEO4cZy3xa99gy9qCl2xEwbdpRC60Y9CSXBWOl9YGSLKU1f_xPO-HRtJ6IhpkAfhJFR3sZCenCwx7bydjiCDgPfTPAanf_oLAToMNoZdFBu5BG15vZ6HXAMdz0vX3TV8EZTmdpIVEenxf8Gmjhl43_VsGeu4XVJS_aecBib1hBy1rxjxO2nSdiAEOryMemj1S8IFr5OT7KrX5C_X1yDKNtVan3Kx6mlwmXCcUkJ-x_1E1hRnZ2wnS3214fwCef-Z3Xng5RDWrA950wmQcPy6wyaxjyG9BHnFoEkSsdh2HkiEJD5WLTlaPViaa3pCfnzIswPXeTMbwWbiCmRaKNF4GE_JuwNoB8SRTr_FJ1FQ_3tat_whTuEqV-0Ftftrw4Dt-J682uH0NhTbiXbT6nEX9RfQ8S8XjCKx5ajgxamoHzM5LMlOXYwsapKRzvJrGPPNITHJS8uovYt43W2PX1DtpYsjPJ7WJtI4yI68zAT4uUEYOuI0kbue4YgsoWauhdi0-hwO2IsY0oQGI0TvzGM9i3NcQU9sqq7ZHhW0ctA807xME-0qHP_Yort8pWIX1HTlox9zRgba2xtzzs-5USemNa-W5glpi6yZ8G2fkLMhygvPge5lGrBiZQXN6JCcVArzRJf8ZBGMWxLCZibsF9cLVPwZNdzpdgw_jxwgwRL0mGWZA35C6ArPHptXt3c4zM9L4RhZ_VrmxAmHZJPXlavPJ_kgEyV1f7FxY2iw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
d.uuidksinc.net/match/216/ Frame 510C
Redirect Chain

https://fcgi4.gnezdo.ru/cookie_matching/kadam/qbDuYzF89gk2YflBuwx0
https://fcgi4.gnezdo.ru/cookie_matching/kadam/qbDuYzF89gk2YflBuwx0/?redirect=1
https://d.uuidksinc.net/match/216/?remote_uid=XV9maWS1FXUw36JhBFJmAg==

74 B
141 B

166ms
165ms

Image
image/png

185.196.197.130
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.uuidksinc.net/match/216/?remote_uid=XV9maWS1FXUw36JhBFJmAg==
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Server: 185.196.197.130 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:29 GMT
server: nginx/1.23.2
content-length: 74
content-type: image/png

Redirect headers

location: https://d.uuidksinc.net/match/216/?remote_uid=XV9maWS1FXUw36JhBFJmAg==
access-control-allow-origin: *
date: Mon, 17 Jul 2023 10:18:29 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-methods: GET, POST, HEAD

GET
H2

200

smc
z.cdn.adtwister.me/ Frame 510C
Redirect Chain

https://z.cdn.adtarget.me/smc?s=22&u=qbDuYzF89gk2YflBuwx0
https://z.cdn.adtwister.me/smc?s=3&u=qbDuYzF89gk2YflBuwx0

0
246 B

562ms
162ms

Image
text/plain

83.149.70.184
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtwister.me/smc?s=3&u=qbDuYzF89gk2YflBuwx0
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Server: 83.149.70.184 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:21:07 GMT
server: nginx
content-length: 0
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Redirect headers

location: https://z.cdn.adtwister.me/smc?s=3&u=qbDuYzF89gk2YflBuwx0
date: Mon, 17 Jul 2023 10:18:43 GMT
server: nginx
content-length: 0

GET
H2 200 pixel.gif
dmpprof.com/matching/external/ Frame 510C 43 B
743 B 610ms
215ms Image
image/gif 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmpprof.com/matching/external/pixel.gif?sid=14&uid=qbDuYzF89gk2YflBuwx0
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:29 GMT
last-modified: Mon, 17 Jul 2023 10:18:29 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: image/gif
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 pixel.gif
dmpprof.com/matching/external/ Frame 510C 43 B
744 B 609ms
215ms Image
image/gif 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmpprof.com/matching/external/pixel.gif?sid=16&uid=qbDuYzF89gk2YflBuwx0
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:29 GMT
last-modified: Mon, 17 Jul 2023 10:18:29 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: image/gif
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 510C 0
375 B 489ms
160ms Image
text/plain 37.230.131.22
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=158&vid=qbDuYzF89gk2YflBuwx0

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.22 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:29 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://uuidksinc.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 516
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

/
d.uuidksinc.net/match/493/ Frame 510C
Redirect Chain

https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/qbDuYzF89gk2YflBuwx0
https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/qbDuYzF89gk2YflBuwx0/?redirect=1
https://d.uuidksinc.net/match/493/?remote_uid=XV9maWS1FXUw36JhBFJmAg==

74 B
141 B

168ms
168ms

Image
image/png

185.196.197.130
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.uuidksinc.net/match/493/?remote_uid=XV9maWS1FXUw36JhBFJmAg==
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Server: 185.196.197.130 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:29 GMT
server: nginx/1.23.2
content-length: 74
content-type: image/png

Redirect headers

location: https://d.uuidksinc.net/match/493/?remote_uid=XV9maWS1FXUw36JhBFJmAg==
access-control-allow-origin: *
date: Mon, 17 Jul 2023 10:18:29 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-methods: GET, POST, HEAD

GET
H/1.1 204
No Content kadam-sync
rtb.com.ru/ Frame 510C 0
110 B 628ms
207ms Image
text/plain 83.222.114.190
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.com.ru/kadam-sync?uid=qbDuYzF89gk2YflBuwx0
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.222.114.190 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 17 Jul 2023 10:18:29 GMT
Server: nginx/1.18.0

GET
H2

200

/
d.uuidksinc.net/match/585/ Frame 510C
Redirect Chain

https://match.ohmy.bid/cm?ssp=kadam
https://d.uuidksinc.net/match/585/?remote_uid=d75cae39-f774-45e6-92a7-0c816b11e301

74 B
141 B

175ms
165ms

Image
image/png

185.196.197.130
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.uuidksinc.net/match/585/?remote_uid=d75cae39-f774-45e6-92a7-0c816b11e301
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: H2
Server: 185.196.197.130 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:29 GMT
server: nginx/1.23.2
content-length: 74
content-type: image/png

Redirect headers

location: https://d.uuidksinc.net/match/585/?remote_uid=d75cae39-f774-45e6-92a7-0c816b11e301
date: Mon, 17 Jul 2023 10:18:29 GMT
access-control-allow-credentials: true
server: nginx
bidder: bid-16
content-length: 0

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/6573/i/ Frame 510C
Redirect Chain

https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=qbDuYzF89gk2YflBuwx0&i=0.6145006919223752
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1689589109340&a=662&e=qbDuYzF89gk2YflBuwx0&i=0.6145006919223752

49 B
189 B

192ms
192ms

Image
image/gif

185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1689589109340&a=662&e=qbDuYzF89gk2YflBuwx0&i=0.6145006919223752
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx
Protocol: HTTP/1.1
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 17 Jul 2023 10:18:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif

Redirect headers

Date: Mon, 17 Jul 2023 10:18:29 GMT
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1689589109340&a=662&e=qbDuYzF89gk2YflBuwx0&i=0.6145006919223752
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4C4A 42 B
64 B 7ms
7ms Fetch
image/gif 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4ykvY5wH5EHLLSMQnlEYcrxsbpsE0HKDtd5CAei1e4tPhm6Sb5B4dPyxlhNqm5R2cS31rZsRoIeO6Epdgfo6uQ8_C_uG11PIeffBlBL_cX0RS3rrqZQApy8za3Uosg1otNQ6L7NOHyA&sai=AMfl-YQvoJkQL7XMsJUKlekn76zJnZczKbrxGx4A4dhTJdmmzGANcY8VYhirIzjEbr5bZRJAXqqtllyqYOTJ&sig=Cg0ArKJSzH_g6QgrBar-EAE&cid=CAQSGwBpAlJWJkubYxRZF-q-QtBUHBXznY-NUro4zxgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2505405984&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689589106632&rpt=1625&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9799 0
20 B 4ms
4ms Ping
image/gif 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1173719105276&version=m202306200101&ct=76&x=1&cor=12231226478374162000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1-6.jpg
howtoflashdroid.info/wp-content/uploads/2019/10/ 14 KB
15 KB 15ms
14ms Image
image/jpeg 2606:4700:3035::ac43:a661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://howtoflashdroid.info/wp-content/uploads/2019/10/1-6.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4df9fe334dc221b6118b48dda7c22cce97dc5dd14239344aec58dde896caa0d4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://howtoflashdroid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 10:18:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10
alt-svc: h3=":443"; ma=86400
content-length: 14651
pragma: public
last-modified: Thu, 03 Oct 2019 21:43:04 GMT
server: cloudflare
etag: "5d966b68-393b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jx75sBAzqkfcS%2Bm4n802Beu7LypEb%2Fw14av7BqcNUWmGWyme7%2FknbERwGTH2Qw%2Fh5T2Y9cSRYdsaIs7rHis%2FfOTJ4EBMh9U56nfVs3GMH9w6XqA%2F%2FRjSD58sWYvuL6eW3M7PGiwQ9BpbtyKCtdt2840pvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7e81bdecbd364c59-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dc_oe=ChMIjvfz9MGVgAMVf4dmAh0JkQHdEAAYACDqmPJcQhMIgPfT9MGVgAMVGmV9Ch3yHgNn;met=1;&timestamp=1689589118905;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 9799 42 B
401 B 24ms
8ms Image
image/gif 142.251.12.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjvfz9MGVgAMVf4dmAh0JkQHdEAAYACDqmPJcQhMIgPfT9MGVgAMVGmV9Ch3yHgNn;met=1;&timestamp=1689589118905;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jul 2023 10:18:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/img;adv=11072226225113;ec=11072243362951;adv.a=9328736;c.a=30252084;s.a=4528092;p.a=370905656;a.a=562001338;cache=1656224812;

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dmg.digitaltarget.ru/1/6573/i	1970-01-20 22:55:49	Name: viuserid Value: 7R-l-JArYB1x-5F79Pw5
.howtoflashdroid.info/	1970-01-20 13:19:50	Name: __cf_bm Value: EhTt0VVEH_6jEtlef8Sgn0LTfT0Lum8erw2OifXruWE-1689589106-0-AajI7EtpOay4a7FT5aBk+tZ07p/BcnEgyZt5ZwCfEICWG0Kcz3z07mrz1HY9fXxMMg==
.howtoflashdroid.info/	1970-01-20 22:41:25	Name: __gads Value: ID=405312fa17c6c0c2-22a4d67abbe200db:T=1689589106:RT=1689589106:S=ALNI_MZzQmgzSmWpqW7mP9DxlnlaAFb-kg
.howtoflashdroid.info/	1970-01-20 22:41:25	Name: __gpi Value: UID=00000c218656f05e:T=1689589106:RT=1689589106:S=ALNI_Mbuzi2Ui_W-aE0G_BcRF5dxaTxn1g
.yadro.ru/	1970-01-20 22:04:37	Name: FTID Value: 1ajHLo3yC38b1ajHLo001H2O
.yadro.ru/	1970-01-20 22:04:37	Name: VID Value: 1HU7YD05Tzeb1ajHLo001H5l
bakibarus.com/	1970-01-20 22:55:49	Name: userid Value: edda242b-bcf1-47c5-bd3e-d14542b569ca
.howtoflashdroid.info/	1970-01-20 22:05:25	Name: pmvid Value: edda242b-bcf1-47c5-bd3e-d14542b569ca
.bakibarus.com/	1970-01-20 14:03:01	Name: uuid Value: edda242b-bcf1-47c5-bd3e-d14542b569ca
.doubleclick.net/	1970-01-20 13:19:52	Name: DSID Value: NO_DATA
.uuidksinc.net/	1970-01-20 22:05:25	Name: jcsuuid Value: qbDuYzF89gk2YflBuwx0
.bakibarus.com/	1970-01-20 14:03:01	Name: oid Value: qbDuYzF89gk2YflBuwx0
.doubleclick.net/	1970-01-20 22:55:49	Name: IDE Value: AHWqTUm1ljz3VYX3OlBgFOOvJNmzToKMpT_WqMZDPThakbmmOPRZEpa7ZNuC-MpH_3c
.doubleclick.net/	1970-01-20 17:39:01	Name: APC Value: Aa3gxNrWBHVWW49G2udZsWRd1Hce8MXuwfMUwKD8JCjzDelLGb3CtA
.adsrvr.org/	1970-01-20 22:06:51	Name: TDID Value: 7f58d7f7-3761-4c21-b59e-258cf7cb47ab
.adsrvr.org/	1970-01-20 22:06:51	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI4siqpKaugzwQBRgFIAEoAjILCObPgNG8roM8EAU4AQ..
.blismedia.com/	1970-01-20 22:05:29	Name: b Value: 64B5157490844F46BBB21DFBBLIS
.send.microad.jp/	1970-01-20 15:29:25	Name: TR Value: aad9dd0362ae9b1108a2028768f8f80570194e604b95f81f
.teads.tv/	1970-01-20 22:03:58	Name: tt_viewer Value: 0cbe4434-ab44-4fa9-a954-7940523133d7
.turn.com/	1970-01-20 17:39:01	Name: uid Value: 2682842726762307288
.socdm.com/	1970-01-20 22:55:49	Name: SOC Value: ZLUVdMCo8YEAAJa8J6QAAAAA
.casalemedia.com/	1970-01-20 22:05:25	Name: CMID Value: ZLUVdMj1kRSLjEXDURy6oAAA
.casalemedia.com/	1970-01-20 15:29:25	Name: CMPS Value: 5339
.casalemedia.com/	1970-01-20 15:29:25	Name: CMPRO Value: 5339
.bidswitch.net/	1970-01-20 22:05:25	Name: tuuid Value: fc7872ca-7ba9-4d76-af28-03f3d6085cc4
.bidswitch.net/	1970-01-20 22:05:25	Name: c Value: 1689589108
.bidswitch.net/	1970-01-20 22:05:25	Name: tuuid_lu Value: 1689589108
.r-ad.ne.jp/	1970-01-20 17:39:01	Name: r_ad_token Value: 55PAIS01cBDDa007Ae19
.adnxs.com/	1970-01-20 15:29:25	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In3qEJ'U!]tbPl1M>e)ZlrFUfJ+tGXxoaKyy9$<'T-vEDEM^<<e`ZHIyJA`dW83A0l0e3If)y3KL9D3I?+^!zEkX
.adnxs.com/	1970-01-20 15:29:25	Name: uuid2 Value: 7717853885435531817
.tribalfusion.com/	1970-01-20 15:29:25	Name: ANON_ID Value: aWnseFujieEo7YxU36hTwmDtB0v56aZdYP73aUmnGCv4fXZdYTnqIdsrnNEERyd0BBCngv3T1jnJSFiAK1O7Vy
.socdm.com/	1970-01-20 22:55:49	Name: SOSYNC Value: anNvbjp7ImdkbiI6MTY4OTU4OTEwOH0
pool.admedo.com/	1970-01-20 22:05:25	Name: tuuid Value: 1daed1ad-3329-414b-a075-73d67cbdd6cf
pool.admedo.com/	1970-01-20 22:05:25	Name: c Value: 1689589109
pool.admedo.com/	1970-01-20 22:05:25	Name: tuuid_lu Value: 1689589109
.hybrid.ai/	1970-01-20 22:05:25	Name: vid Value: e77fc7cb330109895041
.ohmy.bid/	1970-01-20 14:03:01	Name: uid Value: d75cae39-f774-45e6-92a7-0c816b11e301.64b51575.513212d3ec8e7b6
dmpprof.com/	1970-01-20 13:20:32	Name: nmatch Value: 14_qbDuYzF89gk2YflBuwx0
dmpprof.com/	1970-01-20 22:55:49	Name: uid Value: 50123211-2535-4ac9-b52e-31a7f6f71e5b
.gnezdo.ru/	1970-01-20 22:55:49	Name: uid Value: XV9maWS1FXUw36JhBFJmAg==
.cdn.adtwister.me/	1970-01-20 22:55:49	Name: AU Value: cfb40aa561e1d4b6

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ad.atdmt.com/i/img;adv=11072226225113;ec=11072243362951;adv.a=9328736;c.a=30252084;s.a=4528092;p.a=370905656;a.a=562001338;cache=1656224812; Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEFq7xLMgSKTeoIUVGP8si6o&google_cver=1&google_push=AaAOQGE2xF-dBxtPFvnNMsFLVzICupsREjKT7WU4lU7XexJX_9oRsZ_JVVTRiPHB1welR9t3PoVgmCbxAvTNUrNdX-iRMpgNSimLryHOzOBGfONxb1HyOR-lGilUro1oyVu3ni1aiw3ymwXQRdOQE5a4MbYD Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-2889761674757889&fa=3&ifi=7&uci=a!7&btvi=4&xpc=7v18LJUG37&p=https%3A//howtoflashdroid.info Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.atdmt.com
ad.turn.com
ade.googlesyndication.com
adservice.google.com
aid.send.microad.jp
app.cauly.co.kr
bakibarus.com
cm.g.doubleclick.net
counter.yadro.ru
cs.r-ad.ne.jp
d.uuidksinc.net
dis.criteo.com
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dmpprof.com
dsp.adkernel.com
dsum-sec.casalemedia.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
gdn.socdm.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
howtoflashdroid.info
ib.adnxs.com
match.adsrvr.org
match.ohmy.bid
pagead2.googlesyndication.com
partner.googleadservices.com
pool.admedo.com
r.turn.com
rtb.com.ru
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
sync.teads.tv
tg.socdm.com
tpc.googlesyndication.com
tr.blismedia.com
uuidksinc.net
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.cdn.adtarget.me
z.cdn.adtwister.me
ad.atdmt.com
104.254.151.69
124.146.153.152
124.146.215.48
133.186.161.89
139.5.84.243
142.251.10.157
142.251.12.155
167.235.14.51
174.137.133.49
18.176.234.133
182.161.73.146
185.15.175.134
185.196.197.130
2001:df2:a300:bbbb::135
202.233.84.1
23.35.185.50
2404:6800:4003:c00::84
2404:6800:4003:c02::5e
2404:6800:4003:c02::68
2404:6800:4003:c02::9d
2404:6800:4003:c03::95
2404:6800:4003:c04::9b
2404:6800:4003:c05::5e
2404:6800:4003:c06::5f
2404:6800:4003:c11::9d
2404:6800:4003:c1a::9a
2606:4700:3035::ac43:a661
2606:4700:3036::6815:b9b
2606:4700::6812:19ad
31.220.27.134
34.96.105.8
35.213.12.39
37.230.131.22
52.197.0.12
52.223.40.198
74.125.24.157
81.171.9.38
83.149.70.184
83.222.114.190
85.192.12.174
88.208.46.40
88.212.201.198
93.95.102.105
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
0334c0c2d70c970191f851e9112a742e154e604681f9a8d3be74d0ffdd59ba67
08615884da35954d08671f202529ef0a73dd61b61eb3ba1713e7a6582efd92a4
086f28f4fc5c91f0eb055ca750a4cbf931f7181aa95f93d9184a3c40bfddf3a8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fb991b077f3f76c35ce273155e820f13b099b06de23bf0de1f4425a9546a76c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130ec31c9d8a7b78de0fba2a0d27ba5fb815f915aa1fd4c5aabc53d65356ed24
13f073249036352d689faf66d543b2c0207632287cd56059c5b400d935872c28
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
180cea6780fa0cfeced6b1d0213ee23234b8c9f3d5004d8021f932027e53e065
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1c17352e5633ec80b4119d0de6423c132f5367f1a0c247823b0d0bca07e382ec
1e7e9290128eeab27ddee2d798aa9dfa9c9dda30a2c5b9ada03db89ddf915b0d
23dd244610d71c5a5d46af19adf2822276cc438c978cc9bcb009bde0a1028271
28189aac6589c2ef067cb62642a1f56778434bbb67a33c797b0267a905b40869
294ed1734fd63bdeca41e4ac6d668c513ea6932b0030ee10c605d09efba1900e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d8b11622797e1dd73c57159fafd4a6938714f95228288530a876065baadc13c
2e1907636f0d73d2c5e00379f84e680c350405ea0e12b8c044bd0d62bb50a542
2e35e63b6a2ac56baab0026a5a3fbf5e24961e88dd700645942b9b5886b2eec5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c2f7ad76a0204f22afbccd16edc26daaf9e62c2f075816a1e6663eaffdc042
35358fdad65fcca1fd4e6469dd2c40841fc68f6d16b17158e94def7eacf42d71
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
3c87875b1cf77a07133664677898d1dded80132428a2347db53cb93c68052220
3f20e01d6ac32aba2f27f356fac29d35fdd9939dc02615a4b451430d4655f5fa
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
418647ed5b3463861f4923340539235a52100797a7f178e9e007cc40c2059a3f
41b0a51a5c6139abb628bfa38b8df9320fd77759660a90fc88269aa4f3d04d57
42236227f44359bb084c21684d213ce111a972cb15542fd0e88a605452b7c917
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4df9fe334dc221b6118b48dda7c22cce97dc5dd14239344aec58dde896caa0d4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5198aed4d088436c25d6cacfb20bcaa6114c3c63fe5b39093b6a67449a5246d3
51ae4fda41a62ad134c5fb0c2ffe04c05e4171c8a2b2652c870911220bba3d93
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58bad43fcbcba5e30bbe58e0aff4cee6719859286059dadce0a0c6633d1163a2
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dd2fb63b8f2b24da4e95f6e5fd2e8b83489e3a9c9836b9d20b2bbcec1d41784
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5f484a9625fbdcc9a551878e222f3c011d9493a69fd44cca1c735becd76c1aa7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
680c3022cc282fcd77065fb1426440aad21211d33c54235539e7966fd581214b
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
68a26b08cde6288800b69bf8cd88b91bcfdff8a8cc60ab48ba50c29ed8243043
69796621f817f0bc4092ce77682c1823f3b1b86e3b73f37cec578fe7c5d43a9a
72e543a774e41e2e6ea0eeee2f237ac17ef1c0458d0cef7bc620ba6328ab6f54
74e2b5f86b95f0f80cbef98923497c389df01262bedddc80c14b61542988a3c0
8230215aa4d483f91d3840c7acbcf271390c4fcde182de98ceedaa6433e44887
84ea4047816c8928943257669d444012cc4c9fd70f500d6d4cd1b5104c647b21
8a8c8adb1a70fa3e854a1523820a4bb582205bf371c9230a4ff997677c100eb2
8d03e9a5a2529edb052980e3611509b61ef23d2a39a6dae5485a696278911558
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
91d9866c20a98f0d6fc4a8f54f8b05a37664ca1b82590e04a51635f388d3dd0f
92c8f8c7932f976730f3b153100ac3ebbb1b413b81866c63cadcf24d43e2a6f8
990608a3eadd5c8cfb12dccddaa7a3de19c2b24cc72130cd48470862d2243257
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c077edfeaae78671fb834c7742d6d0da4c78c039d4c9e8775f88609441afa2a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a07d2eee90344a59202f9295e4c3cf6cc183b00a02c7ae78a05631dee7243393
a4901e3553f4cc0f20b164fe027dcc0aca8a81cc2de3018cabce7c96c86d7708
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15de03b3fa5761bc5bcded219f4e5107bd4a903689bd753a631235db70bd931
b2baf3671158281db6e5dd56f401b6c97ea4b6250fadbc0fe799f7c529a33954
b5a4673f867a23a93a2bab0d46a310509187c30b86dc7241365939118165280f
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
b7fadac05aecc75ead64f983f91be82591522f3213186c444ca97bc533f1993d
bf4a3d7e03480df4e0de5f2dcd5674097cd0bd0e853b6833f14cfc14065dddb4
c0742df10943a9aa9c8ff0c9d87af05d5d550c9f8ae6eb1752ea08b9fc933096
c632bd9c762bc146066f2ccf9ec7e37b71fa26df06345845e2e189b5f7e2990a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce9d8e24963e63f769d4746976af3a5f127276efa690e5f468483348dfd2f020
cf39820e113b583cda9e8114c125379fe110f27c6e9c1e0aa1ad51ebd64dabbc
d2dd9edf3e5a74f7b692b0706f037c829673ec089589d2b8be7495bfa297a00d
d5824baec71ad985b33b6e305ae78e2cd757342b48464153551beeae9421eb88
d9941202f9efd6961e3e7cb01c3347e95a204e6c94e215381369182c3db43f0e
da0533fdaa03a916b497503f459f37d21a6d78fa4b11b70bf33c655d71375d42
df73d956eff8fc9016fe8d23c2338a67d39a1df3dcc8f12b947e1538b1163baf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5a9350768a03bcf6ffe28cd0c4660f1320ad607bbbb38b438187d7cf66dcc99
e7f1dc4fdf54b2f9ad3c116d82a514d4a5262a057ee29052f5d1dd56b645f5ab
ec548fede039c2734706b5b5f5ff19d9f57523dec90c99ce99524a97599b47f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0062998045896ff945ab94cb4bb5d79f48ca948dc5bdaba7f8356e9ebb8beae
f018c8e57de79fe1f8a29552474241b6073230a5c19666d56a939df3876ed9c4
f0ef67cc3529a22527f581d3a94e900f25eed25d8686c26222a09600976edf6a
f580e5520c394d593225ae7248e6df1457840ebfa56db9b3d2651ce413e883ed
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fffeca646555545c8fb0fb9fc1d08b6e9481509b0f0fb78b4243807ca076410c

howtoflashdroid.info Open in urlscan Pro 2606:4700:3035::ac43:a661 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

187 Requests

89 %HTTPS

33 %IPv6

36 Domains

47 Subdomains

35 IPs

8 Countries

1882 kBTransfer

4374 kBSize

41 Cookies

1 Outgoing links

Page URL History

Redirected requests

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

howtoflashdroid.info Open in urlscan Pro
2606:4700:3035::ac43:a661 Public Scan

Screenshot
Live screenshot

Full Image

187
Requests

89 %
HTTPS

33 %
IPv6

36
Domains

47
Subdomains

35
IPs

8
Countries

1882 kB
Transfer

4374 kB
Size

41
Cookies

187 HTTP transactions
3 data transactions