Submitted URL: http://dogedroid.biz/
Effective URL: https://dogedroid.biz/
Submission: On April 19 via manual from PH

Summary

This website contacted 24 IPs in 2 countries across 19 domains to perform 74 HTTP transactions. The main IP is 2606:4700:3031::6815:2c4b, located in United States and belongs to CLOUDFLARENET, US. The main domain is dogedroid.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 5th 2021. Valid for: a year.
This is the only time dogedroid.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:e6:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 85.10.201.130 24940 (HETZNER-AS)
11 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
9 162.0.235.241 22612 (NAMECHEAP...)
1 151.139.128.10 20446 (HIGHWINDS3)
1 2a00:f48:2000... 47447 (TTM)
1 162.0.235.250 22612 (NAMECHEAP...)
1 2600:1f18:510... 14618 (AMAZON-AES)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
74 24
Domain Requested by
11 www.colorfulads.com dogedroid.biz
www.colorfulads.com
9 ayelads.xyz dogedroid.biz
ayelads.xyz
7 googleads.g.doubleclick.net www.adthurst.com
googleads.g.doubleclick.net
6 pagead2.googlesyndication.com www.adthurst.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
5 tpc.googlesyndication.com googleads.g.doubleclick.net
5 www.adthurst.com dogedroid.biz
www.adthurst.com
4 fonts.gstatic.com fonts.googleapis.com
4 dogedroid.biz 1 redirects dogedroid.biz
3 fonts.googleapis.com maxcdn.bootstrapcdn.com
ayelads.xyz
googleads.g.doubleclick.net
2 cloudflareinsights.com static.cloudflareinsights.com
2 www.googletagservices.com www.adthurst.com
googleads.g.doubleclick.net
2 www.gstatic.com www.google.com
googleads.g.doubleclick.net
2 www.google.com 1 redirects dogedroid.biz
1 partner.googleadservices.com www.adthurst.com
1 adservice.google.com www.adthurst.com
1 adservice.google.com.pk www.adthurst.com
1 icon2.cleanpng.com ayelads.xyz
1 dcba.popcash.net cdn.popcash.net
1 static.a-ads.com ad.a-ads.com
1 ayelads.com dogedroid.biz
1 cdn.iople.com dogedroid.biz
1 cdn.popcash.net dogedroid.biz
1 ad.a-ads.com dogedroid.biz
1 ajax.googleapis.com dogedroid.biz
1 static.cloudflareinsights.com dogedroid.biz
1 maxcdn.bootstrapcdn.com dogedroid.biz
0 p.iople.com Failed cdn.iople.com
74 27

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-03-05 -
2022-03-04
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
www.google.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA
2020-12-02 -
2022-01-02
a year crt.sh
ayelads.xyz
Sectigo RSA Domain Validation Secure Server CA
2021-03-08 -
2022-03-08
a year crt.sh
cdn.popcash.net
R3
2021-03-21 -
2021-06-19
3 months crt.sh
cdn.iople.com
R3
2021-04-13 -
2021-07-12
3 months crt.sh
ayelads.com
Sectigo RSA Domain Validation Secure Server CA
2020-12-23 -
2021-12-23
a year crt.sh
*.popcash.net
AlphaSSL CA - SHA256 - G2
2020-04-21 -
2021-04-22
a year crt.sh
*.google.com.pk
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.google.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.googleadservices.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh

This page contains 12 frames:

Primary Page: https://dogedroid.biz/
Frame ID: 1E39395A0461C072FEE04770AEDBBCA0
Requests: 17 HTTP requests in this frame

Frame: https://ad.a-ads.com/1589779?size=728x90
Frame ID: 97ED93DFB3A3116BF89ACDC4C6B39E64
Requests: 3 HTTP requests in this frame

Frame: https://www.colorfulads.com/ads/banner?au=1772&awidth=728&aheight=90
Frame ID: 2AE4EE7DD5D21FC0B5E64C5D540B6C2F
Requests: 5 HTTP requests in this frame

Frame: https://www.colorfulads.com/ads/banner?au=1704&awidth=468&aheight=60
Frame ID: D1BBEEC335AEF6FDFF1E4F05E666FA94
Requests: 6 HTTP requests in this frame

Frame: https://ayelads.xyz/ads/display.php?ad=2aMharl
Frame ID: C5F266E64B1DB2EC02FB290370FFE09B
Requests: 12 HTTP requests in this frame

Frame: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Frame ID: FA13401D16056CD7986B61108CF7B788
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
Frame ID: 6C1100C58C87A429EA8E6C813B7583E9
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&adk=1812271804&adf=1573534164&lmt=1613213550&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&ea=0&flash=0&pra=7&wgl=1&dt=1613213561344&bpp=10&bdt=588&idt=567&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&prev_fmts=300x250&nras=1&correlator=4356774016526&frm=20&pv=1&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=0&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=575
Frame ID: EA03AB56584871A77BD2A1688F6FFAA5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: AFFBB2773FCF77BB67B924424A053982
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html?fsb=1
Frame ID: FA0136933B0490D6086EDB896B68C111
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 55F46765CBE0C518F61D5199882509F9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Frame ID: 49CE0165D68F2ACB5AE8E1741B3D7B8F
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://dogedroid.biz/ HTTP 301
    https://dogedroid.biz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

74
Requests

99 %
HTTPS

78 %
IPv6

19
Domains

27
Subdomains

24
IPs

2
Countries

1454 kB
Transfer

3600 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dogedroid.biz/ HTTP 301
    https://dogedroid.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

74 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
dogedroid.biz/
Redirect Chain
  • http://dogedroid.biz/
  • https://dogedroid.biz/
19 KB
9 KB
Document
General
Full URL
https://dogedroid.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:2c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
0f25144e71c72702c8e0733ef8249b786ac432f2ea0b81830d835d6634a2a0d3

Request headers

:method
GET
:authority
dogedroid.biz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d09f8c2c62f63b735eba57174a21cb9eb1618815065; expires=Wed, 19-May-21 06:51:05 GMT; path=/; domain=.dogedroid.biz; HttpOnly; SameSite=Lax; Secure PHPSESSID=0n6pg7jh5qcrd47psurfemjia7; path=/
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
098a7eb4c400002c4e8cbf8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0%2FyUPp%2BZ5kbNFs%2BSJI1KqrUlRvDDl5Ux%2BaalAUGp3i12Auzcf9BGZp4g33TVZkqTsHjTCFqXkOfH4qzzymL%2Fxyn0KVBOMF37zeKiC3kGjkoEFKdj0LxT%2BwIr"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
642433ce0e092c4e-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Mon, 19 Apr 2021 06:51:05 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 19 Apr 2021 07:51:05 GMT
Location
https://dogedroid.biz/
cf-request-id
098a7eb4a000002b7da3157000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dNya8xEOfUfMa27u%2FFZWmaDHULubWfDawQlBGM9vlXzWXzhPmu%2BbNi7AI%2FgD0P3k2AjNyddIOsTymOh2IDAKIFjn%2Bgg5pJWsqzL5XTeh7TUVBZNqHaL91amM"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
642433cdc8fd2b7d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootswatch/3.3.7/readable/
122 KB
19 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/readable/bootstrap.min.css
Requested by
Host: dogedroid.biz
URL: https://dogedroid.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33805ac33a57da066aa55710d66fb5bbea61b69802b943fcc209fe7c39453d1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dogedroid.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617
age
3407719
cdn-cachedat
2021-03-10 20:29:25
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
098a7eb8e400001f41aa137000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:28 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
b32480b037cc8d7f9e2aff757186bf89
cf-ray
642433d49a641f41-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
style.css
dogedroid.biz/css/
391 B
664 B
Stylesheet
General
Full URL
https://dogedroid.biz/css/style.css
Requested by
Host: dogedroid.biz
URL: https://dogedroid.biz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d063369a9f06cf383da63b6027b9f882e7575570efe2cec0c0e5e91e1a2c6326

Request headers

:path
/css/style.css
pragma
no-cache
cookie
__cfduid=d09f8c2c62f63b735eba57174a21cb9eb1618815065; PHPSESSID=0n6pg7jh5qcrd47psurfemjia7
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
dogedroid.biz
referer
https://dogedroid.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dogedroid.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Jan 2021 12:26:46 GMT
server
cloudflare
age
600
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kZM8JbALt9r%2FhxzJaE%2FgjYSDfYeObMWkA3zP8OJQ8arS1JVp5P0j2SwBMHfL9oI1T%2BMDbTHSTEiIwO2mQ3R0TxTgD4iKvRZMI2LQ%2FrBEz8US5UB6fYe1%2Bhwr"}]}
content-type
text/css
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
642433d4b818c303-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
098a7eb8f30000c303a5b5a000000001
beacon.min.js
static.cloudflareinsights.com/
13 KB
5 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: dogedroid.biz
URL: https://dogedroid.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5202075998311dcab7a8020419ac0009f951d88c5d40696612d440857828ffd8

Request headers

Referer
https://dogedroid.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
642433d50b1c3248-FRA
cf-request-id
098a7eb9200000324871ba5000000001
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: dogedroid.biz
URL: https://dogedroid.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dogedroid.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 04:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6833
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 04:57:13 GMT
bootstrap.min.js
dogedroid.biz/js/
36 KB
10 KB
Script
General
Full URL
https://dogedroid.biz/js/bootstrap.min.js
Requested by
Host: dogedroid.biz
URL: https://dogedroid.biz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

:path
/js/bootstrap.min.js
pragma
no-cache
cookie
__cfduid=d09f8c2c62f63b735eba57174a21cb9eb1618815065; PHPSESSID=0n6pg7jh5qcrd47psurfemjia7
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dogedroid.biz
referer
https://dogedroid.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dogedroid.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Jan 2021 12:26:46 GMT
server
cloudflare
age
411
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i%2FsVDbr4Ql%2BHI7OQihWbNVOLXNnP4PYWII%2B7xAjJsTc5Z3%2FLH4XWjvxCa%2FUdhxC8yELOIOmk3jAZ01ZyIPw7ukKOcdgAhbbkA%2FdwnX3re7ouGfX6WljUlx87"}]}
content-type
application/javascript
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
642433d4b816c303-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
098a7eb8f20000c303e3041000000001
api.js
www.google.com/recaptcha/
850 B
643 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: dogedroid.biz
URL: https://dogedroid.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
260bebdb07a9a925d59a7c266ffcc5cb73966a20096ac5a8c1e544c802bcc6fb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dogedroid.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Mon, 19 Apr 2021 06:51:06 GMT
items.php
www.adthurst.com/display/
67 KB
11 KB
Script
General
Full URL
https://www.adthurst.com/display/items.php?1235&355&300&250&1&0&0
Requested by
Host: dogedroid.biz
URL: https://dogedroid.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c008 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0621cbca64bc60db853d0cf476bf6067da340522da0c89a750dba59413f82ed

Request headers

Referer
https://dogedroid.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
098a7eb92b00004a61042cf000000001
pragma
no-cache
last-modified
Mon, 19 Apr 2021 06:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E3tgYsCYhpB7FiSoYIifYGpGrgEiS58iHXvboVvqD7jHeU6xvlFe%2Bp7YXru%2F6jVn08gyBJoKOVAKADMAbi6OHkwabbglJdrspkz03LN5kga5CWbsOeUdO4ncviTw"}]}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
642433d51caf4a61-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/
3 KB
651 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/readable/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4742e1a4c1df0339643a265f15aa0613d87ebb277bdd6eec56302d3155d0f780
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://maxcdn.bootstrapcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 04:52:10 GMT
server
ESF
date
Mon, 19 Apr 2021 06:51:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 06:51:06 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/
334 KB
130 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://dogedroid.biz
Referer
https://dogedroid.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 13:55:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60919
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133125
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 21:07:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Apr 2022 13:55:47 GMT
1589779
ad.a-ads.com/ Frame 97ED
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1589779?size=728x90
Requested by
Host: dogedroid.biz
URL: https://dogedroid.biz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.201.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-201-130.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger
Resource Hash
1b9680a668004a30051be5b29516ef6cc2da76f884ba250e3135add92ed6ec82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://dogedroid.biz/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dogedroid.biz/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Mon, 19 Apr 2021 06:51:06 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger
X-Original-Referer
https://dogedroid.biz/
Content-Encoding
gzip
banner
www.colorfulads.com/ads/ Frame 2AE4
950 B
922 B
Document
General
Full URL
https://www.colorfulads.com/ads/banner?au=1772&awidth=728&aheight=90
Requested by
Host: dogedroid.biz
URL: https://dogedroid.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.16 PleskLin
Resource Hash
ecafcac529a10f1f4b9f1f928b0c28f8b3398afa40642d27af06eb23216b9b96

Request headers

:method
GET
:authority
www.colorfulads.com
:scheme
https
:path
/ads/banner?au=1772&awidth=728&aheight=90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dogedroid.biz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dogedroid.biz/

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d27752c92983c804b4512da24dfbdf5c51618815066; expires=Wed, 19-May-21 06:51:06 GMT; path=/; domain=.colorfulads.com; HttpOnly; SameSite=Lax; Secure
x-powered-by
PHP/7.4.16 PleskLin
cf-cache-status
DYNAMIC
cf-request-id
098a7eb9470000dfef50132000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E3Zeh8VviVrqEjIlrQFPxuFBK3kJOAlj8%2FEG6Pnl3klupiUTm8yDrwqdFlcm2RMBCy7oI4rQNzsaBmYrNpmFaNOykUpKTQMV1zZGr6HBFSi0CPMUR1OomaBFUJXgF3gQ"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
642433d53bebdfef-FRA
content-encoding
br
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://dogedroid.biz
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 10:38:22 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:37:32 GMT
server
sffe
age
331964
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47272
x-xss-protection
0
expires
Fri, 15 Apr 2022 10:38:22 GMT
banner
www.colorfulads.com/ads/ Frame D1BB
950 B
588 B
Document
General
Full URL
https://www.colorfulads.com/ads/banner?au=1704&awidth=468&aheight=60
Requested by
Host: dogedroid.biz
URL: https://dogedroid.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.16 PleskLin
Resource Hash
80740900eb95a8b47ad2a46f0a7e5ae0bea995f66856e13d5685842e5739ec48

Request headers

:method
GET
:authority
www.colorfulads.com
:scheme
https
:path
/ads/banner?au=1704&awidth=468&aheight=60
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dogedroid.biz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dogedroid.biz/

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d27752c92983c804b4512da24dfbdf5c51618815066; expires=Wed, 19-May-21 06:51:06 GMT; path=/; domain=.colorfulads.com; HttpOnly; SameSite=Lax; Secure
x-powered-by
PHP/7.4.16 PleskLin
cf-cache-status
DYNAMIC
cf-request-id
098a7eb9620000dfef25995000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qGFbCE%2BPiI4kLYlcU%2B%2Ft3erUYSwjHjdC%2Fk9TZbs%2BbdbiRfe%2FAlyGFHulmRCc5n%2FVQ%2BwNpk6H1OWqwkmCZOksWWlojQv1skeNoQDU6Gt7YzpStHA8QkFobE%2FNr3vJ%2BGIk"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
642433d56c29dfef-FRA
content-encoding
br
display.php
ayelads.xyz/ads/ Frame C5F2
2 KB
2 KB
Document
General
Full URL
https://ayelads.xyz/ads/display.php?ad=2aMharl
Requested by
Host: dogedroid.biz
URL: https://dogedroid.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
719f1d8a1d984f7ec868ac9e36e0aac7162c9f8295aebb5b6575c52df60649d9

Request headers

:method
GET
:authority
ayelads.xyz
:scheme
https
:path
/ads/display.php?ad=2aMharl
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dogedroid.biz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dogedroid.biz/

Response headers

x-powered-by
PHP/7.2.34
set-cookie
PHPSESSID=ba2c071adc85bdafc64ab5516036a190; path=/; secure AYID=%7B%22sec_to_refresh%22%3A0%2C%22time_ads%22%3A1618815066%2C%22ads_viewed%22%3A%5B%5D%7D; expires=Mon, 19-Apr-2021 07:51:06 GMT; Max-Age=3600; path=/; SameSite=None; Secure 2aMharl=%7B%22dataTag%22%3A%7B%22username%22%3A%22prabu16%22%2C%22site%22%3A%222450%22%2C%22domain%22%3A%22dogedroid.biz%22%2C%22startG%22%3A%220%22%2C%22tag%22%3A%222aMharl%22%2C%22status%22%3A%22Active%22%2C%22country%22%3A%22ZZ%22%2C%22device%22%3A%22Desktop%22%2C%22category%22%3A%2235%22%2C%22size%22%3A%22320x70%22%2C%22banners%22%3A%7B%22rt%22%3A%5B1%2C2%5D%2C%22id%22%3A%5B%221533%22%2C%221534%22%5D%7D%2C%22tRotate%22%3A2%7D%7D; expires=Mon, 19-Apr-2021 07:51:06 GMT; Max-Age=3600; path=/; SameSite=None; Secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
content-length
548
content-encoding
br
vary
Accept-Encoding
date
Mon, 19 Apr 2021 06:51:06 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
show.js
cdn.popcash.net/
125 KB
36 KB
Script
General
Full URL
https://cdn.popcash.net/show.js
Requested by
Host: dogedroid.biz
URL: https://dogedroid.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a12f358b0d0eb8cd45b81bf39485969c511224ea79e84980294523b1cd72519

Request headers

Referer
https://dogedroid.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nR2%2FvPwKzV3jgl%2FTlNoAZ1HljYmQRka4mq4puPPQpSUhNt1qafzplUCLLu6OvTZp1JBQLUAsxfs%2FhsMOWwFmgYb%2BKd7eY%2BD6jtdIsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-length
36232
cf-request-id
0957c917700000b4b42a322000000001
last-modified
Fri, 02 Apr 2021 10:00:10 GMT
server
cloudflare
etag
W/"6066eb2a-1f3c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1618815066.cds068.sk1.hn,1618815066.cds020.sk1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
63d31138bed9b4b4-RIX
show-api.js
cdn.iople.com/
125 KB
41 KB
Script
General
Full URL
https://cdn.iople.com/show-api.js
Requested by
Host: dogedroid.biz
URL: https://dogedroid.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
7f56a14ee77289d70cc0c6c92c3ec53beae83480b5f8c96a2a4e61b34a12b2aa

Request headers

Referer
https://dogedroid.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
481
cdn-cachedat
2021-04-16 04:29:40
cdn-pullzone
244525
cf-request-id
097a8a2650000007468b051000000001
expires
Sun, 16 May 2021 04:29:39 GMT
last-modified
Thu, 15 Apr 2021 14:09:51 GMT
server
BunnyCDN-DE1-481
cdn-requestpullcode
200
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yq36geySflCx0Xxg9ZMxFPIdE%2BD4S4OjGcueZXK6TexI5hIUkQUI3JAvdyq%2FkG%2FDSQnzBRwelooAkUGuevfhIHTFosxidV2KnUSUvQ%3D%3D"}],"group":"cf-nel"}
content-type
application/javascript
cdn-cache
HIT
cdn-uid
81f0ee8a-6b19-463e-a8be-46c199377685
cache-control
max-age=2592000, public
cdn-requestid
ff2164fc6df58c9e2831d06046ffe66c
cf-ray
640aac83bf2b0746-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
close.png
ayelads.com/res/files/images/
870 B
991 B
Image
General
Full URL
https://ayelads.com/res/files/images/close.png
Requested by
Host: dogedroid.biz
URL: https://dogedroid.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium161-4.web-hosting.com
Software
Apache /
Resource Hash
55fc896cba0f3d0a634bd0b580f72ad2445ca0e1545099b516a66c02e1a15109

Request headers

Referer
https://dogedroid.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
last-modified
Fri, 12 Mar 2021 16:13:37 GMT
server
Apache
accept-ranges
bytes
content-length
870
content-type
image/png
jquery-1.12.2.min.js
www.colorfulads.com/ads/js/ Frame 2AE4
95 KB
33 KB
Script
General
Full URL
https://www.colorfulads.com/ads/js/jquery-1.12.2.min.js
Requested by
Host: www.colorfulads.com
URL: https://www.colorfulads.com/ads/banner?au=1772&awidth=728&aheight=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9

Request headers

Referer
https://www.colorfulads.com/ads/banner?au=1772&awidth=728&aheight=90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6053
x-powered-by
PleskLin
cf-request-id
098a7eb9cf0000dfef4b21f000000001
last-modified
Wed, 13 Jan 2021 08:08:49 GMT
server
cloudflare
etag
W/"5ffeaa91-17bdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UcD2xaWxMuIEdz6DHI8Sin1WcfulV9p6aojgxnHJetJp9wcbBHp3jvqKhDS%2B%2FgOV8lll0E0SNB8PMxMpDiXlGHsfW%2BvIFp%2BL8eEENF65nyhYkj4WoBE6rylcnNix5eSz"}]}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
642433d61cdfdfef-FRA
index.php
www.adthurst.com/display/ Frame FA13
14 KB
4 KB
Document
General
Full URL
https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/items.php?1235&355&300&250&1&0&0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c008 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86060621f9a6e9e37b46f3ae27da3f924f5e9b5263ba64edc30ec5749548cd5c

Request headers

:method
GET
:authority
www.adthurst.com
:scheme
https
:path
/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dogedroid.biz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dogedroid.biz/

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddcbe9dbfbfee154181d1f82ab974228b1618815066; expires=Wed, 19-May-21 06:51:06 GMT; path=/; domain=.adthurst.com; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
098a7ebb1100004a6172b09000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6uK5oOPd8jsCyKRJ6efccAYoo11DormjMM6BXwEfcmtEMGSK1vD3iIfslDuO2FzH%2Bqc5k%2FhSO0B%2F1ZOYoWIT9DOAZagxyQbz%2FA1DeIoBlbyaTS8CH9EYplPIL2s2"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
642433d819cd4a61-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-1.12.2.min.js
www.colorfulads.com/ads/js/ Frame D1BB
95 KB
33 KB
Script
General
Full URL
https://www.colorfulads.com/ads/js/jquery-1.12.2.min.js
Requested by
Host: www.colorfulads.com
URL: https://www.colorfulads.com/ads/banner?au=1704&awidth=468&aheight=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9

Request headers

Referer
https://www.colorfulads.com/ads/banner?au=1704&awidth=468&aheight=60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6053
x-powered-by
PleskLin
cf-request-id
098a7eb9e30000dfef9f1ef000000001
last-modified
Wed, 13 Jan 2021 08:08:49 GMT
server
cloudflare
etag
W/"5ffeaa91-17bdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=InuSceKJhGUC24e3%2FRviAOXKQKsUI4YgwN94igZeJOHlB20iMSFWw1Kad2QmWGHHFdZH8zHF4Oc6tnk%2FzgmHss0yfJvD5mr9o1k9OATBzw6TZfyRkYkgW4B7TgZTKM58"}]}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
642433d63cf0dfef-FRA
/
p.iople.com/dcba/
0
0

show
www.colorfulads.com/ads/ Frame 2AE4
984 B
728 B
XHR
General
Full URL
https://www.colorfulads.com/ads/show
Requested by
Host: www.colorfulads.com
URL: https://www.colorfulads.com/ads/js/jquery-1.12.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.16, PleskLin
Resource Hash
86b5e09c5a47140c7c6669842ac31024c3d97c175b1c1a7c1a9278c875b93b33

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.colorfulads.com/ads/banner?au=1772&awidth=728&aheight=90
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.16, PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I3IGH%2Fm4Uhiu0j992YRhcZ20A3NIVdtSdz6O7hAxTXdq4upqE5JXVQ6qlGZUTdwj1KJC%2Fw2MXAF%2Bhrdy4uoogIXqXSBgzK8uZL7SURIf%2F6zdChFQSM3EH7g84MGQ9Yyw"}]}
content-type
text/html; charset=UTF-8
cf-ray
642433d6ad6adfef-FRA
cf-request-id
098a7eba260000dfef26272000000001
728x90
static.a-ads.com/a-ads-banners/138591/ Frame 97ED
373 KB
373 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/138591/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1589779?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.201.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-201-130.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fb2215226d036d98743f203c58adaeb2af89893ea2a16382e0e01cb4233b227f

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 06:51:06 GMT
Last-Modified
Thu, 11 Feb 2021 20:21:39 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
783DB91E4009FB4C
ETag
"8216c6388e50f01b218447890cd78272"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
381868
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
null
x-amz-id-2
TnYxsr2Hl6ely6K5Qlx5FR2lXSnHeWEEU96WfMLOwuaVXG0YgV5aAMCvuMN61BMRoywNJ4pmQiU=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
show
www.colorfulads.com/ads/ Frame D1BB
765 B
892 B
XHR
General
Full URL
https://www.colorfulads.com/ads/show
Requested by
Host: www.colorfulads.com
URL: https://www.colorfulads.com/ads/js/jquery-1.12.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.16, PleskLin
Resource Hash
c9e6e1e6c6e9f005a9ce0ee4b19025e8a9ff1169e11f251e0ad7afa3a3f22075

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.colorfulads.com/ads/banner?au=1704&awidth=468&aheight=60
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.16, PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2S3JoLYMM%2FF3ZjuXv9ouAAsgC2Gwbwsn3PhwtPRFNCjoTaOhLggiiuuMb3CV4B1jjOvpFSx6%2BEm2JuyZe0DegMC5pUG%2FyGl%2BFZp3D6dgPJ42bT0EIU6Vrep%2FWoKyxTQu"}]}
content-type
text/html; charset=UTF-8
cf-ray
642433d6dd99dfef-FRA
cf-request-id
098a7eba460000dfef5c9bf000000001
znWaa3gu
dcba.popcash.net/
0
118 B
XHR
General
Full URL
https://dcba.popcash.net/znWaa3gu
Requested by
Host: cdn.popcash.net
URL: https://cdn.popcash.net/show.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:510:800:2943:bb87:a771:c207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dogedroid.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 19 Apr 2021 06:51:06 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
truncated
/ Frame 97ED
305 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
728x90.css
www.colorfulads.com/ads/css/adunits/ Frame 2AE4
919 B
696 B
Stylesheet
General
Full URL
https://www.colorfulads.com/ads/css/adunits/728x90.css
Requested by
Host: www.colorfulads.com
URL: https://www.colorfulads.com/ads/js/jquery-1.12.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
81881c0c059b7f03f40286f5d64b9101d30a028303d3146b9aa7ab3311da1631

Request headers

Referer
https://www.colorfulads.com/ads/banner?au=1772&awidth=728&aheight=90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5661
x-powered-by
PleskLin
cf-request-id
098a7eba840000dfef83afa000000001
last-modified
Wed, 13 Jan 2021 11:41:27 GMT
server
cloudflare
etag
W/"5ffedc67-7b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pfy3UPzo%2Bs18P%2FUBKwP0juZMZbLP%2BpJlpEXmfIntfMixpS5WA4R%2BrPL76wX%2BoH5s8Itd5hRkpWwRg%2BUahELz3LEKumASR2NXVkzUUuEfzciTYkOS7u2iVQ6fTkGEXCYa"}]}
content-type
text/css
cache-control
max-age=86400
cf-polished
origSize=1974
cf-ray
642433d73e09dfef-FRA
cf-bgj
minify
Travel-Baloon-icon_24.png
www.colorfulads.com/ads/css/adunits/images/ Frame 2AE4
2 KB
2 KB
Image
General
Full URL
https://www.colorfulads.com/ads/css/adunits/images/Travel-Baloon-icon_24.png
Requested by
Host: www.colorfulads.com
URL: https://www.colorfulads.com/ads/css/adunits/728x90.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
87480388d4097dfd1aaaa0a4b8e2df07bc7b0dc395523ac28a74cbaf3fe16ae2

Request headers

Referer
https://www.colorfulads.com/ads/css/adunits/728x90.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5916
x-powered-by
PleskLin
content-length
1802
cf-request-id
098a7ebaa10000dfef5c9c4000000001
last-modified
Wed, 13 Jan 2021 08:09:02 GMT
server
cloudflare
etag
"5ffeaa9e-70a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8qS6obhiAek0NeO3LktWxtOg51Ki36ajfRafSMe00gFKuiiuEVfq0G3mlMjwz8%2BQowRWSnc%2FaDFcffF%2Fa87%2BzFSSOzXWAWucqaMJRKg0ge2QS%2Bpw66cjUUcj3FxjedyJ"}]}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
642433d76e4ddfef-FRA
468x60.css
www.colorfulads.com/ads/css/adunits/ Frame D1BB
918 B
697 B
Stylesheet
General
Full URL
https://www.colorfulads.com/ads/css/adunits/468x60.css
Requested by
Host: www.colorfulads.com
URL: https://www.colorfulads.com/ads/js/jquery-1.12.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ee67879316535942bf60fa04003e0517c9ccf6ca7aa26b9fde2669707ac17b29

Request headers

Referer
https://www.colorfulads.com/ads/banner?au=1704&awidth=468&aheight=60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5899
x-powered-by
PleskLin
cf-request-id
098a7ebab20000dfef7cb27000000001
last-modified
Sun, 17 Jan 2021 17:26:30 GMT
server
cloudflare
etag
W/"60047346-7f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=erHkKZMq2AvXTyUQtGaUiaioS9UCuj%2BgxMKQr8Xya70WxKHWMmQQGudq%2FmxggHAkvqhnhD%2F5AI78wX%2F8mPpF3xKVvzIfVTPhX4iEKi4f%2Bg2bibDbWMPD4pr4mZzaRlNt"}]}
content-type
text/css
cache-control
max-age=86400
cf-polished
origSize=2041
cf-ray
642433d78e73dfef-FRA
cf-bgj
minify
9B75597B1D79E5941D1FEB699EEEBA6D.png
www.colorfulads.com/ads/banners/ Frame D1BB
33 KB
33 KB
Image
General
Full URL
https://www.colorfulads.com/ads/banners/9B75597B1D79E5941D1FEB699EEEBA6D.png
Requested by
Host: www.colorfulads.com
URL: https://www.colorfulads.com/ads/banner?au=1704&awidth=468&aheight=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a7196deee8b21bd0be274b77cd4c0a5b190dd9e38524f1cc33e6233ad6d6d2c0

Request headers

Referer
https://www.colorfulads.com/ads/banner?au=1704&awidth=468&aheight=60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5775
x-powered-by
PleskLin
content-length
33535
cf-request-id
098a7ebac10000dfef339a7000000001
last-modified
Fri, 15 Jan 2021 10:31:40 GMT
server
cloudflare
etag
"60016f0c-82ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lN74SqVSolKk3Xd3kCas6dt0g1E2vOJcXLx8iXRQMe4hHs6TWQPG0NmeWYEhmGHNoi75X9qcVQ%2BbYAHZSvhqAVd7%2F2G85%2BL%2FcMPYfIz2wmAuGXfYJbSgV5fZtpN9NPcE"}]}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
642433d79e93dfef-FRA
Travel-Baloon-icon_24.png
www.colorfulads.com/ads/css/adunits/images/ Frame D1BB
2 KB
2 KB
Image
General
Full URL
https://www.colorfulads.com/ads/css/adunits/images/Travel-Baloon-icon_24.png
Requested by
Host: www.colorfulads.com
URL: https://www.colorfulads.com/ads/css/adunits/468x60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
87480388d4097dfd1aaaa0a4b8e2df07bc7b0dc395523ac28a74cbaf3fe16ae2

Request headers

Referer
https://www.colorfulads.com/ads/css/adunits/468x60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:06 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5916
x-powered-by
PleskLin
content-length
1802
cf-request-id
098a7ebad40000dfef378fa000000001
last-modified
Wed, 13 Jan 2021 08:09:02 GMT
server
cloudflare
etag
"5ffeaa9e-70a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h3Zy1OskotJKK4QWOkUriCRCaoYPKfwJLYczTQfOEGxoWvRNVgrhzM%2BcKSXXmAes9Rnxf5S8kEl2a4IHzWtEf6XsW3u38I28f7sIDAIF70l1Og4GqwHhWeTJLzyWkVvo"}]}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
642433d7beb8dfef-FRA
bootstrap.min.css
ayelads.xyz/ads/blogs/page/assets/css/plugins/ Frame C5F2
156 KB
21 KB
Stylesheet
General
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/plugins/bootstrap.min.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=2aMharl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=2aMharl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
br
last-modified
Sun, 03 May 2020 10:45:06 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
21341
expires
Mon, 26 Apr 2021 06:51:07 GMT
animate.min.css
ayelads.xyz/ads/blogs/page/assets/css/plugins/ Frame C5F2
17 KB
3 KB
Stylesheet
General
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/plugins/animate.min.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=2aMharl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
04fda2ef451c89e4f7e2dcd0eb500f6d53ab1b4be3dd2dc33481ae8e09ff5582

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=2aMharl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
br
last-modified
Tue, 24 Mar 2020 10:24:04 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2503
expires
Mon, 26 Apr 2021 06:51:07 GMT
fontawesome.css
ayelads.xyz/ads/blogs/page/assets/css/plugins/ Frame C5F2
97 KB
16 KB
Stylesheet
General
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/plugins/fontawesome.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=2aMharl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
d96061cedb4ea4c0910f9399fc43c897e5e64609c531ddb6e06aa852476e0abf

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=2aMharl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
br
last-modified
Sun, 15 Mar 2020 11:49:06 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
16241
expires
Mon, 26 Apr 2021 06:51:07 GMT
modal-video.min.css
ayelads.xyz/ads/blogs/page/assets/css/plugins/ Frame C5F2
2 KB
737 B
Stylesheet
General
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/plugins/modal-video.min.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=2aMharl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
a6bb15a4ba4beb9df438b7a9d80fabb63b8133c414b993b355cab1a2d22c933b

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=2aMharl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
br
last-modified
Thu, 05 Jul 2018 18:08:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
508
expires
Mon, 26 Apr 2021 06:51:07 GMT
owl.carousel.css
ayelads.xyz/ads/blogs/page/assets/css/plugins/ Frame C5F2
4 KB
1 KB
Stylesheet
General
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/plugins/owl.carousel.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=2aMharl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
87b34f2c1c4c30f70478efc10c6c026f9311019f028157314717e6ddfa4c1f4b

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=2aMharl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
br
last-modified
Wed, 01 Mar 2017 03:43:12 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1005
expires
Mon, 26 Apr 2021 06:51:07 GMT
slick.css
ayelads.xyz/ads/blogs/page/assets/css/plugins/ Frame C5F2
2 KB
712 B
Stylesheet
General
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/plugins/slick.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=2aMharl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=2aMharl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
br
last-modified
Tue, 26 Nov 2019 15:55:18 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
483
expires
Mon, 26 Apr 2021 06:51:07 GMT
stellarnav.css
ayelads.xyz/ads/blogs/page/assets/css/plugins/ Frame C5F2
18 KB
3 KB
Stylesheet
General
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/plugins/stellarnav.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=2aMharl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
c016b1105987478ad49e8706100461eb859767769103bce14584e781512c83fe

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=2aMharl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
br
last-modified
Mon, 15 Jun 2020 07:45:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3053
expires
Mon, 26 Apr 2021 06:51:07 GMT
theme.css
ayelads.xyz/ads/blogs/page/assets/css/ Frame C5F2
278 KB
27 KB
Stylesheet
General
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/theme.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=2aMharl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
a00f405459223ccbe7cbd89727a81da3c7e0c2a416799065f32d957e225103d8

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=2aMharl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
br
last-modified
Fri, 26 Jun 2020 19:25:16 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
27625
expires
Mon, 26 Apr 2021 06:51:07 GMT
kisspng-free-bitcoin-miner-earn-btc-maker-free-bitcoin-m-5af870345bfde7.7572209215262310923768.jpg
icon2.cleanpng.com/20180513/scq/ Frame C5F2
11 KB
12 KB
Image
General
Full URL
https://icon2.cleanpng.com/20180513/scq/kisspng-free-bitcoin-miner-earn-btc-maker-free-bitcoin-m-5af870345bfde7.7572209215262310923768.jpg
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=2aMharl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72cd6f7f43a4c30fbdc0c43f61a659796e73d2aa33b768bcab2c38c019a4e0c0

Request headers

Referer
https://ayelads.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
610213
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11287
cf-request-id
098a7ebbe900004ee0f52d7000000001
last-modified
Sun, 13 May 2018 17:04:52 GMT
server
cloudflare
etag
"5af87034-2c17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xhQWTHjkoTROlFuVcuzWOrjUQ4r6vQxgzmt2kdgPy6Gr%2FZ6DtalOpz9igFy%2FWXxvoZMqMGCFikRxFCKec5kL%2F5PgEYaOLNMM0QLDco59UovQRnn%2BNW9T%2BTCUFp8k2iY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
642433d97f274ee0-FRA
expires
Thu, 22 Apr 2021 05:20:54 GMT
integrator.js
adservice.google.com.pk/adsid/ Frame FA13
107 B
799 B
Script
General
Full URL
https://adservice.google.com.pk/adsid/integrator.js?domain=1xbtc.io
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adthurst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FA13
107 B
553 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=1xbtc.io
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adthurst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
jquery.min.js
www.adthurst.com/display/js/ Frame FA13
243 KB
68 KB
Script
General
Full URL
https://www.adthurst.com/display/js/jquery.min.js
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c008 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Referer
https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Jun 2020 12:51:32 GMT
server
cloudflare
age
6161
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rD7z1klbHE96xRAxfNkvZ1ApIO2boIFa2N6z366FdU%2BtOuOn%2FBhZeC5yhqOAcXOjbp850gI3kANfDJ3fJmtAOLGzkcICGkpSq75zjgTGtPfvSyhDO9cHenoXZktC"}]}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
642433dc08704a61-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
098a7ebd8200004a614919d000000001
data.png
www.adthurst.com/images/ Frame FA13
931 B
1 KB
Image
General
Full URL
https://www.adthurst.com/images/data.png
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c008 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Referer
https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5681
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
931
cf-request-id
098a7ebed100004a61599ef000000001
last-modified
Mon, 15 Jun 2020 12:51:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h%2FtC8mmdP%2B0EbtxDHVVZpXGlhFSN1Mjpt7efHPS72z1M%2FEXTtSiGjcs7LJpMdhbUNL1n2%2FoT0FNwDQHKF%2BQ2R%2FMzrRzcKABYFutY4a3WwDg%2BU%2FG5ygSe%2BYtsq1jg"}]}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
642433de1c674a61-FRA
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ Frame FA13
141 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/reactive_library_fy2019.js
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75d1da1c7feacc8417efb86dcc4b595827e38a207fb4a772f0ac7c41da33d165
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adthurst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52030
x-xss-protection
0
server
cafe
etag
17808355337443541007
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Apr 2021 06:51:07 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame FA13
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adthurst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Mon, 19 Apr 2021 06:51:07 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame FA13
114 B
554 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=1xbtc.io&callback=_gfp_s_&client=ca-pub-3528081563288327&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
0393f25e6ca05685e941866beef66f8d398d7909293d1b04869b48d205075ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adthurst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ Frame FA13
222 KB
83 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e26f358dbe4357e0ae1d6e59d9a4e99be8a6fbc2202e0bf239fa9d1437f7432
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adthurst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84744
x-xss-protection
0
server
cafe
etag
18221160154537679417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Apr 2021 06:51:07 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame FA13
134 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dad2ac3f093b8cdcca3bfce4fb4d0d7c2e72bd3247ea05ec5e383559d4c3a77f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adthurst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48646
x-xss-protection
0
server
cafe
etag
9885252380620520250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 19 Apr 2021 06:51:07 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6C11
66 KB
23 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6a94ee0c3b873662985cf45c77bf02a950133a4822fbda975187890440102b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adthurst.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adthurst.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 19 Apr 2021 06:51:08 GMT
server
cafe
content-length
23356
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 19-Apr-2021 07:06:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 19 Apr 2021 06:51:08 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame EA03
6 KB
1 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&adk=1812271804&adf=1573534164&lmt=1613213550&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&ea=0&flash=0&pra=7&wgl=1&dt=1613213561344&bpp=10&bdt=588&idt=567&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&prev_fmts=300x250&nras=1&correlator=4356774016526&frm=20&pv=1&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=0&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=575
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
184cc52321ab549f1aecb77665b83abd68a210fbf2a2a3cea479468f16e07fbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&adk=1812271804&adf=1573534164&lmt=1613213550&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&ea=0&flash=0&pra=7&wgl=1&dt=1613213561344&bpp=10&bdt=588&idt=567&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&prev_fmts=300x250&nras=1&correlator=4356774016526&frm=20&pv=1&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=0&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=575
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adthurst.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adthurst.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 19 Apr 2021 06:51:07 GMT
server
cafe
content-length
1145
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 19-Apr-2021 07:06:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 19 Apr 2021 06:51:07 GMT
cache-control
private
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame AFFB
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210211/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adthurst.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adthurst.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 18 Apr 2021 14:39:37 GMT
expires
Sun, 02 May 2021 14:39:37 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
58290
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame FA01
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html?fsb=1
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210211/r20190131/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adthurst.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.adthurst.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 18 Apr 2021 10:00:10 GMT
expires
Sun, 02 May 2021 10:00:10 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
75057
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/ Frame FA13
222 KB
83 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3528081563288327&plah=www.adthurst.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.adthurst.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84747
x-xss-protection
0
server
cafe
etag
7950800710615234990
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 19 Apr 2021 06:51:07 GMT
sra_handler_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame EA03
8 KB
4 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/sra_handler_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&adk=1812271804&adf=1573534164&lmt=1613213550&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&ea=0&flash=0&pra=7&wgl=1&dt=1613213561344&bpp=10&bdt=588&idt=567&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&prev_fmts=300x250&nras=1&correlator=4356774016526&frm=20&pv=1&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=0&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
519f3e87b52d3349f56c0e73a76c176c0efef89c8b12bc95a6ea4a11ea4eda93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 14:34:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3932
x-xss-protection
0
server
cafe
etag
1680741357225643630
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 14:34:55 GMT
css2
fonts.googleapis.com/ Frame C5F2
4 KB
411 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Heebo:wght@100;300;400;500;700;800;900&display=swap
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/blogs/page/assets/css/theme.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e5e0a6998d4ce7d61bcc50446126b3b5d33c1064581e84375b7c25771ff6751
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ayelads.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 06:41:53 GMT
server
ESF
date
Mon, 19 Apr 2021 06:51:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 06:51:07 GMT
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v10/ Frame C5F2
26 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/heebo/v10/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@100;300;400;500;700;800;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
305f84b1a2b213b5c07fe806145b7ca9756a6d927a70d57fabade68c62bb90e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ayelads.xyz
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Feb 2021 19:03:17 GMT
server
sffe
age
74849
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27112
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
css
fonts.googleapis.com/ Frame 6C11
3 KB
578 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 06:16:55 GMT
server
ESF
date
Mon, 19 Apr 2021 06:51:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 06:51:08 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 6C11
1 KB
909 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:46:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 May 2021 06:46:02 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 6C11
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:48:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7113
x-xss-protection
0
server
cafe
etag
11066897925667386271
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 May 2021 06:48:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 6C11
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:49:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 May 2021 06:49:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C11
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Mon, 19 Apr 2021 06:51:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 6C11
13 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 May 2021 06:51:00 GMT
b42b11247d0ebeb7b44892ca7e629453.js
www.gstatic.com/mysidia/ Frame 6C11
25 KB
10 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 10:27:13 GMT
server
sffe
age
416871
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10497
x-xss-protection
0
expires
Tue, 13 Jul 2021 11:03:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6C11
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C84wFWyh9YNHMJNLW-gb995f4A9Tx_e1h0PL0jaENjYzAvZMlEAEgnL6oOmCViviBlAegAZzbzeEDyAEBqQIgAuV8Ixq0PqgDAcgDywSqBJwBT9AOBC7Aflo6xL3z6ePo1RjcBQgneP8q_WuTtfwTS6bRDaO8xvenhWw1okIo0c9mz1wCrv4EI0HpuZdNfH-4kAUF4_QC7rKs-deENpPFaawH11ZMJxF5u7xmdGxea_K_tAJx5SxPLGA405_ePl-AqZMksbOXw_4AjyrtzituQBH9sAAbCLuTzA7VkgOQXBaWRKRejX3r-5tDLjXWwASCiobnwgOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHzKSyHqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCarwnSCAkIgOGAEBABGB-ACgHICwHYEw2IFAGYFgGyFxoKGAgAEhRwdWItMzUyODA4MTU2MzI4ODMyNw&sigh=SWbKoz0hvCU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 19 Apr 2021 06:51:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 19 Apr 2021 06:51:08 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 55F4
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnT2XkIS-1NXMGmeEgJoxWdzgJYp-Hz2J24joo2P4AwIdOI34CSPUj37Ojv9yU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 19 Apr 2021 06:41:26 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
582
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6C11
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4eea1733b9e01faf1f0fb102b9e45253de4b5bd95cb0c3dec6df01033ba8f439

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6C11
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
362886
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:03:02 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6C11
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
74850
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 55F4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnT2XkIS-1NXMGmeEgJoxWdzgJYp-Hz2J24joo2P4AwIdOI34CSPUj37Ojv9yU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 19 Apr 2021 06:51:08 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 19-Apr-2021 06:52:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 19 Apr 2021 06:51:08 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 19 Apr 2021 06:51:08 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
pagead2.googlesyndication.com/bg/ Frame 49CE
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3528081563288327&output=html&h=250&slotname=9744456138&adk=2113135940&adf=3025194257&pi=t.ma~as.9744456138&w=300&lmt=1613213550&psa=1&format=300x250&url=http%3A%2F%2F1xbtc.io%2Fcrypto%2F&flash=0&wgl=1&dt=1613213561336&bpp=8&bdt=580&idt=538&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0000000000000000%3AT%3D0%3AS%3D&correlator=4356774016526&frm=20&pv=2&ga_vid=1670974488.1589047207&ga_sid=1613213562&ga_hid=1624293709&ga_fc=1&u_tz=300&u_his=5&u_java=0&u_h=831&u_w=1477&u_ah=831&u_aw=1477&u_cd=24&u_nplug=3&u_nmime=4&adx=8&ady=8&biw=1478&bih=759&scr_x=0&scr_y=0&eid=182984100%2C182984300%2C21068083%2C21068769%2C21068893%2C21068785&oid=3&pvsid=3651221640124249&pem=278&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1477%2C0%2C1477%2C831%2C1478%2C759&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XUtcv4ORQR&p=http%3A//1xbtc.io&dtd=563
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 05:34:55 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
4573
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5682
x-xss-protection
0
expires
Tue, 19 Apr 2022 05:34:55 GMT
rum
cloudflareinsights.com/cdn-cgi/ Frame
0
0
Preflight
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://dogedroid.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 19 Apr 2021 06:51:08 GMT
content-type
text/plain
access-control-allow-origin
https://dogedroid.biz
access-control-allow-methods
POST,OPTIONS
access-control-allow-headers
Content-Type
access-control-max-age
86400
vary
Origin
access-control-allow-credentials
true
server
cloudflare
cf-ray
642433e38e2b4a86-FRA
x-frame-options
DENY
x-content-type-options
nosniff
content-encoding
gzip
rum
cloudflareinsights.com/cdn-cgi/
0
78 B
XHR
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dogedroid.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 19 Apr 2021 06:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://dogedroid.biz
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
642433e39e3c4a86-FRA
vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 6C11
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6e3FodHyi736HDsUbOGwbYqnWPQwURuQvVIBmx4Rn2Opo4uAidXPkTsekUgOhutdDRs7nr6mLSomcTmEMTnbTd7CWDN9zGYeX3-1qyW89lLlq1zhgbSCGFhdIcQ&sai=AMfl-YQVsNVlcq7XFPaWUkxtHq2G8LDd0SxKla3NnbFYn1o8ySZ66MBBKj8Nm8dNfG91uWjxjpItil4Updfr&sig=Cg0ArKJSzE8Y6KQUjVghEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2113135940&rs=2&met=mue&la=0&cr=0&vs=4&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 06:51:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.php
www.adthurst.com/track/ Frame FA13
136 B
530 B
Script
General
Full URL
https://www.adthurst.com/track/index.php?page=click/data/0|45|0|355|1235|1|817|2|0|45|0.00015|0.00015|0|0/06df98d3e5156ed15e6463a1ef3bd969/1618815086/DE/
Requested by
Host: www.adthurst.com
URL: https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c008 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69224bb2ca87ca88dfc6ab3cbcf7d2d38c02e3aead04b0dd047a7cf2c44065bb

Request headers

Referer
https://www.adthurst.com/display/index.php?page=query/items/&aduid=1235&width=300&height=250&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&page_data=340a65aeedb41411b17b663fd68762fd&time=1618815066&deliver=dogedroid.biz&search_keywords=&page_referrer=aHR0cHM6Ly9kb2dlZHJvaWQuYml6Lw==&page_title=Dogedroid&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:51:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I8EccRNxx1tvS3pY2c8ClL8NSPRDSyCXJp5ik5wYdbPozeeQiNHZiyfDh%2FH8ljIoqPHs7Rj1QpmnKLXAAQPYDdPiS3eTWH%2FElkxCLdqephNdgBVgcDIr5dwujKIw"}]}
content-type
application/javascript
cf-ray
64243414ba314a61-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
098a7ee0f200004a6149062000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p.iople.com
URL
https://p.iople.com/dcba/

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| jQuery1113039268399944782706 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| xJQiFuBpqiis string| oPECTcKZTC number| EDTMtOzEkB number| FmGwVmHtrw number| cYqAxGWJCC number| lowkDcYasv function| owCLPjLIpo object| GUyzpwlVFC number| c2 number| c1 object| KoCXH95wJQAG function| PTRJFkxfOI string| uid string| wid object| pop_tag undefined| p$00a object| _0x5d4b function| _0x208c object| p$00a1618815066478zz string| decrypt object| recaptcha number| adcode_count function| post_sticky_handler function| post_noads_handler function| post_trackdata_handler function| post_skin_handler function| post_expandable_handler function| post_pop_handler function| post_interstitial_handler function| post_native_handler function| native_resize_handler function| post_iframe_handler object| ItemDataScript_parameter string| ItemDataScript_parameter_new object| ItemDataScript_parameter_seperate string| aduid string| pid string| width string| height string| displaytype number| responsive number| block_id object| page_meta_data string| page_title string| page_referrer string| meta_description string| meta_keywords string| search_keywords number| currently_rendered number| currently_rendered_flag string| currently_rendered_adunit string| cpc_impression object| cpm_impression string| cpa_impression string| cpd_impression string| cpv_impression object| html_impression string| ret string| iframe_src string| popns number| pop_cdn boolean| N3 object| IOarzRhPlP number| pop_fcap string| urlorigin object| responsedata string| cookie_content_value object| cookie_content_data

5 Cookies

Domain/Path Name / Value
ayelads.xyz/ Name: 2aMharl
Value: %7B%22dataTag%22%3A%7B%22username%22%3A%22prabu16%22%2C%22site%22%3A%222450%22%2C%22domain%22%3A%22dogedroid.biz%22%2C%22startG%22%3A%220%22%2C%22tag%22%3A%222aMharl%22%2C%22status%22%3A%22Active%22%2C%22country%22%3A%22ZZ%22%2C%22device%22%3A%22Desktop%22%2C%22category%22%3A%2235%22%2C%22size%22%3A%22320x70%22%2C%22banners%22%3A%7B%22rt%22%3A%5B1%2C2%5D%2C%22id%22%3A%5B%221533%22%2C%221534%22%5D%7D%2C%22tRotate%22%3A2%7D%7D
ayelads.xyz/ Name: AYID
Value: %7B%22sec_to_refresh%22%3A0%2C%22time_ads%22%3A1618815066%2C%22ads_viewed%22%3A%5B%5D%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUnT2XkIS-1NXMGmeEgJoxWdzgJYp-Hz2J24joo2P4AwIdOI34CSPUj37Ojv9yU
dogedroid.biz/ Name: PHPSESSID
Value: 0n6pg7jh5qcrd47psurfemjia7
.dogedroid.biz/ Name: __cfduid
Value: d09f8c2c62f63b735eba57174a21cb9eb1618815065

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
adservice.google.com
adservice.google.com.pk
ajax.googleapis.com
ayelads.com
ayelads.xyz
cdn.iople.com
cdn.popcash.net
cloudflareinsights.com
dcba.popcash.net
dogedroid.biz
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
icon2.cleanpng.com
maxcdn.bootstrapcdn.com
p.iople.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.a-ads.com
static.cloudflareinsights.com
tpc.googlesyndication.com
www.adthurst.com
www.colorfulads.com
www.google.com
www.googletagservices.com
www.gstatic.com
p.iople.com
142.250.186.98
151.139.128.10
162.0.235.241
162.0.235.250
2600:1f18:510:800:2943:bb87:a771:c207
2606:4700:20::681a:1ad
2606:4700:3031::6815:2c4b
2606:4700::6810:5e41
2606:4700::6810:5f41
2606:4700::6812:acf
2606:4700:e6::ac40:c008
2606:4700:e6::ac40:ce0e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:f48:2000:1023::3
85.10.201.130
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a
0393f25e6ca05685e941866beef66f8d398d7909293d1b04869b48d205075ac1
04fda2ef451c89e4f7e2dcd0eb500f6d53ab1b4be3dd2dc33481ae8e09ff5582
0f25144e71c72702c8e0733ef8249b786ac432f2ea0b81830d835d6634a2a0d3
11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
184cc52321ab549f1aecb77665b83abd68a210fbf2a2a3cea479468f16e07fbd
1b9680a668004a30051be5b29516ef6cc2da76f884ba250e3135add92ed6ec82
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
260bebdb07a9a925d59a7c266ffcc5cb73966a20096ac5a8c1e544c802bcc6fb
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
305f84b1a2b213b5c07fe806145b7ca9756a6d927a70d57fabade68c62bb90e4
33805ac33a57da066aa55710d66fb5bbea61b69802b943fcc209fe7c39453d1f
4742e1a4c1df0339643a265f15aa0613d87ebb277bdd6eec56302d3155d0f780
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4e5e0a6998d4ce7d61bcc50446126b3b5d33c1064581e84375b7c25771ff6751
4eea1733b9e01faf1f0fb102b9e45253de4b5bd95cb0c3dec6df01033ba8f439
519f3e87b52d3349f56c0e73a76c176c0efef89c8b12bc95a6ea4a11ea4eda93
5202075998311dcab7a8020419ac0009f951d88c5d40696612d440857828ffd8
55fc896cba0f3d0a634bd0b580f72ad2445ca0e1545099b516a66c02e1a15109
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
69224bb2ca87ca88dfc6ab3cbcf7d2d38c02e3aead04b0dd047a7cf2c44065bb
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
6e26f358dbe4357e0ae1d6e59d9a4e99be8a6fbc2202e0bf239fa9d1437f7432
719f1d8a1d984f7ec868ac9e36e0aac7162c9f8295aebb5b6575c52df60649d9
72cd6f7f43a4c30fbdc0c43f61a659796e73d2aa33b768bcab2c38c019a4e0c0
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
75d1da1c7feacc8417efb86dcc4b595827e38a207fb4a772f0ac7c41da33d165
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
7a12f358b0d0eb8cd45b81bf39485969c511224ea79e84980294523b1cd72519
7f56a14ee77289d70cc0c6c92c3ec53beae83480b5f8c96a2a4e61b34a12b2aa
80740900eb95a8b47ad2a46f0a7e5ae0bea995f66856e13d5685842e5739ec48
81881c0c059b7f03f40286f5d64b9101d30a028303d3146b9aa7ab3311da1631
86060621f9a6e9e37b46f3ae27da3f924f5e9b5263ba64edc30ec5749548cd5c
86b5e09c5a47140c7c6669842ac31024c3d97c175b1c1a7c1a9278c875b93b33
87480388d4097dfd1aaaa0a4b8e2df07bc7b0dc395523ac28a74cbaf3fe16ae2
87b34f2c1c4c30f70478efc10c6c026f9311019f028157314717e6ddfa4c1f4b
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9
a00f405459223ccbe7cbd89727a81da3c7e0c2a416799065f32d957e225103d8
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a6bb15a4ba4beb9df438b7a9d80fabb63b8133c414b993b355cab1a2d22c933b
a7196deee8b21bd0be274b77cd4c0a5b190dd9e38524f1cc33e6233ad6d6d2c0
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
c016b1105987478ad49e8706100461eb859767769103bce14584e781512c83fe
c9e6e1e6c6e9f005a9ce0ee4b19025e8a9ff1169e11f251e0ad7afa3a3f22075
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
d063369a9f06cf383da63b6027b9f882e7575570efe2cec0c0e5e91e1a2c6326
d96061cedb4ea4c0910f9399fc43c897e5e64609c531ddb6e06aa852476e0abf
dad2ac3f093b8cdcca3bfce4fb4d0d7c2e72bd3247ea05ec5e383559d4c3a77f
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecafcac529a10f1f4b9f1f928b0c28f8b3398afa40642d27af06eb23216b9b96
ee67879316535942bf60fa04003e0517c9ccf6ca7aa26b9fde2669707ac17b29
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0621cbca64bc60db853d0cf476bf6067da340522da0c89a750dba59413f82ed
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f
f6a94ee0c3b873662985cf45c77bf02a950133a4822fbda975187890440102b8
fb2215226d036d98743f203c58adaeb2af89893ea2a16382e0e01cb4233b227f