www.usroid.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.usroid.com/lumii-photo-editor-pro/
Submission: On April 09 via manual (April 9th 2022, 1:35:46 pm UTC) from VN — Scanned from ES

Summary HTTP 110 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 110 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.usroid.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2021. Valid for: a year.

This is the only time www.usroid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1 1	34.246.234.200 34.246.234.200	16509 (AMAZON-02) (AMAZON-02)
5	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	104.92.72.137 104.92.72.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
110	20

31 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.usroid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.234.200 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-234-200.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.72.137 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 128	535 KB
31	usroid.com www.usroid.com	725 KB
18	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	114 KB
7	google.com 2 redirects analytics.google.com — Cisco Umbrella Rank: 724 adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	109 KB
3	google.es www.google.es — Cisco Umbrella Rank: 16447 adservice.google.es — Cisco Umbrella Rank: 36997	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 622	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1696	1 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	41 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 350	460 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1537	351 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3287	375 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1127	465 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	644 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	65 KB
110	16

	Domain	Requested by
31	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com www.usroid.com googleads.g.doubleclick.net
31	www.usroid.com	www.usroid.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.usroid.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	www.usroid.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.es	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.es
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	www.usroid.com
110	23

This site contains links to these domains. Also see Links.

Domain
forum.usroid.com
play.google.com
www.forum.usroid.com
t.me
twitter.com
www.facebook.com
www.instagram.com
ivahid.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.es GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.usroid.com/lumii-photo-editor-pro/
Frame ID: BB7243C7EAB8A47712D12B42B146227F
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html
Frame ID: 6B0B02AACE7E1FF58558CFBADA93C433
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&adk=1812271804&adf=3025194257&lmt=1649511341&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511341444&bpp=2&bdt=916&idt=295&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=91489543991&frm=20&pv=2&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=311
Frame ID: B8CAF156C153FE0CE343F173E883969B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&slotname=2562341087&adk=423374403&adf=4091221784&pi=t.ma~as.2562341087&w=945&fwrn=4&fwrnh=100&lmt=1649511341&rafmt=1&psa=0&format=945x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511341446&bpp=2&bdt=918&idt=314&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Vh2IsFxwIF&p=https%3A//www.usroid.com&dtd=319
Frame ID: BECFE895A3159CDDC5B73A64EFA675D9
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&slotname=7293931195&adk=2312671349&adf=285278899&pi=t.ma~as.7293931195&w=945&fwrn=4&fwrnh=100&lmt=1649511341&rafmt=1&psa=0&format=945x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511341448&bpp=1&bdt=921&idt=379&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C945x280&nras=1&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=piFrKxRqEr&p=https%3A//www.usroid.com&dtd=382
Frame ID: 0A0C9B5B8FB538318BE5DC4096CC6BB7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F5E875BF0D12BC4C75DEA4B4FF52FA19
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F01BE0CD68F63E976E0947AB8E55CA91
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&adk=567825307&adf=373489942&pi=t.aa~a.4101934791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1649511342&rafmt=1&to=qs&pwprc=6447248490&psa=0&format=1200x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511342017&bpp=1&bdt=1489&idt=1&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb8fcbc50b9ccfae-22b4cda773cd004a%3AT%3D1649511341%3ART%3D1649511341%3AS%3DALNI_MbtmqE50JZ-DKX7R7Z7Wsmfn91oLA&prev_fmts=0x0%2C945x280%2C945x280&nras=2&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=dEggMjr5kQ&p=https%3A//www.usroid.com&dtd=358
Frame ID: 35D4206C63D67CC4551772789128925D
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/index.html
Frame ID: A7E8416C61BC17218BB9AFEDA8B30521
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Ca3afrYtRYvSpN5S-6gTB6qzgBfXstfVcjL7pp88IpJWmtYIPEAEg7MbwJmDVtdcCoAHz08vTA8gBCakCmEiUPDw_sj6oAwHIA0iqBOkBT9DW2kRktHCK1wkpaUivKD-hU5BJoGX8s0v0NrjzI5p_-CghR2oQP-yf7Gu0YPBPH1_vMkQGwYHz55DMSfHVbelWCUH9RQ1V8FPEbNEpFhEzkUnVzT1q74LEx5Caf9jgf0Xm1MOdybmtmCHGroxATT1wgT5uM93tB3-JJwsmKBecJGYE4qNAdoUcnBv0b79JMO1igt81YxazH6m2AEOfd1hvFws_Sj68lqBkqPDOpAQ5eTn8puAat5Kng9U1igq7DRxSfKz7_R6qw8ZoUnf-aGKbHXZEGfJh0AbH_raIgZcwXfov3uIcUa3ABJ76y-jgAZIFBAgEGAGSBQQIBRgEoAYugAevu-8qqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ74ME0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTgxNTg4NDU5MDA3ODE0NDQYAA&sigh=k2lNKAVUXfY&uach_m=[UACH]&template_id=419
Frame ID: 6B5AF5EC3FDBAB18055BADFC84DC4ED8
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CADCF060CB13F16EF4045F1C3C1BAEBB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 15864553256D061F9ADA7412C63F9371
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
Frame ID: 9D42F559C5E75E6330241029A0BEA955
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9C2A4718D4199D864A03438504AC9F93
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js
Frame ID: 40CE005931043901A3812149B57CD93A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download Lumii Photo Editor Pro 1.483.106 - Lami: Powerful and high quality image editor! - Usroid

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

110
Requests

95 %
HTTPS

70 %
IPv6

16
Domains

23
Subdomains

20
IPs

4
Countries

1594 kB
Transfer

3709 kB
Size

23
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://forum.usroid.com/
Title: Forum

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=photo.editor.photoeditor.filtersforpictures
Title: Google Play

Search URL Search Domain Scan URL

URL: https://www.forum.usroid.com/
Title: Usroid Support Association In our specialized forum to answer all your questions. Reach out! Click to login

Search URL Search Domain Scan URL

URL: https://t.me/usroid_support
Title: Online support

Search URL Search Domain Scan URL

URL: https://t.me/usroid_com

Search URL Search Domain Scan URL

URL: https://twitter.com/usroid_com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/usroid.page

Search URL Search Domain Scan URL

URL: https://www.instagram.com/usroid_com

Search URL Search Domain Scan URL

URL: https://ivahid.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPK9m7UtKUkxLfvfHzT8XSzQUbSuj4empQpS8sJ66T5USYT9Mzoc6nVp0bRQkNscZSMlrQPRfv2NxJtfws3U0Y9ZtLs4U3o&google_gid=CAESEHP_IHARKP6OW4hHIA5YH30&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxHTHJ3QUFBWVlOd0ZuWQ&google_push=AYg5qPK9m7UtKUkxLfvfHzT8XSzQUbSuj4empQpS8sJ66T5USYT9Mzoc6nVp0bRQkNscZSMlrQPRfv2NxJtfws3U0Y9ZtLs4U3o

Request Chain 113

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPI7LrTQ6DxAqGzLNYrE2DpGV1Bdapw3C8BEza5hrnYEfTAuLh5sDcyuBU5qW03OshJbZehFyghTA0-SBW41gaDDMK8vlw&google_gid=CAESEMZ5FtSP6aoI06slNTagwbg&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPI7LrTQ6DxAqGzLNYrE2DpGV1Bdapw3C8BEza5hrnYEfTAuLh5sDcyuBU5qW03OshJbZehFyghTA0-SBW41gaDDMK8vlw&google_gid=CAESEMZ5FtSP6aoI06slNTagwbg&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDkxMzM1NDMwMDAyNTg0MTE5NDUyMA%3D%3D&google_push=AYg5qPI7LrTQ6DxAqGzLNYrE2DpGV1Bdapw3C8BEza5hrnYEfTAuLh5sDcyuBU5qW03OshJbZehFyghTA0-SBW41gaDDMK8vlw

Request Chain 115

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBvfo64I_yXCPcNNkNQ8Ovg&google_cver=1&google_push=AYg5qPLPRnB_jqGM-0s922D2WycXruBlxIxpeq_5i6sgGLEz9OWpHiYmN47AfGgVWY7IGyjkHBaGvqGbyh_Wu5k_ML8bBHSBjjY HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBvfo64I_yXCPcNNkNQ8Ovg&google_cver=1&google_push=AYg5qPLPRnB_jqGM-0s922D2WycXruBlxIxpeq_5i6sgGLEz9OWpHiYmN47AfGgVWY7IGyjkHBaGvqGbyh_Wu5k_ML8bBHSBjjY&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c6xDQEJoQamn2Pex1ec2RA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLPRnB_jqGM-0s922D2WycXruBlxIxpeq_5i6sgGLEz9OWpHiYmN47AfGgVWY7IGyjkHBaGvqGbyh_Wu5k_ML8bBHSBjjY

Request Chain 116

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELI3KAGD2JSV5kNHPgXe4Yk&google_cver=1&google_push=AYg5qPKqrHKfWcZIWkhyJ0BhNmFlqC6pvbxsMbwkydMe_iku3cdbaKzT2ZxVxQMXYGd_Mt6LfnCH5p0it0zusm8nDSLQAVY3t84 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFSV0dROE8tMVItQzBTSQ==&google_push=AYg5qPKqrHKfWcZIWkhyJ0BhNmFlqC6pvbxsMbwkydMe_iku3cdbaKzT2ZxVxQMXYGd_Mt6LfnCH5p0it0zusm8nDSLQAVY3t84

Request Chain 117

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A

110 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.usroid.com/lumii-photo-editor-pro/ 288 KB
55 KB 167ms
85ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/lumii-photo-editor-pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91e68fbba31b87e50cbaa5f4a2934eff38ef4f289b90d92e3e01defc8d3268fc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6f93a095da7869eb-MAD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 09 Apr 2022 13:35:40 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://www.usroid.com/wp-json/>; rel="https://api.w.org/" <https://www.usroid.com/wp-json/wp/v2/posts/36080>; rel="alternate"; type="application/json" <https://www.usroid.com/?p=36080>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kqlwd1kbVmBXYhGk3p4TmtqwGUjoay4nuzd0t8Aq49Ijn%2BGUvuqLOEF%2F8wK%2BNHhDZI4fY9yfXKJdPSKQ9vW0tRxNheOUe0%2Baz1xWvIlUKQCulxnK8LFCBymLCworoCWFqrrS817ia2tWBlko2g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-pingback: https://www.usroid.com/xmlrpc.php

GET
H2 200 b9036d7d01e04fd25c8b3f23d3b820c7.css
www.usroid.com/wp-content/litespeed/css/ 352 KB
57 KB 326ms
325ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/lumii-photo-editor-pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88a5250b75a3520611b523b8134f54299581cd7463dc91a29669cfc3a0bac99d

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=407741
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 02:56:23 GMT
server: cloudflare
etag: W/"638bd-624d0157-18c000da;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8xAmGD5sjvOU3vHXSCA5Qy2ca8UbJNE%2B2fgCV%2F7aa%2BF0DTGOPuWibFJR81iE6wy4ckjvNxCTYaw7yI38%2F35VfvZjA9M7lrJBCpzaVQAeSxuG8X37Qkkty%2FdtjL1JjBPtjGIg4AFh5lXKpxIGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 6f93a0968b8969eb-MAD
expires: Wed, 13 Apr 2022 02:56:28 GMT

GET
H2 200 invisible.js Show response
www.usroid.com/cdn-cgi/challenge-platform/h/g/scripts/ 47 KB
17 KB 45ms
44ms Script
text/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?cb=6f93a095da7869eb
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/lumii-photo-editor-pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0008e978a1a96c401f956a7deca37c53e954cbf8d6099eb2a87170400555a969

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xD1w2yrd%2BXI0e8%2Bpw%2F9pdSRpzQe4U%2FvgPww2GuvpEQ7YN%2BWQfP5otK8%2Brxj1zv6ajOmIf4W%2BDHELTiuTADdupKFcNxyNnWQWIr%2BGy7mYzMg8ESXcxWiOFfu7S4M1dgvEUwFGen6yno%2Btj4mjWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6f93a0968b8d69eb-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 email-decode.min.js Show response
www.usroid.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 35ms
34ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usroid.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.usroid.com
URL: https://www.usroid.com/lumii-photo-editor-pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Apr 2022 16:13:31 GMT
server: cloudflare
etag: W/"624f0dab-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4SBOXxS2kxGBXWmYpiUkplgQlZVjAEWOnVhWtHSEqcrF6R8WkLi6tFQsBA6R%2BHlvJePJIq%2B5LK3a5QCFjl9wwV%2FUD3n7XruXyvvHUvNMRAJKJnZE0BzEKdCXY9G2AHGDHTnHSQL9FtpLppSbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f93a0968b8b69eb-MAD
vary: Accept-Encoding
expires: Mon, 11 Apr 2022 13:35:40 GMT

GET
H2 200 rocket-loader.min.js Show response
www.usroid.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 35ms
35ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usroid.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.usroid.com
URL: https://www.usroid.com/lumii-photo-editor-pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Apr 2022 16:13:31 GMT
server: cloudflare
etag: W/"624f0dab-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpwW%2Bv3sn%2Ft7d%2Bqbx6QrnrA6lfF%2FGWu%2FFBkZEsV6CN6MxaSa1yk5cAwhlbYOgpmYoKZiZHBCiFDLOKTGiqBRkouwfSkQ6O4Es56NsHqnmizgqBJd3XwOwusuKATEjyoMGPb2GoKoOd%2BJvRoO2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f93a0968b8f69eb-MAD
vary: Accept-Encoding
expires: Mon, 11 Apr 2022 13:35:40 GMT

GET
DATA 200
OK truncated
/ 915 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dae8daacac240c9dfcacd892df83c5d2ede0f6f4736845c332d87d87a46cfcd3

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 144 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4dcea5a0291b6d0ab42bd40f6c1cd9fc98bb818b3458db3ecdfdd6c6c808e4f9

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 header-pattern.jpg
www.usroid.com/wp-content/themes/usroid/assets/images/ 6 KB
7 KB 111ms
110ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usroid.com/wp-content/themes/usroid/assets/images/header-pattern.jpg
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3860fa217e9dff48ae598c12c2e49d3cdefe27b840fc1e4f74b9caa47c6c3e1

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:40 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6154
last-modified: Fri, 29 Jan 2021 15:19:29 GMT
server: cloudflare
etag: "180a-60142781-9837ee8;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIGIsfGru6GyAwDz7OKh2Dtg9daT%2FAOv0Q%2BUz6saYKeYznestIb4sVv0MkjWNSInMBl7HNurySQoHhAC4EWjBsFuws8186fm1LlhbIyLwfAafRwuX%2BpFQUSugI2nnppG1tLPjvJkFhW%2Fmz85Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a098aa3a8674-MAD
expires: Fri, 14 Jan 2022 11:25:22 GMT

GET
H3 200 IRANSansWeb_Medium.woff2
www.usroid.com/wp-content/themes/usroid/assets/fonts/ 10 KB
11 KB 75ms
75ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/wp-content/themes/usroid/assets/fonts/IRANSansWeb_Medium.woff2
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a373e76e5f2c7c77467d71630725814ba8f1eb749fc9e18bb091123fbdeaf38d

Request headers

Referer: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
Origin: https://www.usroid.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10716
last-modified: Fri, 29 Jan 2021 15:19:29 GMT
server: cloudflare
etag: "29dc-60142781-940353c;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wToPminKdci%2FBVopBuZc%2FPQj%2BLdh5mVIs36utwetgENx%2BDMLhHM0xkSaQAaUYXx7IsuoTy%2BORzkNGfsk1B3lkppRYjnxYwJze3pKmaHVjtTqZCfVONZXF3GI2VN%2B%2BWoUF303eWOeTWObo33D2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a098aa4a8674-MAD
expires: Thu, 14 Apr 2022 01:44:47 GMT

GET
DATA 200
OK truncated
/ 383 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90593ec664623228a19ce2887dba3b7015aff9e7d7a30c74c4c4758b77500403

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 IRANSansWeb_Bold.woff2
www.usroid.com/wp-content/themes/usroid/assets/fonts/ 12 KB
13 KB 104ms
104ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/wp-content/themes/usroid/assets/fonts/IRANSansWeb_Bold.woff2
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9be31175cc3752d1531100e01d847d5fba82a229aa379c8a7e5dcf615a4b0aad

Request headers

Referer: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
Origin: https://www.usroid.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12204
last-modified: Fri, 29 Jan 2021 15:19:29 GMT
server: cloudflare
etag: "2fac-60142781-9400161;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUh0makamJZOq7KUh4AuM4Qxfxm8XnsVGK0QNf05AFttnvSDg3GE3J5cLmgIaWQdZx0Vp3Op9aHtOQYd0Dqh8sexpFj0asakywi771m%2BVe1FT3NHiLejtrPcI8JyedmDY0vxUePY5sXwAYWz1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a098ba748674-MAD
expires: Fri, 14 Jan 2022 11:25:24 GMT

GET
H3 200 IRANSansWeb.woff2
www.usroid.com/wp-content/themes/usroid/assets/fonts/ 12 KB
13 KB 120ms
120ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/wp-content/themes/usroid/assets/fonts/IRANSansWeb.woff2
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38accf7dd9b447f652876ff1170880cbd57bbdcd146b80ac501463dafe6d9475

Request headers

Referer: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
Origin: https://www.usroid.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12264
last-modified: Fri, 29 Jan 2021 15:19:29 GMT
server: cloudflare
etag: "2fe8-60142781-9403580;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Y5m6SJmyFtV%2FtWbux%2FLFZu8gk%2BzCol5M0AgXX1i1MyN7NnaIZvXa8u1jq4m87LONvjRvlxpbvn0W0wax2LuMflT%2Bna9mVHAoN5D4t97Ix1Fo02NRAAs%2BC2wH5zDBVsqZ6yDnQdiys6fKpG8%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a098caa78674-MAD
expires: Tue, 22 Feb 2022 06:45:41 GMT

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62c5c1d649b057d6397249d0a27069b22d7e69ca8285cec06e2fd070a51a75d8

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 997a3e6b3dcb92b9e1e35e7f59dc35714aed9e088a698e8b86882061b7ac47c6

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 229ms
87ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WCQBDK7SM6

Requested by

Host: www.usroid.com
URL: https://www.usroid.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ea38db29d1e19a38a60f73afbf69642b96a4bcca26e10a5bc3c30b2debdcbdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66209
x-xss-protection: 0
expires: Sat, 09 Apr 2022 13:35:41 GMT

GET
H3 200 script.min.js Show response
www.usroid.com/wp-content/plugins/searchwp-live-ajax-search/assets/javascript/dist/ 11 KB
4 KB 40ms
40ms Script
application/x-javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/wp-content/plugins/searchwp-live-ajax-search/assets/javascript/dist/script.min.js
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae323aae1b82ab324f2f2093cb59bef2b7c70399101ed51ee66adcf1b7e2aec

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 272598
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 26 Feb 2022 03:16:55 GMT
server: cloudflare
etag: W/"2b46-62199ba7-12858468;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIEPyXMwEtMuP20RCx4QnMNiTXEjoIcSlKHSNmD3ufC283NSu%2B14c3BQvexw6vPdZM6XLb0LOQWM6y0cNJ%2B89wXGmFZJLT%2BdCQrBFsWk4lc4BCJ3dl1jXR3fovm7e7tGcKCGz%2F4NbxdtUbWQgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 6f93a0991b4c8674-MAD
expires: Sat, 05 Mar 2022 05:22:57 GMT

GET
H3 200 comment-reply.min.js Show response
www.usroid.com/wp-includes/js/ 3 KB
2 KB 73ms
72ms Script
application/x-javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/wp-includes/js/comment-reply.min.js
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 415878
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 Jan 2022 10:05:38 GMT
server: cloudflare
etag: W/"ba3-61f7b472-2018e53;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DevsyQunsgb3zCOMl11T8r9gp%2Fu3IfcvjFyVrXa8n5xpReqvUcLr7UGHkIvnUW5aG2DwbelE7wvOUoQdLiFTgyhaQ2duao5dzLm6gSJz3%2BF7UgCKnBRIZ9DwGIbN5pbVoaNuJ5As1WrSd57%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 6f93a0991b528674-MAD
expires: Tue, 22 Feb 2022 05:34:21 GMT

GET
H3 200 app.js Show response
www.usroid.com/wp-content/themes/usroid/assets/js/ 27 KB
8 KB 73ms
71ms Script
application/x-javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/wp-content/themes/usroid/assets/js/app.js
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cbe9d0ece388f214601aea9bd6e1b10e78f5e102e40d14155a7a03888cc267c

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=100636
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Apr 2021 14:35:40 GMT
server: cloudflare
etag: W/"1891c-6075ac3c-651ff;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpESPkJuNuC9TyzlBrUCXDr14mGh%2FJwVfIErnzVLRW4fYuW0bpowD0SqDFdAoIZnlLHBQXOs54%2B9YCxN6g3VXVT0Nq9H6MjwFhpRjqStkD2Zng7Btw9%2BJbCIKqwi470lYQ594dc0Ku4%2BsNcizA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 6f93a0991b558674-MAD
expires: Tue, 22 Feb 2022 06:32:36 GMT

GET
H3 200 jquery-qr.js Show response
www.usroid.com/wp-content/themes/usroid/assets/js/ 14 KB
5 KB 103ms
101ms Script
application/x-javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/wp-content/themes/usroid/assets/js/jquery-qr.js
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28b1d0ac02ef77abb63148311e49ec4dc9c2ebeed533cdecbe41ec85f3ded423

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=14049
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Jan 2021 15:19:29 GMT
server: cloudflare
etag: W/"36e1-60142781-651fc;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uz1Eb5Ehkl30gysxpMyxS%2BZofgo9ty7Z7j0%2Bi1%2FV8xlj1s45jYvLKjhnAEljpZW0lgqSMorPnExMs1j5Euaif%2BB%2BfsED8Ne%2FOZBjiT1rNYuxjLN4pWA2GDheiYlimluOEx5UqOs%2Fc5qmqeRUNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 6f93a0991b578674-MAD
expires: Fri, 14 Jan 2022 11:25:23 GMT

GET
H3 200 plugins.js Show response
www.usroid.com/wp-content/themes/usroid/assets/js/ 190 KB
53 KB 104ms
102ms Script
application/x-javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/wp-content/themes/usroid/assets/js/plugins.js
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 483e07c55f81ac1c29089729404d74de89ba6d75366b91e8104b4f06fda6e445

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=195314
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Jan 2021 15:19:29 GMT
server: cloudflare
etag: W/"2faf2-60142781-651fd;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkXQxOgk8%2FmK%2FzqZ%2BZ2juMM4JS7UkWHYt84PE2ofrO0Lx70Kp%2Bujhwrycn86vu8Y%2Bn35M26GlkevGh07B2WtcCloh5yGuA36EVtUsYZpZ%2F30xmwCA0eGMf0MMhf0Zqyyys%2Fqi4DVzzN%2FiPNslQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 6f93a0991b588674-MAD
expires: Fri, 14 Jan 2022 11:25:23 GMT

GET
H3 200 index.js Show response
www.usroid.com/wp-content/plugins/contact-form-7/includes/js/ 9 KB
4 KB 73ms
71ms Script
application/x-javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189917
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 26 Feb 2022 03:16:37 GMT
server: cloudflare
etag: W/"25f8-62199b95-13812b2b;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stdD1u8h5GjgIegs1c4RiM6zdOcYT9h2mApOACHl%2FViEKFsy7E%2FeL4htx1wnlKzsahCSFc5rX9qnBZEB3nJg9CIjJj5oFmdQxJe2ANtarnueEvTZYW8dqwUmxLYvm92rQnG2b257T6%2FrkITP6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 6f93a0991b598674-MAD
expires: Sat, 05 Mar 2022 05:11:19 GMT

GET
H3 200 wp-polyfill.min.js Show response
www.usroid.com/wp-includes/js/dist/vendor/ 19 KB
8 KB 73ms
72ms Script
application/x-javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120658
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 Jan 2022 10:05:37 GMT
server: cloudflare
etag: W/"4b3d-61f7b471-28267e1;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ug9bBPIYD3%2FkVcJQGQHawRbo7R680z31El3zyZAsgWK%2FQ843A7beLv8MG%2BEVg2ERhBJ%2BIRMjM5WmtHeXe2CjSj0hw53pJproQm5mswttPWd8stjFTPcfcOxXPM684R6zVpELKLsbGTpPkkhZbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 6f93a0991b5a8674-MAD
expires: Fri, 25 Feb 2022 22:42:29 GMT

GET
H3 200 regenerator-runtime.min.js Show response
www.usroid.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 73ms
72ms Script
application/x-javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189917
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 Jan 2022 10:05:37 GMT
server: cloudflare
etag: W/"195e-61f7b471-28e7fc0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfZfb8vuApIGnS41JSBEXPrbF%2FhsUopsCOhYvsTqvFTOsKEm6JeYMBhPcNWjbwU6J2n7T88StPUnw8EhUEoyzjDqI34iqTA9Tqzwqjy8WrpbCccGxBT%2Flcu511sNRnTVPruVLpL557TSPmxWNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 6f93a0991b5c8674-MAD
expires: Mon, 07 Feb 2022 10:47:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 210ms
83ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.usroid.com
URL: https://www.usroid.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f75fb8bcf8a548a389bfa5a8d5a3d1b496383bdccc210645bb92e46a06a9ece8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54024
x-xss-protection: 0
server: cafe
etag: 10310059821093386295
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 13:35:41 GMT

GET
H3 200 jquery.js Show response
www.usroid.com/wp-content/themes/usroid/assets/js/ 84 KB
31 KB 73ms
72ms Script
application/x-javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/wp-content/themes/usroid/assets/js/jquery.js
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e409106a09c4676b55611bc757f5fb2d3e5bd92be5eefbfd53038d0283ef5137

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182379
cf-polished: origSize=85578
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Jan 2021 15:19:29 GMT
server: cloudflare
etag: W/"14e4a-60142781-651fa;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPZylbkh1Ccc7HH%2BX5%2BBD2w%2BK7%2Bcmpt53%2Fe1MhF733uiAEZAF2Qx0BBApjrRXui2%2BPX8InO7J%2FZMI%2B1JNOlvg9%2BG2yHJ9oizPVAV7CWcMFV3VoFzvNaW%2FfZLdE4QJxbkE4aX%2F84E6D1ttr36Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 6f93a0991b5e8674-MAD
expires: Fri, 14 Jan 2022 11:19:34 GMT

GET
H3 200 related-shadow.png
www.usroid.com/wp-content/themes/usroid/assets/images/ 1 KB
2 KB 127ms
127ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usroid.com/wp-content/themes/usroid/assets/images/related-shadow.png
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c61f4fe6230fbe1f43af1d0a6306fe5dd13c98a5384488a31fb8df8568c6c03

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1341
last-modified: Fri, 29 Jan 2021 15:19:29 GMT
server: cloudflare
etag: "53d-60142781-9837eee;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kgrnbn5mUrGdIHY3QtklergkWyjPH9gNgU2IIF5nGHHCpOJ9wo%2F2w52WNKt7%2FNW9BH0ZV095GV0Dzv8jj7CTFChcmVR%2Fn0%2F9Q1l4QXdfGQW5SCdfW%2BIFBkT0I5n7JxQPFNzAQpqQJdsS40ahg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a0992b728674-MAD
expires: Mon, 24 Jan 2022 22:04:07 GMT

GET
DATA 200
OK truncated
/ 550 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7182d0259cbf2cd1a77734f5b67fac45ffcb71a7b43758ec1b2ea95333c2141e

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 footer-bg.png
www.usroid.com/wp-content/themes/usroid/assets/images/ 10 KB
10 KB 122ms
122ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usroid.com/wp-content/themes/usroid/assets/images/footer-bg.png
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 386771342672bcb17e0a52184351f2e78f801cfef76248d822e23daa2c0edb81

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9834
last-modified: Fri, 29 Jan 2021 15:19:29 GMT
server: cloudflare
etag: "266a-60142781-9837eeb;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cg2iAgp2y5IrhVa7HvfOcbQGoQe2UDw5x965RQ8%2FtcBwqrbW6f7X4UChT5zKMbxBsRhxInBKJvb0oTJV8%2BHc6Kbej2VYrFkpv84xxx7TI7o5m9dpkUM3GzuEbWDfCrylH176ygb%2BIqf%2FAmSBog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a0992b838674-MAD
expires: Fri, 14 Jan 2022 11:25:23 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb9c1989bd0be7c2198b056757984f923d94ce576b2d834421b0b812b00128f6

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 IRANSansWeb_Light.woff2
www.usroid.com/wp-content/themes/usroid/assets/fonts/ 10 KB
11 KB 118ms
118ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/wp-content/themes/usroid/assets/fonts/IRANSansWeb_Light.woff2
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d047c826a6d49f531b1d84f13f853d68ac4943d70886dc22032179c9df299b1

Request headers

Referer: https://www.usroid.com/wp-content/litespeed/css/b9036d7d01e04fd25c8b3f23d3b820c7.css?ver=1d28b
Origin: https://www.usroid.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10540
last-modified: Fri, 29 Jan 2021 15:19:29 GMT
server: cloudflare
etag: "292c-60142781-9403583;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IsbNikbScomk7EWtonAp6VQofCuiT%2B2vdx%2BPdzB49CSpCZTOb5Oz5XXzdBQ%2FR4UXXrJNQNruMD7f0k4ipVF6%2F7hOC762SWd%2FY8lMVhsUAP0mLpEr6MbYGaUfF3urd32%2Fpnjj8LQGvcIju%2FXhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a0993b918674-MAD
expires: Sat, 16 Apr 2022 01:43:22 GMT

GET
H3 200 pica.js
www.usroid.com/cdn-cgi/challenge-platform/h/g/scripts/ 22 KB
9 KB 67ms
66ms Other
text/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/lumii-photo-editor-pro/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdf533f079921fe4aed69a75225c5b857692de9b75856d039905561373041f53

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdddRrti%2BTmKZT6WvQyi2ZXWYuXH4nEe7dJejKBs7eZfl1zEPDO9zREZyBmk61x3fAfQRbgilrFQa3KkT9cotbfm1PNwTEE59VN8qTN0MPC7f7JO6JpJ0RqPeQZ%2B3SKYXTOvGWZCc0%2FRrYV2lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6f93a0998c2f8674-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 lumii-photo-editor-pro-logo-217x217.png
www.usroid.com/wp-content/uploads/ 33 KB
34 KB 79ms
79ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usroid.com/wp-content/uploads/lumii-photo-editor-pro-logo-217x217.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4954902906753531e9ffaf59ae520f12d9ca732fcd8735f404c9a79fad7c2094

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33930
last-modified: Sat, 26 Feb 2022 15:16:51 GMT
server: cloudflare
etag: "848a-621a4463-439048e;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1BZSSVuAPzFDq0VOUNT4XgiOjsxHAj1VQdCcjSiwxeMYIyzDY3Ss4hR6UMzbAQGRcFgIARyvWnj8Y0WcbfpGlCRQStkXayGx0gUCvZWW%2B%2FR1E1c9R%2BMzjKcgb0BtDi6xGG7QthKJJsvzoKanA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a09a3d6a8674-MAD
expires: Sat, 16 Apr 2022 12:44:35 GMT

GET
DATA 200
OK truncated
/ 793 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 019e73078af15ab40f31063cff265b9959d0b5949ad69361a00187b4969a0ac3

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 1945-classic-arcade-android-logo-60x60.png
www.usroid.com/wp-content/uploads/ 9 KB
10 KB 79ms
78ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usroid.com/wp-content/uploads/1945-classic-arcade-android-logo-60x60.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a619043f70d8e5104f7eb482d177462f91dd71b1d385352c3c7cc20cb673376

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9143
last-modified: Fri, 01 Apr 2022 12:40:34 GMT
server: cloudflare
etag: "23b7-6246f2c2-4132d59;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhnQ9CR%2B8t7j1obJXutuuYRMmy%2BCzR59Qd10Y921cMUp%2Bw5KQxJyDsPp%2Bu3CCw%2BTvLWYqgTUObXE%2FvT%2FnGxXJ6rXFp1EiJ4ZDIYTG62oCyIiVoNJNyeUF%2FtVwp2vFE1ZGhqvFQkthnOfmye0zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a09b0ea98674-MAD
expires: Fri, 08 Apr 2022 18:20:48 GMT

POST
H3 200 6f93a095da7869eb Show response
www.usroid.com/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
692 B 53ms
52ms XHR
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usroid.com/cdn-cgi/challenge-platform/h/g/cv/result/6f93a095da7869eb
Requested by: Host: www.usroid.com
URL: https://www.usroid.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?cb=6f93a095da7869eb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.usroid.com/lumii-photo-editor-pro/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f93a09c08868674-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2i7Sk8CeGmGA3Pny9ggXN90uqTvd1GtUUd7bqd2cUZ%2FTSo7TfXRj8FZ5JoXhYBRC5ioBcyeYv%2Be1CKk4OyAQyUh1FhlM95HGRwmdc1CvYfYhR5HqWjvq2kANlngaw%2BDfJwN2QJv83CkzEF76TA%3D%3D"}],"group":"cf-nel","max_age":604800}

GET
H3 200 reportage-ads.webp
www.usroid.com/wp-content/themes/usroid/assets/images/ 13 KB
13 KB 78ms
78ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usroid.com/wp-content/themes/usroid/assets/images/reportage-ads.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a71394b969720003da34a2d10112aba522780bd3856eb6907638f55393a4ca8e

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12940
last-modified: Fri, 29 Jan 2021 15:19:29 GMT
server: cloudflare
etag: "328c-60142781-9837eef;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xv4U75b9NV%2BOKh2MPQKIC6cp4MCIAKKfqgkqY7NVR6KT42nZ1Dx3qE3mtRxMgkTUccyorhfYX8Dgf%2F6mlnhcoPdpOdf%2BhipSDBQphsLAMabr8QikZETbOHODr9pTiaMw8EAIfQu9rzH2gsgnYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a09c08918674-MAD
expires: Tue, 22 Feb 2022 05:58:38 GMT

GET
H3 200 lumii-photo-editor-pro-cover.png
www.usroid.com/wp-content/uploads/ 188 KB
189 KB 106ms
106ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usroid.com/wp-content/uploads/lumii-photo-editor-pro-cover.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 792501fa3ae05345b5bd0a85c99eeae46ac4532630bd13ce854ae1bda52e8653

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 192402
last-modified: Thu, 24 Feb 2022 16:21:04 GMT
server: cloudflare
etag: "2ef92-6217b070-401a96e;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lykCdyZJFTB7BetVj70d3WeigGsHqyaKGJn9e83fFlgKFmvIRtj7DmRZcLS9BVIMuSHQNY5xXFOFx46UK5CMEuh7VWwFsWee3OpNJm3H6Uxugfy1TiuvO50JoZeMQO5xER3BaiLRDFjwMa1Fng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a09c189b8674-MAD
expires: Sat, 16 Apr 2022 12:44:36 GMT

GET
H3 200 ea_coverr.jpg
www.usroid.com/wp-content/uploads/2020/05/ 14 KB
15 KB 105ms
104ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usroid.com/wp-content/uploads/2020/05/ea_coverr.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0692df2038c3831068fce6e18428995188ffa01de43b1e4a4f4bc260b9e294e0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14835
last-modified: Fri, 29 Jan 2021 15:19:41 GMT
server: cloudflare
etag: "39f3-6014278d-98398b1;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flnApeYy%2BpX9tRxCVLL%2F6b%2BOA0%2FK8rkgJaanvMhaSDwaVSxtVGxGBDpRGuFJrsQ06RVeeTqI9MpMml0888yL7YH08kOsSzUuSS7dMaIXfAXfxFUXqiSX0Nr0fmd4O6up61VoXelae%2Bztl4qD9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a09c189d8674-MAD
expires: Fri, 25 Feb 2022 23:31:31 GMT

GET
H3 200 gameloft-logo.png
www.usroid.com/wp-content/uploads/2020/05/ 69 KB
70 KB 74ms
74ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usroid.com/wp-content/uploads/2020/05/gameloft-logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80b6808d6ea95a4efe90695b2cc66563007a27fc301ef178f6f233fe3a79f716

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71162
last-modified: Fri, 29 Jan 2021 15:23:04 GMT
server: cloudflare
etag: "115fa-60142858-154291a;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2B16xIFp%2BAw8sc3fngpK8TcW1e0F9k67ni9H4KbDAhMhRtvFoL1zYINqZ5%2B1mDHwF9YlyeVSBS6%2B75FHMLZAriVpUlcRJk%2FbUZchdLnpGibPKd0YmAIkAH9dYgYKmVL4b6TdWJ1XnmNOribnRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a09c189e8674-MAD
expires: Fri, 14 Jan 2022 11:25:26 GMT

GET
H3 200 Miniclip_Cover.jpg
www.usroid.com/wp-content/uploads/2020/05/ 7 KB
8 KB 138ms
138ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usroid.com/wp-content/uploads/2020/05/Miniclip_Cover.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05018fbd16787a97060618a3787f5f70e0f3b7de06254ad6fc69a3d5e4630861

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7274
last-modified: Fri, 29 Jan 2021 15:22:58 GMT
server: cloudflare
etag: "1c6a-60142852-54b48de;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1%2FH%2F9LnUZBftgM5NK%2BKtSb9BGpU1lZ0KrmDcOhw3cQiE8xPYNr2UuudyBUjxIgmYgMOQDZXDMxKoc12WZYGVJ%2B%2FWMw2a5qNlARZwubEjKddcqhLvT8%2FnwhhbJh6g0nWxL1S7vYO6%2Bi7lYtLBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a09c18a08674-MAD
expires: Fri, 14 Jan 2022 11:25:26 GMT

GET
H3 200 supercell-2.png
www.usroid.com/wp-content/uploads/2020/05/ 60 KB
61 KB 74ms
74ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usroid.com/wp-content/uploads/2020/05/supercell-2.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6710e1854b01f3fce2a35810a0e6dfdb557bf96b01ae502196dd7a59117a46d8

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/lumii-photo-editor-pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61418
last-modified: Fri, 29 Jan 2021 15:23:04 GMT
server: cloudflare
etag: "efea-60142858-15428be;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FhRsXmQa9t%2BA8Y0gGiMZ%2BWmnhBsmZKZEF6NRfROOMS7iVD7ud8Go4jI2pLDw8cL2VPiFhpdnQ8ZUKiBAcPU05ny6ehBPzcxJ6IdQzNOnGY2dom0zuLhyWwenZkxhG1brOUGVMxEURzYgGIF0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6f93a09c18a28674-MAD
expires: Fri, 14 Jan 2022 11:25:26 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/ 297 KB
107 KB 158ms
88ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8158845900781444&plah=www.usroid.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f8ea0fa4c8a0c3d7a25d1245b42cbe34b6341757af514bf5ba0739896333eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109025
x-xss-protection: 0
server: cafe
etag: 7888878396810980242
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 13:35:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/ Frame 6B0B 10 KB
5 KB 184ms
58ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.usroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 72418
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 17:28:43 GMT
etag: 14837630671339829333
expires: Fri, 22 Apr 2022 17:28:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
346 B 201ms
69ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-WCQBDK7SM6&gtm=2oe3u0&_p=1175997219&sr=1600x1200&_z=ccd.AAB&_gaz=1&ul=en-us&cid=444682747.1649511341&_s=1&dl=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&dt=Download%20Lumii%20Photo%20Editor%20Pro%201.483.106%20-%20Lami%3A%20Powerful%20and%20high%20quality%20image%20editor!%20-%20Usroid&sid=1649511341&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WCQBDK7SM6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 13:35:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.usroid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
337 B 177ms
55ms Ping
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WCQBDK7SM6&cid=444682747.1649511341&gtm=2oe3u0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WCQBDK7SM6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 13:35:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.usroid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.es/ads/ 42 B
501 B 223ms
81ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.es/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WCQBDK7SM6&cid=444682747.1649511341&gtm=2oe3u0&aip=1&z=1184227636

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 13:35:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 183ms
64ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.usroid.com&callback=_gfp_s_&client=ca-pub-8158845900781444

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8158845900781444&plah=www.usroid.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d7875cf672934b2bdfde6e6bde8462cf384cd436b560d0d0ea74d38d871d4ae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.es/adsid/ 107 B
792 B 213ms
71ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.es/adsid/integrator.js?domain=www.usroid.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Apr 2022 13:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 193ms
68ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.usroid.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Apr 2022 13:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B8CA 7 KB
821 B 218ms
148ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&adk=1812271804&adf=3025194257&lmt=1649511341&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511341444&bpp=2&bdt=916&idt=295&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=91489543991&frm=20&pv=2&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=311

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

702d8cb52c7a2b68dbcfb36a9fecef490e56b74f007b5fb89fc22479180c74b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.usroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 798
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Apr 2022 13:35:41 GMT
expires: Sat, 09 Apr 2022 13:35:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 143ms
74ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220406&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e4a944c91fb7470a45b5060639f8d0099e6d7335eb75b53b7a355567b082653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Apr 2022 13:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10676
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BECF 70 KB
28 KB 604ms
543ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&slotname=2562341087&adk=423374403&adf=4091221784&pi=t.ma~as.2562341087&w=945&fwrn=4&fwrnh=100&lmt=1649511341&rafmt=1&psa=0&format=945x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511341446&bpp=2&bdt=918&idt=314&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Vh2IsFxwIF&p=https%3A//www.usroid.com&dtd=319

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb039e4cef30498c8c0045f155c7a9379b64fc60d200e7cc756a5594d283f9e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.usroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28801
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Apr 2022 13:35:42 GMT
expires: Sat, 09 Apr 2022 13:35:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A0C 138 KB
44 KB 493ms
493ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&slotname=7293931195&adk=2312671349&adf=285278899&pi=t.ma~as.7293931195&w=945&fwrn=4&fwrnh=100&lmt=1649511341&rafmt=1&psa=0&format=945x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511341448&bpp=1&bdt=921&idt=379&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C945x280&nras=1&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=piFrKxRqEr&p=https%3A//www.usroid.com&dtd=382

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a83dbd232855e39370fde63294174172427117aea3694b00fc603b0450ad16e

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLS02cyMh_cCFRSfmgodQTULXA&gqi=rYtRYoCqNcOX1fAPouuIiAY&layout=/sadbundle/%24csp%253Der3%24/1678951816533527202/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.usroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45264
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLS02cyMh_cCFRSfmgodQTULXA&gqi=rYtRYoCqNcOX1fAPouuIiAY&layout=/sadbundle/%24csp%253Der3%24/1678951816533527202/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Apr 2022 13:35:42 GMT
expires: Sat, 09 Apr 2022 13:35:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 198ms
72ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Apr 2022 13:35:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F5E8 13 KB
5 KB 140ms
59ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.usroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
age: 1230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Apr 2022 13:15:12 GMT
expires: Sun, 09 Apr 2023 13:15:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F01B 783 B
1 KB 205ms
68ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3b76b1f67c05551dd3155c64819bcec1060d26f4c0f4046ec5b58d40c21b0e92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-seHOclSfUuxd+yZQrJqweg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.usroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-seHOclSfUuxd+yZQrJqweg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Apr 2022 13:35:42 GMT
expires: Sat, 09 Apr 2022 13:35:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame F5E8 35 KB
13 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 11:36:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F01B 0
0 109ms
108ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220406&jk=2951051405574310&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.es/adsid/ 107 B
122 B 135ms
68ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.es/adsid/integrator.js?domain=www.usroid.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Apr 2022 13:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 134ms
68ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.usroid.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Apr 2022 13:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 35D4 97 KB
34 KB 553ms
552ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&adk=567825307&adf=373489942&pi=t.aa~a.4101934791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1649511342&rafmt=1&to=qs&pwprc=6447248490&psa=0&format=1200x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511342017&bpp=1&bdt=1489&idt=1&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb8fcbc50b9ccfae-22b4cda773cd004a%3AT%3D1649511341%3ART%3D1649511341%3AS%3DALNI_MbtmqE50JZ-DKX7R7Z7Wsmfn91oLA&prev_fmts=0x0%2C945x280%2C945x280&nras=2&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=dEggMjr5kQ&p=https%3A//www.usroid.com&dtd=358

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20c861ae5bf220b27cbf2d89ff174b1ecb2323f154c61d34fb70f823e06b0252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.usroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34839
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Apr 2022 13:35:42 GMT
expires: Sat, 09 Apr 2022 13:35:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/ Frame A7E8 224 KB
29 KB 66ms
66ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/index.html

Requested by

Host: www.usroid.com
URL: https://www.usroid.com/lumii-photo-editor-pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

027aac4191cc6b3bb79a6bb539ab76bbfc49b96398554df2bded4db9c88dc4f3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 159575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 29247
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 17:16:07 GMT
expires: Fri, 07 Apr 2023 17:16:07 GMT
last-modified: Tue, 18 Dec 2018 15:11:33 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6B5A 0
0 109ms
108ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca3afrYtRYvSpN5S-6gTB6qzgBfXstfVcjL7pp88IpJWmtYIPEAEg7MbwJmDVtdcCoAHz08vTA8gBCakCmEiUPDw_sj6oAwHIA0iqBOkBT9DW2kRktHCK1wkpaUivKD-hU5BJoGX8s0v0NrjzI5p_-CghR2oQP-yf7Gu0YPBPH1_vMkQGwYHz55DMSfHVbelWCUH9RQ1V8FPEbNEpFhEzkUnVzT1q74LEx5Caf9jgf0Xm1MOdybmtmCHGroxATT1wgT5uM93tB3-JJwsmKBecJGYE4qNAdoUcnBv0b79JMO1igt81YxazH6m2AEOfd1hvFws_Sj68lqBkqPDOpAQ5eTn8puAat5Kng9U1igq7DRxSfKz7_R6qw8ZoUnf-aGKbHXZEGfJh0AbH_raIgZcwXfov3uIcUa3ABJ76y-jgAZIFBAgEGAGSBQQIBRgEoAYugAevu-8qqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ74ME0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTgxNTg4NDU5MDA3ODE0NDQYAA&sigh=k2lNKAVUXfY&uach_m=[UACH]&template_id=419

Requested by

Host: www.usroid.com
URL: https://www.usroid.com/lumii-photo-editor-pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&slotname=7293931195&adk=2312671349&adf=285278899&pi=t.ma~as.7293931195&w=945&fwrn=4&fwrnh=100&lmt=1649511341&rafmt=1&psa=0&format=945x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511341448&bpp=1&bdt=921&idt=379&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C945x280&nras=1&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=piFrKxRqEr&p=https%3A//www.usroid.com&dtd=382
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 09 Apr 2022 13:35:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Apr 2022 13:35:42 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 6B5A 19 KB
8 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&slotname=7293931195&adk=2312671349&adf=285278899&pi=t.ma~as.7293931195&w=945&fwrn=4&fwrnh=100&lmt=1649511341&rafmt=1&psa=0&format=945x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511341448&bpp=1&bdt=921&idt=379&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C945x280&nras=1&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=piFrKxRqEr&p=https%3A//www.usroid.com&dtd=382

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:29:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Apr 2022 13:29:39 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 6B5A 3 KB
1 KB 124ms
123ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Apr 2022 13:33:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B5A 119 KB
37 KB 232ms
86ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Apr 2022 13:35:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 6B5A 15 KB
6 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Apr 2022 13:31:48 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame BECF 7 KB
3 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&slotname=2562341087&adk=423374403&adf=4091221784&pi=t.ma~as.2562341087&w=945&fwrn=4&fwrnh=100&lmt=1649511341&rafmt=1&psa=0&format=945x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511341446&bpp=2&bdt=918&idt=314&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Vh2IsFxwIF&p=https%3A//www.usroid.com&dtd=319

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cf8b06cb394cec854b108dfb579041edc6310768574ac949dadcdd426106d59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 15:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3250
x-xss-protection: 0
server: cafe
etag: 16972246348519895747
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 15:59:13 GMT

GET
H3 200 12347629335228540931
tpc.googlesyndication.com/simgad/ Frame BECF 52 KB
52 KB 108ms
107ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12347629335228540931?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmvIgjsomKwruCKU_XB8Ri3D-dMfQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6ba1018c570f92698d9e1141f195d831773e32a047fb3c1b0d8fd4e5a4e7080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:45:48 GMT
x-content-type-options: nosniff
age: 276594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53384
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 20:04:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Apr 2023 08:45:48 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame BECF 19 KB
8 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:29:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Apr 2022 13:29:39 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame BECF 3 KB
1 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Apr 2022 13:33:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BECF 119 KB
36 KB 182ms
163ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Apr 2022 13:35:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame BECF 15 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Apr 2022 13:31:48 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame BECF 29 KB
12 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be0d03bd855e0785df2bd26a69d417378323cc995451fad98ec51c07b502c501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4894
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11974
x-xss-protection: 0
server: cafe
etag: 15931380066641067587
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Apr 2022 12:14:08 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F5E8 0
9 B 95ms
95ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?u-W-pw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CADC 143 B
163 B 62ms
61ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&slotname=7293931195&adk=2312671349&adf=285278899&pi=t.ma~as.7293931195&w=945&fwrn=4&fwrnh=100&lmt=1649511341&rafmt=1&psa=0&format=945x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511341448&bpp=1&bdt=921&idt=379&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C945x280&nras=1&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=piFrKxRqEr&p=https%3A//www.usroid.com&dtd=382
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 1707
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 09 Apr 2022 13:07:15 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A7E8 16 KB
6 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 10 Apr 2022 07:29:47 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A7E8 26 KB
10 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 09 Apr 2022 14:22:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BECF 0
0 106ms
106ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxYBgrYtRYpebN5a46wSLw7T4D6_d3vdomqCWzewPsJAfEAEg7MbwJmDVtdcCoAHvjO_EAcgBAqgDAcgDyQSqBOMBT9Agjbk-bMTSgJHNJwCXMWZzf3iLmQ4N8nx-d5gKAcyVU7hTH9k1pWQGFfjxIvbNj4KmcpYfWzfY0cJEI21J8ZZWoFLXG6vXHFzYdY8EGVPqeo2ewXtYgTWoigXA40N-HBwtG0w1eW45iT_S5rtCe82iES3V3Im9rTr2FtXEQASHKXtMydTjNS9BD1wsL0gEI7_sq6J8pWJvnGZJZMoTYhRtJfXMP1LCIUp-ovSqr2g5qyxCOR3d6H52oFo3Oas2v_m3jZkHh8FWxC7QX6AlQ4yw2rXQz17bmoGyP4LZiHOHh3rABP-6tIDnA5IFBAgEGAGSBQQIBRgEoAYCgAf58pC7AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEKCfoQLSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODE1ODg0NTkwMDc4MTQ0NBgA&sigh=ghEW3a71Tu8&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&slotname=2562341087&adk=423374403&adf=4091221784&pi=t.ma~as.2562341087&w=945&fwrn=4&fwrnh=100&lmt=1649511341&rafmt=1&psa=0&format=945x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511341446&bpp=2&bdt=918&idt=314&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Vh2IsFxwIF&p=https%3A//www.usroid.com&dtd=319
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 09 Apr 2022 13:35:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CADC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

136ms
136ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Apr 2022 13:35:42 GMT
expires: Sat, 09 Apr 2022 13:35:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Apr 2022 13:35:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1586 143 B
163 B 62ms
61ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&slotname=2562341087&adk=423374403&adf=4091221784&pi=t.ma~as.2562341087&w=945&fwrn=4&fwrnh=100&lmt=1649511341&rafmt=1&psa=0&format=945x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511341446&bpp=2&bdt=918&idt=314&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Vh2IsFxwIF&p=https%3A//www.usroid.com&dtd=319
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 1707
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 09 Apr 2022 13:07:15 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame A7E8 35 KB
13 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 11:36:36 GMT

GET
H3 200 Replay.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/ Frame A7E8 1 KB
1 KB 62ms
62ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/Replay.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa747ad80d61df994c271eb0255e8296d626eecccd02a8752fe11610aab5c53e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 357429
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1124
x-xss-protection: 0
last-modified: Tue, 18 Dec 2018 15:11:33 GMT
server: sffe
date: Tue, 05 Apr 2022 10:18:33 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Apr 2023 10:18:33 GMT

GET
H3 200 12.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/ Frame A7E8 954 B
986 B 64ms
64ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/12.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999a200a878c8f0f038a8207a66b9941bc8306ae4a8b11e486be8ab8c04b47ae

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 275650
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 954
x-xss-protection: 0
last-modified: Tue, 18 Dec 2018 15:11:33 GMT
server: sffe
date: Wed, 06 Apr 2022 09:01:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Apr 2023 09:01:32 GMT

GET
H3 200 Logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/ Frame A7E8 9 KB
9 KB 64ms
64ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/Logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33c9f2723adc2d9e76d547c1d55532ba9599dc89565a3e2058aa001ba23ebd90

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 259605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9502
x-xss-protection: 0
last-modified: Tue, 18 Dec 2018 15:11:33 GMT
server: sffe
date: Wed, 06 Apr 2022 13:28:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Apr 2023 13:28:57 GMT

GET
H3 200 Blik.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/ Frame A7E8 986 B
1020 B 75ms
74ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/Blik.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c18ec1ce51a37ff510ec1b655d3f87abda5b10c34a9c49d211a8e41f12aab93e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 259605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 986
x-xss-protection: 0
last-modified: Tue, 18 Dec 2018 15:11:33 GMT
server: sffe
date: Wed, 06 Apr 2022 13:28:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Apr 2023 13:28:57 GMT

GET
H3 200 Knopka.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/ Frame A7E8 4 KB
4 KB 71ms
70ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/Knopka.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c82a8c51aaef01c64ace2b316f63997fcbed15f3874923f0abb89d4d1674c9ea

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 573400
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3794
x-xss-protection: 0
last-modified: Tue, 18 Dec 2018 15:11:33 GMT
server: sffe
date: Sat, 02 Apr 2022 22:19:02 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Apr 2023 22:19:02 GMT

GET
H3 200 Text.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/ Frame A7E8 2 KB
2 KB 72ms
72ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/Text.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b25c7e0e793eedb30cd40db6c0f74bba88c81fded1599169673092f55df9168

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 383738
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2420
x-xss-protection: 0
last-modified: Tue, 18 Dec 2018 15:11:33 GMT
server: sffe
date: Tue, 05 Apr 2022 03:00:04 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Apr 2023 03:00:04 GMT

GET
H3 200 Kabina.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/ Frame A7E8 41 KB
41 KB 65ms
65ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/Kabina.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

035caab3b7000afb91fef991ac6c7018afc0ee6809dd7c311a9bc8be7c121f7b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 142317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41877
x-xss-protection: 0
last-modified: Tue, 18 Dec 2018 15:11:33 GMT
server: sffe
date: Thu, 07 Apr 2022 22:03:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 07 Apr 2023 22:03:45 GMT

GET
H3 200 Oblako.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/ Frame A7E8 13 KB
13 KB 71ms
70ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/Oblako.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a5f05daa508c548ad7a8b8ec4fc56546b336d92c7e80984e51dcc3a3a16cbc1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 368817
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12842
x-xss-protection: 0
last-modified: Tue, 18 Dec 2018 15:11:33 GMT
server: sffe
date: Tue, 05 Apr 2022 07:08:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Apr 2023 07:08:45 GMT

GET
H3 200 MiG.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/ Frame A7E8 6 KB
6 KB 78ms
77ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/MiG.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb0499265bb6c753abd023a5b93e1d515ae9aeda717fa982d9ddd6cce2895c43

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 58611
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6072
x-xss-protection: 0
last-modified: Tue, 18 Dec 2018 15:11:33 GMT
server: sffe
date: Fri, 08 Apr 2022 21:18:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Apr 2023 21:18:51 GMT

GET
H3 200 Raketa.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/ Frame A7E8 10 KB
11 KB 80ms
79ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/Raketa.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ec25903e241b87f42720e5164d06ace24dd158d6d2cc3d42dfab48573091cdf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 58611
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10735
x-xss-protection: 0
last-modified: Tue, 18 Dec 2018 15:11:33 GMT
server: sffe
date: Fri, 08 Apr 2022 21:18:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Apr 2023 21:18:51 GMT

GET
H3 200 Oblako2_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/ Frame A7E8 29 KB
29 KB 72ms
72ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1678951816533527202/Oblako2_1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6091a0ea15d0f7318040a6daeeb3230130888478bde7e581c83b18e8d56197e0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 58611
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29587
x-xss-protection: 0
last-modified: Tue, 18 Dec 2018 15:11:33 GMT
server: sffe
date: Fri, 08 Apr 2022 21:18:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Apr 2023 21:18:51 GMT

GET
DATA 200
OK truncated
/ Frame 6B5A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c96ed229c59bb51f0b807c1038ae0b16376c88339b8d513c64acf96ba8732900

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1586
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

103ms
103ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Apr 2022 13:35:42 GMT
expires: Sat, 09 Apr 2022 13:35:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Apr 2022 13:35:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BECF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d5a275940dd038016a38d1c3827047a48bc769711e293df64ff41e0257faa38

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 35D4 8 KB
1 KB 213ms
70ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&adk=567825307&adf=373489942&pi=t.aa~a.4101934791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1649511342&rafmt=1&to=qs&pwprc=6447248490&psa=0&format=1200x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511342017&bpp=1&bdt=1489&idt=1&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb8fcbc50b9ccfae-22b4cda773cd004a%3AT%3D1649511341%3ART%3D1649511341%3AS%3DALNI_MbtmqE50JZ-DKX7R7Z7Wsmfn91oLA&prev_fmts=0x0%2C945x280%2C945x280&nras=2&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=dEggMjr5kQ&p=https%3A//www.usroid.com&dtd=358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Apr 2022 13:01:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Apr 2022 13:35:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Apr 2022 13:35:43 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 35D4 2 KB
914 B 60ms
59ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Apr 2022 13:32:52 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 35D4 19 KB
8 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:29:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Apr 2022 13:29:39 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 35D4 3 KB
1 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Apr 2022 13:33:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35D4 119 KB
36 KB 133ms
67ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Apr 2022 13:35:43 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 35D4 15 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Apr 2022 13:31:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 35D4 0
0 69ms
69ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSA4MKaQ5D0DzPSiYyqIuJ29c0Df53Zwzuk-SUPhW5yguLXXna8i94dwnO5tSiva4QyLgKuuS9AyDtJVpJB6aSG1l11bA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&adk=567825307&adf=373489942&pi=t.aa~a.4101934791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1649511342&rafmt=1&to=qs&pwprc=6447248490&psa=0&format=1200x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511342017&bpp=1&bdt=1489&idt=1&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb8fcbc50b9ccfae-22b4cda773cd004a%3AT%3D1649511341%3ART%3D1649511341%3AS%3DALNI_MbtmqE50JZ-DKX7R7Z7Wsmfn91oLA&prev_fmts=0x0%2C945x280%2C945x280&nras=2&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=dEggMjr5kQ&p=https%3A//www.usroid.com&dtd=358
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 63f6484ee989c3eda25e621c99817b87.js Show response
www.gstatic.com/mysidia/ Frame 35D4 29 KB
12 KB 187ms
58ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63f6484ee989c3eda25e621c99817b87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 08:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11974
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 08:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Jul 2022 08:30:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 35D4 0
0 104ms
104ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMddarotRYqLiG5Gh6wTuj5aIB7WxyJ9pz8KUsb8PkJecqusvEAEg7MbwJmDVtdcCoAHD4IfbA8gBCagDAcgDywSqBOUBT9Bnit2SXy1w7GqhCFv7Lg-ES7vyEN6irso0p7OBsV3m66wCJxwBl3wfZRbqfdkf37l6pb_QBJTTxIg2LugUU1oBLyYXbtmgCsgomFGIso5zqv35ZlTBaa57Tl8eRaH25ygTzGBhkzqENR7zmXLsnCV51vZ9QZBNkI0zrxt2TXlTWtGGPmzq7D4d9ZmasAbNDtApkULTrcNWQ-4wBjI-ICUQgzAHQu9hsRrZAYRxdiHLjZDZvNmTB5E-uFNRjipVd_jHim8Sy8W2Bkal7jwyQ5Kmj8QCQFqKb1UgnMslLicVISCuTsAEzKbKjfsDkgUECAQYAZIFBAgFGASgBi6AB6Wf-CSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDL6QPSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMMiBQB0BUBgBcBshccChoIABIUcHViLTgxNTg4NDU5MDA3ODE0NDQYAA&sigh=N_YW0tgWN9M&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&adk=567825307&adf=373489942&pi=t.aa~a.4101934791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1649511342&rafmt=1&to=qs&pwprc=6447248490&psa=0&format=1200x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511342017&bpp=1&bdt=1489&idt=1&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb8fcbc50b9ccfae-22b4cda773cd004a%3AT%3D1649511341%3ART%3D1649511341%3AS%3DALNI_MbtmqE50JZ-DKX7R7Z7Wsmfn91oLA&prev_fmts=0x0%2C945x280%2C945x280&nras=2&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=dEggMjr5kQ&p=https%3A//www.usroid.com&dtd=358
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 09 Apr 2022 13:35:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12533527185929356845/ Frame 35D4 22 KB
22 KB 64ms
63ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12533527185929356845/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e358466265cac117c15d6b362ecf0d67427969669ed8ea0ef1c8e5373df6f1ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 10:06:05 GMT
x-content-type-options: nosniff
age: 358177
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22488
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 08:29:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Apr 2023 10:06:05 GMT

GET
DATA 200
OK truncated
/ Frame 35D4 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 35D4 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D42 35 KB
13 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 11:36:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9C2A 1 KB
749 B 61ms
60ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 27719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sun, 10 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 95ms
95ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220406&jk=2951051405574310&bg=!XV6lXhrNAAZAkm7qYJI7ACkAdvg8WlWJTgjXRMp2fDsOIQ5YefcQEC8ZIOcCuhCcHaCQLwAS-GhNKQIAAACKUgAAAANoAQeZAqZz2RryOhrkstqTQ-_17wyKC1QszzMAqfka-Adz6nAKNnA_nyIV4ng9RnDgkd0vr12n2-mCwyGM-ayacA7qqTNT6wc0g0erzBvE7uRCkU5fKRK9vzOMWPeu3Htose4AwViMF5JpI7QK9btPhFIBFmhoO2aLeMqnhOObIxCgmUSUy3Xo0FWKTXpL1KQmqIC9eQI-YBbm-FLpmHzlTztxS95YK9zrr4E8EudFaiQa_soVv4vNXYiBEWVUj4Semiqaz_raCAX_Urpg_CUXVedPxw_RH4DaSDoEwwa1fDdVkxnkb-NEoY1594NxUfG-Y9tHR4qJs7YB4U98LNBKgphc9RnxQNISyDkoXO3hERce8nAdi8k_pQhwvE8CFUc_ffv9nDBh4JamF1M7xt2dhjtpYd6Qzz6if4XlP-_IwiHsoqP580dH5ZvVZHBhQH-bXrw0HYcMcybmlD50W9IIDZBRimEMHDayc2LJ-hIg3bnDqWVpdibu3FRk8OJuDAioh9TLYAAiNSMuuKn-3psPwWzQVuC6umpT9v5lXXhlyRO0VCBHEkzBzoMRl_sRcS2mgfbck1HYW8BLkZYy8J3tRQ7h9sPcp6r-91YRooEj6Wb4IYCclqOSRiN1vt3TxwusJ9c-MlHlS84mVUDRNDpeivttDCRpT8qvLb6KKCYDYwd8cI6FbYNIi4gsbmP4yYViVSuYPDDfyVaeKFnmZ0DEWAWq6feYMONw0GUtx5GOPF1rkXTMPimlFE-WclAHKRmzEa5gqf9G2N9QGZXdTSdWGbdIa8kdi3fLMYVpvzfMSUQ65W5V1pnwe0scjSPUG8AYEOtkx501XMM1nfO7sDKvEFgl2-g6SsAkO6za1qNk_mbwDFNzSLSCR2yXAH1Q1yu66wqtDHJRmk0DRfA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.usroid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 13:35:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9C2A 35 B
465 B 191ms
64ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDhvDvYdqqd8mVoTjC47oEs&google_cver=1&google_push=AYg5qPIV4iEaQsuXTSiNQbyV-3T5Bjr2YJXyXizfG8m2GC9gZMwAkGD9dlUy2so7bftlbhSfJiL8Wjz0KcmTptjepor7k86t0gc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 13:35:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C2A
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPK9m7UtKUkxLfvfHzT8XSzQUbSuj4empQpS8sJ...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxHTHJ3QUFBWVlOd0ZuWQ&google_push=AYg5qPK9m7UtKUkxLfvfHzT8XSzQUbSuj4empQpS8sJ66T5USYT9Mzoc6nVp0bRQkNscZSMlrQPRfv2NxJtfws3U0Y9ZtLs4U3o

170 B
188 B

133ms
68ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxHTHJ3QUFBWVlOd0ZuWQ&google_push=AYg5qPK9m7UtKUkxLfvfHzT8XSzQUbSuj4empQpS8sJ66T5USYT9Mzoc6nVp0bRQkNscZSMlrQPRfv2NxJtfws3U0Y9ZtLs4U3o

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 13:35:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxHTHJ3QUFBWVlOd0ZuWQ&google_push=AYg5qPK9m7UtKUkxLfvfHzT8XSzQUbSuj4empQpS8sJ66T5USYT9Mzoc6nVp0bRQkNscZSMlrQPRfv2NxJtfws3U0Y9ZtLs4U3o
Date: Sat, 09 Apr 2022 13:35:43 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C2A
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPI7LrTQ...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPI7LrTQ...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDkxMzM1NDMwMDAyNTg0MTE5NDUyMA%3D%3D&google_push=AYg5qPI7LrTQ6DxAqGzLNYrE2DpGV1Bdapw3C8BEza5hrnYEfTAuLh5sDcyuBU5qW03Osh...

170 B
188 B

68ms
68ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDkxMzM1NDMwMDAyNTg0MTE5NDUyMA%3D%3D&google_push=AYg5qPI7LrTQ6DxAqGzLNYrE2DpGV1Bdapw3C8BEza5hrnYEfTAuLh5sDcyuBU5qW03OshJbZehFyghTA0-SBW41gaDDMK8vlw

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 13:35:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MDkxMzM1NDMwMDAyNTg0MTE5NDUyMA%3D%3D&google_push=AYg5qPI7LrTQ6DxAqGzLNYrE2DpGV1Bdapw3C8BEza5hrnYEfTAuLh5sDcyuBU5qW03OshJbZehFyghTA0-SBW41gaDDMK8vlw
pragma: no-cache
date: Sat, 09 Apr 2022 13:35:43 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 09 Apr 2022 13:35:43 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 9C2A 43 B
351 B 123ms
52ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHO1x_2ypr-6eg0PmHlnasE&google_cver=1&google_push=AYg5qPLWLcSnBoD6mexiaEacN5wfeQjcEfPwNRqCYoexVJodEMo70P9VvJaskLz1G3HyB-Ta8J8xAhPRmsiMsqJRPeCAw7araWs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8158845900781444&output=html&h=280&adk=567825307&adf=373489942&pi=t.aa~a.4101934791~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1649511342&rafmt=1&to=qs&pwprc=6447248490&psa=0&format=1200x280&url=https%3A%2F%2Fwww.usroid.com%2Flumii-photo-editor-pro%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649511342017&bpp=1&bdt=1489&idt=1&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb8fcbc50b9ccfae-22b4cda773cd004a%3AT%3D1649511341%3ART%3D1649511341%3AS%3DALNI_MbtmqE50JZ-DKX7R7Z7Wsmfn91oLA&prev_fmts=0x0%2C945x280%2C945x280&nras=2&correlator=91489543991&frm=20&pv=1&ga_vid=444682747.1649511341&ga_sid=1649511342&ga_hid=1175997219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760333&oid=2&pvsid=2951051405574310&pem=224&tmod=231343942&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=dEggMjr5kQ&p=https%3A//www.usroid.com&dtd=358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 13:35:42 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: bu87k1vj1e1tnhcs1krdacgrebvhr9b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C2A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c6xDQEJoQamn2Pex1ec2RA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

68ms
68ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c6xDQEJoQamn2Pex1ec2RA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLPRnB_jqGM-0s922D2WycXruBlxIxpeq_5i6sgGLEz9OWpHiYmN47AfGgVWY7IGyjkHBaGvqGbyh_Wu5k_ML8bBHSBjjY

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 13:35:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c6xDQEJoQamn2Pex1ec2RA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLPRnB_jqGM-0s922D2WycXruBlxIxpeq_5i6sgGLEz9OWpHiYmN47AfGgVWY7IGyjkHBaGvqGbyh_Wu5k_ML8bBHSBjjY
date: Sat, 09 Apr 2022 13:35:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C2A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELI3KAGD2JSV5kNHPgXe4Yk&google_cver=1&google_push=AYg5qPKqrHKfWcZIWkhyJ0BhNmFlqC6pvbxsMbwkydMe_iku3cdbaKzT2ZxVxQMXYGd_Mt6LfnC...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFSV0dROE8tMVItQzBTSQ==&google_push=AYg5qPKqrHKfWcZIWkhyJ0BhNmFlqC6pvbxsMbwkydMe_iku3cdbaKzT2ZxVxQMXYGd_Mt6LfnCH5p0it0zusm8nDSLQAVY3t84

170 B
188 B

134ms
68ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFSV0dROE8tMVItQzBTSQ==&google_push=AYg5qPKqrHKfWcZIWkhyJ0BhNmFlqC6pvbxsMbwkydMe_iku3cdbaKzT2ZxVxQMXYGd_Mt6LfnCH5p0it0zusm8nDSLQAVY3t84

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 13:35:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFSV0dROE8tMVItQzBTSQ==&google_push=AYg5qPKqrHKfWcZIWkhyJ0BhNmFlqC6pvbxsMbwkydMe_iku3cdbaKzT2ZxVxQMXYGd_Mt6LfnCH5p0it0zusm8nDSLQAVY3t84
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 9C2A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9C2A 0
223 B 196ms
64ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LKF4zmP-jOpuSVNZ8-_TMSDhJAU2RqEbmpfOpVNPO0_sQHDuNDFjrF36OmX-DPXLorTuQk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:35:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 35D4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20dff0b4849196053bbdd7fd0a69d36a06f64ee26b832ffb1c5d1e516f3b2c0d

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 35D4 28 KB
28 KB 191ms
61ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 312486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 22:47:37 GMT

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 40CE 35 KB
13 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 11:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 11:36:36 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BECF 42 B
64 B 96ms
95ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssieKKj31l4DvMNYxzUAEhPAnYuRwDwAYJ-QPSLJbP3NUQH-hADqd1Rs_w2cD0pG-G_hPvdVU35FL-YYKiFnrgQuA8aPqbOg2hvxIr3jyOe0Z08tuq3Dw&sai=AMfl-YRQV2iBuUJSyvH_1_y0hNFId9Wy8SIINLtu46LXVOVF30UOmfYOsJ9Kl2sCJSPuyyMHij6auv2f3BS8&sig=Cg0ArKJSzJ-1GQbr5s3GEAE&id=lidar2&mcvt=1001&p=0,0,244,945&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=423374403&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649511341765&rpt=995&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 13:35:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.usroid.com/	1970-01-20 02:11:53	Name: __cf_bm Value: a4ePcn8MbaQoXjqxB5YmQuc6xfASCjWWYLL27m.JLv8-1649511341-0-AQs3Tw+n/bvoA/UWzeIgYIArcQ5mwMcjI4Otti32tkuiK49n67Ynt7CGWSX/Cd+xT7GVLg4PHPj7WqimNtEi4oxSTZecVcn45BGOpW2XDdBPgTRh/VIcyiQlC+Ut4lX5+g==
.usroid.com/	1970-01-20 19:43:03	Name: _ga_WCQBDK7SM6 Value: GS1.1.1649511341.1.0.1649511341.60
.usroid.com/	1970-01-20 19:43:03	Name: _ga Value: GA1.1.444682747.1649511341
.usroid.com/	1970-01-20 11:33:27	Name: __gads Value: ID=fb8fcbc50b9ccfae-22b4cda773cd004a:T=1649511341:RT=1649511341:S=ALNI_MbtmqE50JZ-DKX7R7Z7Wsmfn91oLA
.doubleclick.net/	1970-01-20 02:11:54	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 11:33:27	Name: IDE Value: AHWqTUmgMRm-7u1iiptKbZ-wPchNMallqN1ms2jpC_Q_qvZz0FW45yO93rgMz_V5vd0
.quantserve.com/	1970-01-20 04:21:27	Name: d Value: EFMBCQHuJYEA
.quantserve.com/	1970-01-20 11:42:05	Name: mc Value: 62518baf-445de-53d31-366c6
.casalemedia.com/	1970-01-20 10:57:27	Name: CMID Value: YlGLr.ShbIjZLTVWS51YZAAA
.casalemedia.com/	1970-01-20 04:21:27	Name: CMPS Value: 1871
.pubmatic.com/	1970-01-20 02:13:17	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 04:21:27	Name: CMPRO Value: 297
.casalemedia.com/	1970-01-20 02:13:17	Name: CMST Value: YlGLr2JRi68A
.pubmatic.com/	1970-01-20 04:21:27	Name: KADUSERCOOKIE Value: 73AC4340-4268-41A9-A7D8-F7B1D5E73644
.e.dlx.addthis.com/	1970-01-20 11:42:05	Name: na_tc Value: Y
.addthis.com/	1970-01-20 11:42:05	Name: na_id Value: 2022040913354300025841194520
.addthis.com/	1970-01-20 11:42:05	Name: na_tc Value: Y
.addthis.com/	1970-01-20 11:42:05	Name: uid Value: 62518baf7520e661
.addthis.com/	1970-01-20 11:42:05	Name: ouid Value: 62518baf0001d7b6035bf6039484456bd77a63babf5ea844cb9d
.dlx.addthis.com/	1970-01-20 02:55:03	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 02:55:03	Name: na_sr Value: 20220409
.dlx.addthis.com/	1970-01-20 02:11:51	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 02:55:03	Name: na_sc_e Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlGLr-ShbIjZLTVWS51YZAAAASkAAAAB&google_gid=CAESEOljEhgDZX1srFUYDtCF-BA&google_cver=1&google_push=AYg5qPKMkhaZJg7bF_6bJeYqL4W5_QBJ5M1n0MCWMHPtCru4lkKH83m4CNFJg6KlbHAyXFH37ZLTS92UQAU487PqqVkqZUSh6A Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.es
analytics.google.com
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.es
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.usroid.com
cm.g.doubleclick.net
104.92.72.137
142.250.184.194
142.250.186.34
198.47.127.19
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:801::2008
2a00:1450:4001:802::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:400c:c08::9b
2a06:98c1:3121::7
34.246.234.200
35.227.252.103
69.173.144.138
0008e978a1a96c401f956a7deca37c53e954cbf8d6099eb2a87170400555a969
019e73078af15ab40f31063cff265b9959d0b5949ad69361a00187b4969a0ac3
027aac4191cc6b3bb79a6bb539ab76bbfc49b96398554df2bded4db9c88dc4f3
035caab3b7000afb91fef991ac6c7018afc0ee6809dd7c311a9bc8be7c121f7b
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
05018fbd16787a97060618a3787f5f70e0f3b7de06254ad6fc69a3d5e4630861
0692df2038c3831068fce6e18428995188ffa01de43b1e4a4f4bc260b9e294e0
0a619043f70d8e5104f7eb482d177462f91dd71b1d385352c3c7cc20cb673376
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf8b06cb394cec854b108dfb579041edc6310768574ac949dadcdd426106d59
0ec25903e241b87f42720e5164d06ace24dd158d6d2cc3d42dfab48573091cdf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d5a275940dd038016a38d1c3827047a48bc769711e293df64ff41e0257faa38
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
20c861ae5bf220b27cbf2d89ff174b1ecb2323f154c61d34fb70f823e06b0252
20dff0b4849196053bbdd7fd0a69d36a06f64ee26b832ffb1c5d1e516f3b2c0d
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28b1d0ac02ef77abb63148311e49ec4dc9c2ebeed533cdecbe41ec85f3ded423
2c61f4fe6230fbe1f43af1d0a6306fe5dd13c98a5384488a31fb8df8568c6c03
33c9f2723adc2d9e76d547c1d55532ba9599dc89565a3e2058aa001ba23ebd90
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
386771342672bcb17e0a52184351f2e78f801cfef76248d822e23daa2c0edb81
38accf7dd9b447f652876ff1170880cbd57bbdcd146b80ac501463dafe6d9475
3b76b1f67c05551dd3155c64819bcec1060d26f4c0f4046ec5b58d40c21b0e92
3e4a944c91fb7470a45b5060639f8d0099e6d7335eb75b53b7a355567b082653
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
483e07c55f81ac1c29089729404d74de89ba6d75366b91e8104b4f06fda6e445
4954902906753531e9ffaf59ae520f12d9ca732fcd8735f404c9a79fad7c2094
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b25c7e0e793eedb30cd40db6c0f74bba88c81fded1599169673092f55df9168
4cbe9d0ece388f214601aea9bd6e1b10e78f5e102e40d14155a7a03888cc267c
4dcea5a0291b6d0ab42bd40f6c1cd9fc98bb818b3458db3ecdfdd6c6c808e4f9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a83dbd232855e39370fde63294174172427117aea3694b00fc603b0450ad16e
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f8ea0fa4c8a0c3d7a25d1245b42cbe34b6341757af514bf5ba0739896333eee
6091a0ea15d0f7318040a6daeeb3230130888478bde7e581c83b18e8d56197e0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c5c1d649b057d6397249d0a27069b22d7e69ca8285cec06e2fd070a51a75d8
6710e1854b01f3fce2a35810a0e6dfdb557bf96b01ae502196dd7a59117a46d8
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
6a5f05daa508c548ad7a8b8ec4fc56546b336d92c7e80984e51dcc3a3a16cbc1
702d8cb52c7a2b68dbcfb36a9fecef490e56b74f007b5fb89fc22479180c74b6
7182d0259cbf2cd1a77734f5b67fac45ffcb71a7b43758ec1b2ea95333c2141e
792501fa3ae05345b5bd0a85c99eeae46ac4532630bd13ce854ae1bda52e8653
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2
7d047c826a6d49f531b1d84f13f853d68ac4943d70886dc22032179c9df299b1
80b6808d6ea95a4efe90695b2cc66563007a27fc301ef178f6f233fe3a79f716
88a5250b75a3520611b523b8134f54299581cd7463dc91a29669cfc3a0bac99d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
90593ec664623228a19ce2887dba3b7015aff9e7d7a30c74c4c4758b77500403
91e68fbba31b87e50cbaa5f4a2934eff38ef4f289b90d92e3e01defc8d3268fc
997a3e6b3dcb92b9e1e35e7f59dc35714aed9e088a698e8b86882061b7ac47c6
999a200a878c8f0f038a8207a66b9941bc8306ae4a8b11e486be8ab8c04b47ae
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be31175cc3752d1531100e01d847d5fba82a229aa379c8a7e5dcf615a4b0aad
9ea38db29d1e19a38a60f73afbf69642b96a4bcca26e10a5bc3c30b2debdcbdf
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a373e76e5f2c7c77467d71630725814ba8f1eb749fc9e18bb091123fbdeaf38d
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a71394b969720003da34a2d10112aba522780bd3856eb6907638f55393a4ca8e
aae323aae1b82ab324f2f2093cb59bef2b7c70399101ed51ee66adcf1b7e2aec
b3860fa217e9dff48ae598c12c2e49d3cdefe27b840fc1e4f74b9caa47c6c3e1
bb9c1989bd0be7c2198b056757984f923d94ce576b2d834421b0b812b00128f6
bdf533f079921fe4aed69a75225c5b857692de9b75856d039905561373041f53
be0d03bd855e0785df2bd26a69d417378323cc995451fad98ec51c07b502c501
c18ec1ce51a37ff510ec1b655d3f87abda5b10c34a9c49d211a8e41f12aab93e
c82a8c51aaef01c64ace2b316f63997fcbed15f3874923f0abb89d4d1674c9ea
c96ed229c59bb51f0b807c1038ae0b16376c88339b8d513c64acf96ba8732900
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7875cf672934b2bdfde6e6bde8462cf384cd436b560d0d0ea74d38d871d4ae6
dae8daacac240c9dfcacd892df83c5d2ede0f6f4736845c332d87d87a46cfcd3
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e358466265cac117c15d6b362ecf0d67427969669ed8ea0ef1c8e5373df6f1ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e409106a09c4676b55611bc757f5fb2d3e5bd92be5eefbfd53038d0283ef5137
e6ba1018c570f92698d9e1141f195d831773e32a047fb3c1b0d8fd4e5a4e7080
e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb
eb039e4cef30498c8c0045f155c7a9379b64fc60d200e7cc756a5594d283f9e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75fb8bcf8a548a389bfa5a8d5a3d1b496383bdccc210645bb92e46a06a9ece8
fa747ad80d61df994c271eb0255e8296d626eecccd02a8752fe11610aab5c53e
fb0499265bb6c753abd023a5b93e1d515ae9aeda717fa982d9ddd6cce2895c43

www.usroid.com Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

110 Requests

95 %HTTPS

70 %IPv6

16 Domains

23 Subdomains

20 IPs

4 Countries

1594 kBTransfer

3709 kBSize

23 Cookies

9 Outgoing links

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.usroid.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

95 %
HTTPS

70 %
IPv6

16
Domains

23
Subdomains

20
IPs

4
Countries

1594 kB
Transfer

3709 kB
Size

23
Cookies

110 HTTP transactions
14 data transactions