gl.modsforandroid.com Open in urlscan Pro
192.53.122.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire#google_vignette
Effective URL:
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Submission Tags: @phish_report
Submission: On December 24 via api (December 24th 2023, 8:23:25 am UTC) from FI — Scanned from CA

Summary HTTP 282 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 70 IPs in 7 countries across 63 domains to perform 282 HTTP transactions. The main IP is 192.53.122.254, located in Toronto, Canada and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is gl.modsforandroid.com.
TLS certificate: Issued by R3 on November 22nd 2023. Valid for: 3 months.

This is the only time gl.modsforandroid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	192.53.122.254 192.53.122.254	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	142.251.40.170 142.251.40.170	15169 (GOOGLE) (GOOGLE)
4	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
10	172.217.13.130 172.217.13.130	15169 (GOOGLE) (GOOGLE)
1	104.18.31.49 104.18.31.49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	96.7.64.34 96.7.64.34	16625 (AKAMAI-AS) (AKAMAI-AS)
16	172.217.13.110 172.217.13.110	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.13.163 172.217.13.163	15169 (GOOGLE) (GOOGLE)
1 4	87.250.250.119 87.250.250.119	13238 (YANDEX) (YANDEX)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
9	18.67.65.75 18.67.65.75	16509 (AMAZON-02) (AMAZON-02)
3	13.249.42.27 13.249.42.27	16509 (AMAZON-02) (AMAZON-02)
3 7	141.95.33.120 141.95.33.120	16276 (OVH) (OVH)
1	13.225.214.112 13.225.214.112	16509 (AMAZON-02) (AMAZON-02)
2	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	74.119.119.131 74.119.119.131	19750 (AS-CRITEO) (AS-CRITEO)
2	108.138.128.46 108.138.128.46	16509 (AMAZON-02) (AMAZON-02)
1	99.84.222.71 99.84.222.71	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	172.67.68.162 172.67.68.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.119.119.129 74.119.119.129	19750 (AS-CRITEO) (AS-CRITEO)
1	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.173.132.67 18.173.132.67	16509 (AMAZON-02) (AMAZON-02)
1	3.162.114.30 3.162.114.30	16509 (AMAZON-02) (AMAZON-02)
1	54.209.94.68 54.209.94.68	14618 (AMAZON-AES) (AMAZON-AES)
1 3	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	23.7.29.146 23.7.29.146	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.22.52.173 104.22.52.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
3	172.67.23.234 172.67.23.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	159.127.42.82 159.127.42.82	25751 (VALUECLICK) (VALUECLICK)
3	104.22.5.69 104.22.5.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.64.65 142.250.64.65	15169 (GOOGLE) (GOOGLE)
5 10	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1 17	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1 9	104.22.4.69 104.22.4.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	68.67.160.26 68.67.160.26	29990 (ASN-APPNEX) (ASN-APPNEX)
5 5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 8	172.217.165.130 172.217.165.130	15169 (GOOGLE) (GOOGLE)
1	172.240.155.68 172.240.155.68	7979 (SERVERS-COM) (SERVERS-COM)
1 1	50.116.194.23 50.116.194.23	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	34.225.221.211 34.225.221.211	14618 (AMAZON-AES) (AMAZON-AES)
1 3	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
26	172.217.13.98 172.217.13.98	15169 (GOOGLE) (GOOGLE)
2	172.217.13.138 172.217.13.138	15169 (GOOGLE) (GOOGLE)
3	142.251.40.163 142.251.40.163	15169 (GOOGLE) (GOOGLE)
17	142.251.40.161 142.251.40.161	15169 (GOOGLE) (GOOGLE)
2	35.174.197.10 35.174.197.10	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.214.195.83 35.214.195.83	15169 (GOOGLE) (GOOGLE)
7 7	69.194.240.13 69.194.240.13	26120 (RHYTHMONE) (RHYTHMONE)
2 2	50.116.194.21 50.116.194.21	6336 (TURN-US-ASN) (TURN-US-ASN)
5	44.193.166.53 44.193.166.53	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.73.63.104 52.73.63.104	14618 (AMAZON-AES) (AMAZON-AES)
1	51.222.239.232 51.222.239.232	16276 (OVH) (OVH)
1 1	35.236.220.17 35.236.220.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
2 2	64.74.236.63 64.74.236.63	19024 (INTERNAP-...) (INTERNAP-BLK5)
1 1	23.105.14.100 23.105.14.100	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 2	67.72.99.169 67.72.99.169	25751 (VALUECLICK) (VALUECLICK)
5	34.207.52.118 34.207.52.118	14618 (AMAZON-AES) (AMAZON-AES)
1	23.51.57.13 23.51.57.13	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.22.194.15 23.22.194.15	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
22	99.84.208.9 99.84.208.9	16509 (AMAZON-02) (AMAZON-02)
3	172.217.13.194 172.217.13.194	15169 (GOOGLE) (GOOGLE)
4	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
19	172.217.13.198 172.217.13.198	15169 (GOOGLE) (GOOGLE)
3 3	52.21.193.17 52.21.193.17	14618 (AMAZON-AES) (AMAZON-AES)
2 2	63.251.86.49 63.251.86.49	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	174.137.133.32 174.137.133.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
2	172.217.13.102 172.217.13.102	15169 (GOOGLE) (GOOGLE)
2 2	8.28.7.84 8.28.7.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	172.217.13.142 172.217.13.142	15169 (GOOGLE) (GOOGLE)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	100.25.207.80 100.25.207.80	14618 (AMAZON-AES) (AMAZON-AES)
1	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	18.165.83.107 18.165.83.107	16509 (AMAZON-02) (AMAZON-02)
2	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
9	52.7.142.193 52.7.142.193	14618 (AMAZON-AES) (AMAZON-AES)
1 1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
1	172.217.13.196 172.217.13.196	() ()
282	70

14 192.53.122.254 (Toronto, Canada)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 192-53-122-254.ip.linodeusercontent.com

gl.modsforandroid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.170 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.13.130 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.31.49 (None, )

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.7.64.34 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-7-64-34.deploy.static.akamaitechnologies.com

is2-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.13.110 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.163 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 87.250.250.119 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.67.65.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-75.iad89.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.249.42.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-42-27.iad89.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 141.95.33.120 (Germany) 3 redirects

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-112.ewr50.r.cloudfront.net

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.222.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-222-71.iad79.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.68.162 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-67.jfk52.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.114.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-114-30.iad61.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.94.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-94-68.compute-1.amazonaws.com

c.ltmsphrcl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.7.29.146 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-29-146.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.52.173 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.23.234 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.127.42.82 (United States)

ASN25751 (VALUECLICK, US)
PTR: iad12-convex-float1.dotomi.com

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.22.5.69 (None, )

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.64.65 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f1.1e100.net

844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.71.139.29 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.22.4.69 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 68.67.160.26 (Jersey City, United States) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (Seattle, United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.165.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.155.68 (United States)

ASN7979 (SERVERS-COM, US)

sync.colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.194.23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)
PTR: d-atl1.turn.com

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.221.211 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-221-211.compute-1.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.36.115.113 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.138 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.163 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.40.161 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.174.197.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-197-10.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.195.83 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 83.195.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.194.240.13 (United States) 7 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.116.194.21 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.193.166.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-166-53.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.63.104 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-63-104.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.239.232 (Canada)

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.236.220.17 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.63 (United States) 2 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.14.100 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.100.rdns.racklot.com

ssbsync-us.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.72.99.169 (Ashburn, United States) 2 redirects

ASN25751 (VALUECLICK, US)
PTR: iad05-nessy-float1.dotomi.com

amazon-tam-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.207.52.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-52-118.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.51.57.13 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-13.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.22.194.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-194-15.compute-1.amazonaws.com

sync-amz.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.218.10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 99.84.208.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-208-9.iad79.r.cloudfront.net

setupad-hai-tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.217.13.198 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.21.193.17 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-193-17.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.49 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.32 (United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.24 (Chicago, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.102 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.84 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.13.142 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.25.207.80 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-207-80.compute-1.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.165.83.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-107.iad55.r.cloudfront.net

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.7.142.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-142-193.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.196 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	324 KB
31	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2257 setupad-hai-tagan.adlightning.com — Cisco Umbrella Rank: 551451	249 KB
22	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410 s.amazon-adsystem.com — Cisco Umbrella Rank: 285	91 KB
21	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net — Cisco Umbrella Rank: 139	320 KB
19	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	459 KB
17	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com	134 KB
15	ad.gt 1 redirects id.hadron.ad.gt — Cisco Umbrella Rank: 1673 a.ad.gt — Cisco Umbrella Rank: 1869 p.ad.gt — Cisco Umbrella Rank: 2256 ids.ad.gt — Cisco Umbrella Rank: 1540 pixels.ad.gt — Cisco Umbrella Rank: 2064	21 KB
14	modsforandroid.com gl.modsforandroid.com	87 KB
13	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 718 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	104 KB
10	3lift.com 5 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	5 KB
9	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 425 cdn.id5-sync.com — Cisco Umbrella Rank: 893	73 KB
8	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 478 ib.adnxs.com — Cisco Umbrella Rank: 229	6 KB
7	pubmatic.com 3 redirects image2.pubmatic.com — Cisco Umbrella Rank: 859 image6.pubmatic.com — Cisco Umbrella Rank: 793 ads.pubmatic.com — Cisco Umbrella Rank: 544 simage4.pubmatic.com — Cisco Umbrella Rank: 1304	7 KB
6	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 582 sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5099	4 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	256 KB
5	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	2 KB
5	1rx.io 5 redirects sync.1rx.io — Cisco Umbrella Rank: 546	3 KB
5	adsrvr.org 5 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	2 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042	106 KB
4	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643 u.openx.net — Cisco Umbrella Rank: 672	1 KB
4	yahoo.com 3 redirects connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4156 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	10 KB
4	criteo.com gum.criteo.com — Cisco Umbrella Rank: 424 bidder.criteo.com — Cisco Umbrella Rank: 776 dis.criteo.com — Cisco Umbrella Rank: 550	1 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	71 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	6 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	23 KB
3	disqus.com 3 redirects ssp.disqus.com — Cisco Umbrella Rank: 1557	1 KB
3	turn.com 3 redirects d.turn.com — Cisco Umbrella Rank: 1349 ad.turn.com — Cisco Umbrella Rank: 773	1 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 465	1 KB
3	dotomi.com 2 redirects proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2813 amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4718	1 KB
3	yandex.com 1 redirects mc.yandex.com — Cisco Umbrella Rank: 8902	2 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340 fonts.googleapis.com — Cisco Umbrella Rank: 29	35 KB
2	setupad.com node.setupad.com — Cisco Umbrella Rank: 47970	481 B
2	adkernel.com 2 redirects sync.adkernel.com — Cisco Umbrella Rank: 1750	2 KB
2	lijit.com 2 redirects ce.lijit.com — Cisco Umbrella Rank: 835	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 563	1 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	935 B
2	rubiconproject.com 1 redirects token.rubiconproject.com — Cisco Umbrella Rank: 461 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237	2 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	561 B
2	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 41482	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979	24 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	44 KB
2	33across.com 1 redirects cdn-ima.33across.com — Cisco Umbrella Rank: 1352 ssc-cms.33across.com — Cisco Umbrella Rank: 904	5 KB
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 501	868 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	748 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 327	632 B
1	smartadserver.com 1 redirects ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6175	263 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 902	361 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	619 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 714	198 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 870	236 B
1	gumgum.com 1 redirects rtb.gumgum.com — Cisco Umbrella Rank: 1472	275 B
1	colossusssp.com sync.colossusssp.com — Cisco Umbrella Rank: 1503	202 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1211	106 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1790	10 KB
1	ltmsphrcl.net c.ltmsphrcl.net — Cisco Umbrella Rank: 4734	436 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789	3 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	yandex.ru mc.yandex.ru — Cisco Umbrella Rank: 4182	70 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	76 KB
1	mzstatic.com is2-ssl.mzstatic.com — Cisco Umbrella Rank: 6944	10 KB
1	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 40156	99 KB
282	63

	Domain	Requested by
26	pagead2.googlesyndication.com	tagan.adlightning.com 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com gl.modsforandroid.com tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
22	setupad-hai-tagan.adlightning.com	tagan.adlightning.com 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
19	s0.2mdn.net	844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com tagan.adlightning.com s0.2mdn.net gl.modsforandroid.com
17	tpc.googlesyndication.com	844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com tagan.adlightning.com s0.2mdn.net
17	s.amazon-adsystem.com	1 redirects tagan.adlightning.com s.amazon-adsystem.com u.openx.net match.sharethrough.com ads.pubmatic.com sync-amz.ads.yieldmo.com
16	fundingchoicesmessages.google.com	gl.modsforandroid.com securepubads.g.doubleclick.net tagan.adlightning.com
14	gl.modsforandroid.com	gl.modsforandroid.com
10	eb2.3lift.com	5 redirects stpd.cloud eb2.3lift.com
9	dt.adsafeprotected.com	gl.modsforandroid.com
9	ids.ad.gt	1 redirects gl.modsforandroid.com
9	tagan.adlightning.com	stpd.cloud tagan.adlightning.com 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
8	cm.g.doubleclick.net	5 redirects eb2.3lift.com sync-amz.ads.yieldmo.com
7	id5-sync.com	3 redirects stpd.cloud cdn.id5-sync.com
6	www.googletagservices.com	844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com tagan.adlightning.com
5	match.sharethrough.com	s.amazon-adsystem.com match.sharethrough.com
5	ads.yieldmo.com	s.amazon-adsystem.com sync-amz.ads.yieldmo.com
5	sync.1rx.io	5 redirects
5	ib.adnxs.com	4 redirects eb2.3lift.com
5	match.adsrvr.org	5 redirects
4	googleads4.g.doubleclick.net	tagan.adlightning.com
4	844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com	securepubads.g.doubleclick.net tagan.adlightning.com
4	secure.cdn.fastclick.net	tagan.adlightning.com secure.cdn.fastclick.net
4	securepubads.g.doubleclick.net	gl.modsforandroid.com securepubads.g.doubleclick.net
4	cdn.jsdelivr.net	gl.modsforandroid.com stpd.cloud securepubads.g.doubleclick.net
3	www.google-analytics.com	p.ad.gt www.google-analytics.com
3	ssp.disqus.com	3 redirects
3	googleads.g.doubleclick.net	844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com tagan.adlightning.com
3	www.gstatic.com	844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
3	image6.pubmatic.com	1 redirects gl.modsforandroid.com ads.pubmatic.com
3	pixel.tapad.com	3 redirects
3	secure.adnxs.com	2 redirects 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
3	mc.yandex.com	1 redirects gl.modsforandroid.com
3	c.amazon-adsystem.com	stpd.cloud c.amazon-adsystem.com
2	node.setupad.com	stpd.cloud
2	static.adsafeprotected.com	tagan.adlightning.com
2	simage4.pubmatic.com	2 redirects
2	ad.doubleclick.net	844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com tagan.adlightning.com
2	sync.adkernel.com	2 redirects
2	ce.lijit.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	amazon-tam-match.dotomi.com	2 redirects
2	u.openx.net	1 redirects s.amazon-adsystem.com
2	b1sync.zemanta.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	ad.turn.com	2 redirects
2	pixel.adsafeprotected.com	844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com gl.modsforandroid.com
2	fonts.googleapis.com	844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
2	a.ad.gt	tagan.adlightning.com p.ad.gt
2	lb.eu-1-id5-sync.com	stpd.cloud cdn.id5-sync.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	prebid-stag.setupad.net	stpd.cloud
2	tags.crwdcntrl.net	securepubads.g.doubleclick.net tagan.adlightning.com
2	static.criteo.net	securepubads.g.doubleclick.net stpd.cloud
2	cdn.id5-sync.com	securepubads.g.doubleclick.net tagan.adlightning.com
2	gum.criteo.com	stpd.cloud
1	www.google.com	tagan.adlightning.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	bh.contextweb.com	1 redirects
1	dis.criteo.com	eb2.3lift.com
1	x.bidswitch.net	eb2.3lift.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com	eb2.3lift.com
1	pixels.ad.gt	tagan.adlightning.com
1	ssc-cms.33across.com	1 redirects
1	sync-amz.ads.yieldmo.com	s.amazon-adsystem.com
1	ads.pubmatic.com	s.amazon-adsystem.com
1	ssbsync-us.smartadserver.com	1 redirects
1	trace.mediago.io	1 redirects
1	um.simpli.fi	1 redirects
1	onetag-sys.com	s.amazon-adsystem.com
1	csync.loopme.me	1 redirects
1	rtb.gumgum.com	1 redirects
1	d.turn.com	1 redirects
1	sync.colossusssp.com	gl.modsforandroid.com
1	token.rubiconproject.com	gl.modsforandroid.com
1	image2.pubmatic.com	gl.modsforandroid.com
1	p.ad.gt	a.ad.gt
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	cm.adform.net	gl.modsforandroid.com
1	cdn.hadronid.net	gl.modsforandroid.com
1	google-bidout-d.openx.net	tagan.adlightning.com
1	c.ltmsphrcl.net	tags.crwdcntrl.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	tagan.adlightning.com
1	oajs.openx.net	oa.openxcdn.net
1	bidder.criteo.com	stpd.cloud
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	mc.yandex.ru	gl.modsforandroid.com
1	fonts.gstatic.com	gl.modsforandroid.com
1	cdnjs.cloudflare.com	gl.modsforandroid.com
1	is2-ssl.mzstatic.com	gl.modsforandroid.com
1	stpd.cloud	gl.modsforandroid.com
1	ajax.googleapis.com	gl.modsforandroid.com
282	98

This site contains links to these domains. Also see Links.

Domain
baixarapk.gratis
d.apkpure.com
play.google.com
en.aptoide.com
m.apkpure.com
en.baixarapk.gratis
apps.apple.com

Subject Issuer	Validity	Valid
gl.modsforandroid.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
stpd.cloud E1	`2023-12-16` - `2024-03-15`	3 months	crt.sh
itunes.apple.com Apple Public EV Server RSA CA 2 - G1	`2023-11-30` - `2024-05-28`	6 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2023-08-15` - `2024-02-08`	6 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.ltmsphrcl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-05`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
a.ad.gt E1	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
p.ad.gt Cloudflare Inc ECC CA-3	`2023-11-09` - `2024-11-07`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.colossusssp.com Go Daddy Secure Certificate Authority - G2	`2023-09-08` - `2024-10-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-03-26` - `2024-04-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
node.setupad.com R3	`2023-10-25` - `2024-01-23`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 31 frames:

Primary Page: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Frame ID: C7C0BA94CEED2CDE98E9F0F4D535D999
Requests: 109 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 8D4600FACA41D7381F194A589623FEB9
Requests: 1 HTTP requests in this frame

Frame: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 26A6087B7FF887EF647429A8EDB3E50F
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: 863EE3EA41175F2023AF2D95E50DCEBC
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&dcc=t
Frame ID: 430FD8A462D011B5E79C981D16953D44
Requests: 1 HTTP requests in this frame

Frame: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 360280975331B68F0349699CCAF38BE8
Requests: 7 HTTP requests in this frame

Frame: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 59D0363CCCFDDF18F85933C08CAD77EC
Requests: 39 HTTP requests in this frame

Frame: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6F25E2D61491594073610AB8269EA4B4
Requests: 38 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: FD72AE6EB225B49BA951B6C329383E08
Requests: 8 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: C3AFAB56BF078C8EC3C5690D34BB9B96
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7668977979458787111&gdpr=0&gdpr_consent=
Frame ID: 19E3517757719245C27D4C28177068B6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFmHr2igpcrgNFVdt0AAAAAAA&expiration=1703492596&is_secure=true&gdpr=0
Frame ID: A0B574CF17E7DC3B77B5DA648BFD63EB
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: AC531A7E16EB957A103DFD8380ACEB1E
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: B8A7B82EF275A00E1C9920DC496C44B8
Requests: 2 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: 13BDBAD603AE3122EEB3485224381EF2
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS16dGh3RGtCRTJ1SklkQzl0Ui4zd3FSeWdueE81SGpOeX5B&gdpr=0
Frame ID: 63A7716EC53158A34F643FFDA8E8B713
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=509659560713293521694
Frame ID: 2F95C86EBE68F17D361F897D0F4F66D3
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: C085C2CFD80272E773B5D98E27EEA59D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQ1vLNlQIYo4K4_gEwAQ&v=APEucNXQdmb4H9EkKMbTMfEciUR7Fl1H-AUTMUtdUrkSDmxTmaOEwfhsZjbob-G0zfTZd5FbRIkScyugAzMyadlhesAnXYm6voq8KPBaL-fxgiH9ntSd7w8
Frame ID: BDAA30ED30869479EE90DE37ACD3AF44
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCQt9PyAhj8047_ATAB&v=APEucNXZy_80Am3h52HJFwjlFHy9Mr_pINoOSbgB8VfzhSaUIl0fjVt6kottMXxnz_t47n7zETIkF_Oyb6piQIaEhTusZB3qiFtCmc7bWWfVvsghJT2rtfg
Frame ID: 5BF8C9DDC95B5CB79CEF033CFB7FD057
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C83E9778609CF13CA0CE59661DA884D9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 900ED7D474C6C912940D1AFD4A63CBDD
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID
Frame ID: 94FF032C89A334D081334F3B7F8CCA1F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID
Frame ID: C8C4DB7B3BA0F158272BDACACB6C74DD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9ACAB16B255956A2E644B218B4811F1A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C492BE7123844E395ED949E0B4B8B234
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
Frame ID: 695A474778F2355F1B4EA1108489F268
Requests: 19 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A998DB81A3305A2B22D4031B6AB60270
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 67CDAD13976C5F8C166CD726D1BF0802
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FB9B4C5A3CF69B2EC2CE5DB2DFFB307A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B35CE976D38E5B3C331556A6F8379946
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download Temu APK - 2023

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/material(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

282
Requests

90 %
HTTPS

0 %
IPv6

63
Domains

98
Subdomains

70
IPs

7
Countries

2738 kB
Transfer

7213 kB
Size

75
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://baixarapk.gratis/en
Title: Android APKs

Search URL Search Domain Scan URL

URL: https://d.apkpure.com/b/APK/com.einnovation.temu?version=latest
Title: Download - Apk Mirror 1:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.einnovation.temu
Title: Playstore Download →

Search URL Search Domain Scan URL

URL: https://en.aptoide.com/search?query=Temu
Title: Download 1 →

Search URL Search Domain Scan URL

URL: https://m.apkpure.com/search?q=Temu
Title: Download 2 →

Search URL Search Domain Scan URL

URL: https://en.baixarapk.gratis/discover/FileManager
Title: here

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/temu-team-up-price-down/id1641486558?uo=4&at=1641486558
Title: Free On iTunes

Search URL Search Domain Scan URL

URL: https://baixarapk.gratis/en/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://baixarapk.gratis/en/dmca
Title: DMCA Policy/Reports

Search URL Search Domain Scan URL

URL: https://baixarapk.gratis/contact
Title: Contact Us | Contact

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://mc.yandex.com/watch/47987153?wmode=7&page-url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1200%3Acn%3A1%3Adp%3A0%3Als%3A1046229939895%3Ahid%3A364689690%3Az%3A-480%3Ai%3A20231224002314%3Aet%3A1703406194%3Ac%3A1%3Arn%3A1061313578%3Arqn%3A1%3Au%3A170340619485699545%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C36%2C75%2C1%2C0%2C0%2C%2C206%2C8%2C%2C%2C%2C331%3Aco%3A0%3Acpf%3A1%3Ans%3A1703406193023%3Afp%3A338%3Arqnl%3A1%3Ast%3A1703406194%3At%3ADownload%20Temu%20APK%20-%202023&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/47987153/1?wmode=7&page-url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1200%3Acn%3A1%3Adp%3A0%3Als%3A1046229939895%3Ahid%3A364689690%3Az%3A-480%3Ai%3A20231224002314%3Aet%3A1703406194%3Ac%3A1%3Arn%3A1061313578%3Arqn%3A1%3Au%3A170340619485699545%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C36%2C75%2C1%2C0%2C0%2C%2C206%2C8%2C%2C%2C%2C331%3Aco%3A0%3Acpf%3A1%3Ans%3A1703406193023%3Afp%3A338%3Arqnl%3A1%3Ast%3A1703406194%3At%3ADownload%20Temu%20APK%20-%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29&redirnss=1

Request Chain 73

https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1

Request Chain 74

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&dcc=t

Request Chain 77

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703406194-RU95A13H-V349&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001703406194-RU95A13H-V349%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703406194-RU95A13H-V349&adnxs_id=6432297309198139664&gdpr=0

Request Chain 78

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001703406194-RU95A13H-V349&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001703406194-RU95A13H-V349&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=57e2c866-01e7-466a-a292-f980c7705ed0&id=AU1D-0100-001703406194-RU95A13H-V349

Request Chain 81

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001703406194-RU95A13H-V349&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001703406194-RU95A13H-V349%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001703406194-RU95A13H-V349&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001703406194-RU95A13H-V349%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=907fc0d5-5b9d-43ff-ad2c-d08ccb2574cf%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001703406194-RU95A13H-V349%252526tapad_id%25253D907fc0d5-5b9d-43ff-ad2c-d08ccb2574cf%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=57e2c866-01e7-466a-a292-f980c7705ed0&ttd_puid=907fc0d5-5b9d-43ff-ad2c-d08ccb2574cf%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001703406194-RU95A13H-V349%2526tapad_id%253D907fc0d5-5b9d-43ff-ad2c-d08ccb2574cf%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001703406194-RU95A13H-V349&tapad_id=907fc0d5-5b9d-43ff-ad2c-d08ccb2574cf

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001703406194-RU95A13H-V349 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001703406194-RU95A13H-V349&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001703406194-RU95A13H-V349&google_error=3

Request Chain 83

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001703406194-RU95A13H-V349 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMzQwNjE5NC1SVTk1QTEzSC1WMzQ5 HTTP 302
https://ids.ad.gt/api/v1/g_match?google_error=3

Request Chain 85

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001703406194-RU95A13H-V349 HTTP 302
https://ids.ad.gt/api/v1/amo_match?turn_id=8467002343506201181&id=AU1D-0100-001703406194-RU95A13H-V349

Request Chain 94

https://id5-sync.com/i/481/8.gif?id5id=ID5*XPlxip2gCuzQ_6BhCzSmbzhc66hjmYdtVonU9WSPyX53VPDut47V50cFUhWiFedEd1VvhQEZ789t6cfnrr3wow&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F441%2F7%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/481/441/7/2.gif?puid=u_46995cd5-ea6c-4af6-8556-f9739c0e1bdb&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/481/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/481/2/6/3.gif?puid=6432297309198139664&gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F429%2F5%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F429%2F5%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0&rdf=1

Request Chain 128

https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0 HTTP 307
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=c66f1316-0d10-4c7d-8936-d62d7059e34b&gdpr=0

Request Chain 129

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1703406203291 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=4109564044 HTTP 302
https://sync.1rx.io/usersync/turn/8467002343506201181?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005 HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005

Request Chain 130

https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0 HTTP 303
https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0&_bee_ppp=1 HTTP 303
https://s.amazon-adsystem.com/ecm3?id=AAFSb07LD9UAABPhkkaYJA&ex=beeswax.com

Request Chain 132

https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=A373BB42926B4E869A93DBACE5242722&ex=simpli.fi&status=ok

Request Chain 133

https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=d99826ce6fa6beeb2eqbz900lqj82mdd

Request Chain 134

https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0 HTTP 302
https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0&s=2 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=4qgN9Ixi2dJLOHPX3fA2&gdpr=0

Request Chain 135

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0 HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0

Request Chain 136

https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7668977979458787111&gdpr=0&gdpr_consent=

Request Chain 137

https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4ada402079a1377&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFmHr2igpcrgNFVdt0AAAAAAA&expiration=1703492596&is_secure=true&gdpr=0

Request Chain 141

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS16dGh3RGtCRTJ1SklkQzl0Ui4zd3FSeWdueE81SGpOeX5B&gdpr=0

Request Chain 142

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=509659560713293521694

Request Chain 160

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=57e2c866-01e7-466a-a292-f980c7705ed0&gdpr=0&gdpr_consent=

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZjEzZTc4NDUtNDVmNC00MWYyLWEwY2YtMmVmZjljMGY0MzUz HTTP 302
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=&google_error=3

Request Chain 162

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough HTTP 302
https://ce.lijit.com/merge?pid=279534&3pid=ua-f63bd2be-98b5-3378-bebd-a9a11790648a&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1mNjNiZDJiZS05OGI1LTMzNzgtYmViZC1hOWExMTc5MDY0OGEQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtZjYzYmQyYmUtOThiNS0zMzc4LWJlYmQtYTlhMTE3OTA2NDhhMgIMGzgB HTTP 302
https://ce.lijit.com/merge?pid=279534&3pid=ua-f63bd2be-98b5-3378-bebd-a9a11790648a&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1mNjNiZDJiZS05OGI1LTMzNzgtYmViZC1hOWExMTc5MDY0OGEQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtZjYzYmQyYmUtOThiNS0zMzc4LWJlYmQtYTlhMTE3OTA2NDhhMgIMGzgB&dnr=1 HTTP 302
https://ssp.disqus.com/match?bidder=12&buyeruid=H36XhRZHCb3neTs-SEKsg0yQ&r=Cid1YS1mNjNiZDJiZS05OGI1LTMzNzgtYmViZC1hOWExMTc5MDY0OGEQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtZjYzYmQyYmUtOThiNS0zMzc4LWJlYmQtYTlhMTE3OTA2NDhhMgIMGzgB HTTP 302
https://sync.adkernel.com/user-sync?zone=176971&t=image&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26buyeruid%3D%7BUID%7D%26r%3DCid1YS1mNjNiZDJiZS05OGI1LTMzNzgtYmViZC1hOWExMTc5MDY0OGEQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtZjYzYmQyYmUtOThiNS0zMzc4LWJlYmQtYTlhMTE3OTA2NDhhMgIMGzgC HTTP 302
https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D176971%26dsp%3D649145%26t%3Dimage%26uid%3D%24UID HTTP 302
https://sync.adkernel.com/user-sync?zone=176971&dsp=649145&t=image&uid=6432297309198139664 HTTP 302
https://ssp.disqus.com/match?bidder=27&buyeruid=A6654750835951896422&r=Cid1YS1mNjNiZDJiZS05OGI1LTMzNzgtYmViZC1hOWExMTc5MDY0OGEQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtZjYzYmQyYmUtOThiNS0zMzc4LWJlYmQtYTlhMTE3OTA2NDhhMgIMGzgC HTTP 302
https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-f63bd2be-98b5-3378-bebd-a9a11790648a

Request Chain 163

https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X HTTP 302
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212393408402963

Request Chain 179

https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&u=3E1E51B6-C567-4F44-94B8-5AE6DFB7B953&rs=3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID

Request Chain 180

https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&u=3E1E51B6-C567-4F44-94B8-5AE6DFB7B953&rs=3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID

Request Chain 193

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=57e2c866-01e7-466a-a292-f980c7705ed0&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 194

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTA5NjU5NTYwNzEzMjkzNTIxNjk0 HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=&google_error=3

Request Chain 196

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTA5NjU5NTYwNzEzMjkzNTIxNjk0

Request Chain 198

https://pr-bh.ybp.yahoo.com/sync/triplelift/509659560713293521694?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-v_5jRIpE2oRiMc6DpDB6Lxsn_5f1LD4udI5NZjoImA--~A&dongle=0883

Request Chain 201

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=6432297309198139664&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 271

https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
https://ads.yieldmo.com/v000/sync?userid=KXgLyZGnkoLU&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

Request Chain 272

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
https://ads.yieldmo.com/v000/sync?userid=6432297309198139664&pn_id=an

Request Chain 273

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
https://ads.yieldmo.com/sync?pn_id=rc&id=LQJ82KZ1-16-IVWX

Request Chain 274

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=7476439661 HTTP 302
https://sync.1rx.io/usersync/turn/8467002343506201181?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005 HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005

282 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request temu-shop-like-a-billionaire Show response
gl.modsforandroid.com/en/app/1641486558/ 60 KB
15 KB 123ms
75ms Document
text/html 192.53.122.254
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

192-53-122-254.ip.linodeusercontent.com

Software

nginx/1.14.2 /

Resource Hash

163a01d592f788e009866259e66b17dd17060169d1c3e0cb2571fc3c206fda6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 24 Dec 2023 08:23:13 GMT
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK jquery.fancybox.css
gl.modsforandroid.com/public/fancybox/source/ 5 KB
2 KB 19ms
16ms Stylesheet
text/css 192.53.122.254
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gl.modsforandroid.com/public/fancybox/source/jquery.fancybox.css?v=2.1.5

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

192-53-122-254.ip.linodeusercontent.com

Software

nginx/1.14.2 /

Resource Hash

968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Dec 2022 12:36:29 GMT
Server: nginx/1.14.2
ETag: W/"63a44f4d-131f"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires: Wed, 18 Dec 2024 08:23:13 GMT

GET
H/1.1 200
OK font-awesome-app.min.css
gl.modsforandroid.com/public/material/css/ 5 KB
2 KB 37ms
17ms Stylesheet
text/css 192.53.122.254
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gl.modsforandroid.com/public/material/css/font-awesome-app.min.css

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

192-53-122-254.ip.linodeusercontent.com

Software

nginx/1.14.2 /

Resource Hash

3d13a779e1e3252005d139450747164e94e7b4814f7b63cb9694c6bc0d38b861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Dec 2022 12:36:29 GMT
Server: nginx/1.14.2
ETag: W/"63a44f4d-15b5"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires: Wed, 18 Dec 2024 08:23:13 GMT

GET
H/1.1 200
OK style.css
gl.modsforandroid.com/public/material/css/ 228 KB
34 KB 71ms
38ms Stylesheet
text/css 192.53.122.254
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gl.modsforandroid.com/public/material/css/style.css

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

192-53-122-254.ip.linodeusercontent.com

Software

nginx/1.14.2 /

Resource Hash

bcf4acc65924082a4cc2548efbbdd4ae705017a3882a6b00ec0b91dd0f74550b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Dec 2022 12:36:29 GMT
Server: nginx/1.14.2
ETag: W/"63a44f4d-38e14"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires: Wed, 18 Dec 2024 08:23:13 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 98ms
30ms Script
text/javascript 142.251.40.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f10.1e100.net

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Dec 2023 23:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 23:12:39 GMT

GET
H2 200 interscroller.js Show response
cdn.jsdelivr.net/npm/addon-interscroller@1.0.5/dist/ 4 KB
2 KB 62ms
18ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/addon-interscroller@1.0.5/dist/interscroller.js

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6aa8e9f89442ed5ac58d1dda0f543105216ce2b668c3acf728036c0028eeec77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 24 Dec 2023 08:23:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1634096
x-jsd-version: 1.0.5
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1544
x-served-by: cache-fra-eddf8230137-FRA, cache-yyz4542-YYZ
x-jsd-version-type: version
etag: W/"fe8-LUEJRLHSSuoxybGiadUKfZRWZBs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 in-view.min.js Show response
cdn.jsdelivr.net/npm/in-view@0.6.1/dist/ 5 KB
3 KB 60ms
17ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/in-view@0.6.1/dist/in-view.min.js

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 24 Dec 2023 08:23:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 24521009
x-jsd-version: 0.6.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2213
x-served-by: cache-fra-eddf8230030-FRA, cache-yyz4542-YYZ
x-jsd-version-type: version
etag: W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 135ms
62ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

23da74b8c1ef1f22202d925e49eb84b973beb08f69ee0e52ad62b58f38968412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29415
x-xss-protection: 0
server: cafe
etag: 888 / 19715 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 08:23:13 GMT

GET
H2 200 3293 Show response
stpd.cloud/saas/ 356 KB
99 KB 242ms
190ms Script
text/javascript 104.18.31.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/saas/3293
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9efdc3dbfe4e09fca881a0ce261aaba4b99c4cc0e444cb06598862d4c45e8634

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: s-maxage=300
cf-ray: 83a770e4781a36d5-YYZ
stpdhash: true

GET
H2 200 200x200bb.jpg
is2-ssl.mzstatic.com/image/thumb/Purple112/v4/61/fc/e1/61fce1d9-1b5f-c150-27e0-504bdd42234b/AppIcon-1x_U007emarketing-0-7-0-0-P3-85-220.png/ 9 KB
10 KB 190ms
66ms Image
image/jpeg 96.7.64.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Purple112/v4/61/fc/e1/61fce1d9-1b5f-c150-27e0-504bdd42234b/AppIcon-1x_U007emarketing-0-7-0-0-P3-85-220.png/200x200bb.jpg

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.7.64.34 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-7-64-34.deploy.static.akamaitechnologies.com

Software

4.0.0 /

Resource Hash

dd3997b4575c043588f5080499bb622e9f0d395bf9ea885bc2c9eda8a6fd60df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-apple-jingle-correlation-key: 2DYZOMJF3MFIXSSJH6W75LYUQE
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 24 Dec 2023 08:23:13 GMT
x-b3-traceid: 6db01e9344808f08
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:23RELEASE188:daiquiri-amp-processing-shared-int-001-mr, daiquiri:11338003:mr47p00it-qujn05120301:7987:23RELEASE188:daiquiri-amp-all-l7shared-int-001-mr
cdnuuid: 0b41824d-db6b-4eeb-a098-8623c2d326d9-1159283702
x-cache: TCP_MISS from a23-219-82-133.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-b3-parentspanid: c816114cdf19ef1c
b3: d0f1973125db0a8bca493fadfeaf1481-7881a125492440ad
content-length: 8891
apple-tk: false
server: 4.0.0
apple-seq: 0.0
last-modified: Tue, 07 Nov 2023 23:25:54 GMT
x-cache-remote: TCP_MISS from a23-33-43-152.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
etag: "MSwxLjcyLjYtMjNMLFZlcnNpb24gMTMuNS4yIChCdWlsZCAyMkc5MSksMTY5OTM5OTU1NDYyNSxpc0J1aWxkVmVyc2lvbk5vdFNldCxiYmE3ZjVkMSxub0VmZmVjdA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: d0f19731-25db-0a8b-ca49-3fadfeaf1481
x-b3-spanid: 7881a125492440ad
cache-control: no-transform, max-age=16295942
timing-allow-origin: *

GET
H/1.1 200
OK loading.svg
gl.modsforandroid.com/public/images/ 696 B
1 KB 17ms
16ms Image
image/svg+xml 192.53.122.254
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gl.modsforandroid.com/public/images/loading.svg

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

192-53-122-254.ip.linodeusercontent.com

Software

nginx/1.14.2 /

Resource Hash

1844de70f8a19e1bb882b6f7a1161affa42ebe90640ab3415b44819251de0843

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Dec 2022 12:36:29 GMT
Server: nginx/1.14.2
ETag: "63a44f4d-2b8"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=31104000
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 696
Expires: Wed, 18 Dec 2024 08:23:13 GMT

GET
H/1.1 200
OK bigstar-rating.js Show response
gl.modsforandroid.com/public/js/ 550 B
1015 B 55ms
23ms Script
application/javascript 192.53.122.254
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gl.modsforandroid.com/public/js/bigstar-rating.js

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

192-53-122-254.ip.linodeusercontent.com

Software

nginx/1.14.2 /

Resource Hash

0828ff138959647667235067a0290defa35f9000217b30ce6a5b21c1cfc61ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Dec 2022 12:36:29 GMT
Server: nginx/1.14.2
ETag: W/"63a44f4d-226"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires: Wed, 18 Dec 2024 08:23:13 GMT

GET
H/1.1 200
OK star-rating.js Show response
gl.modsforandroid.com/public/js/ 602 B
1 KB 54ms
21ms Script
application/javascript 192.53.122.254
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gl.modsforandroid.com/public/js/star-rating.js

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

192-53-122-254.ip.linodeusercontent.com

Software

nginx/1.14.2 /

Resource Hash

e2651c08f7fa61aa39c3ffea1803795a9da8e14f04f9a53abe127af4eaeceef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Dec 2022 12:36:29 GMT
Server: nginx/1.14.2
ETag: W/"63a44f4d-25a"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires: Wed, 18 Dec 2024 08:23:13 GMT

GET
H/1.1 200
OK jquery.mousewheel-3.0.6.pack.js Show response
gl.modsforandroid.com/public/fancybox/lib/ 1 KB
1 KB 16ms
16ms Script
application/javascript 192.53.122.254
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gl.modsforandroid.com/public/fancybox/lib/jquery.mousewheel-3.0.6.pack.js

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

192-53-122-254.ip.linodeusercontent.com

Software

nginx/1.14.2 /

Resource Hash

687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Dec 2022 12:36:29 GMT
Server: nginx/1.14.2
ETag: W/"63a44f4d-568"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires: Wed, 18 Dec 2024 08:23:13 GMT

GET
H/1.1 200
OK jquery.fancybox.pack.js Show response
gl.modsforandroid.com/public/fancybox/source/ 23 KB
9 KB 19ms
19ms Script
application/javascript 192.53.122.254
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gl.modsforandroid.com/public/fancybox/source/jquery.fancybox.pack.js?v=2.1.5

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

192-53-122-254.ip.linodeusercontent.com

Software

nginx/1.14.2 /

Resource Hash

bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Dec 2022 12:36:29 GMT
Server: nginx/1.14.2
ETag: W/"63a44f4d-5a5f"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires: Wed, 18 Dec 2024 08:23:13 GMT

GET
H/1.1 200
OK imglazyload.js Show response
gl.modsforandroid.com/public/js/ 2 KB
2 KB 16ms
16ms Script
application/javascript 192.53.122.254
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gl.modsforandroid.com/public/js/imglazyload.js

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

192-53-122-254.ip.linodeusercontent.com

Software

nginx/1.14.2 /

Resource Hash

d6ef3fd5623ae5008fa3c70b222291c40e4dcfa493ea5d4ce2b066e0788b1edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Dec 2022 12:36:29 GMT
Server: nginx/1.14.2
ETag: W/"63a44f4d-867"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires: Wed, 18 Dec 2024 08:23:13 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
gl.modsforandroid.com/public/material/js/ 36 KB
10 KB 20ms
20ms Script
application/javascript 192.53.122.254
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gl.modsforandroid.com/public/material/js/bootstrap.min.js

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

192-53-122-254.ip.linodeusercontent.com

Software

nginx/1.14.2 /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Dec 2022 12:36:29 GMT
Server: nginx/1.14.2
ETag: W/"63a44f4d-9004"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires: Wed, 18 Dec 2024 08:23:13 GMT

GET
H/1.1 200
OK ripples.min.js Show response
gl.modsforandroid.com/public/material/js/ 3 KB
2 KB 16ms
16ms Script
application/javascript 192.53.122.254
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gl.modsforandroid.com/public/material/js/ripples.min.js

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

192-53-122-254.ip.linodeusercontent.com

Software

nginx/1.14.2 /

Resource Hash

4d8fc43bffbe520fcff9f4818daaa59adba984204ac253fb4ce9d2f921a737c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Dec 2022 12:36:29 GMT
Server: nginx/1.14.2
ETag: W/"63a44f4d-af9"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires: Wed, 18 Dec 2024 08:23:13 GMT

GET
H/1.1 200
OK material.min.js Show response
gl.modsforandroid.com/public/material/js/ 5 KB
2 KB 16ms
16ms Script
application/javascript 192.53.122.254
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gl.modsforandroid.com/public/material/js/material.min.js

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

192-53-122-254.ip.linodeusercontent.com

Software

nginx/1.14.2 /

Resource Hash

8a2770268fb74d2f9c0463b4b836e2764c553e1ad4e914ae2bc1c31a9230ab78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Dec 2022 12:36:29 GMT
Server: nginx/1.14.2
ETag: W/"63a44f4d-152e"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires: Wed, 18 Dec 2024 08:23:13 GMT

GET
H/1.1 200
OK jquery.dropdown.js Show response
gl.modsforandroid.com/public/material/js/ 12 KB
4 KB 17ms
17ms Script
application/javascript 192.53.122.254
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://gl.modsforandroid.com/public/material/js/jquery.dropdown.js

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

192-53-122-254.ip.linodeusercontent.com

Software

nginx/1.14.2 /

Resource Hash

86f7523fd3bff5a6464ace1e296b6e5c864b4a444d833b4decd992da40f658cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 22 Dec 2022 12:36:29 GMT
Server: nginx/1.14.2
ETag: W/"63a44f4d-3056"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires: Wed, 18 Dec 2024 08:23:13 GMT

GET
H2 200 AGSKWxU1e4IVFQDjlr400RZXIpdeMVnELRzxk5pphErcvpa-1j6qilBN02V9GKxtJRzTNcd2tMfxoBjzkKdZja4gCNY= Show response
fundingchoicesmessages.google.com/f/ 182 KB
61 KB 155ms
73ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU1e4IVFQDjlr400RZXIpdeMVnELRzxk5pphErcvpa-1j6qilBN02V9GKxtJRzTNcd2tMfxoBjzkKdZja4gCNY=

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

4c863775e3dbf67cea836e76d1c16228d04974c8283464378f8fd44c3c42837a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-y-67LAtXwhUs6i3eUqAFqg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-y-67LAtXwhUs6i3eUqAFqg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 61ms
24ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/public/material/css/font-awesome-app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gl.modsforandroid.com/
Origin: https://gl.modsforandroid.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 299600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqKFbrR566R2JUXPs7WW46sYrDyyP%2BGImLToIXMpCserhY51uUtzqoUXHBBmwX%2F4iDHLGZs78ArbSx3h6pJcebHHHuLxkKhcu6heWonKy92I1ywrTCT3F0IWrYlmLmXHl01wUJFW"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a770e47a0336d1-YYZ
expires: Fri, 13 Dec 2024 08:23:13 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v41/ 54 KB
54 KB 91ms
25ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v41/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

978f46f059f8b7580f0ace9c2a00175c926cb91b1bb69d1b39d7fd3a9e8582ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gl.modsforandroid.com/
Origin: https://gl.modsforandroid.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 00:59:05 GMT
x-content-type-options: nosniff
age: 113048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55208
x-xss-protection: 0
last-modified: Thu, 16 Aug 2018 20:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Dec 2024 00:59:05 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 614ms
299ms Script
application/javascript 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

0b5aa5c730cfe86174743369fcedd67a44e4790e6520cbb0a787a98e22b1f825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 22 Dec 2023 12:05:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65857ba6-1165f"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71263
expires: Sun, 24 Dec 2023 09:23:13 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 24ms
23ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 00:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28831
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 23 Dec 2024 00:22:42 GMT

POST
H3 204 AGSKWxWffbyMqjG9tnHrW_Hq-PxpI_5dgoc7qw-O6geQRPPSt6jPHOAqPSQgMYhqVyL8viRl2QoFBWoPPZKN45Ky5KS3K4-ZZ70ZWaGz2v1D1Su9aTMsK9q0f0Gfwqfh76_GytkmDN0kgw== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 108ms
56ms XHR
text/html 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWffbyMqjG9tnHrW_Hq-PxpI_5dgoc7qw-O6geQRPPSt6jPHOAqPSQgMYhqVyL8viRl2QoFBWoPPZKN45Ky5KS3K4-ZZ70ZWaGz2v1D1Su9aTMsK9q0f0Gfwqfh76_GytkmDN0kgw==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-rbnNUUKqQFfY_sCU0hAJyA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
content-security-policy: script-src 'nonce-rbnNUUKqQFfY_sCU0hAJyA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gl.modsforandroid.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXk1xIPEYf0duj7saWuo_cuMe8AEk1wsFaq4MagFGXhnG1zjLzPrekPqlV9t11v6yABYpgXrUPR90bSEnaR7gEwhpId9iSSoA_JofNUDcYJzgwQgdKLXNQy9_9Nd8dyGI8IQAoO1Q== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 85ms
84ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXk1xIPEYf0duj7saWuo_cuMe8AEk1wsFaq4MagFGXhnG1zjLzPrekPqlV9t11v6yABYpgXrUPR90bSEnaR7gEwhpId9iSSoA_JofNUDcYJzgwQgdKLXNQy9_9Nd8dyGI8IQAoO1Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzNDA2MTkzLDUwODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nbC5tb2RzZm9yYW5kcm9pZC5jb20vZW4vYXBwLzE2NDE0ODY1NTgvdGVtdS1zaG9wLWxpa2UtYS1iaWxsaW9uYWlyZSIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImVuLVVTIl0sWzcsIjEwIl0sWzExLCJbXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

3799542bfe780adbe3d41d9c5db89e931b85f14cc35481ae40c977a74a1decb0

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-k9J6C2Fwrcx-N3rB80wxCw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
content-security-policy: script-src 'nonce-k9J6C2Fwrcx-N3rB80wxCw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 147246189 Show response
fundingchoicesmessages.google.com/i/ 182 KB
60 KB 73ms
73ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/147246189?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

5939355f15f12972c80386ef2e6a33e5268a47141b247afcccb021a358213223

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-Z-My5dZru_xr8cY22-xRCQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-Z-My5dZru_xr8cY22-xRCQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 102ms
33ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgl.modsforandroid.com%2F&domain=gl.modsforandroid.com&cw=1&lsw=1&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://gl.modsforandroid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://gl.modsforandroid.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 24 Dec 2023 08:23:12 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 399447
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 op.js Show response
tagan.adlightning.com/setupad-hai/ 16 KB
7 KB 136ms
41ms Script
application/javascript 18.67.65.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/op.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-75.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d410e5dc6339c71a1fd62d809d2fbfaafc535ebb3b55ac8ca1756da37ba3dc6f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: swv8IgoTarZk4psOkGEmJsNtGOiT8Fp2
content-encoding: gzip
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
date: Sun, 24 Dec 2023 07:26:12 GMT
x-amz-cf-pop: IAD89-P1
age: 3422
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6964
x-amz-meta-git_commit: 935e2f1
last-modified: Fri, 22 Dec 2023 01:00:17 GMT
server: AmazonS3
etag: "f1cd70226a6e5922c337cb70350c03d5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 1ImuAXWfjgNulgoB5cXZW-zHrHIFp6pr71JAuIB5DsV7FzIRCwk24g==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 135ms
40ms Script
application/javascript 13.249.42.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-42-27.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 07:54:12 GMT
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront), 1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:12 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, IAD89-C1
age: 1742
x-amz-server-side-encryption: AES256
etag: W/"bab82e5d8801f394c1ef53a45dc29542"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: b6mKbPhIxxgghE9DfgzIfr70mTlcYoLnyrS5JC1WZ1QFa0MSC0nDSA==

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
422 B 399ms
129ms XHR
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gl.modsforandroid.com
date: Sun, 24 Dec 2023 08:23:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 json Show response
gum.criteo.com/sid/ 351 B
665 B 99ms
33ms XHR
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgl.modsforandroid.com%2F&domain=gl.modsforandroid.com&cw=1&lsw=1&gdpr=0

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d74a6bf78085699f17035742de4240aac4df4eac51ad0331acab312c75f0731d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gl.modsforandroid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1080106
expires: 0

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 36ms
16ms XHR
application/json 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231224

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3293

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ae954834a4e2f6dd5080f93adca8e7dd8f62acdbffd5b1fc7ea0b968a4e06a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 24 Dec 2023 08:23:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 15741
x-jsd-version: 1.0.1913
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 880
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4558-YYZ
x-jsd-version-type: version
etag: W/"639-ANFbmPI8R9BgZsRavSZNOzJ7JwA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 132ms
34ms Script
application/javascript 13.225.214.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.214.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-214-112.ewr50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 07:47:59 GMT
via: 1.1 7608da25eb5aed0ce7cca5fc0587c650.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: EWR50-C1
age: 2115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: hZC8T68RATMi13KPK3k3BECk0RM35mZkqwMnWS2bCmCzT7TUqh1DSg==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
594 B 19ms
17ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 24 Dec 2023 08:23:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 42964
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4542-YYZ
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 69ms
28ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: 3G0P49R3Z6TPRCP8
age: 3036
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 83a770e69ed93870-YYZ
x-amz-id-2: tj+sBKUUYOu4hEOgV8YSp+Yvn7PaV49V4oL1vcN5u+tonZIwm+u8OVJwgcR8UC9dPLfGFvXL7Ys=

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 58ms
18ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 22:46:47 GMT
content-encoding: gzip
age: 898586
x-guploader-uploadid: ABPtcPrZNycsIc_V62CFdCp-vemwrcvjuYKrzjTPSBVGPf3mGpyDdCB7zZqyhv0QRzKdP3YLpsNkztL8YIfFlhnjCIiuww
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 12 Dec 2024 22:46:47 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 79ms
26ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 19:21:40 GMT
server: cloudflare
age: 303472
etag: W/"65833ec4-2d18"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 83a770e6ba99a21a-YYZ
expires: Wed, 27 Dec 2023 08:23:13 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 115ms
48ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Dec 2023 08:23:13 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 103ms
36ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 13:43:41 GMT
content-encoding: gzip
via: 1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 67173
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 7g47m_r2bes-f-ZOKrZniEoq93BEXrqaXeMC9O3ghXI8mJJzuaA_Xw==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 140ms
34ms Script
text/javascript 99.84.222.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.222.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-222-71.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sat, 23 Dec 2023 11:01:15 GMT
Via: 1.1 a929b4bfaa0111e3feb7c4dbffdbd8d8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD79-C1
Age: 76919
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: -VlEeDqs4nbVWjvasDraQcfeLsTLz9I4DhPIU_lq4HpicmGANWWMig==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 180ms
118ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: dd2c5e69c142eea4c3dc67d26288ed6c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ 579 B
796 B 172ms
130ms XHR
application/json 172.67.68.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 184e7803648009592cfe4e896371ed60808e61a58c880066a90ea34d73c9fbd2

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZG1WU%2Fn6Q90%2Bz8RN%2BF8V5Ub%2BK5euCG%2FdrMnE707ge6tDBDIIYQmY7IvCzK6fJGmob9t1gYzMJahfNTqtH5aSQGdXVwLko1Hoq4dOwqEFYyvf4JaIaosd9rb4HF7%2BXuhF3BAnhfd0l3R"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gl.modsforandroid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83a770e6de4da20b-YYZ
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ 255 B
507 B 314ms
276ms XHR
application/json 172.67.68.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cec4f0861f5ac951d9aa505024ef143ab6bbe84228799a60b11a01cfcb84ba6b

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-prebid: pbs-go/0.259.0
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sm6gw4IMmmhTazH66Fl5Ik0PP21ZnQkE5%2BG%2FTjrlLbIaWVPbo5VjXe4C9yFOkhGVvUndBLtHH8jlaJ8wiGNm5qVInrg3%2Bv%2FXtIisJEf7UdNivI3Xc2NJEFGTSRZPqkhAcxhqPpcJMGwe"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://gl.modsforandroid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83a770e6de4ea20b-YYZ
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
200 B 119ms
52ms XHR
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=47462220943&lsavail=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

bidder.va1.vip.prod.criteo.com

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gl.modsforandroid.com
date: Sun, 24 Dec 2023 08:23:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 esp Show response
oajs.openx.net/ 2 B
235 B 101ms
42ms Fetch
application/json 34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&rid=esp
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gl.modsforandroid.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
236 B 266ms
130ms XHR
text/plain 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gl.modsforandroid.com
date: Sun, 24 Dec 2023 08:23:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 b-935e2f1-d3df8881.js Show response
tagan.adlightning.com/setupad-hai/ 70 KB
27 KB 56ms
56ms Script
application/javascript 18.67.65.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-75.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 14 Nov 2023 12:19:01 GMT
content-encoding: gzip
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
x-amz-version-id: ewraV.NlWrAuI1ITNHYKI6qCHBKA8Mbc
x-amz-cf-pop: IAD89-P1
age: 3441853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27316
x-amz-meta-git_commit: 935e2f1
last-modified: Tue, 03 Oct 2023 14:26:13 GMT
server: AmazonS3
etag: "64ca92e55d25ac355c394baedd21198b"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: D10JvQBMCuME1OUMhP112mrqM8XcMKtVLHZs4kiozVG_X0FrYmrK4Q==

GET
H2 200 bl-81a0f85-01318e1b.js Show response
tagan.adlightning.com/setupad-hai/ 73 KB
31 KB 40ms
40ms Script
application/javascript 18.67.65.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/bl-81a0f85-01318e1b.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-75.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca3a070218efd29308b8d7e077b99ad925c84c51f6e90de59587e9caab0ebbaf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 22 Dec 2023 01:19:16 GMT
content-encoding: gzip
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
x-amz-version-id: QXpmnwnxOORyoqVFM8HKtFHQ3z0WKpRs
x-amz-cf-pop: IAD89-P1
age: 198238
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31606
x-amz-meta-git_commit: 81a0f85
last-modified: Fri, 22 Dec 2023 00:59:47 GMT
server: AmazonS3
etag: "f4bd9f615129e69d121d5b5bad7220c0"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0gKrclk0W2b-whG8Is0lvkHBgIhv_HRgDMBA2R7KjtMMJ3z638F7yg==

GET
H2 200 d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac Show response
config.aps.amazon-adsystem.com/configs/ 564 B
830 B 99ms
32ms Script
application/javascript 18.173.132.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-67.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: cff4fa7f2b6a29e998e9de4ec883bcd768025a8283c4fbd3ffc0c26d94f5d918

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 07:24:00 GMT
via: 1.1 29117767a034875a8b49afd641f25d82.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P2
age: 3553
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: mllCSUoGgpb3a5l5VL5BOd1ZQ0M5fPxDnsiob_axdOz-TPs7Sux8ig==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 4 KB
4 KB 43ms
43ms XHR
application/json 13.249.42.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgl.modsforandroid.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-42-27.iad89.r.cloudfront.net
Software: Server /
Resource Hash: 5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 07:25:59 GMT
via: 1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD89-C1
age: 3434
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://gl.modsforandroid.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3623
x-amz-cf-id: UwPm0vG4oBH_o_H-g0R4PNCU3h1-nTTnVq3xqgCR9rDkD5bCxWUL_w==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 216 B
661 B 401ms
291ms XHR
text/javascript 3.162.114.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&pid=1FWni5hK7jQln&cb=0&ws=1600x1200&v=23.1211.1645&t=400&slots=%5B%7B%22sd%22%3A%22modsforandroid_com_300x250_double_banner_responsive_2_left%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22384346533%2Fmodsforandroid.com_300x250_double_banner_desktop_2_left%22%7D%2C%7B%22sd%22%3A%22modsforandroid_com_300x250_double_banner_desktop_2_right%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22384346533%2Fmodsforandroid.com_300x250_double_banner_desktop_2_right%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gpp_sid=%5B-1%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.114.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-114-30.iad61.r.cloudfront.net

Software

Server /

Resource Hash

5aaec1a613cf2bbe21ceed5996b16ef37a600a65680e34d0a3de13c09456513d

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 9cd85e528eb96b937681f7f81aea46c8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: IAD61-P2
x-amz-rid: K9C0GFPTJ2A64TJ1JDAT
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://gl.modsforandroid.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 216
x-amz-cf-id: QGLPtqPGQGpfOFAmrTspeX0xzihEQ7pxVRhDEdo8EkNlp7Jib7pSqA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 106ms
36ms XHR
application/javascript 13.249.42.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-42-27.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 04:44:54 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 7a99ed3f39c18af8fe138a695e5f657c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C1
age: 13100
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 7u9Wp8CJ4_uhXZG5Zrlw42Z1-wfIH6iWNbINosp2UuvqrHVi9o5k6Q==

POST
H2 200 map Show response
c.ltmsphrcl.net/6/ 156 B
436 B 145ms
49ms XHR
application/json 54.209.94.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c.ltmsphrcl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.94.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-94-68.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7095c4147827beded9ff50c6928bfacd8e6b262322eab46d8d13987af35e5112

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:13 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://gl.modsforandroid.com
cache-control: no-cache
x-server: 10.40.48.141
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 8D46 199 B
298 B 128ms
50ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://gl.modsforandroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Sun, 24 Dec 2023 08:23:13 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 160ms
40ms Script
application/javascript 23.7.29.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-29-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sun, 24 Dec 2023 08:38:14 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 38ms
36ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:08 GMT
content-encoding: gzip
via: 1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 59766
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: AQ7CyuL4X9NRPmw0reXSRSLBrIemfR6glLwuWJ2DAfNy4nxRpl36bQ==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 84ms
30ms Script
application/javascript 104.22.52.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&ref=&_it=amazon&partner_id=533
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.52.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CADRK6PEVBEZB5
age: 1693
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 83a770e81ab83773-YYZ
x-amz-id-2: flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 29ms
27ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: N1HK3GGZWMHR5J9N
age: 2653
etag: W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 83a770e7bfcd3870-YYZ
x-amz-id-2: jJwy7QTDYfF8BtXzFAVu7AWySGN3oZOsCITAIQ9eTSkvbFcK6PkTlgdfTLg6x93ioBKIedSSsEA=

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 181ms
64ms Script
application/javascript 23.7.29.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-29-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Sun, 24 Dec 2023 08:38:14 GMT

GET
H2 200 cookie
cm.adform.net/ 43 B
106 B 349ms
109ms Image
image/gif 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 111 B
296 B 41ms
39ms XHR
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=gl.modsforandroid.com&url=https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&ref=&_it=amazon&partner_id=533
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7f56f6f978648ac97c96dcf389650b078aee40f4fa49b295981755e12755c8

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 83a770e92f5236d2-YYZ

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 91ms
38ms Preflight
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=gl.modsforandroid.com&url=https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://gl.modsforandroid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 83a770e8ef1c36d2-YYZ
content-length: 0
content-type: application/json
date: Sun, 24 Dec 2023 08:23:14 GMT
debug: OPTIONS block
expires: Mon, 23 Dec 2024 08:23:14 GMT
server: cloudflare

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
281 B 370ms
118ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

d29324573edadd02bb4eb6b4428575213ba89039c3ba4080fbdf503af38f86ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gl.modsforandroid.com
date: Sun, 24 Dec 2023 08:23:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 48ms
48ms Script
application/javascript 23.7.29.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-29-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Sun, 24 Dec 2023 08:38:14 GMT

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 40ms
39ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Dec 2023 08:23:14 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
498 B 160ms
158ms Image
image/gif 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 22 Dec 2023 12:05:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65857ba6-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 24 Dec 2023 09:23:14 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/47987153/
Redirect Chain

https://mc.yandex.com/watch/47987153?wmode=7&page-url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&charset=utf-8&uah=chm%0A%3F0&brows...
https://mc.yandex.com/watch/47987153/1?wmode=7&page-url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&charset=utf-8&uah=chm%0A%3F0&bro...

427 B
510 B

168ms
168ms

Fetch
application/json

87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/47987153/1?wmode=7&page-url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1200%3Acn%3A1%3Adp%3A0%3Als%3A1046229939895%3Ahid%3A364689690%3Az%3A-480%3Ai%3A20231224002314%3Aet%3A1703406194%3Ac%3A1%3Arn%3A1061313578%3Arqn%3A1%3Au%3A170340619485699545%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C36%2C75%2C1%2C0%2C0%2C%2C206%2C8%2C%2C%2C%2C331%3Aco%3A0%3Acpf%3A1%3Ans%3A1703406193023%3Afp%3A338%3Arqnl%3A1%3Ast%3A1703406194%3At%3ADownload%20Temu%20APK%20-%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29&redirnss=1

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

8e9258fdd3028f469079e865cc926b243bd2633bfc8b9eff2728164ed1472eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 24-Dec-2023 08:23:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gl.modsforandroid.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Sun, 24-Dec-2023 08:23:14 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:14 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 24-Dec-2023 08:23:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/47987153/1?wmode=7&page-url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1200%3Acn%3A1%3Adp%3A0%3Als%3A1046229939895%3Ahid%3A364689690%3Az%3A-480%3Ai%3A20231224002314%3Aet%3A1703406194%3Ac%3A1%3Arn%3A1061313578%3Arqn%3A1%3Au%3A170340619485699545%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C36%2C75%2C1%2C0%2C0%2C%2C206%2C8%2C%2C%2C%2C331%3Aco%3A0%3Acpf%3A1%3Ans%3A1703406193023%3Afp%3A338%3Arqnl%3A1%3Ast%3A1703406194%3At%3ADownload%20Temu%20APK%20-%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29&redirnss=1
access-control-allow-origin: https://gl.modsforandroid.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 24-Dec-2023 08:23:14 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
467 B 114ms
32ms XHR
application/json 159.127.42.82
VALUECLICK

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.127.42.82 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS: iad12-convex-float1.dotomi.com
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://gl.modsforandroid.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Sun, 24 Dec 2023 08:53:14 GMT

GET
H2 200 533 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 87ms
26ms Script
application/javascript 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/533?_it=amazon
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e5aaab5298c62c90761ae5474ff51bd5323059a28c96d851319939ae36565ad

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 24 Dec 2023 08:20:26 GMT
server: cloudflare
age: 168
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 83a770e9da0e5491-YYZ

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 284 KB
87 KB 1093ms
1093ms XHR
text/plain 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4354566310787634&correlator=3228391872723474&eid=44809527%2C95320408%2C31079783&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=147246189%3A22384346533%2Cmodsforandroid.com_interstitial%2Cmodsforandroid.com_300x250_double_banner_desktop_2_left%2Cmodsforandroid.com_300x250_double_banner_desktop_2_right&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1x1%2C300x250%7C250x250%2C300x250%7C250x250&ifi=1&sfv=1-0-40&ists=4&fas=8%2C0%2C0&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703406194215&lmt=1703406194&adxs=-9%2C486%2C799&adys=-9%2C569%2C569&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&vis=1&psz=0x-1%7C300x0%7C310x0&msz=0x-1%7C300x0%7C300x0&fws=2%2C4%2C4&ohw=0%2C1085%2C1085&ga_vid=292338600.1703406194&ga_sid=1703406194&ga_hid=261366135&ga_fc=false&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjBmq_XyTFIABIbCgwzM2Fjcm9zcy5jb20Y7Jev18kxSABSAghkEhkKCnB1YmNpZC5vcmcYnpiv18kxSABSAghqEhgKCXlhaG9vLmNvbRiema_XyTFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20Y7Jev18kxSABSAghkEhcKCHJ0YmhvdXNlGMKar9fJMUgAUgIIahIUCgVvcGVueBimma_XyTFIAFICCG8SGQoKdWlkYXBpLmNvbRjsl6_XyTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPWar9fJMUgAUgIIag..&dlt=1703406193151&idt=368&prev_scp=%7Camznbid%3D1%26amznp%3D1%7Camznbid%3D1%26amznp%3D1&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&adks=3249769096%2C175473422%2C1891432341&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

06bf8b7855777e98bd3f111a02cfcc279ee8363e6e0ede5c58644f2fc008caf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:15 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88583
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gl.modsforandroid.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 26A6 6 KB
3 KB 129ms
48ms Document
text/html 142.250.64.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.65 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gl.modsforandroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:23:14 GMT
expires: Mon, 23 Dec 2024 08:23:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 39 KB
14 KB 25ms
25ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 00:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28690
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13835
x-xss-protection: 0
server: cafe
etag: 9174524701941205614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 23 Dec 2024 00:25:04 GMT

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 863E
Redirect Chain

https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%...
https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%...

1 KB
2 KB

38ms
38ms

Document
text/html

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: 1da1efdfc8a01d6095d232ba4b26d53097eabf63db001e99073b4143c82b3a6e

Request headers

Referer: https://gl.modsforandroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1339
content-type: text/html; charset=utf-8
date: Sun, 24 Dec 2023 08:23:17 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sun, 24 Dec 2023 08:23:17 GMT
location: /sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 430F
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&dcc=t

386 B
1 KB

61ms
61ms

Document
text/html

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&dcc=t

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c95854c0186798febbe2964481c8237ba90e782784c5039ad3af9fc128cd788b

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://gl.modsforandroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 386
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 24 Dec 2023 08:23:15 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 1PHSKQS7VGYVJYTSWYZM

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 24 Dec 2023 08:23:15 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: NEVV6T6G1TJ7VHEWPZR0

GET
H2 200 533 Show response
p.ad.gt/api/v1/p/ 47 KB
15 KB 3137ms
42ms Script
application/javascript 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/533
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/533?_it=amazon
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e201fd91d89ceca74cf4e91ae2ace4ad3a87e4c0983ef88c1e0800ffc10bea

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 24 Dec 2023 08:19:44 GMT
server: cloudflare
age: 213
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83a770fd8b63a21d-YYZ

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
170 B 531ms
88ms Image
image/gif 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001703406194-RU95A13H-V349&halo_id=060daec9giah6f7gaacebljll96edi8dh98kemi6ques0o2qeeimg0w0060mku4ks
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a770ecd86da247-YYZ
content-length: 43
content-type: image/gif

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703406194-RU95A13H-V349&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001703406194-RU95A13H-V349%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703406194-RU95A13H-V349&adnxs_id=6432297309198139664&gdpr=0

43 B
118 B

94ms
94ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703406194-RU95A13H-V349&adnxs_id=6432297309198139664&gdpr=0
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:15 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a770f42da0a247-YYZ
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:15 GMT
an-x-request-uuid: e34e70d1-ef29-47bb-8acb-74459f55919f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703406194-RU95A13H-V349&adnxs_id=6432297309198139664&gdpr=0
x-proxy-origin: 86.48.14.132; 86.48.14.132; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001703406194-RU95A13H-V349&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001703406194-RU95A13H-V349&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=57e2c866-01e7-466a-a292-f980c7705ed0&id=AU1D-0100-001703406194-RU95A13H-V349

43 B
95 B

134ms
97ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=57e2c866-01e7-466a-a292-f980c7705ed0&id=AU1D-0100-001703406194-RU95A13H-V349
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a770ecd871a247-YYZ
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/t_match?tdid=57e2c866-01e7-466a-a292-f980c7705ed0&id=AU1D-0100-001703406194-RU95A13H-V349
date: Sun, 24 Dec 2023 08:23:14 GMT
server: Kestrel
content-length: 259

GET
H2 200 UCookieSetPug
image2.pubmatic.com/AdServer/ 0
225 B 1374ms
34ms Image
text/html 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001703406194-RU95A13H-V349
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-type: text/html; charset=utf-8
date: Sun, 24 Dec 2023 08:23:14 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
696 B 7296ms
36ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001703406194-RU95A13H-V349&gdpr=0
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 84e0f527cd81a00b0210e20b4ee7ed94
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

tapad_match
ids.ad.gt/api/v1/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001703406194-RU95A13H-V349&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001703406194...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001703406194-RU95A13H-V349&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001703...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=907fc0d5-5b9d-43ff-ad2c-d08ccb2574cf%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=57e2c866-01e7-466a-a292-f980c7705ed0&ttd_puid=907fc0d5-5b9d-43ff-ad2c-d08ccb2574cf%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001703406194-RU95A13H-V349&tapad_id=907fc0d5-5b9d-43ff-ad2c-d08ccb2574cf

43 B
118 B

89ms
88ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001703406194-RU95A13H-V349&tapad_id=907fc0d5-5b9d-43ff-ad2c-d08ccb2574cf
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:21 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a771186b90a247-YYZ
content-length: 43
content-type: image/gif

Redirect headers

date: Sun, 24 Dec 2023 08:23:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001703406194-RU95A13H-V349&tapad_id=907fc0d5-5b9d-43ff-ad2c-d08ccb2574cf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001703406194-RU95A13H-V349
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001703406194-RU95A13H-V349&google_tc=
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001703406194-RU95A13H-V349&google_error=3

43 B
95 B

127ms
96ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001703406194-RU95A13H-V349&google_error=3
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a770ecd86fa247-YYZ
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001703406194-RU95A13H-V349&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001703406194-RU95A13H-V349
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMzQwNjE5NC1SVTk1QTEzSC1WMzQ5
https://ids.ad.gt/api/v1/g_match?google_error=3

43 B
95 B

92ms
92ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?google_error=3
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a770edb949a247-YYZ
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content ebfa23da174faa55634171c5e49d0152.gif
sync.colossusssp.com/ 0
202 B 122ms
40ms Image
text/plain 172.240.155.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001703406194-RU95A13H-V349&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001703406194-RU95A13H-V349

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.240.155.68 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:14 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Connection: keep-alive
Content-Type: text/plain

GET
H2

200

amo_match
ids.ad.gt/api/v1/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001703406194-RU95A13H-V349
https://ids.ad.gt/api/v1/amo_match?turn_id=8467002343506201181&id=AU1D-0100-001703406194-RU95A13H-V349

43 B
95 B

92ms
91ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/amo_match?turn_id=8467002343506201181&id=AU1D-0100-001703406194-RU95A13H-V349
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a770ee39a0a247-YYZ
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/amo_match?turn_id=8467002343506201181&id=AU1D-0100-001703406194-RU95A13H-V349
pragma: no-cache
date: Sun, 24 Dec 2023 08:23:14 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 ip_match
ids.ad.gt/api/v1/ 0
184 B 91ms
91ms Image
text/html 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001703406194-RU95A13H-V349
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a770ed38dba247-YYZ
content-type: text/html; charset=utf-8

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 41ms
40ms Script
application/javascript 23.7.29.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-29-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Sun, 24 Dec 2023 08:38:14 GMT

POST
H2 200 481.json Show response
id5-sync.com/g/v2/ 630 B
1 KB 344ms
116ms XHR
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

655e6620c1d3612aa3a0c483a1d66ae53e49bd7e96b0a1fd6fdf5794d93676c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gl.modsforandroid.com
date: Sun, 24 Dec 2023 08:23:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
67 B 55ms
55ms Image
image/gif 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.6163658504835912

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'nonce-UoySbeUVs0LzUGPAfgAzMQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'nonce-UoySbeUVs0LzUGPAfgAzMQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
67 B 56ms
56ms Image
image/gif 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.231509349956099

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'nonce-nmHK26ZgpLYUyNYYpACEeQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'nonce-nmHK26ZgpLYUyNYYpACEeQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWffbyMqjG9tnHrW_Hq-PxpI_5dgoc7qw-O6geQRPPSt6jPHOAqPSQgMYhqVyL8viRl2QoFBWoPPZKN45Ky5KS3K4-ZZ70ZWaGz2v1D1Su9aTMsK9q0f0Gfwqfh76_GytkmDN0kgw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-EVs6ugZsOKSHg7rFx1ZEzw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 08:23:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-EVs6ugZsOKSHg7rFx1ZEzw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gl.modsforandroid.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
280 B 119ms
118ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

1ace805c5583fdf6179193d529a10e2865b24e37e83c482aa739432c4ce89159

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: https://gl.modsforandroid.com
date: Sun, 24 Dec 2023 08:23:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v3 Show response
id5-sync.com/gm/ 698 B
1 KB 116ms
115ms XHR
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

fc3c9eb3a36985c73023597b2849e216393deca57f3d0c9cb5c695f9d22d62e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gl.modsforandroid.com
date: Sun, 24 Dec 2023 08:23:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2

200

UCookieSetPug
image6.pubmatic.com/AdServer/
Redirect Chain

https://id5-sync.com/i/481/8.gif?id5id=ID5*XPlxip2gCuzQ_6BhCzSmbzhc66hjmYdtVonU9WSPyX53VPDut47V50cFUhWiFedEd1VvhQEZ789t6cfnrr3wow&o=api&gdpr_consent=undefined&gdpr=false
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F441%2F7%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://id5-sync.com/c/481/441/7/2.gif?puid=u_46995cd5-ea6c-4af6-8556-f9739c0e1bdb&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/481/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/481/2/6/3.gif?puid=6432297309198139664&gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F429%2F5%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F429%2F5%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0&rdf=1

0
41 B

28ms
27ms

Image
text/html

104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F429%2F5%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0&rdf=1
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sun, 24 Dec 2023 08:23:15 GMT
content-length: 0
content-type: text/html; charset=UTF-8

Redirect headers

location: /AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F429%2F5%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0&rdf=1
date: Sun, 24 Dec 2023 08:23:15 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 200 / Show response
fundingchoicesmessages.google.com/f/AGSKWxVyMfdMylLRgF1WXCad6kFdjcZ9-LX1h5dqnoR_Uddi__3NfhbTvXSyaibv4uG_hSk46sNRYHw-3yhukBOu_80SgoSLyE91PFJk6mmh1kN1Mhf4VipV1_s0z3Neyp1iuf5ux7aZAuyVYXAeCSnX8oY-1MDhW... 54 B
108 B 58ms
58ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVyMfdMylLRgF1WXCad6kFdjcZ9-LX1h5dqnoR_Uddi__3NfhbTvXSyaibv4uG_hSk46sNRYHw-3yhukBOu_80SgoSLyE91PFJk6mmh1kN1Mhf4VipV1_s0z3Neyp1iuf5ux7aZAuyVYXAeCSnX8oY-1MDhWCXYpDs5WLAHmMXrFph0_5ZDLHZOfKoN/_/540x80_.com/ad.-google-ads-/ads/?id=/oasbanner_

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

270f6dbb80821deabb6cd3d001d1cdaa79e3229b655a9c9b10c8e6bcc65d0808

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-Msc_ud02yS8n7lFBRHRCVA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:15 GMT
content-security-policy: script-src 'nonce-Msc_ud02yS8n7lFBRHRCVA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
12 KB 94ms
23ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

19d44854a4b979ec52fc326e1ba83ee2d8a3882dcbdf4c9ad74470eefce4e5f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11389
x-xss-protection: 0
server: cafe
etag: 13573587406519424940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:20:11 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWffbyMqjG9tnHrW_Hq-PxpI_5dgoc7qw-O6geQRPPSt6jPHOAqPSQgMYhqVyL8viRl2QoFBWoPPZKN45Ky5KS3K4-ZZ70ZWaGz2v1D1Su9aTMsK9q0f0Gfwqfh76_GytkmDN0kgw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-377sBbQe8pDz4zzpYI80_A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 08:23:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-377sBbQe8pDz4zzpYI80_A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gl.modsforandroid.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWffbyMqjG9tnHrW_Hq-PxpI_5dgoc7qw-O6geQRPPSt6jPHOAqPSQgMYhqVyL8viRl2QoFBWoPPZKN45Ky5KS3K4-ZZ70ZWaGz2v1D1Su9aTMsK9q0f0Gfwqfh76_GytkmDN0kgw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-SghLkVly0pYA1kjR9VGoRQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 08:23:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-SghLkVly0pYA1kjR9VGoRQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gl.modsforandroid.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3602 6 KB
3 KB 31ms
30ms Document
text/html 142.250.64.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.65 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gl.modsforandroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:23:14 GMT
expires: Mon, 23 Dec 2024 08:23:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 59D0 6 KB
3 KB 31ms
30ms Document
text/html 142.250.64.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.65 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gl.modsforandroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:23:14 GMT
expires: Mon, 23 Dec 2024 08:23:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6F25 6 KB
3 KB 31ms
30ms Document
text/html 142.250.64.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.65 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gl.modsforandroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:23:14 GMT
expires: Mon, 23 Dec 2024 08:23:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame FD72 3 KB
4 KB 40ms
40ms Document
text/html 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

f78726274cb2d940b57286e8419e3fbc2809b64892822ff0188d42234246cc6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 3491
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 24 Dec 2023 08:23:15 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 05SX10Q8YTV67Z137WEH

GET
H2 200 bl-81a0f85-01318e1b.js Show response
tagan.adlightning.com/setupad-hai/ Frame 3602 73 KB
31 KB 36ms
36ms Script
application/javascript 18.67.65.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/bl-81a0f85-01318e1b.js
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-75.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca3a070218efd29308b8d7e077b99ad925c84c51f6e90de59587e9caab0ebbaf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 22 Dec 2023 01:19:16 GMT
content-encoding: gzip
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
x-amz-version-id: QXpmnwnxOORyoqVFM8HKtFHQ3z0WKpRs
x-amz-cf-pop: IAD89-P1
age: 198240
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31606
x-amz-meta-git_commit: 81a0f85
last-modified: Fri, 22 Dec 2023 00:59:47 GMT
server: AmazonS3
etag: "f4bd9f615129e69d121d5b5bad7220c0"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: is8fcd-37_N1MwlMaiBn1ggNlYdMuao7GzPzs2RJZPAzgjFnaJD6JA==

GET
H2 200 b-935e2f1-d3df8881.js Show response
tagan.adlightning.com/setupad-hai/ Frame 3602 70 KB
27 KB 40ms
39ms Script
application/javascript 18.67.65.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-75.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 14 Nov 2023 12:19:01 GMT
content-encoding: gzip
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
x-amz-version-id: ewraV.NlWrAuI1ITNHYKI6qCHBKA8Mbc
x-amz-cf-pop: IAD89-P1
age: 3441855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27316
x-amz-meta-git_commit: 935e2f1
last-modified: Tue, 03 Oct 2023 14:26:13 GMT
server: AmazonS3
etag: "64ca92e55d25ac355c394baedd21198b"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: I7fuZvoqh2fVHv8LOQBCarOyVOlbWLqggEco8xLOqEM5_7hyCIs_ZA==

GET
H2 200 css2
fonts.googleapis.com/ Frame 3602 5 KB
962 B 110ms
46ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

df5fa64ae892d1929d2dc30a1bd54225012b47eb98b62aa14cc4327fd4e00a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Dec 2023 08:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 24 Dec 2023 08:23:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3602 205 B
296 B 99ms
32ms Image
image/png 142.251.40.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 19 Dec 2023 19:40:11 GMT
x-content-type-options: nosniff
age: 391385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Dec 2024 19:40:11 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3602 604 B
1 KB 96ms
30ms Image
image/png 142.251.40.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 19 Dec 2023 16:08:36 GMT
x-content-type-options: nosniff
age: 404080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Dec 2024 16:08:36 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 3602 22 KB
9 KB 112ms
45ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 07:20:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 07:20:59 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWffbyMqjG9tnHrW_Hq-PxpI_5dgoc7qw-O6geQRPPSt6jPHOAqPSQgMYhqVyL8viRl2QoFBWoPPZKN45Ky5KS3K4-ZZ70ZWaGz2v1D1Su9aTMsK9q0f0Gfwqfh76_GytkmDN0kgw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-lFble7QzLNJm_yf4_5yHsQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 08:23:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-lFble7QzLNJm_yf4_5yHsQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gl.modsforandroid.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWffbyMqjG9tnHrW_Hq-PxpI_5dgoc7qw-O6geQRPPSt6jPHOAqPSQgMYhqVyL8viRl2QoFBWoPPZKN45Ky5KS3K4-ZZ70ZWaGz2v1D1Su9aTMsK9q0f0Gfwqfh76_GytkmDN0kgw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-j6Ifid4Lgz4z0xXFBoxO2w' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 08:23:16 GMT
content-security-policy: script-src 'nonce-j6Ifid4Lgz4z0xXFBoxO2w' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gl.modsforandroid.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVvtPPeGJ9-Ik5g5OqKi2G49zikpDoVEK9v9CneitV7ItjKlYtJlHvw-FdMhnx-SrGGGJk9lSrfStJUN7tliV8QbUgCoC553f81iJp2JZgZoAKxUrAOTxWZ_dLfLqGDl_YENwBPKw== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 79ms
79ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVvtPPeGJ9-Ik5g5OqKi2G49zikpDoVEK9v9CneitV7ItjKlYtJlHvw-FdMhnx-SrGGGJk9lSrfStJUN7tliV8QbUgCoC553f81iJp2JZgZoAKxUrAOTxWZ_dLfLqGDl_YENwBPKw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzNDA2MTk1LDkwNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZ2wubW9kc2ZvcmFuZHJvaWQuY29tL2VuL2FwcC8xNjQxNDg2NTU4L3RlbXUtc2hvcC1saWtlLWEtYmlsbGlvbmFpcmUiLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFs3LCIxMCJdLFsxMSwiW10iXSxbMTksIjIiXV1d

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

2353a0ab9817ebd7242eb784b308cc4ec3a68a71d83abca25e548abfbf7fa757

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-szc5pUXbpXKsbVFJlxBIPA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-szc5pUXbpXKsbVFJlxBIPA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bl-81a0f85-01318e1b.js Show response
tagan.adlightning.com/setupad-hai/ Frame 59D0 73 KB
31 KB 41ms
40ms Script
application/javascript 18.67.65.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/bl-81a0f85-01318e1b.js
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-75.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca3a070218efd29308b8d7e077b99ad925c84c51f6e90de59587e9caab0ebbaf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 22 Dec 2023 01:19:16 GMT
content-encoding: gzip
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
x-amz-version-id: QXpmnwnxOORyoqVFM8HKtFHQ3z0WKpRs
x-amz-cf-pop: IAD89-P1
age: 198240
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31606
x-amz-meta-git_commit: 81a0f85
last-modified: Fri, 22 Dec 2023 00:59:47 GMT
server: AmazonS3
etag: "f4bd9f615129e69d121d5b5bad7220c0"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: iFNtyBzkRk75sHQFgKgnZsEWQTJc-QflavOQE_FNbDa2_YQy1u32cg==

GET
H2 200 b-935e2f1-d3df8881.js Show response
tagan.adlightning.com/setupad-hai/ Frame 59D0 70 KB
27 KB 45ms
44ms Script
application/javascript 18.67.65.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-75.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 14 Nov 2023 12:19:01 GMT
content-encoding: gzip
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
x-amz-version-id: ewraV.NlWrAuI1ITNHYKI6qCHBKA8Mbc
x-amz-cf-pop: IAD89-P1
age: 3441855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27316
x-amz-meta-git_commit: 935e2f1
last-modified: Tue, 03 Oct 2023 14:26:13 GMT
server: AmazonS3
etag: "64ca92e55d25ac355c394baedd21198b"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: U04v9g1qh2igCLzCpjcZXZyOGDFqY0ya6o4M4CSu-G9SHbLUd32ulg==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59D0 42 B
63 B 61ms
60ms Image
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aw9esTrsCawQ9yGBIuTRDBXIhAIbBAkNPUkVSNTFSTjxfXbkm6-BPCxfjhKbZy6C2gOQC-plafi51OZ4jzSrHyFhVrd0VlAoU1jeX0p4Nr3r9YikU

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px Show response
secure.adnxs.com/ Frame 59D0 0
752 B 40ms
40ms Script
application/javascript 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/px?id=1743014&seg=35557391&t=1

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:15 GMT
an-x-request-uuid: 8ad06933-a26e-435b-909e-7868c61bc43b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 86.48.14.132; 86.48.14.132; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 59D0 3 KB
1 KB 30ms
29ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 05:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 05:47:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 59D0 20 KB
9 KB 87ms
29ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 22:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 22:08:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 59D0 203 KB
64 KB 105ms
92ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 08:23:15 GMT

GET
H2 200 bl-81a0f85-01318e1b.js Show response
tagan.adlightning.com/setupad-hai/ Frame 6F25 73 KB
31 KB 47ms
47ms Script
application/javascript 18.67.65.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/bl-81a0f85-01318e1b.js
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-75.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca3a070218efd29308b8d7e077b99ad925c84c51f6e90de59587e9caab0ebbaf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 22 Dec 2023 01:19:16 GMT
content-encoding: gzip
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
x-amz-version-id: QXpmnwnxOORyoqVFM8HKtFHQ3z0WKpRs
x-amz-cf-pop: IAD89-P1
age: 198240
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31606
x-amz-meta-git_commit: 81a0f85
last-modified: Fri, 22 Dec 2023 00:59:47 GMT
server: AmazonS3
etag: "f4bd9f615129e69d121d5b5bad7220c0"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pdkcy6-GXmDHRyvmCS1vIke4ciLCX5-GxMxns3RUreJZEcjv18g54Q==

GET
H2 200 b-935e2f1-d3df8881.js Show response
tagan.adlightning.com/setupad-hai/ Frame 6F25 70 KB
27 KB 51ms
50ms Script
application/javascript 18.67.65.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-75.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 14 Nov 2023 12:19:01 GMT
content-encoding: gzip
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
x-amz-version-id: ewraV.NlWrAuI1ITNHYKI6qCHBKA8Mbc
x-amz-cf-pop: IAD89-P1
age: 3441855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27316
x-amz-meta-git_commit: 935e2f1
last-modified: Tue, 03 Oct 2023 14:26:13 GMT
server: AmazonS3
etag: "64ca92e55d25ac355c394baedd21198b"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: QSLhiitkKgvtKCak6jSOvAfxeoAgVrncjrUWxD6lHCnx_2aRCOsVgQ==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F25 42 B
63 B 51ms
50ms Image
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CuwZTbutTOo-ORorrsGM8fDzGMlZq2xxN8HYADrFdz5ueOYrPXRzjZdQGKS2lhLAUxiiXYoCnVvhvI85j0kOAp7oX66jmFw6qsM6lIHCsW_So3K1Y

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6F25 89 KB
31 KB 60ms
59ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 08:23:15 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 6F25 18 KB
8 KB 36ms
24ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 07:34:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 24 Dec 2023 08:34:12 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 6F25 47 KB
13 KB 1184ms
39ms Script
application/javascript 35.174.197.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=1015237279&campId=20859179687&pubId=1&chanId=810230258357&placementId=535013884&adsafe_par&impId=ABAjH0jWKUmL8ENMenAxqbQaguED&bidurl=https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.197.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-197-10.compute-1.amazonaws.com
Software: /
Resource Hash: 49bcc959b9c6fbea3cd8590c45733f75a0baedad72165ec5687eb9d04c4cfd21

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:17 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6F25 3 KB
1 KB 30ms
30ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 05:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 05:47:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6F25 20 KB
8 KB 88ms
32ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 22:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 22:08:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F25 203 KB
65 KB 80ms
69ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 08:23:15 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame FD72
Redirect Chain

https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=c66f1316-0d10-4c7d-8936-d62d7059e34b&gdpr=0

43 B
479 B

46ms
46ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=c66f1316-0d10-4c7d-8936-d62d7059e34b&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:23:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YR2RHXTH1BA01T44XDE5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=c66f1316-0d10-4c7d-8936-d62d7059e34b&gdpr=0
date: Sun, 24 Dec 2023 08:23:19 GMT
server: _
content-length: 0

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame FD72
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0
https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1703406203291
https://ad.turn.com/r/cs?pid=45&rndcb=4109564044
https://sync.1rx.io/usersync/turn/8467002343506201181?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-77df2417-fc4d-48c7-a4e1-1f176dd3da...
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005

43 B
617 B

43ms
42ms

Image
image/gif

44.193.166.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Server: 44.193.166.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-166-53.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:23 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

location: https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005
date: Sun, 24 Dec 2023 08:23:23 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX77df2417fc4d48c7a4e11f176dd3da08005
content-type: text/html

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame FD72
Redirect Chain

https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0
https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0&_bee_ppp=1
https://s.amazon-adsystem.com/ecm3?id=AAFSb07LD9UAABPhkkaYJA&ex=beeswax.com

43 B
479 B

44ms
44ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=AAFSb07LD9UAABPhkkaYJA&ex=beeswax.com

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:23:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 964D7DH5N3MHB0HJTYM3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=AAFSb07LD9UAABPhkkaYJA&ex=beeswax.com
Date: Sun, 24 Dec 2023 08:23:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 204 /
onetag-sys.com/match/ Frame FD72 0
198 B 7382ms
50ms Image
text/plain 51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame FD72
Redirect Chain

https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0
https://s.amazon-adsystem.com/ecm3?id=A373BB42926B4E869A93DBACE5242722&ex=simpli.fi&status=ok

43 B
479 B

41ms
41ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=A373BB42926B4E869A93DBACE5242722&ex=simpli.fi&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:23:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0HB9GNKRZPV70BEVFSX3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 24 Dec 2023 08:23:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.amazon-adsystem.com/ecm3?id=A373BB42926B4E869A93DBACE5242722&ex=simpli.fi&status=ok
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 23 Dec 2023 08:23:23 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame FD72
Redirect Chain

https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=d99826ce6fa6beeb2eqbz900lqj82mdd

43 B
479 B

46ms
46ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=d99826ce6fa6beeb2eqbz900lqj82mdd

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:23:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: W8AHGE6Q29HYNX8T3JRQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 24 Dec 2023 08:23:23 GMT
via: 1.1 google
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=d99826ce6fa6beeb2eqbz900lqj82mdd
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame FD72
Redirect Chain

https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0
https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0&s=2
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=4qgN9Ixi2dJLOHPX3fA2&gdpr=0

43 B
479 B

41ms
41ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=4qgN9Ixi2dJLOHPX3fA2&gdpr=0

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:23:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BHPM8TVKBGN07VYVJ9S4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:23:23 GMT
Content-Type: text/html; charset=utf-8
Location: https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=4qgN9Ixi2dJLOHPX3fA2&gdpr=0
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 112
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

cm Show response
u.openx.net/w/1.0/ Frame C3AF
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7...
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...

305 B
285 B

52ms
51ms

Document
text/html

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: ab803cd8d1fc9c740a17f3c0c62f5521dbadf20fa6063d695179101b60e1a36e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 231
content-type: text/html
date: Sun, 24 Dec 2023 08:23:16 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Dec 2023 08:23:15 GMT
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 19E3
Redirect Chain

https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7668977979458787111&gdpr=0&gdpr_consent=

43 B
479 B

44ms
44ms

Document
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7668977979458787111&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 24 Dec 2023 08:23:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 6QG98P3V67YVNWG3FFKA

Redirect headers

content-length: 0
date: Sun, 24 Dec 2023 08:23:22 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7668977979458787111&gdpr=0&gdpr_consent=

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame A0B5
Redirect Chain

https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4ada402079a1377&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&g...
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFmHr2igpcrgNFVdt0AAAAAAA&expiration=1703492596&is_secure=true&gdpr=0

43 B
479 B

79ms
42ms

Document
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFmHr2igpcrgNFVdt0AAAAAAA&expiration=1703492596&is_secure=true&gdpr=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 24 Dec 2023 08:23:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: F190MFMPG7FDEVY95K5W

Redirect headers

cache-control: no-cache, private, max-age=0, no-store
content-length: 0
date: Sun, 24 Dec 2023 08:23:16 GMT
expires: 0
location: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFmHr2igpcrgNFVdt0AAAAAAA&expiration=1703492596&is_secure=true&gdpr=0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma: no-cache
server: nginx

GET
H2 200 / Show response
match.sharethrough.com/jwumXNuB/v1/ Frame AC53 807 B
992 B 410ms
34ms Document
text/html 34.207.52.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.52.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-52-118.compute-1.amazonaws.com
Software: /
Resource Hash: 633f21a86fc719e56510c65886039aeccf88c464e05df0e5855a3eae248d2f6e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

content-length: 807
date: Sun, 24 Dec 2023 08:23:16 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B8A7 16 KB
6 KB 108ms
27ms Document
text/html 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=149126
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sun, 24 Dec 2023 08:23:16 GMT
expires: Tue, 26 Dec 2023 01:48:42 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 tamptsync Show response
sync-amz.ads.yieldmo.com/ Frame 13BD 1 KB
1 KB 7375ms
51ms Document
text/html 23.22.194.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.194.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-194-15.compute-1.amazonaws.com
Software: /
Resource Hash: c27b64ffb33e715000fd36d27e0ec5ae1c7a84a1e687c332187c756dd2c93205

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sun, 24 Dec 2023 08:23:23 GMT
pragma: no-cache
vary: accept-encoding

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 63A7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0&verify=true
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS16dGh3RGtCRTJ1SklkQzl0Ui4zd3FSeWdueE81SGpOeX5B&gdpr=0

43 B
479 B

46ms
46ms

Document
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS16dGh3RGtCRTJ1SklkQzl0Ui4zd3FSeWdueE81SGpOeX5B&gdpr=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 24 Dec 2023 08:23:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 9CGBATGMCGK8ZFWPXN52

Redirect headers

age: 0
content-length: 0
date: Sun, 24 Dec 2023 08:23:16 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS16dGh3RGtCRTJ1SklkQzl0Ui4zd3FSeWdueE81SGpOeX5B&gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.94
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 2F95
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=509659560713293521694

43 B
479 B

42ms
42ms

Document
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=509659560713293521694

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 24 Dec 2023 08:23:17 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: PJWQ9SZ7GEEM5FZHAW7M

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sun, 24 Dec 2023 08:23:17 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=509659560713293521694
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame C3AF 43 B
479 B 93ms
48ms Image
image/gif 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=2ead8141-4b43-c484-2bd4-b023ee07ea7e&gdpr=0

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:23:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RRMDTVY422TXZCF4766Q
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
419 B 122ms
35ms Ping
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=0&d=eyJzaXRlSWQiOiJzZXR1cGFkLWhhaSIsInVybCI6Imh0dHBzOi8vZ2wubW9kc2ZvcmFuZHJvaWQuY29tL2VuL2FwcC8xNjQxNDg2NTU4L3RlbXUtc2hvcC1saWtlLWEtYmlsbGlvbmFpcmUjZ29vZ2xlX3ZpZ25ldHRlIiwiYWRVbml0IjoiLzE0NzI0NjE4OSwyMjM4NDM0NjUzMy9tb2RzZm9yYW5kcm9pZC5jb21fMzAweDI1MF9kb3VibGVfYmFubmVyX2Rlc2t0b3BfMl9sZWZ0XzAiLCJhZFNlcnZlckRldGFpbHMiOnsiYWR2ZXJ0aXNlcklkIjoiMTEwMDIzNTg5IiwiY2FtcGFpZ25JZCI6IjU4NjkyMjE4OSIsImNyZWF0aXZlSWQiOiIxMzg0MTM2OTU1NjIiLCJsaW5laXRlbUlkIjoiMzIzMzU5ODI5IiwiYWRTZXJ2ZXIiOiJkZnAiLCJ5aWVsZEdyb3VwSWRzIjpbNDc2NTcyLDQ3NjYwNl19LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MCwid3YiOiIxLjAuMCs5MzVlMmYxIiwiYnYiOiJibC04MWEwZjg1LTAxMzE4ZTFiO2ItOTM1ZTJmMS1kM2RmODg4MSIsIm1ldGEiOnsiYmxvY2tlZEluZm8iOnsicmVmcmVzaGVkQ291bnQiOjAsImJsb2NrZWRDb3VudCI6MCwiaGVhdnlBZEJsb2NrZWRDb3VudCI6MCwiaGVhdnlBZFJlZnJlc2hlZENvdW50IjowfSwicGxSYXRpbyI6MC4wMX0sInRhZ01hcmt1cCI6IjxodG1sPjxoZWFkPlxuICAgIDxtZXRhIGNoYXJzZXQ9XCJVVEYtOFwiPlxuICAgIDx0aXRsZT5TYWZlRnJhbWUgQ29udGFpbmVyPC90aXRsZT5cbiAgICA8c2NyaXB0PlxuKGZ1bmN0aW9uKCl7LypcblxuIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuXG4gU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjBcbiovXG52YXIgZj10aGlzfHxzZWxmLGg9ZnVuY3Rpb24oYSl7cmV0dXJuIGF9O3ZhciBuPWZ1bmN0aW9uKGEsYil7dGhpcy5oPWE9PT1sJiZifHxcIlwiO3RoaXMuZz1tfSxwPWZ1bmN0aW9uKGEpe3JldHVybiBhIGluc3RhbmNlb2YgbiYmYS5jb25zdHJ1Y3Rvcj09PW4mJmEuZz09PW0%2FYS5oOlwidHlwZV9lcnJvcjpDb25zdFwifSxtPXt9LGw9e307dmFyIHI9dm9pZCAwOy8qXG5cbiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMFxuKi9cbnZhciB0LGFhPWZ1bmN0aW9uKCl7aWYodm9pZCAwPT09dCl7dmFyIGE9bnVsbCxiPWYudHJ1c3RlZFR5cGVzO2lmKGImJmIuY3JlYXRlUG9saWN5KXt0cnl7YT1iLmNyZWF0ZVBvbGljeShcImdvb2cjaHRtbFwiLHtjcmVhdGVIVE1MOmgsY3JlYXRlU2NyaXB0OmgsY3JlYXRlU2NyaXB0VVJMOmh9KX1jYXRjaChjKXtmLmNvbnNvbGUmJmYuY29uc29sZS5lcnJvcihjLm1lc3NhZ2UpfXQ9YX1lbHNlIHQ9YX1yZXR1cm4gdH07dmFyIGNhPWZ1bmN0aW9uKGEpe3RoaXMuZz1iYT09PWJhP2E6XCJcIn07Y2EucHJvdG90eXBlLnRvU3RyaW5nPWZ1bmN0aW9uKCl7cmV0dXJuIHRoaXMuZytcIlwifTt2YXIgYmE9e30sZGE9ZnVuY3Rpb24oYSl7dmFyIGI9YWEoKTthPWI%2FYi5jcmVhdGVTY3JpcHRVUkwoYSk6YTtyZXR1cm4gbmV3IGNhKGEpfTt2YXIgZWE9e30sdT1mdW5jdGlvbihhLGIpe3RoaXMuZz1iPT09ZWE%2FYTpcIlwifTt1LnByb3RvdHlwZS50b1N0cmluZz1mdW5jdGlvbigpe3JldHVybiB0aGlzLmcudG9TdHJpbmcoKX07dmFyIGhhPWZ1bmN0aW9uKCl7dmFyIGE9dixiPXttZXNzYWdlOmZhKHYpfTt2YXIgYz12b2lkIDA9PT1jP3t9OmM7dGhpcy5lcnJvcj1hO3RoaXMuY29udGV4dD1iLmNvbnRleHQ7dGhpcy5tc2c9Yi5tZXNzYWdlfHxcIlwiO3RoaXMuaWQ9Yi5pZHx8XCJqc2Vycm9yXCI7dGhpcy5tZXRhPWN9O3ZhciB3PWZ1bmN0aW9uKGEpe3dbXCIgXCJdKGEpO3JldHVybiBhfTt3W1wiIFwiXT1mdW5jdGlvbigpe307dmFyIGlhPVJlZ0V4cChcIl4oPzooW146Lz8jLl0rKTopPyg%2FOi8vKD86KFteXFxcXFxcXFwvPyNdKilAKT8oW15cXFxcXFxcXC8%2FI10qPykoPzo6KFswLTldKykpPyg%2FPVtcXFxcXFxcXC8%2FI118JCkpPyhbXj8jXSspPyg%2FOlxcXFw%2FKFteI10qKSk%2FKD86IyhbXFxcXHNcXFxcU10qKSk%2FJFwiKTt2YXIgamE9ZnVuY3Rpb24oYSxiKXtpZihhKWZvcih2YXIgYyBpbiBhKU9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChhLGMpJiZiKGFbY10sYyxhKX07dmFyIGthPVJlZ0V4cChcIl5odHRwcz86Ly8oXFxcXHd8LSkrXFxcXC5jZG5cXFxcLmFtcHByb2plY3RcXFxcLihuZXR8b3JnKShcXFxcP3wvfCQpXCIpLG1hPWZ1bmN0aW9uKCl7dmFyIGE9bGE7dGhpcy5nPXg7dGhpcy5oPWF9LG5hPWZ1bmN0aW9uKGEsYil7dGhpcy51cmw9YTt0aGlzLmo9ISFiO3RoaXMuZGVwdGg9bnVsbH07ZnVuY3Rpb24gb2EoYSl7Zi5nb29nbGVfaW1hZ2VfcmVxdWVzdHN8fChmLmdvb2dsZV9pbWFnZV9yZXF1ZXN0cz1bXSk7dmFyIGI9Zi5kb2N1bWVudDtiPXZvaWQgMD09PWI%2FZG9jdW1lbnQ6YjtiPWIuY3JlYXRlRWxlbWVudChcImltZ1wiKTtiLnNyYz1hO2YuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzLnB1c2goYil9O3ZhciB5PWZ1bmN0aW9uKCl7dGhpcy5pPVwiJlwiO3RoaXMuaD17fTt0aGlzLm89MDt0aGlzLmc9W119LHo9ZnVuY3Rpb24oYSxiKXt2YXIgYz17fTtjW2FdPWI7cmV0dXJuW2NdfSxxYT1mdW5jdGlvbihhLGIsYyxkLGUpe3ZhciBrPVtdO2phKGEsZnVuY3Rpb24oZyxBKXsoZz1wYShnLGIsYyxkLGUpKSYmay5wdXNoKEErXCI9XCIrZyl9KTtyZXR1cm4gay5qb2luKGIpfSxwYT1mdW5jdGlvbihhLGIsYyxkLGUpe2lmKG51bGw9PWEpcmV0dXJuXCJcIjtiPWJ8fFwiJlwiO2M9Y3x8XCIsJFwiO1wic3RyaW5nXCI9PXR5cGVvZiBjJiYoYz1jLnNwbGl0KFwiXCIpKTtpZihhIGluc3RhbmNlb2YgQXJyYXkpe2lmKGQ9ZHx8MCxkPGMubGVuZ3RoKXtmb3IodmFyIGs9W10sZz0wO2c8YS5sZW5ndGg7ZysrKWsucHVzaChwYShhW2ddLGIsYyxkKzEsZSkpO3JldHVybiBrLmpvaW4oY1tkXSl9fWVsc2UgaWYoXCJvYmplY3RcIj09dHlwZW9mIGEpcmV0dXJuIGU9ZXx8MCwyPmU%2FZW5jb2RlVVJJQ29tcG9uZW50KHFhKGEsYixjLGQsZSsxKSk6XCIuLi5cIjtyZXR1cm4gZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhhKSl9LHNhPWZ1bmN0aW9uKGEpe3ZhciBiPVwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1qc2Vycm9yJlwiLGM9cmEoYSktMjc7aWYoMD5jKXJldHVyblwiXCI7YS5nLnNvcnQoZnVuY3Rpb24oemEsQWEpe3JldHVybiB6YS1BYX0pO2Zvcih2YXIgZD1udWxsLGU9XCJcIixrPTA7azxhLmcubGVuZ3RoO2srKylmb3IodmFyIGc9YS5nW2tdLEE9YS5oW2ddLE89MDtPPEEubGVuZ3RoO08rKyl7aWYoIWMpe2Q9bnVsbD09ZD9nOmQ7YnJlYWt9dmFyIHE9cWEoQVtPXSxhLmksXCIsJFwiKTtpZihxKXtxPWUrcTtpZihjPj1xLmxlbmd0aCl7Yy09cS5sZW5ndGg7Yis9cTtlPWEuaTticmVha31kPW51bGw9PWQ%2FZzpkfX1hPVwiXCI7bnVsbCE9ZCYmKGE9ZStcInRybj1cIitkKTtyZXR1cm4gYithfSxyYT1mdW5jdGlvbihhKXt2YXIgYj0xLGM7Zm9yKGMgaW4gYS5oKWI9Yy5sZW5ndGg%2BYj9jLmxlbmd0aDpiO3JldHVybiAzOTk3LWItYS5pLmxlbmd0aC0xfTt2YXIgdGE9ZnVuY3Rpb24oYSl7aWYoLjAxPk1hdGgucmFuZG9tKCkpdHJ5e2lmKGEgaW5zdGFuY2VvZiB5KXZhciBiPWE7ZWxzZSBiPW5ldyB5LGphKGEsZnVuY3Rpb24oZCxlKXt2YXIgaz1iLGc9ay5vKys7ZD16KGUsZCk7ay5nLnB1c2goZyk7ay5oW2ddPWR9KTt2YXIgYz1zYShiKTtjJiZvYShjKX1jYXRjaChkKXt9fTt2YXIgZmE9ZnVuY3Rpb24oYSl7dmFyIGI9YS50b1N0cmluZygpO2EubmFtZSYmLTE9PWIuaW5kZXhPZihhLm5hbWUpJiYoYis9XCI6IFwiK2EubmFtZSk7YS5tZXNzYWdlJiYtMT09Yi5pbmRleE9mKGEubWVzc2FnZSkmJihiKz1cIjogXCIrYS5tZXNzYWdlKTtpZihhLnN0YWNrKXthPWEuc3RhY2s7dmFyIGM9Yjt0cnl7LTE9PWEuaW5kZXhPZihjKSYmKGE9YytcIlxcblwiK2EpO2Zvcih2YXIgZDthIT1kOylkPWEsYT1hLnJlcGxhY2UoUmVnRXhwKFwiKChodHRwcz86Ly4uKi8pW14vOl0qOlxcXFxkKyg%2FOi58XFxuKSopXFxcXDJcIiksXCIkMVwiKTtiPWEucmVwbGFjZShSZWdFeHAoXCJcXG4gKlwiLFwiZ1wiKSxcIlxcblwiKX1jYXRjaChlKXtiPWN9fXJldHVybiBifTsoe30pWzNdPWRhKHAobmV3IG4obCxcImh0dHBzOi8vczAuMm1kbi5uZXQvYWRzL3JpY2htZWRpYS9zdHVkaW8vbXUvdGVtcGxhdGVzL2hpZmkvaGlmaS5qc1wiKSkpOyh7fSlbM109ZGEocChuZXcgbihsLFwiaHR0cHM6Ly9zMC4ybWRuLm5ldC9hZHMvcmljaG1lZGlhL3N0dWRpb19jYW5hcnkvbXUvdGVtcGxhdGVzL2hpZmkvaGlmaV9jYW5hcnkuanNcIikpKTt2YXIgdWE9L14oW147XSspOyhcXGQrKTsoW1xcc1xcU10qKSQvO3ZhciB2YT0vXihbYS16MC05XShbYS16MC05LV17MCw2MX1bYS16MC05XSk%2FXFwuc2FmZWZyYW1lXFwuZ29vZ2xlc3luZGljYXRpb25cXC5jb218dHBjXFwuZ29vZ2xlc3luZGljYXRpb25cXC5jb218c2VjdXJlZnJhbWVcXC5kb3VibGVjbGlja1xcLm5ldHxbYS16MC05XShbYS16MC05LV17MCw2MX1bYS16MC05XSk%2FXFwuc2FmZWZyYW1lXFwudXNlcmNvbnRlbnRcXC5nb29nKSQvLHdhPS9eKHBhZ2VhZDJcXC5nb29nbGVzeW5kaWNhdGlvblxcLmNvbXxnb29nbGVhZHNcXC5nXFwuZG91YmxlY2xpY2tcXC5uZXQpJC87dmFyIHhhPWZ1bmN0aW9uKGEpe3JldHVybiBmdW5jdGlvbihiKXt2YXIgYz1hLmhvc3RuYW1lLGQ9dmEudGVzdChjKXx8d2EudGVzdChjKTtjPVtjXTt2YXIgZT1yO3I9dm9pZCAwO2lmKCFkKXtpZihlKXRocm93IEVycm9yKGUoKSk7aWYoYyYmMDxjLmxlbmd0aCl0aHJvdyBFcnJvcihcIltcIitjLm1hcChTdHJpbmcpLmpvaW4oXCIsXCIpK1wiXVwiKTt0aHJvdyBFcnJvcihTdHJpbmcoZCkpO31iPShkPWFhKCkpP2QuY3JlYXRlSFRNTChiKTpiO3JldHVybiBuZXcgdShiLGVhKX19KGxvY2F0aW9uKTtpZih3aW5kb3cubmFtZSl0cnl7dmFyIEIseWE9d2luZG93Lm5hbWUsQz11YS5leGVjKHlhKTtpZihudWxsPT09Qyl0aHJvdyBFcnJvcihcIkNhbm5vdCBwYXJzZSBzZXJpYWxpemVkIGRhdGEuIFwiK3lhLnN1YnN0cmluZygwLDUwKSk7dmFyIEQ9K0NbMl0sRT1DWzNdO2lmKEQ%2BRS5sZW5ndGgpdGhyb3cgRXJyb3IoXCJQYXJzZWQgY29udGVudCBzaXplIGRvZXNuJ3QgbWF0Y2guIFwiK0QrXCI6XCIrRS5sZW5ndGgpO0I9e206Q1sxXSxjb250ZW50OkUuc3Vic3RyKDAsRCksbDpFLnN1YnN0cihEKX07dmFyIEY9SlNPTi5wYXJzZShCLmwpO3dpbmRvdy5uYW1lPVwiXCI7dmFyIEJhPUIuY29udGVudDtGLmdvb2dfc2FmZWZyYW1lX2hsdCYmKGYuZ29vZ19zYWZlZnJhbWVfaGx0PUYuZ29vZ19zYWZlZnJhbWVfaGx0KTtGLl9jb250ZXh0JiYoZi5BTVBfQ09OVEVYVF9EQVRBPUYuX2NvbnRleHQpO2Yuc2ZfPXt2OkIubSxjZmc6Rn07ZG9jdW1lbnQub3BlbihcInRleHQvaHRtbFwiLFwicmVwbGFjZVwiKTt2YXIgRz14YShCYSk7ZG9jdW1lbnQud3JpdGUoRyBpbnN0YW5jZW9mIHUmJkcuY29uc3RydWN0b3I9PT11P0cuZzpcInR5cGVfZXJyb3I6U2FmZUh0bWxcIik7ZG9jdW1lbnQuY2xvc2UoKTtmLnNmXyYmKHdpbmRvdy5uYW1lPVwiXCIpfWNhdGNoKGEpe3ZhciB2PWEsSDt0cnl7dmFyIEk9bmV3IHk7SS5nLnB1c2goMSk7SS5oWzFdPXooXCJjb250ZXh0XCIsNTA3KTt2LmVycm9yJiZ2Lm1ldGEmJnYuaWR8fCh2PW5ldyBoYSk7aWYodi5tc2cpe3ZhciBDYT12Lm1zZy5zdWJzdHJpbmcoMCw1MTIpO0kuZy5wdXNoKDIpO0kuaFsyXT16KFwibXNnXCIsQ2EpfXZhciBEYT1bdi5tZXRhfHx7fV07SS5nLnB1c2goMyk7SS5oWzNdPURhO3ZhciBKPWYsSz1bXSxMLE09bnVsbCxOO2Rve049Sjt2YXIgUDt0cnl7dmFyIFE7aWYoUT0hIU4mJm51bGwhPU4ubG9jYXRpb24uaHJlZiliOnt0cnl7dyhOLmZvbyk7UT0hMDticmVhayBifWNhdGNoKGIpe31RPSExfVA9UX1jYXRjaChiKXtQPSExfVA%2FKEw9Ti5sb2NhdGlvbi5ocmVmLE09Ti5kb2N1bWVudCYmTi5kb2N1bWVudC5y&i=1-2&t=adltag_lqj82ghk_ZwBZmJk88Y&r=ab2dadc3fb9b70e923b70997414e1b5&c=setupad-hai&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date: Sat, 23 Dec 2023 13:50:20 GMT
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1
age: 66777
x-cache: Error from cloudfront
content-length: 0
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 2vuLigAfZyT7Ab-YPqO1eYmg_ijMvySFDNqR_h7Ody0ORK8RmZ5ang==

POST
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
418 B 136ms
49ms Ping
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=0&d=ZWZlcnJlcnx8bnVsbCk6KEw9TSxNPW51bGwpO0sucHVzaChuZXcgbmEoTHx8XCJcIikpO3RyeXtKPU4ucGFyZW50fWNhdGNoKGIpe0o9bnVsbH19d2hpbGUoSiYmTiE9Sik7Zm9yKHZhciBSPTAsRWE9Sy5sZW5ndGgtMTtSPD1FYTsrK1IpS1tSXS5kZXB0aD1FYS1SO049ZjtpZihOLmxvY2F0aW9uJiZOLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2lucyYmTi5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMubGVuZ3RoPT1LLmxlbmd0aC0xKWZvcih2YXIgUz0xO1M8Sy5sZW5ndGg7KytTKXt2YXIgVD1LW1NdO1QudXJsfHwoVC51cmw9Ti5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnNbUy0xXXx8XCJcIixULmo9ITApfWZvcih2YXIgeD1uZXcgbmEoZi5sb2NhdGlvbi5ocmVmLCExKSxGYT1udWxsLFU9Sy5sZW5ndGgtMSxWPVU7MDw9VjstLVYpe3ZhciBXPUtbVl07IUZhJiZrYS50ZXN0KFcudXJsKSYmKEZhPVcpO2lmKFcudXJsJiYhVy5qKXt4PVc7YnJlYWt9fXZhciBsYT1udWxsLEdhPUsubGVuZ3RoJiZLW1VdLnVybDswIT14LmRlcHRoJiZHYSYmKGxhPUtbVV0pO0g9bmV3IG1hO2lmKEguaCl7dmFyIEhhPUguaC51cmx8fFwiXCI7SS5nLnB1c2goNCk7SS5oWzRdPXooXCJ0b3BcIixIYSl9dmFyIElhPXt1cmw6SC5nLnVybHx8XCJcIn0sWDtpZihILmcudXJsKXt2YXIgWTtZPUguZy51cmwubWF0Y2goaWEpO3ZhciBKYT1ZWzFdLEthPVlbM10sTGE9WVs0XSxaPVwiXCI7SmEmJihaKz1KYStcIjpcIik7S2EmJihaKz1cIi8vXCIsWis9S2EsTGEmJihaKz1cIjpcIitMYSkpO1g9Wn1lbHNlIFg9XCJcIjt2YXIgTWE9W0lhLHt1cmw6WH1dO0kuZy5wdXNoKDUpO0kuaFs1XT1NYTt0YShJKX1jYXRjaChiKXt0cnl7dGEoe2NvbnRleHQ6XCJlY21zZXJyXCIscmN0eDo1MDcsbXNnOmZhKGIpLHVybDpIJiZILmcudXJsfSl9Y2F0Y2goYyl7fX19O30pLmNhbGwodGhpcyk7XG4gICAgPC9zY3JpcHQ%2BPHNjcmlwdCBzcmM9XCJodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9zZXR1cGFkLWhhaS9ibC04MWEwZjg1LTAxMzE4ZTFiLmpzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vc2V0dXBhZC1oYWkvYi05MzVlMmYxLWQzZGY4ODgxLmpzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PjxzY3JpcHQ%2BdmFyIGQ9ZGVjb2RlVVJJQ29tcG9uZW50KFwiJTdCJTIyc2l0ZUlkJTIyJTNBJTIyc2V0dXBhZC1oYWklMjIlMkMlMjJ3diUyMiUzQSUyMjEuMC4wJTJCOTM1ZTJmMSUyMiUyQyUyMmJsdiUyMiUzQSUyMmJsLTgxYTBmODUtMDEzMThlMWIlMjIlMkMlMjJidiUyMiUzQSUyMmItOTM1ZTJmMS1kM2RmODg4MSUyMiUyQyUyMnRvcERvbWFpbiUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGZ2wubW9kc2ZvcmFuZHJvaWQuY29tJTJGZW4lMkZhcHAlMkYxNjQxNDg2NTU4JTJGdGVtdS1zaG9wLWxpa2UtYS1iaWxsaW9uYWlyZSUyM2dvb2dsZV92aWduZXR0ZSUyMiUyQyUyMmN1cnJlbnRUYWdJZCUyMiUzQSUyMmFkbHRhZ19scWo4Mmdoa19ad0JabUprODhZJTIyJTJDJTIyYXUlMjIlM0ElMjIlMkYxNDcyNDYxODklMkMyMjM4NDM0NjUzMyUyRm1vZHNmb3JhbmRyb2lkLmNvbV8zMDB4MjUwX2RvdWJsZV9iYW5uZXJfZGVza3RvcF8yX2xlZnRfMCUyMiUyQyUyMnNsb3RFbGVtZW50SWQlMjIlM0ElMjJtb2RzZm9yYW5kcm9pZF9jb21fMzAweDI1MF9kb3VibGVfYmFubmVyX3Jlc3BvbnNpdmVfMl9sZWZ0JTIyJTJDJTIycmVmcmVzaGVzUmVtYWluaW5nJTIyJTNBMiUyQyUyMmJsb2NrZWRDb3VudCUyMiUzQTAlMkMlMjJoZWF2eUFkUmVmcmVzaGVzUmVtYWluaW5nJTIyJTNBMiUyQyUyMmhlYXZ5QWRCbG9ja2VkQ291bnQlMjIlM0EwJTJDJTIyYWRTZXJ2ZXJEZXRhaWxzJTIyJTNBJTdCJTIyYWR2ZXJ0aXNlcklkJTIyJTNBJTIyMTEwMDIzNTg5JTIyJTJDJTIyY2FtcGFpZ25JZCUyMiUzQSUyMjU4NjkyMjE4OSUyMiUyQyUyMmNyZWF0aXZlSWQlMjIlM0ElMjIxMzg0MTM2OTU1NjIlMjIlMkMlMjJsaW5laXRlbUlkJTIyJTNBJTIyMzIzMzU5ODI5JTIyJTJDJTIyYWRTZXJ2ZXIlMjIlM0ElMjJkZnAlMjIlMkMlMjJ5aWVsZEdyb3VwSWRzJTIyJTNBJTVCNDc2NTcyJTJDNDc2NjA2JTVEJTdEJTJDJTIydyUyMiUzQTMwMCUyQyUyMmglMjIlM0EyNTAlMkMlMjJJQUJDb25zZW50U3RyaW5nJTIyJTNBJTdCJTIydXNwYXBpJTIyJTNBJTVCJTdCJTIydmVyc2lvbiUyMiUzQTElMkMlMjJ1c3BTdHJpbmclMjIlM0ElMjIxLS0tJTIyJTdEJTVEJTdEJTJDJTIyc2FmZUZyYW1lS2V5JTIyJTNBJTIyNzI3MjY1MjQlMjIlN0RcIik7d2luZG93W1wiMzYyNjE0ODhfc2V0dXBhZC1oYWlcIl09e307d2luZG93W1wiMzYyNjE0ODhfc2V0dXBhZC1oYWlcIl0udGFnRGV0YWlscz1KU09OLnBhcnNlKGQpO3dpbmRvdy5ibG9ja2VyICYmIGJsb2NrZXIoXCIzNjI2MTQ4OF9zZXR1cGFkLWhhaVwiLCBcIjwhLS1BRExfV1JBUFBFRC0tPlwiLCBmYWxzZSwgd2luZG93LCB7fSk7PC9zY3JpcHQ%2BPC9oZWFkPjwvaHRtbD48IS0tIElGUkFNRSBJTk5FUiBDT05URU5UIC0tPiJ9&i=2-2&t=adltag_lqj82ghk_ZwBZmJk88Y&r=ab2dadc3fb9b70e923b70997414e1b5&c=setupad-hai&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date: Sat, 23 Dec 2023 13:50:20 GMT
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1
age: 66777
x-cache: Error from cloudfront
content-length: 0
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: XporKX8mX10AZdFsWtCHzxStN1oT7jm5NA2WBCCkJyqgrkRD4sfv7g==

GET
H2 200 css
fonts.googleapis.com/ Frame C085 6 KB
788 B 52ms
51ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

6186e4df12dc2db44c3332b7606845657e3fdc0bdb10b29f0d06a13cd4431229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Dec 2023 08:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 24 Dec 2023 08:23:16 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C085 2 KB
822 B 30ms
30ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 12:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 12:55:57 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame C085 23 KB
9 KB 35ms
33ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 12:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 12:56:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C085 3 KB
1 KB 34ms
33ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 05:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 05:47:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C085 20 KB
8 KB 35ms
34ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 22:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 22:08:44 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C085 203 KB
64 KB 74ms
72ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 08:23:16 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame C085 37 KB
15 KB 33ms
32ms Script
text/javascript 142.251.40.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f3.1e100.net

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 21 Dec 2023 16:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Mar 2024 16:11:49 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BDAA 0
53 B 415ms
56ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQ1vLNlQIYo4K4_gEwAQ&v=APEucNXQdmb4H9EkKMbTMfEciUR7Fl1H-AUTMUtdUrkSDmxTmaOEwfhsZjbob-G0zfTZd5FbRIkScyugAzMyadlhesAnXYm6voq8KPBaL-fxgiH9ntSd7w8

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:23:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 59D0 23 KB
9 KB 24ms
23ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 00:16:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 00:16:35 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 59D0 7 KB
3 KB 24ms
23ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 19:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 19:05:07 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 59D0 0
0 3005ms
57ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8EeM2i1jWJ_cpEGVVt_KW_4rzGU7h05MXG6tv8gSWOV9FtuhWVSsa161FDM54hVjtXfew9oTaxbWTGrBMumFv4LTMmOuVCRx9yuK9-ekIOPqGyUcN6pCydHZrxtX1yn0GDFpTRVlLnSysaKSFy1OmWKXzKJvkCVU67aDUkl-fyxUHfuXI75XANUw1GIh5Sd6hUtPc-mujOGSeNxQCJFLII5b9AtYAxCZDlRxUf2CeQZatdwi1IyIdz-vvArysggm9ACQaFgUs_6_qqWBZiPOZkPRwAA86n4Wao2nEuFG4rw8CkhRhP-CdTOE5P3yJDvRkbzp2Gn3jzovo_vqhbxbJUkejsCippENf-Ovq0Ybh4kCW7NrCIzfCKTeG2aEN1PoNSgoc4Vns0Rgiz6GKWdzxlUMkzw25gUfrE41g9HLIzS2Ac_6Jda7YaNhCMoZ-YjQPUGp60W0l2V7R7Wn3N22DFPJIhBlKe-ybPHCyjHukcrWGTVzvvZvvBYNfNp808IyYW68NVz9zNsKs_0Xmfw1WMQ7Xsxe4BMP84NSccZckT__j-RW8Z3-XrgEhoY53WP2aupqKlvwIsxtMiZmsPOqk89rXRNuM-zVp6uobfue2UcXv3RokSsnzP3fYL75GTJFh3tc4pHQSmR_LfOm1gGLTuRzU8v8KgqhF2NSNK_bmMvk93FUJ-vvmmK1JM5QPF67Bhc-njP5PelLM3-E0rsERd40oasWf_I8i8t079vlwT3rrYb4Tb5c_VkC4U8farsMZpt5ytOlMsFrHK2kC0s2ZhTRnaJx8jLAP6LeKn1kNwiMdDh7BRj0LKhsovbD1ZOK28xm-ititRI3ckTqk9oh-G5bsVTSB_-sDJapuj1Zk2jjOIGnmYDvhjybmZSAOorojUvr4NwWjzxDWKpy9dCCStGxadTQ5j18N94GDiFYGn9PTnKazuOLS1patBa96Ol1cDzm8XKGW8RZ6YRZaVdL4wOBCwYe4Rkxy9zQ_nGctDu0-tWdvY3TDELckMn--Nq3V99CTCMkT0nZBmWf1QVUhBO2RMerXmqiex4PghtJPw6Jg7NANqZLzMOuVjQ2udjEFvZTZWMmrMv1IAG3IvoxQ3_MVx_avt-f5aECjt-2V23avp4smqJ73vqSDlhTLvloQzdGIhwLzUHISROOgvs0Nk69zQBdE7b_0qnM8pR8IUrEf8EJHFs4KnTfRISb4PQ2HvrWba8ttdkQy5RSuSZPaRp8ciNTYLRcaQzP42D8gTiAWOvQbNIohpCd4pBnvIfGlhYzmwteqahrXhNw8Vt29uqlyJI_fynPXk5XZELbUFO3tEOpww6ovdrQQvymCj2_umv2HdRfCZJE1Wsiet5xL54jFNLVsNjuNzQmykqYglgz7vHvSd0rZWg_T5YFnWQCgFcgWSl6rlQ3E9wqy8A3hHMAUXfN5CGCcgDQxqG_8gR3g2joeCnHLOeMIV7hBy7XiYlWMgRygqB9ZTtzS2E244NBnK_J8I-Z_pyVWm6iFxZcG_PhhYuh_7kpfQDsRGsY9AlWQe2HKO6ouorT4nGsszg&sai=AMfl-YTOpMYVT-ytP6HP8jo8xZKTYyoGUvuPt3fd_A7hr6hRaNPSLDsMbOWXENPRTibQ9JHkYfUM1ILHp3oRiHiTCT4s9cmOgxGFYywNHhVl0wAkYXbceY9MUXfdcGF7h6upfF-uEE60I0Y8wJ3s73czTzsxKBtzwoypN-Zx8rGycOs62C3RCsMq9uMg-BBW2gHHyEkeVAu3aiiezzdwn18oWTYSSVDMxUWgYJBNDFdfCnvekB4hCOSOxmvcVfdfKkPHkWVdR3P1CqrFA5sVmpxXLM7UlRoVJOefyDwYUtbnYZf0HYCSZy60ffqfG_mCcBJOEU0zN5EMCGgAMDnmeE7py0kzGrTXPtxtvMDrQfx51Guu3qP6FL8SYKMGSUUm_ymz9uVxteT_jjjRD2BYIIsKctFDhNYpT58HoGv5pqOgC1YCzRBtUV8ndrJfOR9EcwcsIQDjZehdxyjzc79V4miQn26FRdFFZ61uBLlCLyAT-xsdNOSfjGqFMyE&sig=Cg0ArKJSzKvtk2VKyWilEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.54647&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Dec 2023 08:23:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 59D0 41 KB
14 KB 30ms
30ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 19 Dec 2023 11:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 419427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 11:52:49 GMT

GET
H2 200 2352520475755593692
s0.2mdn.net/simgad/ Frame 59D0 47 KB
47 KB 3143ms
40ms Image
image/jpeg 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2352520475755593692

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

fcb79fca01f2a34e114504fadefbc5cc55d4eb0afe062750667e55c0662b64ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

expires: Sat, 21 Dec 2024 18:05:49 GMT
date: Fri, 22 Dec 2023 18:05:49 GMT
x-content-type-options: nosniff
age: 137850
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48035
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 13:12:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame AC53 43 B
479 B 50ms
50ms Image
image/gif 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=f13e7845-45f4-41f2-a0cf-2eff9c0f4353

Requested by

Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:23:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XYGGH396ZN7E7MMQV4X3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame AC53
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=57e2c866-01e7-466a-a292-f980c7705ed0&gdpr=0&gdpr_consent=

68 B
279 B

38ms
37ms

Image
image/png

34.207.52.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=57e2c866-01e7-466a-a292-f980c7705ed0&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 34.207.52.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-52-118.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:16 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=57e2c866-01e7-466a-a292-f980c7705ed0&gdpr=0&gdpr_consent=
date: Sun, 24 Dec 2023 08:23:16 GMT
server: Kestrel
content-length: 323

GET
H2

200

v1
match.sharethrough.com/sync/ Frame AC53
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZjEzZTc4NDUtNDVmNC00MWYyLWEwY2YtMmVmZjljMGY0MzUz
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=&google_error=3

68 B
279 B

35ms
35ms

Image
image/png

34.207.52.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=&google_error=3
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 34.207.52.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-52-118.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:16 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame AC53
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough
https://ce.lijit.com/merge?pid=279534&3pid=ua-f63bd2be-98b5-3378-bebd-a9a11790648a&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNI...
https://ce.lijit.com/merge?pid=279534&3pid=ua-f63bd2be-98b5-3378-bebd-a9a11790648a&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNI...
https://ssp.disqus.com/match?bidder=12&buyeruid=H36XhRZHCb3neTs-SEKsg0yQ&r=Cid1YS1mNjNiZDJiZS05OGI1LTMzNzgtYmViZC1hOWExMTc5MDY0OGEQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3...
https://sync.adkernel.com/user-sync?zone=176971&t=image&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26buyeruid%3D%7BUID%7D%26r%3DCid1YS1mNjNiZDJiZS05OGI1LTM...
https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D176971%26dsp%3D649145%26t%3Dimage%26uid%3D%24UID
https://sync.adkernel.com/user-sync?zone=176971&dsp=649145&t=image&uid=6432297309198139664
https://ssp.disqus.com/match?bidder=27&buyeruid=A6654750835951896422&r=Cid1YS1mNjNiZDJiZS05OGI1LTMzNzgtYmViZC1hOWExMTc5MDY0OGEQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3...
https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-f63bd2be-98b5-3378-bebd-a9a11790648a

68 B
279 B

35ms
35ms

Image
image/png

34.207.52.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-f63bd2be-98b5-3378-bebd-a9a11790648a
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 34.207.52.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-52-118.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:18 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-f63bd2be-98b5-3378-bebd-a9a11790648a
pragma: no-cache
date: Sun, 24 Dec 2023 08:23:17 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame AC53
Redirect Chain

https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212393408402963

68 B
279 B

35ms
34ms

Image
image/png

34.207.52.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212393408402963
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 34.207.52.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-52-118.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:17 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:16 GMT
referrer-policy: unsafe-url
server: 33XP002
x-33x-status: 100000000008200000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212393408402963
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5BF8 0
341 B 272ms
55ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCQt9PyAhj8047_ATAB&v=APEucNXZy_80Am3h52HJFwjlFHy9Mr_pINoOSbgB8VfzhSaUIl0fjVt6kottMXxnz_t47n7zETIkF_Oyb6piQIaEhTusZB3qiFtCmc7bWWfVvsghJT2rtfg

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:23:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6F25 35 KB
20 KB 158ms
94ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHNCrXrPLPzp0MQEcOYIi8NBSYvlPKFaDmVWJO0ejIiXAkdqe5vvB0FkZR4Uf9dzBqbOD3knS71qzG-gbHu4nREs1P7I1Xqfoofp694HNTvZ0XQ9nRKV3s_KkiAR2SM4nYkz0pjnJ2GLRq8NoLNO0J2hsOhYsm5Iezg7ZfOSvnirWJkts&cry=1&dbm_d=AKAmf-DixksHmRt1PRFhasJkE6yLIH4Cza-2ZBDfAFCJgN6wvbWpg59H3x_d2TMOKBiu2JKmu5p_XNqbRqSuUgN4hvLOMpzRNmO1N9lRvzzfqLgMdcAGR4qRZiB68dXjtE6o7QzoFU5n6up2z0as-2J8bfHBf8GDJN2pVYjKbJmpGl_eTuTrsq54eV30qoh7lyO-k-07bZ1NzZDV9OOG8JD3IoBuvJNwGVwefyevLofQe523a3dqAgLs7Ykkv-TiT_F1r8B8-GPllDsfb2mTmwaglMnq3Aqh4Bn3k-fXxTupVYdBBemIyxSFxtTEt0NLmFqSDbffo-GMgPXyyz2J0RTX1AKy1XKZSHFVE9367NHZtSh5ZHxxoE4OF_HWfOdCK4zgq-Uc-dQZN2UGcY9fFDo9AoLBsv9z0UQ7Eh6Oo6DfzZlFXCH9WHY4AQ20eSPsO7v_0KP4EIFHIaQNtBivmTcCMnpvC1uxvvv3_HE6bdwaE2nIojUHs8pPwfzaQi4RG2LZfscYDfU06NP7ZEPWUCpvb7rbE_DGJQo3WW3ggyQnGt4J1qmlxkQ2bpvkCNCrl8J2356QVgRNc-V1uhv2K1x_Gsrrjhh2n9p6N_wqhYbAn_Qm5SE5jbg_TXtaRcbc56zyZBU0YxXmxuwGw7Bh204QyGXdBXfa4xTDvGtwlKyA2P0YYNb5PbEpIhgZXCakDmTYtmJFyMrHlyOTvpVwUSvEabdSBdk7JVUra9ZLivNd_cfb09KsKIE6p--79jkN15d4rUMlz0Tjm8kJPUC9WLDvLNgrJj-xXOqoz9U5PPi0nFskB1RKUZiF0u4XS9ZBG_P7TJA7COBXfkz7sL9wyAwZD03A_9QYXyQc1Rlf3t2VHagJziZFHqq4jaPORfCa3ryfHC7TcODne-OGkgn0bcuDBE8y_3uz9QcE8C5ge9H3tIjs-p3wYKBjWDJdNluH4LFIbwnHcBPtZ5Ed-XcqkOQhJCFn5izpReY5VZS_2koV4HZEo-0k4aPGQ-rpQzOCRamlnB3uPvSyHUMzRrEaaZul4h6vl1Gr0arl4KfJFiAUGqGM5qrEF-Svt0Aehw3kq2q6UvdcoW46HDhlMfUdqlIMEtKB5L_ErNu-QPSw4u7z9Fa1yJrOR02gogX_inK0yL1C7VvwJT5jffuLhe8GeyIH3Ssl9LYUjxUFhQ_bUqKZT6wQcumqLtZDCw4lQQfOIZYKlAvdPps4Wu_KJpAjkjvCHu8lGnRezxdbMUkdfGze8L1o9719odVomCGr_k0fKZqFHJLKQS0j2F5SQ4qI2Z_PCJv8GbHdbGlvEXYOB_6-9jOnv3nlb-CF4Dyqd5fJ92GtinrScbOcYYFX8_YYaiEErJDRmW8AYLQ9bDwMW0fdebog7qnr8RAK6EIAhNNQqmPhJu_pbyohMEtmcz8e_rxZ5nlZwJddPcihgl_P17jizZ8xfH8SHxucnu1TWtvv2tr713K1gBRRXBUStI61NLGp6AFNVqViGbATLNfQrZ22kZ68lMmZ3Av9THBJCUFUDBKrPYvAztFuk24DaN4bmzb5S1ulSvBCWyhG8d3QvYV8V-3Vfiniig4m-nJcU1yQRpEOq0zImHNOocp7D7xq-KRvkrvn26ETgFEC9SFfzLdt4Wu9FDy9mX2NwSevBdwFvTf6bJRLSzmnhmFIek46G8I-TVGu_nOOndq5ofVOT6xBg8R8clFbusKc1aFYJnjiTciyQwQgbQtERLct89Q-OLLRy45VChHhoTZf6cd2WjWpvOhkik_pcpVpaJ5Ntz2mPfXA3Hh0Yo2GLQ3uBlMa55bG879m2Exhyq7StIungBjRrs2w5lFF2wPDLTvDL7h-wqhHf2goa9kPZe6hupNtopAZjY5LJPG2rAuUUmyW1qOnUcdCf_epS14fMQxsdCloK4WbdwOXFv266O9d_2ApBtwyLKxTH45-YTbtgUkQjcN28F8Nefni-4ACGUGbzxJRuV6skcBfJTuM3iAe69krKzox3p1HGsTDF0D7g9DGJ9VMr1EOGVT5M5VT1VWBLqa_3Tzxxjl96iBvYkUQPpSU-mNT6YOpYoHICepOIWY8gBj0T78BShBu3g-1vbYvq-TBZMeN4V5d9eM2iVBP-Dx2JNA5-XXqC1gbCw-kktN0buVie3htNWuwpw_F_m1bdEMDZqr0OAqN6APZAuOtcA9tDbpPFnOG-TM8qN0sodZ5Yetkf_E3yWyKpUIaJ6fFtkz0yA24loEb-1DW2srFGjmZsHeRbIyd-_DeP5FYu0plHiv6xpvBxRKMAqjEt51wQvnYtwJz7Hi7SI_Hesuefq2dvmMCU_JqM-yYYlF4k1oho063U2su28pULRdvTKdMcHgrTt49Zo2w5AlUfYVR7NfieGE64Q_Q29Sdh2c2zo5EIfeh1EsgaBaaZfNeIJ_8xST04UJ6E58Y9lgQjnWGVOMhGcQG0_dD8EpSczOl1OKxJu8AtFuBrUa40wQCzriSgUt4ytOo5v1u7KTigdRcets-wxq2kG-ZjuCdRF1nn86sdpWpcaw8PcMI5MfaB4j1oduUYQ0UIzuWrSjCbLXOV51uxuhxT-QrlzcrWVPtbFZM7f8RZjgE4deUMd4EOaYe3Ifxx3lY-2PpXfTOhzxy_aspARat-8j_wgZn9pqybfy4SxxW_IJKsNuR6E5pZ34bQbSAPMIAe7GdIx-8Uv0fVRvT61X0g0NTuWHU37woxx3vDRHYEOHhFpClB-x5jG1xrBq3yY5t188RCC8PZwaK-_5aCNrJ1CTXhr9rSwbZl6TVlF-BQOJWsk1-x5qo7Nn0gDbYP0WJ6KJkiM2lDxSlRp9a9xh_3cyYM_al-29zxKMiOZbeNkoA19L2QrprQh3AesjY83tnZR6BDiTdA2A-44N1l6_ediuiSI8ZIY-QO8HjfLaoJQH_umIN9XybhcEGLaBYVGw96PUU1UzdF2TDPeJTxo6xF639a98Fbqywp5WTSKEO-xNbxoKecORMBmCkE4DiCYnwhoJziVXfKcDAKKbeoyoL4A65h_JR1BZ8dX4mz16yMHrQ6k-q3eJcM7c6hv_A2muKfaAXKrLL6nK_pxS9sSr6hQaI-gTcVBnbMDmvx557iCrPOyhTzEmO9g6JL2prHMd9K4ThTxYSwX4Bes2gyHSA_Iht6NRlIY5sv3XXj1JuIb6iQtakZtPdRWOjvQer7_8-fkGyLHUmOlRwp3ruqfOK__Xcr2waS9kTEHI55jeGrQ3KY3MN8rOHp3kU0YPsADMbrGsxmOqSfpLV656rHtUxnbD-AT6PUHMT4SoeN97q38aEb6_Lh4lG2AHv9sRAo3rJskM3iNd4og4WF1QiyXul8dtKhQ9IrwCGOcP_cV7lrpvKU4upTqeFWf0OZ3YEWfQtWC6VbFXZxs02oc6RhXqg6gmVlySa81S3tk67EoZQlk4V2jnwFmhKiwlfmYL2_NJ3JXq2Zi1xkAdiy5L3YahrzEpqHZ_7n3xwMCUTB4-tbK8Q_vJ7aXhCWL2jFfdZmZoCBDBAtD4VRXPaaqr-iGCzS7BlXOaT9Qu1VT_TagKbsJ0z-72T9UT6WG15MzdAbKcyT48Obd1t8CJVg9mJ94m_3FX-9LZm3DQNILshKPO_E8yeJr4_gCiMx55cJRe7p18_59uz-1PZNvTLcH7NSeZ8NRx1E8P_21uVZzmtzv8RSUQd9QcCwWnvjudYNxZNF9EX2tJ9KhzuoKQ3uuIfLeLgUSURpVBexKV1KVg9KCscjfIGqNej9ckgI3U2HaOp-X6b8WjAHC_vrQdhzqjXGKJ3dkHMorrGES0sUxNFPt9fZXgatx3-Yo_plB-LdChb8og9twe3Ezrr0AtiT29HKbsBZFrebjhggkCnFdNscr7N30Bu9UH1zBWkT8zngnH4k82PK1ddh9CsQVmKm1d7psgcMHbGFdZOp-Dyy-P6lXHhC7n5nNsUoiVtoKW_p5xiFv_4tzEFBtluYMr1QlphLAAmpebvgw_F1PGmLTOsNdgvQSpcEPVf1-W-KGO7i0IVERAydfNrR-dCJ48Lvhg35nER16Z9YZRleXQdCOMlj_gCKAD8jw5CB-2KRaeCe5ImL4BsBpLBOUD9&cid=CAQSTgAvHhf_nbFA7h1NCTnXUJM76pzkXTuBCK5fHzzV3vyL2JVh4Cxbn96cAp8YWeeqo-3nO1EtWZHJIrUL4H8p1WgWEQI6QQYkPuOOEN-pyBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgl.modsforandroid.com%2F&ds=l&xdt=1&iif=1&cor=1612398284860339700&adk=1033480540&idt=73&cac=0&dtd=144

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

31dfcc587a4a719211bdb5ae7b8c027ee644032746faab1ad0db9d93997f6e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20127
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F25 0
20 B 52ms
51ms Image
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9006589211242&version=m202309260101

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F25 0
20 B 51ms
51ms Image
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9006589211242&version=m202309260101&ct=77&x=1&cor=1612398284860339700

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWqzwWUad7mKm9046GxnvyCdWdrpbcxRAWGbus3yibtjj9DNdaPBwj1ijQwgRwR_aF8wZV1iY1Li4leeaDDYwZiwPHlq1K833u-JGRcXikHm2tNUWwEeLwvjHb_jrx3bZkpL07seQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 70ms
69ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWqzwWUad7mKm9046GxnvyCdWdrpbcxRAWGbus3yibtjj9DNdaPBwj1ijQwgRwR_aF8wZV1iY1Li4leeaDDYwZiwPHlq1K833u-JGRcXikHm2tNUWwEeLwvjHb_jrx3bZkpL07seQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzNDA2MTk2LDc2ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZ2wubW9kc2ZvcmFuZHJvaWQuY29tL2VuL2FwcC8xNjQxNDg2NTU4L3RlbXUtc2hvcC1saWtlLWEtYmlsbGlvbmFpcmUiLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFs3LCIxMCJdLFsxMSwiW10iXSxbMTksIjIiXV1d

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

8dc2d228ad6edf84ea343515e205c5ea304dd4e635fab5134df19963f64ec063

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-lPuAgCP45EWHMwAxij-92w' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:16 GMT
content-security-policy: script-src 'nonce-lPuAgCP45EWHMwAxij-92w' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 59D0 538 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 838c787869b3687e303cccee82306b415d512cbe43dc1c80bc995cbc51c8fbad

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 200 UCookieSetPug Show response
image6.pubmatic.com/AdServer/ Frame B8A7 60 B
143 B 28ms
27ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: c9f2186b786e072cda7a8398732fc99ca87d4b1282148255f247f1f21a9101bc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 24 Dec 2023 08:23:15 GMT
cache-control: private
expires: Sat, 23 Mar 2024 00:37:51 GMT
content-length: 60
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C83E 38 KB
13 KB 33ms
32ms Document
text/html 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 366082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 02:41:54 GMT
expires: Thu, 19 Dec 2024 02:41:54 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59D0 0
20 B 52ms
51ms Image
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=44&d=1&s=1&f=0.01&bgai=BJ1-HcuqHZYbPE7XA6toPoKKI-A8AAAAAOAHgBAI

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 6F25 31 KB
12 KB 24ms
24ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 21:20:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 21:20:31 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6F25 41 KB
14 KB 33ms
32ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 19 Dec 2023 11:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 419428
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 11:52:49 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzQwNjE5Njg2NjE2MgogIHNlcnZlcl9pcDogMTQxMDQwOTgzCiAgcHJvY2Vzc19pZDogNTcxNDY5MDUwCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExMjk5MzU4...
ad.doubleclick.net/ddm/activity/ Frame 6F25 0
863 B 1156ms
57ms Image
image/png 172.217.13.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzQwNjE5Njg2NjE2MgogIHNlcnZlcl9pcDogMTQxMDQwOTgzCiAgcHJvY2Vzc19pZDogNTcxNDY5MDUwCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExMjk5MzU4CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9uaXNzYW51c2EuY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDc1ODMwMDg5MTU1NzYzOTk5NzYKZGVidWdfa2V5OiA2ODczODg3OTQ3MjUyMzkyODQ1CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0yNCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExMjk5MzU4CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzgxNzM1OTE3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA3NzczMTMxNjgKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjA4NTkxNzk2ODcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1MzUwMTM4ODQKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vbmlzc2FudXNhLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDc1NDk3NDcyMAo

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:18 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x6236b70e17ec10e40000000000000000","13":"0x159cef8d77f7dde10000000000000000","14":"0xba7b4108f75c1e260000000000000000","15":"0x43cf18019f38bd660000000000000000"},"debug_key":"6873887947252392845","debug_reporting":true,"destination":"https://nissanusa.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11299358"]},"priority":"0","source_event_id":"7583008915576399976"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVV-jQwmocfSw_zaYUkTuVnhw57OkKK6dPbd1bssdXhh3ldHPRLOzU0THIDpAhpuglx8INE9dlQ3b1srW-KhdfFU6lsTCSy70VKun3QWpdqIpuzmhCC8TgNxIbp0Fw7UexnAUMyEg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 81ms
81ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVV-jQwmocfSw_zaYUkTuVnhw57OkKK6dPbd1bssdXhh3ldHPRLOzU0THIDpAhpuglx8INE9dlQ3b1srW-KhdfFU6lsTCSy70VKun3QWpdqIpuzmhCC8TgNxIbp0Fw7UexnAUMyEg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzNDA2MTk3LDExMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwLDldLG51bGwsMixudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL2dsLm1vZHNmb3JhbmRyb2lkLmNvbS9lbi9hcHAvMTY0MTQ4NjU1OC90ZW11LXNob3AtbGlrZS1hLWJpbGxpb25haXJlIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZW4tVVMiXSxbNywiMTAiXSxbMTEsIltdIl0sWzE5LCIyIl1dXQ

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

dcbe6ed7ccea53117b8183b35a64f33320e4b37c5c7af1b688a7995b874e8dea

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-6Ql0heObrk5zN7fyx0XWvg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:17 GMT
content-security-policy: script-src 'nonce-6Ql0heObrk5zN7fyx0XWvg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 900E 51 KB
19 KB 24ms
23ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 20:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 20:30:12 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 6F25 59 KB
23 KB 26ms
25ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 05:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 05:28:39 GMT

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 94FF
Redirect Chain

https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&u=3E1E51B6-C567-4F44-94B8-5AE6DFB7B953&rs=3&gdp...
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID

43 B
479 B

44ms
43ms

Document
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 24 Dec 2023 08:23:17 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: B9HYTGMQZKGWTJVAN27N

Redirect headers

cache-control: no-store, no-cache, private
date: Sat, 23 Dec 2023 22:18:23 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame C8C4
Redirect Chain

https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&u=3E1E51B6-C567-4F44-94B8-5AE6DFB7B953&rs=3&gdp...
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID

43 B
479 B

97ms
53ms

Document
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 24 Dec 2023 08:23:17 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: N79ZP9VNE3CC62P5188C

Redirect headers

cache-control: no-store, no-cache, private
date: Sun, 24 Dec 2023 08:23:17 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame C83E 39 KB
15 KB 24ms
24ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 22 Dec 2023 23:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 23:23:36 GMT

GET
H2 200 B31028457.380749508;dc_ver=99.292;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;dc_adk=1033480528;ord=fo7ix3;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCS5BNcuqHZYfPE7XA... Show response
ad.doubleclick.net/ddm/adj/N3466.4029611OMNETOUTCOMES/ Frame 6F25 80 KB
33 KB 1131ms
89ms Script
text/javascript 172.217.13.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N3466.4029611OMNETOUTCOMES/B31028457.380749508;dc_ver=99.292;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;dc_adk=1033480528;ord=fo7ix3;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCS5BNcuqHZYfPE7XA6toPoKKI-A_ltc3pdMnTjILwEcCNtwEQASCN5L0pYP2gmYHoA6ABwZPEjgHIAQmpAgnJ6NkySak-qAMByAObBKoEgAJP0GFYEMd4K7_DqTL-Q_niH28MD-YCV_MzTOsjzATvbhzAOJtARIt73ck3nJxGrny8pdUPyqlIUd2kEFCJSlii-z6ILETUzGwuWfS9lqVyHTeDFJZ3BAvPa4Z6s_15Ui4cY0RrnoAdDzekZ13iP2lCcq_BJWrM2DmDlGEN1zERTEADswc1YKxwj7Bf9GMPtkTXeXYGp06jsYjZ7QEUIAbg1OzyxYWtr03Y730-afXH2UC-HshoBYbbIoArtjWFF--o1e2ogwIZ8oGI5FVl24ZlFvi11myuO3__JfiMjF4y8em9lneBwiZG_z4nyvMAJINZHAmJ9kyEAWL7DjrwJJZxwASGsYjxwgTgBAOIBaelt9pNkAYBoAZN2AYCgAen7LvxAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwCgCNOXPbAIAtIIHwiAYRABGB0yAooCOgSAQIBASL39wTpY0ZX4yNKngwPyCBthZHgtc3Vic3luLTU2MjQ1ODY3OTA1NjI5MDmACgOYCwHICwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkNB4g0TCO7S-MjSp4MDFTWgWgUdIBEC_7AT6rT-FdATANgTA4IUFxoVZ2wubW9kc2ZvcmFuZHJvaWQuY29t2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_nbFA7h1NCTnXUJM76pzkXTuBCK5fHzzV3vyL2JVh4Cxbn96cAp8YWeeqo-3nO1EtWZHJIrUL4H8p1WgWEQI6QQYkPuOOEN-pyBgB%26sig%3DAOD64_121URtBvHroEbYHnE0bdYCev4uAQ%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-DM5w-m8VvxklIP9d934v_UaD25cMqohQz0OCrfYn3bhdPO155ofBqWJY9cMuESYLlk7FzcoooHIQJ0A_6P5BqLKd8ACWOvijRH2XFh0cRwKT0dDeUrNjtS0siK6WPf0ZoXOt9Sbw4EvdGUw0Zy_s8MR0ZeAE7zHpF1cJBi5WYTErAtoPg%26cry%3D1%26dbm_d%3DAKAmf-DyBIjwzOOI6OATsbKQZJ_X1cAWF-DQNGpvYNMt6ftHwK1yibF2SKEt72enuP4TjwVLG6mmKQo4wp7MlSR-rTXy3xxmWVY_K22pMVX5s2A7y7loYZiqqP3wR68K-gjAJBFJI_rN3xJ860GlIKAZd9smyWpMj0viI0xhhGhZ_HuNM4mrIAhJs1H6AE_PfyZLGxZXrMRx90S30LiKNa2yAWMWrP8qbY24JlnMFfWh8iUqyxAye9B37bTQdRIGzh538XruY6ClliAfpaB-Kp2MZMLHFMPLy1GVGAW4WOyygeUrSHrx-knlEkjTLzTtuI8QAfdw4a_Tx1QjtEYEk2mt1ALGR7jKA2Ch5Zyu-MlVzpMUYf7PCbPGSpjNKXbHOMureBduzGom0cTWRK_vN0VewslVJnVgcfDpYVFJB3n5D7lIij-Km2-O8lqcCRkegMU7gZw3lPj1sZStRaPyR_cqT_7dd1W3wSjRLOo4utXiaHOFLNJe2ffoH8ZRFYbhEQw0JgBrctGTotNAgKSYbMKLQ3oYMBYmQ78U34egDLNy7WV7XeqFQEZPXP20mSzVULe6i5bHH-Q4HpId9RHWGtFhTF90MjDuIPOw6GO7o8_zaQqXQgLMkTXYWAB3Cj3k_xTDLw1VGAl8tlC5h0_hyLA0cTlvf6qZXQ%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fgl.modsforandroid.com%2F$0;xdt=1;dc_omid_p=Google2;dc_sdk_apis=7;crlt=8ol!lbO)cI;cmpl=8;gcsr=m;stc=1;chaa=1;sttr=44;prcl=s

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f6.1e100.net

Software

cafe /

Resource Hash

5d9b67b814711c02b1eaabd0e02e7323d37db8851f9b41108b8504be9b0f11ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33941
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9ACA 38 KB
13 KB 31ms
30ms Document
text/html 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 366083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 02:41:54 GMT
expires: Thu, 19 Dec 2024 02:41:54 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxUdMeRBu42mX_cunJ65oPv9oGv7bjMCl8uNCf-x3GdenJgrRVAv_37RXMWDq63fOVlCUWbVNXq-f0npbLMWFCYQyAob98FKWeRfndmJ9Nz4nKPob7Mlhpg4d4kHo2vT_2Qx4WF5Jw== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 59ms
59ms XHR
text/html 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUdMeRBu42mX_cunJ65oPv9oGv7bjMCl8uNCf-x3GdenJgrRVAv_37RXMWDq63fOVlCUWbVNXq-f0npbLMWFCYQyAob98FKWeRfndmJ9Nz4nKPob7Mlhpg4d4kHo2vT_2Qx4WF5Jw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-iJECX885jnhiamhWwcY_HQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 08:23:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-iJECX885jnhiamhWwcY_HQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gl.modsforandroid.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9ACA 39 KB
15 KB 24ms
24ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 22 Dec 2023 23:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 23:23:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C83E 0
20 B 54ms
54ms Image
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJ1-HcuqHZYbPE7XA6toPoKKI-A8AAAAAOAHgBAI&bg=!h4SlhMvNAAY3kmNgF5I7ADQBe5WfOHOVjVEOSd1qg8AQ44QJEhQ8zwrBzqvE5MM8ejfmYEGfKwz36Uwl4uqUXov8HvDxAgAAAJdSAAAAAmgBBwoASfllUeab-mzImTqvMp5mFrHrwFeXjVTEe7j512O8-rotV-HEcP69d5PDmQB0C6uRzbuu4y0_Sk7wIXieohYEriZikmZMeFl0T2WZAv-DBiI0w1H9WfBoPP78-AsONVJrgeRGNaly9wT7M8rX67kZ2gMaJTZUG9scFcXksboX1dX-QBUyk3KCItLJQu6W249aEHQj1srdKd-bTJUXRrUVmszcrWw3AAiUk8pj9SBxFb5WfrRp9Krc-9x6BN6n8ZfE18qA30orzs-rfzeja4bIFytddolc5EM-foq_6UTitF0VAc_wnb4pV9xbVX_Mb8ZxVPiPhjiAFKHQokZuaYSUbWKyv72P3fnBs7zVqlGDUEqtzIubGN_-VBXIF_YneruQDzPIesWDjvisSHm_eXL75P8rludJyPebutxYx0xzO7vIcaYs7_kkgySlVd_8_fZEwiLEP0ocfIEMptLqfMpx9hy5l8hgb7jYmyNWPE-OR-CMxWjLLa_9JdBxfnufm2t-fslFRCCP2GBm9a7tlzouH_2hcBVft6sP6L1do6KGVf3Nwsk5mxfx1tx-xfDdjGqVNBIgI2pEkgucX9iomwhwInu5Q0aUsAgoNbQrF3hHW4xbPTLGsGkVF-AOHx40AFVuI5V641XjLbYbiDG6buQYqwjtEyXgM3Rt56Pnsw-nnkG_e6xVGbLF1h2IcMFJMEXjFHe5Yb8q_GD7QW6S7o-UBRuixOF0PcPWWVH4UQoFesKzIWk83N7pTNmEG6W0Vg5RbhVo_dNOQV6fVb5_f8BcYEhl9k4InGI7_8m52QjcQrFeSZevzInkGweteEDyXCZ8vNPz5EcSkCdtBNjw9W3kAxIjgX7BQQt6HUs06SABBsf_Y9Ye9PiFtCjuh6Hy2D3N4h3pnEHr8b5wEdm64RTMwnpAGv-mVe879_rYvAcFwsTlY8Xm0P1N1JzIaNcTuvipUvbcNyvftHUjqZe_9JQEbQ5AIIlpsbPzNf8_ID5CAE5i6uRbLRQuI36xIDh1iSlesn1Nij1knuzyEothPEp1O9l1z_RLuO-LP9NJ7XXW6_1AXsXrgi0Mw0fl03kZ3b0e-9OnlXLk_4eK5Wwd3sdaunihkD1oa54kplTo7A

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9ACA 0
20 B 55ms
55ms Image
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BXwYzdOqHZfLuNNe6oPMP-tm_kAIAAAAAOAHgBAI&bg=!JSalJmnNAAY3kmNgF5I7ADQBe5WfOK56pWCrtFytunWoI3Fx6bhjsk0WycsswDx-dxfNgst_2EDqzD1Dmjr9XV51BY93AgAAAHZSAAAAAmgBBwoAAd6ZAwGHBdZlG66yn5WhVgkxVXTFrY47mma_-BWiEfo1O5oCox0CNVKFPq3R0bT312VrvKQClor-r3MBYKsg2xTLbn2Io1cHxb5Z4inh3hFsaJjOkofo8zdcLYSoB3zigXCNKcVCaJXO0w8I-q4K9PXUZolkfgJ2T9QJjJVQoFT4853znDrX-P_vJnZ8iWFGdCmDiLqaRmeAVkhpghS7WmAJkTQincYeaTpsuk7UmF3yjlmkXC0YKM2Ai5GscCtefojX2FnRHXSqnlD7G2zrBBXIXhIigteVQnBHpFNqOWHbJ6AczfD7OBPARWjX7Cr3fIoY1pQL3CTezSab7Z0ycVc6jwb4T4s7ArwOjq1V7CrdLpX-XMtR0KyOJrg6u7FxQA3jBezjUOWZsbwAbxa_Ofxy72qolbV29GfCu3dLgAMnLj9kD8Y2-66g9jJoUZ0FWqqF4lg00il6MKBHL-RU3YyXzrnBN3p27CZmqTbVvZFHdaYx9W41Qf591WYip-D6qpZFVH7HdQPspvI5m54Ed4OxQeAh2kWmRyn9v_bsao3Nco-LeetZ3-lhmXMaPmEQyCdazYjRFvSwIapR6QyhcN4naH_OCxOH_F42BEmceWtHy9yKIF6tDR_GKP4u0OCAbOCSsMDD8XOBorj0PVOZsEe97rQeuDIr0LAOkulDHQXXwdhOGzmHy0BBQyLpnZ2NZgG3h1lGjrzX55hxOuUGDl8yv4Gci3iuyWiv1Fcl9uYCQlCuE8Jbtd9NJ1C5bJNxwKN5CwoUl5MYbr_JwSGJD8-ud2lce1HMMHh_zZodVjE-qzO9Ep-9QnyxHCpUKoAn_SveLgrFAw2f_AceSEMQHeEiWaS4zR555WDreS66rr2uv51UZgF3X2MAIo95vo5i1UGC1gSlEVnZX_Jl3h_hftR1VJnk1pO-MI6Q3k5Q5GxJjEAO7Si1wcz2sgzGdv9ByO62FU-HLdaghVv9p7NFUkWT4PCXeiTRIfIQpyGgcHOS-mcox73aSZWXXX6KXhURVrU7coPE

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 89ms
25ms Script
text/javascript 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/533

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 24 Dec 2023 06:52:28 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5449
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 24 Dec 2023 08:52:28 GMT

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
166 B 1183ms
129ms XHR
text/html 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/533
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-type: text/plain

Response headers

date: Sun, 24 Dec 2023 08:23:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gl.modsforandroid.com
access-control-allow-credentials: true
cf-ray: 83a771046b8639c5-YYZ

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
108 B 155ms
97ms Script
text/html 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=397386649a3cb7ec2a513e270fc9eb7a&url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&code=%27none%27
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a770fe3cbf36fa-YYZ
content-type: text/html; charset=utf-8

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
962 B 26ms
25ms Script
text/javascript 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 07:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 24 Dec 2023 08:54:01 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 26ms
26ms Script
text/javascript 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 07:44:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 24 Dec 2023 08:44:06 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 863E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=57e2c866-01e7-466a-a292-f980c7705ed0&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
353 B

40ms
40ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=57e2c866-01e7-466a-a292-f980c7705ed0&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-type: image/gif
date: Sun, 24 Dec 2023 08:23:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=3658&xuid=57e2c866-01e7-466a-a292-f980c7705ed0&dongle=0cfd&gdpr=0&gdpr_consent=
date: Sun, 24 Dec 2023 08:23:17 GMT
server: Kestrel
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame 863E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTA5NjU5NTYwNzEzMjkzNTIxNjk0
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=&google_error=3

37 B
139 B

38ms
38ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=&google_error=3
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 267
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 863E 170 B
188 B 47ms
45ms Image
image/png 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 863E
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTA5NjU5NTYwNzEzMjkzNTIxNjk0

170 B
188 B

46ms
45ms

Image
image/png

172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTA5NjU5NTYwNzEzMjkzNTIxNjk0

Requested by

Protocol

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTA5NjU5NTYwNzEzMjkzNTIxNjk0
date: Sun, 24 Dec 2023 08:23:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 863E 0
632 B 1183ms
78ms Image
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=509659560713293521694&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:18 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 2D2D1DAFC6724A029C6C46830519B6CA Ref B: YTO01EDGE0806 Ref C: 2023-12-24T08:23:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYNPSlkR93qHFCu+QqRCQ==

GET
H2

200

xuid
eb2.3lift.com/ Frame 863E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/509659560713293521694?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-v_5jRIpE2oRiMc6DpDB6Lxsn_5f1LD4udI5NZjoImA--~A&dongle=0883

37 B
353 B

41ms
40ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-v_5jRIpE2oRiMc6DpDB6Lxsn_5f1LD4udI5NZjoImA--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-type: image/gif
date: Sun, 24 Dec 2023 08:23:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sun, 24 Dec 2023 08:23:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-v_5jRIpE2oRiMc6DpDB6Lxsn_5f1LD4udI5NZjoImA--~A&dongle=0883
content-length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 863E 43 B
748 B 354ms
44ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=509659560713293521694&gdpr=0&gdpr_consent=${GDPR_CONSENT}
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 24 Dec 2023 08:23:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 863E 43 B
363 B 352ms
33ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:17 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 498030
expires: Sun, 24 Dec 2023 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 863E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=6432297309198139664&dongle=4d58&gdpr=0&gdpr_consent=

37 B
353 B

40ms
39ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=6432297309198139664&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-type: image/gif
date: Sun, 24 Dec 2023 08:23:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:17 GMT
an-x-request-uuid: bf46c4fb-556a-4e6a-a271-ca67ebcc7857
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://eb2.3lift.com/xuid?mid=3335&xuid=6432297309198139664&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin: 86.48.14.132; 86.48.14.132; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/prebid/ Frame 863E 43 B
1 KB 47ms
46ms Image
image/gif 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=509659560713293521694

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:17 GMT
an-x-request-uuid: 0b8ba342-1025-4e31-92af-149df8312e43
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 86.48.14.132; 86.48.14.132; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6F25 172 KB
61 KB 96ms
28ms Script
text/javascript 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
Origin: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 21:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 21:00:37 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 6F25 11 KB
4 KB 24ms
24ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 00:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 00:13:29 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C492 38 KB
13 KB 31ms
30ms Document
text/html 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 366084
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 02:41:54 GMT
expires: Thu, 19 Dec 2024 02:41:54 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.19.8.466.js Show response
static.adsafeprotected.com/ Frame 6F25 213 KB
67 KB 387ms
40ms Script
application/javascript 18.165.83.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.466.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-107.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Dec 2023 19:59:43 GMT
x-amz-version-id: xzgJjX2ySahBlQ72zDUgnxljnut_sNmJ
content-encoding: gzip
via: 1.1 a97f872e6a14f227f3c3ea78467c0330.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 908616
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 13 Dec 2023 19:37:51 GMT
server: AmazonS3
etag: W/"eac384b0904b6f5677cb58a4d4e104c8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Fd6esuOlvMsp2-NnVcraP47Jpx9qONB7AaCbSX9fW4TNp8czFGp_iw==

GET
DATA 200
OK truncated
/ Frame 6F25 556 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd84f129b64e4abaced71471dbd296657ba1058ad970d14079c6ad39c9aac61d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame C492 39 KB
15 KB 24ms
24ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 22 Dec 2023 23:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 23:23:36 GMT

GET
H3 200 lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F25 85 KB
31 KB 65ms
65ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

sffe /

Resource Hash

41218f03a7a22bc5e8494f5960c17b55bed773bab91754997f66b945d61b1d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31979
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472460780035"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 08:23:18 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13586067395243409408/ Frame 695A 5 KB
1 KB 99ms
47ms Document
text/html 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

9c74654dd3d7c397371b0bf55c94ee5b8c7b71e091faf6c3361f8a34004c2406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1249
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:23:18 GMT
expires: Mon, 23 Dec 2024 08:23:18 GMT
last-modified: Tue, 07 Nov 2023 19:24:33 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6F25 0
0 1139ms
53ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgTW_z9O4ApfKDOZbVW15ddS6ZGGLr2blR-o_OEhNlclIslTW-CNcj7AhGgV4K_-J__O8rBQaJe90Zoy2G7jhjU4H5DBpiFc29rYJIVZ4TZjUnbi8nGgLIZf_0klalFetpR4Hf6oBa7MWlsGKsPA5iLhwfM6iXhYrNOLIQiVMQtMg&sai=AMfl-YQq_tBHyjEm_ZMq8_dt1-cUkjfS4QMmDahh0b1FjwNq77f19G1H8nCYzvEY9zkcqydfvgnUJwfxNW0TIE0&sig=Cg0ArKJSzDr-bVEgo63rEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=158&cbvp=1&cstd=142&cisv=r20231207.68315&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C492 0
20 B 54ms
53ms Image
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BlFiDduqHZdq3CPPboPwPzv-qoAEAAAAAOAHgBAI&bg=!nZ6lntHNAAY3kmNgF5I7ADQBe5WfONggov0cB0jZTQK8LYTkZ-g26pg2OtiLfqhFC6JoPF4UmsTS-49Icacp2uXgQHVTAgAAAHFSAAAAA2gBB5kC8nHQZo-fI89iB9JteJLfPRDCZyHMhM7FDk5ifZqNdjNfAKWh74bkqVFkWHEXpXHymQnFk6xFar36-ZONKdJY1nqC1w33aZS6RYuAlMjoDl3nJmqu1_8eqKtk4ZzhDE4-tvd5mhc4qR0IlVojb1F9Dvrj6q4LGqw249i0w6P957leISHIwBlUl1woQnqxgBrGll_jTcmrFW9Pfy4YLgKykYsflNbrvSTr-3LPI8cw8eltiOkLrnM8e3zFqauHx68HpL0rZwvV3W2oF5X-9u6xEM-D-_E6VkdLDk0X_nhkgFbgb1azR6dYt2PeU6pJ-_5kVNIkLgihyQGbw7NAV1EvJaEUJIX3IKOHLP6tpH_sLqfydGZhZztHKQdQ1HrpsLVGegNHsK-ObxQHbJ-15x4sT8YQgLg8HtJfaKs-qWf2UC7e-ImP3MA5U7uBiTEQj2uMEMUpdykdD2aPq0v-E8cfxySCHej6h0_7ZnF3Rnv4bGaXVJl3aZWj7C7TzKWv7oki04evYRbXS_DSOmhkqhqO5xeSjc0KI5JYbDiG9REPC6lAqeMwUzczT9UVmpLZcPwXwFMKmkx79m53FkIBZieYDlQjlQYQNpU1Rval5Qtm59XQvs9uXyxH9ypiph8caN_7z8jbS56JLUSuyVU8ios6REk8lE14dksEXuAGntBFZW_m2xn5uoVo5x_GpzxeHnFHrf7o7Kmoh2r9WDDucbBG7Av2C4nxweT02PVXWFaApye1ceivHecYtgyhkOlTWuZk1dQ853A-TNuVjKpzVQ02g6zvS08CDiQab5D7G59V8Khq6WJu23kRnVRV55PJ0MjqHultSz5YF_L17_Aic2eG2QhWHl3zVg_ZF8WIK9uCMzGFlffqOxFZzeNU88zwiyotWfXumWqbVq6PTmvmxq6oYiVIi68nXHGv0PIRooitWzUn_k0UNHR71cYRkH-IxpJKRbQHtyY6ZmjLUW1nzIH67ZoZew3V0YOScvWQ4VutUOZaVAY

Requested by

Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/13586067395243409408/ Frame 695A 9 KB
2 KB 29ms
29ms Stylesheet
text/css 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13586067395243409408/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

28f5283c180d27f9223bf7d6b98255974fc099c415f9cb49fea5f75b554f4b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

expires: Sun, 22 Dec 2024 06:14:19 GMT
date: Sat, 23 Dec 2023 06:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94139
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2402
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 19:24:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 695A 120 KB
41 KB 26ms
25ms Script
text/javascript 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 00:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Dec 2023 00:17:57 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/13586067395243409408/ Frame 695A 3 KB
1 KB 41ms
41ms Script
application/x-javascript 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13586067395243409408/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

0da7df27013edbc7b66916704b3feae8b58f505c9be9a471a8559d0b68847cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

expires: Sun, 22 Dec 2024 09:31:43 GMT
date: Sat, 23 Dec 2023 09:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1057
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 19:24:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6F25 0
0 987ms
54ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgTW_z9O4ApfKDOZbVW15ddS6ZGGLr2blR-o_OEhNlclIslTW-CNcj7AhGgV4K_-J__O8rBQaJe90Zoy2G7jhjU4H5DBpiFc29rYJIVZ4TZjUnbi8nGgLIZf_0klalFetpR4Hf6oBa7MWlsGKsPA5iLhwfM6iXhYrNOLIQiVMQtMg&sai=AMfl-YQq_tBHyjEm_ZMq8_dt1-cUkjfS4QMmDahh0b1FjwNq77f19G1H8nCYzvEY9zkcqydfvgnUJwfxNW0TIE0&sig=Cg0ArKJSzDr-bVEgo63rEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=312&vt=11&dtpt=154&dett=3&cstd=142&cisv=r20231207.68315&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 695A 8 KB
6 KB 111ms
63ms XHR
application/json 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ac6d91420282d05297b59c2dd2568950159f4d05fcf16fd505b8f0012a4ea96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5840
x-xss-protection: 0

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
241 B 1412ms
129ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:20 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: X-Requested-With

GET
H3 200 dynamicBuilder.min.js Show response
s0.2mdn.net/creatives/assets/1951882/ Frame 695A 9 KB
1 KB 25ms
25ms Script
text/javascript 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1951882/dynamicBuilder.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:20:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1400
x-xss-protection: 0
last-modified: Wed, 04 Apr 2018 17:00:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 08:35:00 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame A998 91 KB
23 KB 36ms
36ms Script
application/javascript 18.165.83.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-107.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 a97f872e6a14f227f3c3ea78467c0330.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 22989124
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: bjoJjpcCylLHRO7GmRJfPemYU-chem080FCSCkwOW2J1VMkZ6lunLA==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 6F25 43 B
216 B 58ms
58ms Image
image/gif 35.174.197.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10933&advId=1015237279&campId=20859179687&pubId=1&chanId=810230258357&placementId=535013884&adsafe_par&impId=ABAjH0jWKUmL8ENMenAxqbQaguED&bidurl=https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire&adsafe_url=https%3A%2F%2Fgl.modsforandroid.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fgl.modsforandroid.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:3980a663-108f-7e1a-a23e-e161de455327,c:xFxvpe,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7949887ccd-jqqn8,rg:va,pt:1-5-15,mu:10000,br:c,bru:w,an:n,oam:0,scm:publ1.grpm3,mtim:445,mot:1,app:0,maw:0,fm:tZlkOtd+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a13%7C1a14%7C1a151%7C1a152%7C1a16%7C1a17%7C1a18%7C1b11%7C1c1%7C1c2%7C1d*.10933%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:470,oid:b05ac8d4-a235-11ee-8664-eee8f031e3e2,v:19.8.466,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.197.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-197-10.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:18 GMT
server: nginx
x-server-name: app25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 695A 17 KB
6 KB 54ms
54ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Dec 2023 08:23:18 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6F25 43 B
215 B 122ms
38ms Image
image/gif 52.7.142.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=3980a663-108f-7e1a-a23e-e161de455327&tv=%7Bc:xFxvpJ,pingTime:-3,time:500,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:469%7D,%7Bpiv:0,vs:o,r:l,t:500%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:500,n:500,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:469,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~1%5D,as:%5B51~300.250%5D%7D%7D,%7Bsl:o,t:500,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tZlkOtd+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a13%7C1a14%7C1a151%7C1a152%7C1a16%7C1a17%7C1a18%7C1b11%7C1c1%7C1c2%7C1d*.10933%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:470,slcVt:%5B0,0,0,0,0,0,0,0,0,0%5D%7D&br=c
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.142.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-142-193.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:18 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6F25 43 B
215 B 114ms
37ms Image
image/gif 52.7.142.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=3980a663-108f-7e1a-a23e-e161de455327&tv=%7Bc:xFxvpL,pingTime:-6,time:502,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:502,n:500,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:469,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~1%5D,as:%5B51~300.250%5D%7D%7D,%7Bsl:o,t:500,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tZlkOtd+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a13%7C1a14%7C1a151%7C1a152%7C1a16%7C1a17%7C1a18%7C1b11%7C1c1%7C1c2%7C1d*.10933%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:470,slcVt:%5B0,0,0,0,0,0,0,0,0,0%5D%7D&tpiLookup=ao:gl.modsforandroid.com*&br=c
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.142.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-142-193.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:18 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 2ffd09d0-99dd-498e-9222-995d6e6081b6.json Show response
s0.2mdn.net/creatives/assets/4656611/ Frame 695A 7 KB
2 KB 26ms
25ms XHR
application/json 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4656611/2ffd09d0-99dd-498e-9222-995d6e6081b6.json

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13586067395243409408/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

30d6529cb9a10a43d1a986f01e75a25407697a28086f21049f3912722effdb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:20:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1553
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 15:49:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 08:35:52 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6F25 43 B
216 B 108ms
36ms Image
image/gif 52.7.142.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=3980a663-108f-7e1a-a23e-e161de455327&tv=%7Bc:xFxvpW,pingTime:-2,time:513,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2483,beZ:2484,mfA:2928,cmA:2930,inA:2930,inZ:2935,prA:2936,prZ:2944,si:2953,poA:2954,poZ:2975,cmZ:2975,mfZ:2975,loA:2985,loZ:2991,ltA:2996,ltZ:2996,mdA:2485,mdZ:2900%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:true,ccd:%7Bversion:1,uspString:1---%7D,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:469%7D,%7Bpiv:0,vs:o,r:l,t:500%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:513,n:500,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:469,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~1%5D,as:%5B51~300.250%5D%7D%7D,%7Bsl:o,t:500,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B13~0%5D,as:%5B13~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tZlkOtd+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a13%7C1a14%7C1a151%7C1a152%7C1a16%7C1a17%7C1a18%7C1b11%7C1c1%7C1c2%7C1d*.10933%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:470,slcVt:%5B0,0,0,0,0,0,0,0,0,0%5D,sinceFw:42,readyFired:true%7D&br=c
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.142.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-142-193.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:18 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 404 /
s0.2mdn.net/creatives/assets/4656611/ Frame 695A 43 B
64 B 26ms
25ms Image
image/gif 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4656611/

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:19:36 GMT
x-content-type-options: nosniff
server: sffe
age: 222
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Sun, 24 Dec 2023 08:34:36 GMT

GET
H3 200 f56dc0ccac6e2190645d73b748797228.png
s0.2mdn.net/creatives/assets/4656611/ Frame 695A 63 KB
63 KB 31ms
28ms Image
image/png 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4656611/f56dc0ccac6e2190645d73b748797228.png

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

4ef458372f054fae977deaaf950c1941a0ccf28952241b822a6ed3afb21b11ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:11:27 GMT
x-content-type-options: nosniff
age: 711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64196
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 20:32:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 08:26:27 GMT

GET
H3 200 4e8b955c1d77a191777f7eefe588d8d1.jpg
s0.2mdn.net/creatives/assets/4656611/ Frame 695A 104 KB
104 KB 62ms
60ms Image
image/jpeg 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4656611/4e8b955c1d77a191777f7eefe588d8d1.jpg

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

b3372d72841506bb02e54aae54c7d68edb210387ffc52eef44e18bfcfd0d2012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:17:11 GMT
x-content-type-options: nosniff
age: 367
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106857
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 15:32:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 08:32:11 GMT

GET
H3 200 primary-logo.png
s0.2mdn.net/creatives/assets/4656611/ Frame 695A 47 KB
47 KB 71ms
69ms Image
image/png 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4656611/primary-logo.png

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

77e2b27a3762023499f21f60486de8425ab03321245fe5dc02760c6d69e98c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:11:45 GMT
x-content-type-options: nosniff
age: 693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48253
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 19:33:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 08:26:45 GMT

GET
H3 200 transparent.png
s0.2mdn.net/creatives/assets/4656611/ Frame 695A 68 B
94 B 27ms
25ms Image
image/png 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4656611/transparent.png

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:21:20 GMT
x-content-type-options: nosniff
age: 118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 19:33:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 08:36:20 GMT

GET
H3 200 ac87f1f0d539fd1363e06dfc8709cc12.png
s0.2mdn.net/creatives/assets/4656611/ Frame 695A 16 KB
16 KB 66ms
64ms Image
image/png 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4656611/ac87f1f0d539fd1363e06dfc8709cc12.png

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

fe55e863695f6a1f2fa947fe4830f89dead5544c8d4d4ab9ebc2096137465fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:11:19 GMT
x-content-type-options: nosniff
age: 719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 15:32:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 08:26:19 GMT

GET
H3 200 e3fa2f05744f27ca3c3fc79fc05401ca.png
s0.2mdn.net/creatives/assets/4656611/ Frame 695A 12 KB
12 KB 57ms
55ms Image
image/png 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4656611/e3fa2f05744f27ca3c3fc79fc05401ca.png

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

10d0652b61d006bc497096b7933093d115e82faeb27834506faa807089c9f9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:08:29 GMT
x-content-type-options: nosniff
age: 889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11821
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 20:31:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 08:23:29 GMT

GET
H3 200 3beb811229a2438964c33ff7535f2254.png
s0.2mdn.net/creatives/assets/4656611/ Frame 695A 17 KB
17 KB 50ms
48ms Image
image/png 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4656611/3beb811229a2438964c33ff7535f2254.png

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

5357d2c3fbf53fff943bf40fab747d7e17e0345180de8078c24908a581862d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:13 GMT
x-content-type-options: nosniff
age: 5
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17060
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 20:31:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 08:38:13 GMT

GET
H3 200 6287f3b21ed6f4775c7ce1a88be8c183.png
s0.2mdn.net/creatives/assets/4656611/ Frame 695A 68 B
100 B 76ms
75ms Image
image/png 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4656611/6287f3b21ed6f4775c7ce1a88be8c183.png

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:21:02 GMT
x-content-type-options: nosniff
age: 136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 19:34:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 08:36:02 GMT

GET
H3 200 6157b26809a71b82ac92020c06c9999d.png
s0.2mdn.net/creatives/assets/4656611/ Frame 695A 6 KB
6 KB 73ms
72ms Image
image/png 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4656611/6157b26809a71b82ac92020c06c9999d.png

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

348f2c2a7981ee499dfe820b5e362ec2650bc1f21e79f505bc40fe7575bdf6a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:17:58 GMT
x-content-type-options: nosniff
age: 320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5869
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 21:08:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 08:32:58 GMT

GET
H3 200 NissanBrand-Light.woff
s0.2mdn.net/creatives/assets/4656611/ Frame 695A 38 KB
38 KB 31ms
30ms Font
font/woff 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4656611/NissanBrand-Light.woff

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

2c519a8ebd6096c02abbfd244d9af80dbb7b15cf72eecf0a6dd228bc992394ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13586067395243409408/index.html?e=69&leftOffset=0&topOffset=0&c=CI0oioszBV&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:12:36 GMT
x-content-type-options: nosniff
age: 642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38884
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 19:33:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 08:27:36 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 67CD 39 KB
15 KB 24ms
23ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 22 Dec 2023 23:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 23:23:36 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6F25 43 B
215 B 35ms
35ms Image
image/gif 52.7.142.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=3980a663-108f-7e1a-a23e-e161de455327&tv=%7Bc:xFxvrv,pingTime:0,time:610,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:469%7D,%7Bpiv:0,vs:o,r:l,t:500%7D,%7Bpiv:100,vs:i,r:,t:609%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:609,n:500,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:469,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~1%5D,as:%5B51~300.250%5D%7D%7D,%7Bsl:o,t:500,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~300.250%5D%7D%7D,%7Bsl:i,t:609,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tZlkOtd+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a13%7C1a14%7C1a151%7C1a152%7C1a16%7C1a17%7C1a18%7C1b11%7C1c1%7C1c2%7C1d*.10933%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:470,slcVt:%5B0,0,0,0,0,0,0,0,0,0%5D,sis:552%7D&br=c
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.142.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-142-193.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:18 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
346 B 44ms
36ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=eyJzaXRlSWQiOiJzZXR1cGFkLWhhaSIsInVybCI6Imh0dHBzOi8vZ2wubW9kc2ZvcmFuZHJvaWQuY29tL2VuL2FwcC8xNjQxNDg2NTU4L3RlbXUtc2hvcC1saWtlLWEtYmlsbGlvbmFpcmUjZ29vZ2xlX3ZpZ25ldHRlIiwiYWRVbml0IjoiLzE0NzI0NjE4OSwyMjM4NDM0NjUzMy9tb2RzZm9yYW5kcm9pZC5jb21fMzAweDI1MF9kb3VibGVfYmFubmVyX2Rlc2t0b3BfMl9sZWZ0XzAiLCJhZFNlcnZlckRldGFpbHMiOnsiYWR2ZXJ0aXNlcklkIjoiMTEwMDIzNTg5IiwiY2FtcGFpZ25JZCI6IjU4NjkyMjE4OSIsImNyZWF0aXZlSWQiOiIxMzg0MTM2OTU1NjIiLCJsaW5laXRlbUlkIjoiMzIzMzU5ODI5IiwiYWRTZXJ2ZXIiOiJkZnAiLCJ5aWVsZEdyb3VwSWRzIjpbNDc2NTcyLDQ3NjYwNl19LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MCwid3YiOiIxLjAuMCs5MzVlMmYxIiwiYnYiOiJibC04MWEwZjg1LTAxMzE4ZTFiO2ItOTM1ZTJmMS1kM2RmODg4MSIsIm1ldGEiOnsiYmxvY2tlZEluZm8iOnsicmVmcmVzaGVkQ291bnQiOjAsImJsb2NrZWRDb3VudCI6MCwiaGVhdnlBZEJsb2NrZWRDb3VudCI6MCwiaGVhdnlBZFJlZnJlc2hlZENvdW50IjowfSwiYWRSZXNvdXJjZXMiOnsiYWRJbWFnZXMiOlsiPGltZyBzcmM9XCJodHRwczovL3MwLjJtZG4ubmV0L3NpbWdhZC8yMzUyNTIwNDc1NzU1NTkzNjkyXCIgYWx0PVwiQWR2ZXJ0aXNlbWVudFwiIGJvcmRlcj1cIjBcIiB3aWR0aD1cIjMwMFwiIGhlaWdodD1cIjI1MFwiIHN0eWxlPVwiZGlzcGxheTpibG9ja1wiPiJdfSwicGxSYXRpbyI6MC4wMSwiSUFCQ29uc2VudFN0cmluZyI6eyJ1c3BhcGkiOlt7InZlcnNpb24iOjEsInVzcFN0cmluZyI6IjEtLS0ifV19fSwidGFnTWFya3VwIjoiPGh0bWw%2BPGhlYWQ%2BXG4gICAgPG1ldGEgY2hhcnNldD1cIlVURi04XCI%2BXG4gICAgPHRpdGxlPlNhZmVGcmFtZSBDb250YWluZXI8L3RpdGxlPlxuICAgIDxtZXRhIGRhdGEtamM9XCI4MlwiIGRhdGEtamMtdmVyc2lvbj1cInIyMDIzMTIwN1wiPjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGFzeW5jPVwiXCIgc3JjPVwiLy90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3NvZGFyL1ExMnpnTW1ULmpzXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCBkYXRhLWpjPVwiODZcIiBzcmM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9qcy9yMjAyMzEyMDcvcjIwMTEwOTE0L2VsZW1lbnRzL2h0bWwvb21yaHBfZnkyMDIxLmpzXCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjMxMjA3XCI%2BPC9zY3JpcHQ%2BPHNjcmlwdD5cbihmdW5jdGlvbigpey8qXG5cbiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLlxuIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wXG4qL1xudmFyIGY9dGhpc3x8c2VsZixoPWZ1bmN0aW9uKGEpe3JldHVybiBhfTt2YXIgbj1mdW5jdGlvbihhLGIpe3RoaXMuaD1hPT09bCYmYnx8XCJcIjt0aGlzLmc9bX0scD1mdW5jdGlvbihhKXtyZXR1cm4gYSBpbnN0YW5jZW9mIG4mJmEuY29uc3RydWN0b3I9PT1uJiZhLmc9PT1tP2EuaDpcInR5cGVfZXJyb3I6Q29uc3RcIn0sbT17fSxsPXt9O3ZhciByPXZvaWQgMDsvKlxuXG4gU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjBcbiovXG52YXIgdCxhYT1mdW5jdGlvbigpe2lmKHZvaWQgMD09PXQpe3ZhciBhPW51bGwsYj1mLnRydXN0ZWRUeXBlcztpZihiJiZiLmNyZWF0ZVBvbGljeSl7dHJ5e2E9Yi5jcmVhdGVQb2xpY3koXCJnb29nI2h0bWxcIix7Y3JlYXRlSFRNTDpoLGNyZWF0ZVNjcmlwdDpoLGNyZWF0ZVNjcmlwdFVSTDpofSl9Y2F0Y2goYyl7Zi5jb25zb2xlJiZmLmNvbnNvbGUuZXJyb3IoYy5tZXNzYWdlKX10PWF9ZWxzZSB0PWF9cmV0dXJuIHR9O3ZhciBjYT1mdW5jdGlvbihhKXt0aGlzLmc9YmE9PT1iYT9hOlwiXCJ9O2NhLnByb3RvdHlwZS50b1N0cmluZz1mdW5jdGlvbigpe3JldHVybiB0aGlzLmcrXCJcIn07dmFyIGJhPXt9LGRhPWZ1bmN0aW9uKGEpe3ZhciBiPWFhKCk7YT1iP2IuY3JlYXRlU2NyaXB0VVJMKGEpOmE7cmV0dXJuIG5ldyBjYShhKX07dmFyIGVhPXt9LHU9ZnVuY3Rpb24oYSxiKXt0aGlzLmc9Yj09PWVhP2E6XCJcIn07dS5wcm90b3R5cGUudG9TdHJpbmc9ZnVuY3Rpb24oKXtyZXR1cm4gdGhpcy5nLnRvU3RyaW5nKCl9O3ZhciBoYT1mdW5jdGlvbigpe3ZhciBhPXYsYj17bWVzc2FnZTpmYSh2KX07dmFyIGM9dm9pZCAwPT09Yz97fTpjO3RoaXMuZXJyb3I9YTt0aGlzLmNvbnRleHQ9Yi5jb250ZXh0O3RoaXMubXNnPWIubWVzc2FnZXx8XCJcIjt0aGlzLmlkPWIuaWR8fFwianNlcnJvclwiO3RoaXMubWV0YT1jfTt2YXIgdz1mdW5jdGlvbihhKXt3W1wiIFwiXShhKTtyZXR1cm4gYX07d1tcIiBcIl09ZnVuY3Rpb24oKXt9O3ZhciBpYT1SZWdFeHAoXCJeKD86KFteOi8%2FIy5dKyk6KT8oPzovLyg%2FOihbXlxcXFxcXFxcLz8jXSopQCk%2FKFteXFxcXFxcXFwvPyNdKj8pKD86OihbMC05XSspKT8oPz1bXFxcXFxcXFwvPyNdfCQpKT8oW14%2FI10rKT8oPzpcXFxcPyhbXiNdKikpPyg%2FOiMoW1xcXFxzXFxcXFNdKikpPyRcIik7dmFyIGphPWZ1bmN0aW9uKGEsYil7aWYoYSlmb3IodmFyIGMgaW4gYSlPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoYSxjKSYmYihhW2NdLGMsYSl9O3ZhciBrYT1SZWdFeHAoXCJeaHR0cHM%2FOi8vKFxcXFx3fC0pK1xcXFwuY2RuXFxcXC5hbXBwcm9qZWN0XFxcXC4obmV0fG9yZykoXFxcXD98L3wkKVwiKSxtYT1mdW5jdGlvbigpe3ZhciBhPWxhO3RoaXMuZz14O3RoaXMuaD1hfSxuYT1mdW5jdGlvbihhLGIpe3RoaXMudXJsPWE7dGhpcy5qPSEhYjt0aGlzLmRlcHRoPW51bGx9O2Z1bmN0aW9uIG9hKGEpe2YuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzfHwoZi5nb29nbGVfaW1hZ2VfcmVxdWVzdHM9W10pO3ZhciBiPWYuZG9jdW1lbnQ7Yj12b2lkIDA9PT1iP2RvY3VtZW50OmI7Yj1iLmNyZWF0ZUVsZW1lbnQoXCJpbWdcIik7Yi5zcmM9YTtmLmdvb2dsZV9pbWFnZV9yZXF1ZXN0cy5wdXNoKGIpfTt2YXIgeT1mdW5jdGlvbigpe3RoaXMuaT1cIiZcIjt0aGlzLmg9e307dGhpcy5vPTA7dGhpcy5nPVtdfSx6PWZ1bmN0aW9uKGEsYil7dmFyIGM9e307Y1thXT1iO3JldHVybltjXX0scWE9ZnVuY3Rpb24oYSxiLGMsZCxlKXt2YXIgaz1bXTtqYShhLGZ1bmN0aW9uKGcsQSl7KGc9cGEoZyxiLGMsZCxlKSkmJmsucHVzaChBK1wiPVwiK2cpfSk7cmV0dXJuIGsuam9pbihiKX0scGE9ZnVuY3Rpb24oYSxiLGMsZCxlKXtpZihudWxsPT1hKXJldHVyblwiXCI7Yj1ifHxcIiZcIjtjPWN8fFwiLCRcIjtcInN0cmluZ1wiPT10eXBlb2YgYyYmKGM9Yy5zcGxpdChcIlwiKSk7aWYoYSBpbnN0YW5jZW9mIEFycmF5KXtpZihkPWR8fDAsZDxjLmxlbmd0aCl7Zm9yKHZhciBrPVtdLGc9MDtnPGEubGVuZ3RoO2crKylrLnB1c2gocGEoYVtnXSxiLGMsZCsxLGUpKTtyZXR1cm4gay5qb2luKGNbZF0pfX1lbHNlIGlmKFwib2JqZWN0XCI9PXR5cGVvZiBhKXJldHVybiBlPWV8fDAsMj5lP2VuY29kZVVSSUNvbXBvbmVudChxYShhLGIsYyxkLGUrMSkpOlwiLi4uXCI7cmV0dXJuIGVuY29kZVVSSUNvbXBvbmVudChTdHJpbmcoYSkpfSxzYT1mdW5jdGlvbihhKXt2YXIgYj1cImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ%2FaWQ9anNlcnJvciZcIixjPXJhKGEpLTI3O2lmKDA%2BYylyZXR1cm5cIlwiO2EuZy5zb3J0KGZ1bmN0aW9uKHphLEFhKXtyZXR1cm4gemEtQWF9KTtmb3IodmFyIGQ9bnVsbCxlPVwiXCIsaz0wO2s8YS5nLmxlbmd0aDtrKyspZm9yKHZhciBnPWEuZ1trXSxBPWEuaFtnXSxPPTA7TzxBLmxlbmd0aDtPKyspe2lmKCFjKXtkPW51bGw9PWQ%2FZzpkO2JyZWFrfXZhciBxPXFhKEFbT10sYS5pLFwiLCRcIik7aWYocSl7cT1lK3E7aWYoYz49cS5sZW5ndGgpe2MtPXEubGVuZ3RoO2IrPXE7ZT1hLmk7YnJlYWt9ZD1udWxsPT1kP2c6ZH19YT1cIlwiO251bGwhPWQmJihhPWUrXCJ0cm49XCIrZCk7cmV0dXJuIGIrYX0scmE9ZnVuY3Rpb24oYSl7dmFyIGI9MSxjO2ZvcihjIGluIGEuaCliPWMubGVuZ3RoPmI%2FYy5sZW5ndGg6YjtyZXR1cm4gMzk5Ny1iLWEuaS5sZW5ndGgtMX07dmFyIHRhPWZ1bmN0aW9uKGEpe2lmKC4wMT5NYXRoLnJhbmRvbSgpKXRyeXtpZihhIGluc3RhbmNlb2YgeSl2YXIgYj1hO2Vsc2UgYj1uZXcgeSxqYShhLGZ1bmN0aW9uKGQsZSl7dmFyIGs9YixnPWsubysrO2Q9eihlLGQpO2suZy5wdXNoKGcpO2suaFtnXT1kfSk7dmFyIGM9c2EoYik7YyYmb2EoYyl9Y2F0Y2goZCl7fX07dmFyIGZhPWZ1bmN0aW9uKGEpe3ZhciBiPWEudG9TdHJpbmcoKTthLm5hbWUmJi0xPT1iLmluZGV4T2YoYS5uYW1lKSYmKGIrPVwiOiBcIithLm5hbWUpO2EubWVzc2FnZSYmLTE9PWIuaW5kZXhPZihhLm1lc3NhZ2UpJiYoYis9XCI6IFwiK2EubWVzc2FnZSk7aWYoYS5zdGFjayl7YT1hLnN0YWNrO3ZhciBjPWI7dHJ5ey0xPT1hLmluZGV4T2YoYykmJihhPWMrXCJcXG5cIithKTtmb3IodmFyIGQ7YSE9ZDspZD1hLGE9YS5yZXBsYWNlKFJlZ0V4cChcIigoaHR0cHM%2FOi8uLiovKVteLzpdKjpcXFxcZCsoPzoufFxcbikqKVxcXFwyXCIpLFwiJDFcIik7Yj1hLnJlcGxhY2UoUmVnRXhwKFwiXFxuICpcIixcImdcIiksXCJcXG5cIil9Y2F0Y2goZSl7Yj1jfX1yZXR1cm4gYn07KHt9KVszXT1kYShwKG5ldyBuKGwsXCJodHRwczovL3MwLjJtZG4ubmV0L2Fkcy9yaWNobWVkaWEvc3R1ZGlvL211L3RlbXBsYXRlcy9oaWZpL2hpZmkuanNcIikpKTsoe30pWzNdPWRhKHAobmV3IG4obCxcImh0dHBzOi8vczAuMm1kbi5uZXQvYWRzL3JpY2htZWRpYS9zdHVkaW9fY2FuYXJ5L211L3RlbXBsYXRlcy9oaWZpL2hpZmlfY2FuYXJ5LmpzXCIpKSk7dmFyIHVhPS9eKFteO10rKTsoXFxkKyk7KFtcXHNcXFNdKikkLzt2YXIgdmE9L14oW2EtejAtOV0oW2EtejAtOS1dezAsNjF9W2EtejAtOV0pP1xcLnNhZmVmcmFtZVxcLmdvb2dsZXN5bmRpY2F0aW9uXFwuY29tfHRwY1xcLmdvb2dsZXN5bmRpY2F0aW9uXFwuY29tfHNlY3VyZWZyYW1lXFwuZG91YmxlY2xpY2tcXC5uZXR8W2EtejAtOV0oW2EtejAtOS1dezAsNjF9W2EtejAtOV0pP1xcLnNhZmVmcmFtZVxcLnVzZXJjb250ZW50XFwuZ29vZykkLyx3YT0vXihwYWdlYWQyXFwuZ29vZ2xlc3luZGljYXRpb25cXC5jb218Z29vZ2xlYWRzXFwuZ1xcLmRvdWJsZWNsaWNrXFwubmV0KSQvO3ZhciB4YT1mdW5jdGlvbihhKXtyZXR1cm4gZnVuY3Rpb24oYil7dmFyIGM9YS5ob3N0bmFtZSxkPXZhLnRlc3QoYyl8fHdhLnRlc3QoYyk7Yz1bY107dmFyIGU9cjtyPXZvaWQgMDtpZighZCl7aWYoZSl0aHJvdyBFcnJvcihlKCkpO2lmKGMmJjA8Yy5sZW5ndGgpdGhyb3cgRXJyb3IoXCJbXCIrYy5tYXAoU3RyaW5nKS5qb2luKFwiLFwiKStcIl1cIik7dGhyb3cgRXJyb3IoU3RyaW5nKGQpKTt9Yj0oZD1hYSgpKT9kLmNyZWF0ZUhUTUwoYik6YjtyZXR1cm4gbmV3IHUoYixlYSl9fShsb2NhdGlvbik7aWYod2luZG93Lm5hbWUpdHJ5e3ZhciBCLHlhPXdpbmRvdy5uYW1lLEM9dWEuZXhlYyh5YSk7aWYobnVsbD09PUMpdGhyb3cgRXJyb3IoXCJDYW5ub3QgcGFyc2Ugc2VyaWFsaXplZCBkYXRhLiBcIit5YS5zdWJzdHJpbmcoMCw1MCkpO3ZhciBEPStDWzJdLEU9Q1szXTtpZihEPkUubGVuZ3RoKXRocm93IEVycm9yKFwiUGFyc2VkIGNvbnRlbnQgc2l6ZSBkb2Vzbid0IG1hdGNoLiBcIitEK1wiOlwiK0UubGVuZ3RoKTtCPXttOkNbMV0sY29udGVudDpFLnN1YnN0cigwLEQpLGw6RS5zdWJzdHIoRCl9O3ZhciBGPUpTT04ucGFyc2UoQi5sKTt3aW5kb3cubmFtZT1cIlwiO3ZhciBCYT1CLmNvbnRlbnQ7Ri5nb29nX3NhZmVmcmFtZV9obHQmJihmLmdvb2dfc2FmZWZyYW1lX2hsdD1GLmdvb2dfc2FmZWZyYW1lX2hsdCk7Ri5fY29udGV4dCYmKGYuQU1QX0NPTlRFWFRfREFUQT1GLl9jb250ZXh0KTtmLnNmXz17djpCLm0sY2ZnOkZ9O2RvY3VtZW50Lm9wZW4oXCJ0&i=1-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59724
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: RGHk9xgufnlOWeYpvGs1fyxpraD1do9XJDzuXIKJn9Nzepx8FLYm4Q==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
346 B 58ms
50ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=ZXh0L2h0bWxcIixcInJlcGxhY2VcIik7dmFyIEc9eGEoQmEpO2RvY3VtZW50LndyaXRlKEcgaW5zdGFuY2VvZiB1JiZHLmNvbnN0cnVjdG9yPT09dT9HLmc6XCJ0eXBlX2Vycm9yOlNhZmVIdG1sXCIpO2RvY3VtZW50LmNsb3NlKCk7Zi5zZl8mJih3aW5kb3cubmFtZT1cIlwiKX1jYXRjaChhKXt2YXIgdj1hLEg7dHJ5e3ZhciBJPW5ldyB5O0kuZy5wdXNoKDEpO0kuaFsxXT16KFwiY29udGV4dFwiLDUwNyk7di5lcnJvciYmdi5tZXRhJiZ2LmlkfHwodj1uZXcgaGEpO2lmKHYubXNnKXt2YXIgQ2E9di5tc2cuc3Vic3RyaW5nKDAsNTEyKTtJLmcucHVzaCgyKTtJLmhbMl09eihcIm1zZ1wiLENhKX12YXIgRGE9W3YubWV0YXx8e31dO0kuZy5wdXNoKDMpO0kuaFszXT1EYTt2YXIgSj1mLEs9W10sTCxNPW51bGwsTjtkb3tOPUo7dmFyIFA7dHJ5e3ZhciBRO2lmKFE9ISFOJiZudWxsIT1OLmxvY2F0aW9uLmhyZWYpYjp7dHJ5e3coTi5mb28pO1E9ITA7YnJlYWsgYn1jYXRjaChiKXt9UT0hMX1QPVF9Y2F0Y2goYil7UD0hMX1QPyhMPU4ubG9jYXRpb24uaHJlZixNPU4uZG9jdW1lbnQmJk4uZG9jdW1lbnQucmVmZXJyZXJ8fG51bGwpOihMPU0sTT1udWxsKTtLLnB1c2gobmV3IG5hKEx8fFwiXCIpKTt0cnl7Sj1OLnBhcmVudH1jYXRjaChiKXtKPW51bGx9fXdoaWxlKEomJk4hPUopO2Zvcih2YXIgUj0wLEVhPUsubGVuZ3RoLTE7Ujw9RWE7KytSKUtbUl0uZGVwdGg9RWEtUjtOPWY7aWYoTi5sb2NhdGlvbiYmTi5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMmJk4ubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zLmxlbmd0aD09Sy5sZW5ndGgtMSlmb3IodmFyIFM9MTtTPEsubGVuZ3RoOysrUyl7dmFyIFQ9S1tTXTtULnVybHx8KFQudXJsPU4ubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zW1MtMV18fFwiXCIsVC5qPSEwKX1mb3IodmFyIHg9bmV3IG5hKGYubG9jYXRpb24uaHJlZiwhMSksRmE9bnVsbCxVPUsubGVuZ3RoLTEsVj1VOzA8PVY7LS1WKXt2YXIgVz1LW1ZdOyFGYSYma2EudGVzdChXLnVybCkmJihGYT1XKTtpZihXLnVybCYmIVcuail7eD1XO2JyZWFrfX12YXIgbGE9bnVsbCxHYT1LLmxlbmd0aCYmS1tVXS51cmw7MCE9eC5kZXB0aCYmR2EmJihsYT1LW1VdKTtIPW5ldyBtYTtpZihILmgpe3ZhciBIYT1ILmgudXJsfHxcIlwiO0kuZy5wdXNoKDQpO0kuaFs0XT16KFwidG9wXCIsSGEpfXZhciBJYT17dXJsOkguZy51cmx8fFwiXCJ9LFg7aWYoSC5nLnVybCl7dmFyIFk7WT1ILmcudXJsLm1hdGNoKGlhKTt2YXIgSmE9WVsxXSxLYT1ZWzNdLExhPVlbNF0sWj1cIlwiO0phJiYoWis9SmErXCI6XCIpO0thJiYoWis9XCIvL1wiLForPUthLExhJiYoWis9XCI6XCIrTGEpKTtYPVp9ZWxzZSBYPVwiXCI7dmFyIE1hPVtJYSx7dXJsOlh9XTtJLmcucHVzaCg1KTtJLmhbNV09TWE7dGEoSSl9Y2F0Y2goYil7dHJ5e3RhKHtjb250ZXh0OlwiZWNtc2VyclwiLHJjdHg6NTA3LG1zZzpmYShiKSx1cmw6SCYmSC5nLnVybH0pfWNhdGNoKGMpe319fTt9KS5jYWxsKHRoaXMpO1xuICAgIDwvc2NyaXB0PjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vc2V0dXBhZC1oYWkvYmwtODFhMGY4NS0wMTMxOGUxYi5qc1wiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj48L3NjcmlwdD48c2NyaXB0IHNyYz1cImh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL3NldHVwYWQtaGFpL2ItOTM1ZTJmMS1kM2RmODg4MS5qc1wiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj48L3NjcmlwdD48c2NyaXB0PnZhciBkPWRlY29kZVVSSUNvbXBvbmVudChcIiU3QiUyMnNpdGVJZCUyMiUzQSUyMnNldHVwYWQtaGFpJTIyJTJDJTIyd3YlMjIlM0ElMjIxLjAuMCUyQjkzNWUyZjElMjIlMkMlMjJibHYlMjIlM0ElMjJibC04MWEwZjg1LTAxMzE4ZTFiJTIyJTJDJTIyYnYlMjIlM0ElMjJiLTkzNWUyZjEtZDNkZjg4ODElMjIlMkMlMjJ0b3BEb21haW4lMjIlM0ElMjJodHRwcyUzQSUyRiUyRmdsLm1vZHNmb3JhbmRyb2lkLmNvbSUyRmVuJTJGYXBwJTJGMTY0MTQ4NjU1OCUyRnRlbXUtc2hvcC1saWtlLWEtYmlsbGlvbmFpcmUlMjNnb29nbGVfdmlnbmV0dGUlMjIlMkMlMjJjdXJyZW50VGFnSWQlMjIlM0ElMjJhZGx0YWdfbHFqODJnaGtfWndCWm1Kazg4WSUyMiUyQyUyMmF1JTIyJTNBJTIyJTJGMTQ3MjQ2MTg5JTJDMjIzODQzNDY1MzMlMkZtb2RzZm9yYW5kcm9pZC5jb21fMzAweDI1MF9kb3VibGVfYmFubmVyX2Rlc2t0b3BfMl9sZWZ0XzAlMjIlMkMlMjJzbG90RWxlbWVudElkJTIyJTNBJTIybW9kc2ZvcmFuZHJvaWRfY29tXzMwMHgyNTBfZG91YmxlX2Jhbm5lcl9yZXNwb25zaXZlXzJfbGVmdCUyMiUyQyUyMnJlZnJlc2hlc1JlbWFpbmluZyUyMiUzQTIlMkMlMjJibG9ja2VkQ291bnQlMjIlM0EwJTJDJTIyaGVhdnlBZFJlZnJlc2hlc1JlbWFpbmluZyUyMiUzQTIlMkMlMjJoZWF2eUFkQmxvY2tlZENvdW50JTIyJTNBMCUyQyUyMmFkU2VydmVyRGV0YWlscyUyMiUzQSU3QiUyMmFkdmVydGlzZXJJZCUyMiUzQSUyMjExMDAyMzU4OSUyMiUyQyUyMmNhbXBhaWduSWQlMjIlM0ElMjI1ODY5MjIxODklMjIlMkMlMjJjcmVhdGl2ZUlkJTIyJTNBJTIyMTM4NDEzNjk1NTYyJTIyJTJDJTIybGluZWl0ZW1JZCUyMiUzQSUyMjMyMzM1OTgyOSUyMiUyQyUyMmFkU2VydmVyJTIyJTNBJTIyZGZwJTIyJTJDJTIyeWllbGRHcm91cElkcyUyMiUzQSU1QjQ3NjU3MiUyQzQ3NjYwNiU1RCU3RCUyQyUyMnclMjIlM0EzMDAlMkMlMjJoJTIyJTNBMjUwJTJDJTIySUFCQ29uc2VudFN0cmluZyUyMiUzQSU3QiUyMnVzcGFwaSUyMiUzQSU1QiU3QiUyMnZlcnNpb24lMjIlM0ExJTJDJTIydXNwU3RyaW5nJTIyJTNBJTIyMS0tLSUyMiU3RCU1RCU3RCUyQyUyMnNhZmVGcmFtZUtleSUyMiUzQSUyMjcyNzI2NTI0JTIyJTdEXCIpO3dpbmRvd1tcIjM2MjYxNDg4X3NldHVwYWQtaGFpXCJdPXt9O3dpbmRvd1tcIjM2MjYxNDg4X3NldHVwYWQtaGFpXCJdLnRhZ0RldGFpbHM9SlNPTi5wYXJzZShkKTt3aW5kb3cuYmxvY2tlciAmJiBibG9ja2VyKFwiMzYyNjE0ODhfc2V0dXBhZC1oYWlcIiwgXCI8IS0tQURMX1dSQVBQRUQtLT5cIiwgZmFsc2UsIHdpbmRvdywge30pOzwvc2NyaXB0PjxtZXRhIG5hbWU9XCJ2aWV3cG9ydFwiIGNvbnRlbnQ9XCJ3aWR0aD0zMDAsIGluaXRpYWwtc2NhbGU9MS4wLCBtaW5pbXVtLXNjYWxlPTEuMCwgbWF4aW11bS1zY2FsZT0xLjAsIHVzZXItc2NhbGFibGU9bm9cIj48c2NyaXB0PnZhciBqc2NWZXJzaW9uID0gJ3IyMDIzMTIwNyc7PC9zY3JpcHQ%2BPHNjcmlwdD52YXIgZ29vZ2xlX2Nhc209W107PC9zY3JpcHQ%2BPG1ldGEgaHR0cC1lcXVpdj1cIm9yaWdpbi10cmlhbFwiIGNvbnRlbnQ9XCJBN0NRWGdsWnpUclRoakdUQkVuMXJXVHhIT0V0a1dpdnd6Z2VhK05qeWFyZHJ3bGllU2pWdXlHNDRQa1lnSVBHczhROXN2RDhzRjNZZWRuMEJCQmpYQWtBQUFDRmV5SnZjbWxuYVc0aU9pSm9kSFJ3Y3pvdkwyUnZkV0pzWldOc2FXTnJMbTVsZERvME5ETWlMQ0ptWldGMGRYSmxJam9pVUhKcGRtRmplVk5oYm1SaWIzaEJaSE5CVUVseklpd2laWGh3YVhKNUlqb3hOamsxTVRZM09UazVMQ0pwYzFOMVltUnZiV0ZwYmlJNmRISjFaU3dpYVhOVWFHbHlaRkJoY25SNUlqcDBjblZsZlE9PVwiPjwvaGVhZD48Ym9keSBsZWZ0bWFyZ2luPVwiMFwiIHRvcG1hcmdpbj1cIjBcIiBtYXJnaW53aWR0aD1cIjBcIiBtYXJnaW5oZWlnaHQ9XCIwXCIgY2xhc3M9XCJqYXJcIj48ZGl2IGNsYXNzPVwiR29vZ2xlQWN0aXZlVmlld0lubmVyQ29udGFpbmVyXCIgc3R5bGU9XCJsZWZ0OjBweDt0b3A6MHB4O3dpZHRoOjEwMCU7aGVpZ2h0OjEwMCU7cG9zaXRpb246Zml4ZWQ7cG9pbnRlci1ldmVudHM6bm9uZTt6LWluZGV4Oi05OTk5O1wiPjwvZGl2PjxkaXYgc3R5bGU9XCJkaXNwbGF5OmlubGluZVwiIGNsYXNzPVwiR29vZ2xlQWN0aXZlVmlld0VsZW1lbnRcIiBkYXRhLWdvb2dsZS1hdi1jeG49XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3Bjcy9hY3RpdmV2aWV3P3hhaT1BS0FPanN1ckJqN0NkdktSN1VjOVlYUUFnRUlzaTJubTVnd2c3WXpzTXhiVVI1SUZhRWtVanNmMHVNN2RPdkFmT2ZRWl9xdG5ZdTR3a1MtTFR6eUdlRFFxV3RwaFZLR0l1SnJiVlBWSV93eVlPcnRReWFic3ktMnlmR1VxYzg5TlFEdEttY0w3OE1ldVZ4bmIyemNBREdSTWFIb3A1UkxXJmFtcDtzYWk9QU1mbC1ZU1hycWREakRyTWFsTVVuTWFESkZ2bDk3V1BXSERkV0I3NlR5NVByaFlYNmZHXzhUdUdSRWd6UFBiWVhKeGo4NGozTDFCMHRxdXRoVXV0XzgxUmVtazJOcFZTYUh6NG1Kc3FTTkJFSThEYWNlZnpOeHlnZXg5Z2VyZ3pobm83TVNYUzZhc19vUnFLOFhYajNWTkYmYW1wO3NpZz1DZzBBcktKU3pHRnZWNlRfVGFLOEVBRSZhbXA7Y2lkPUNBUVNUZ0F2SGhmX25iRkE3aDFOQ1RuWFVKTTc2cHprWFR1QkNLNWZIenpWM3Z5TDJKVmg0Q3hibjk2Y0FwOFlXZWVxby0zbk8xRXRXWkhKSXJVTDRIOHAxV2dXRVFJNlFRWWtQdU9PRU4tcHlCZ0JcIiBkYXRhLWdvb2dsZS1hdi1hZGs9XCIxNzU0NzM0MjJcIiBkYXRhLWdvb2dsZS1hdi1tZXRhZGF0YT1cImxhPTAmYW1wO3hkaT0wJmFtcDtcIiBkYXRhLWdvb2dsZS1hdi11ZnMtaW50ZWdyYXRvci1tZXRhZGF0YT1cIkNxVUJDbWx0YjJSbGJGOXdaWEp6YjI1ZlkyOTFiblJ5ZVY5amIyUmxYME5CWDNCbGNuTnZibDl5WldkcGIyNWZZMjlrWlY4MFpqWmxOelEyTVRjeU5qazJaalZtTkRjM01qWTFOakUzTkRZMU56STFORFptTnpJMlpqWmxOelEyWmpReE56STJOVFl4TG1wemIyNFNHa05KWWxFdE9HcFRjRFJOUkVaVVYyZFhaMVZrU1VKRlExOTNHQUVpR2dqTUVCQ1puUUVZMDVjOUlOT1hQU2dDTUFJNEFWM056RXctRXBJRUNvY0VhSFIwY0hNNkx5OXdZV2RsWVdReUxtZHZiMmRzWlhONWJtUnBZMkYwYVc5dUxtTnZiUzl3WTNNdllXTjBhWFpsZG1sbGR6OTRZV2s5UVV0QlQycHpkWEpDYWpkRFpIWkxVamRWWXpsWldGRkJaMFZKYzJreWJtMDFaM2RuTjFsNmMwMTRZbFZTTlVsR1lVVnJWV3B6WmpCMVRUZGtUM1pCWms5bVVWcGZjWFJ1V1hVMGQydFRMVXhVZW5sSFpVUlJjVmQwY0doV1MwZEpkVXB5WWxaUVZrbGZkM2xaVDNKMFVYbGhZbk41TFRKNVprZFZjV000T1U1UlJIUkxiV05NTnpoTlpYVldlRzVpTW5walFVUkhVazFoU0c5d05WSk1WeVp6WVdrOVFVMW1iQzFaVTFoeWNXUkVha1J5VFdGc1RWVnVUV0ZFU2taMmJEazNWMUJYU0VSa1YwSTNObFI1TlZCeWFGbFlObVpIWHpoVWRVZFNSV2Q2VUZCaVdWaEtlR280TkdvelRERkNNSFJ4ZFhSb1ZYVjBYemd4VW1WdGF6Sk9jRlpUWVVoNk5HMUtjM0ZUVGtKRlNUaEVZV05sWm5wT2VIbG5aWGc1WjJWeVozcG9ibTgzVFZOWVV6WmhjMTl2VW5GTE9GaFlhak5XVGtZbWMybG5QVU5uTUVGeVMwcFRla2RHZGxZMlZGOVVZVXM0UlVGRkptTnBaRDFEUVZGVFZHZEJka2hvWmw5dVlrWkJOMmd4VGtOVWJsaFZTazAzTm5CNmExaFVkVUpEU3pWbVNIcDZWak4yZVV3eVNsWm9ORU40WW00NU5tTkJjRGhaVjJWbGNXOHRNMjVQTVVWMFYxcElTa2x5VlV3MFNEaHdNVmRuVjBWUlNUWlJVVmxyVUhWUFQwVk9MWEI1UW1kQ0VnQWFBQ0FCS0FBXCIgZGF0YS1nb29nbGUtYXYtb3ZlcnJpZGU9XCItMVwiIGRhdGEtZ29vZ2xlLWF2LWRtPVwiMlwiIGRhdGEtZ29vZ2xlLWF2LWFpZD1cIjBcIiBkYXRhLWdvb2dsZS1hdi1uYWlkPVwiMVwiIGRhdGEtZ29vZ2xlLWF2LXNsaWZ0PVwiXCIgZGF0YS1nb29nbGUtYXYtY3BtYXY9XCJcIiBkYXRhLWdvb2dsZS1hdi1idHI9XCJcIiBkYXRhLWdvb2dsZS1hdi1pdHBsPVwiMjBcIiBkYXRhLWdvb2dsZS1hdi1ycz1cIjRcIiBkYXRhLWdvb2dsZS1hdi1mbGFncz1cIlsmcXVvdDt4JTI3ODQ0MCc5ZWZvdG0oJmFtcDs3NTMzNzQlMmJlanZmLyUyNzg0ND4nOXd1dmIkJmFtcDs1NjUzMz4hPXx2cWMpITI3Mzc5NCZhbXA7PHFxdmIvJTwxNzM1MDIwIT1uZWh1YC8hMzY0PTUwNTEhOWFia3thKCQxNjAyMTA6MyZhbXA7PGNib3RmKyowMTUwMDM0OiUyYmVqdmYvJTcyOzE3NjEzIT1lZmR3YSonNzY0NjM7MjEkP2Via3BiJCZhbXA7MDM2&i=2-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: dVtRB7Lcm2gCkZaeyHuVwewVvGtthpo8WHSSEdyL3Dtn7Eqq6abfAQ==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
345 B 60ms
52ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=NjcxNz4qPmJnaXBmKyEzPTcxMjM2MyU5YWlod2MpITcyMDI8MjE3JzllZm90bSgmYW1wOzIwMDYxOzQ4JmFtcDs%2BYGRvcGIvJTwxNzA3MjAwIT04KCZhbXA7MjAwNTU3NT8mYW1wOz5gZG9wYi8lPDE3MDY0Mj8hPXx2cWMpITcyMDE7PTUwJzl3dXZiJCZhbXA7MDM2NDE2NTQqPmJnaXBmKyEzPTczMTEwMyU5YWlod2MpITcyMDA%2FMDczJzllZm90bSgmYW1wOzIwMDQ%2FNTE7JmFtcDs%2BYGRvcGIvJTwxNz40NzQ%2BIT1uZWh1YC8hMzY0MDY0MTIhOWFia3thKCQxNjc3NDU7PSZhbXA7PGNib3RmKyowMTI1NDEzMyUyYmVqdmYvJTcyPDQzNDEyIT1lZmR3YSonNzYzMjY%2BNzEkPzMvJTcyPDYwNTMwIT13dX1hKCQxNjc1NDQ4PCZhbXA7PHFxdmIvJTwxMDQ9NDYwIT1uZWh1YC8hMzYzOzQ0NDIhOXNxcm15JnF1b3Q7XVwiIGRhdGEtY3JlYXRpdmUtbG9hZC1saXN0ZW5lcj1cIlwiPjxkaXYgc3R5bGU9XCJwb3NpdGlvbjogYWJzb2x1dGU7IGxlZnQ6IDBweDsgdG9wOiAwcHg7IHZpc2liaWxpdHk6IGhpZGRlbjtcIj48aW1nIHNyYz1cImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ%2FaWQ9eGJpZCZhbXA7ZGJtX2I9QUtBbWYtQXc5ZXNUcnNDYXdROXlHQkl1VFJEQlhJaEFJYkJBa05QVWtWU05URlNUanhmWGJrbTYtQlBDeGZqaEtiWnk2QzJnT1FDLXBsYWZpNTFPWjRqelNySHlGaFZyZDBWbEFvVTFqZVgwcDROcjNyOVlpa1VcIiBib3JkZXI9XCIwXCIgd2lkdGg9XCIxXCIgaGVpZ2h0PVwiMVwiIGFsdD1cIlwiIHN0eWxlPVwiZGlzcGxheTpub25lXCI%2BPC9kaXY%2BPGlmcmFtZSB0aXRsZT1cIkJsYW5rXCIgc3JjPVwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQveGJiZS9waXhlbD9kPUNKaWs5d0lRMXZMTmxRSVlvNEs0X2dFd0FRJmFtcDt2PUFQRXVjTlhRZG1iNEg5RWtLTWJUTWZFY2lVUjdGbDFILUFVVE1VdGRVcmtTRG14VG1hT0V3ZmhzWmpib2ItRzB6ZlRaZDVGYlJJa1NjeXVnQXpNeWFkbGhlc0FuWFltNnZvcThLUEJhTC1meGdpSDludFNkN3c4XCIgc3R5bGU9XCJkaXNwbGF5Om5vbmVcIiBhcmlhLWhpZGRlbj1cInRydWVcIj48L2lmcmFtZT48ZGl2PjxkaXYgc3R5bGU9XCJwb3NpdGlvbjphYnNvbHV0ZTtcIj48c2NyaXB0PmlmICghd2luZG93Lm1yYWlkKSB7ZG9jdW1lbnQud3JpdGUoJ1xceDNjZGl2IGlkPVwiYWRfdW5pdFwiXFx4M2UnKTt9ZG9jdW1lbnQud3JpdGUoJ1xceDNjZGl2IGNsYXNzPVwiR29vZ2xlQ3JlYXRpdmVDb250YWluZXJDbGFzc1wiICcgKydpZD1cImdjY19jdXFIWlliUEU3WEE2dG9Qb0tLSS1BOFwiXFx4M2UnKTsoZnVuY3Rpb24oKSB7dmFyIG0gPSBkb2N1bWVudC5jcmVhdGVFbGVtZW50KCdtZXRhJyk7bS5zZXRBdHRyaWJ1dGUoJ2RhdGEtamMnLCAnODInKTttLnNldEF0dHJpYnV0ZSgnZGF0YS1qYy12ZXJzaW9uJywgJ3IyMDIzMTIwNycpO3ZhciBzcyA9IGRvY3VtZW50LmdldEVsZW1lbnRzQnlUYWdOYW1lKCdzY3JpcHQnKVswXTtpZiAoc3MgJiYgc3MucGFyZW50Tm9kZSkge3NzLnBhcmVudE5vZGUuaW5zZXJ0QmVmb3JlKG0sIHNzKTt9fSkoKTsoZnVuY3Rpb24oKXsndXNlIHN0cmljdCc7LyogIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wICovIHZhciBoPXRoaXN8fHNlbGY7ZnVuY3Rpb24gayhhLGQsYil7aWYoYSlmb3IobGV0IGM9MDtudWxsIT1hJiY1MDA%2BYyYmIWIoYSk7KytjKWE9ZChhKX1mdW5jdGlvbiBsKGEsZCl7ayhhLGI9Pnt0cnl7cmV0dXJuIGI9PT1iLnBhcmVudD9udWxsOmIucGFyZW50fWNhdGNoKGMpe31yZXR1cm4gbnVsbH0sZCl9ZnVuY3Rpb24gbShhLGQpe2lmKFwiSUZSQU1FXCI9PWEudGFnTmFtZSlkKGEpO2Vsc2V7YT1hLnF1ZXJ5U2VsZWN0b3JBbGwoXCJJRlJBTUVcIik7Zm9yKGxldCBiPTA7YjxhLmxlbmd0aCYmIWQoYVtiXSk7KytiKTt9fWZ1bmN0aW9uIG4oYSl7cmV0dXJuKGE9YS5vd25lckRvY3VtZW50KSYmKGEucGFyZW50V2luZG93fHxhLmRlZmF1bHRWaWV3KXx8bnVsbH0gZnVuY3Rpb24gcChhLGQsYil7bGV0IGM7dHJ5e2M9SlNPTi5wYXJzZShiLmRhdGEpfWNhdGNoKGYpe31pZihcIm9iamVjdFwiPT09dHlwZW9mIGMmJmMmJlwiY3JlYXRpdmVMb2FkXCI9PT1jLnR5cGUpe3ZhciBnPW4oYSk7aWYoYi5zb3VyY2UmJmcpe3ZhciBlO2woYi5zb3VyY2UsZj0%2Be3RyeXtpZihmLnBhcmVudD09PWcpcmV0dXJuIGU9ZiwhMH1jYXRjaChxKXt9fSk7ZSYmbShhLGY9PntpZihmLmNvbnRlbnRXaW5kb3c9PT1lKXJldHVybiBkKGMpLCEwfSl9fX1mdW5jdGlvbiByKGEpe3JldHVyblwic3RyaW5nXCI9PT10eXBlb2YgYT9kb2N1bWVudC5nZXRFbGVtZW50QnlJZChhKTphfTt3aW5kb3cuY2xzbj0oYSxkKT0%2Be2NvbnN0IGI9cihhKTtpZihiKWlmKGIub25DcmVhdGl2ZUxvYWQpYi5vbkNyZWF0aXZlTG9hZChkKTtlbHNle3ZhciBjPWQ%2FW2RdOltdLGc9ZT0%2Be2ZvcihsZXQgZj0wO2Y8Yy5sZW5ndGg7KytmKXRyeXtjW2ZdKDEsZSl9Y2F0Y2gocSl7fWM9e3B1c2g6Zj0%2Be2YoMSxlKX19fTtiLm9uQ3JlYXRpdmVMb2FkPWU9PntjLnB1c2goZSl9O2Iuc2V0QXR0cmlidXRlKFwiZGF0YS1jcmVhdGl2ZS1sb2FkLWxpc3RlbmVyXCIsXCJcIik7Yi5hZGRFdmVudExpc3RlbmVyKFwiY3JlYXRpdmVMb2FkXCIsZT0%2Be2coZS5kZXRhaWwpfSk7aC5hZGRFdmVudExpc3RlbmVyKFwibWVzc2FnZVwiLGU9PntwKGIsZyxlKX0pfX07fSkuY2FsbCh0aGlzKTsgY2xzbihcImdjY19jdXFIWlliUEU3WEE2dG9Qb0tLSS1BOFwiKTtkb2N1bWVudC53cml0ZSgnXFx4M2NhIHRhcmdldFxceDNkXFx4MjJfYmxhbmtcXHgyMiBpZFxceDNkXFx4MjJpbWdfYW5jaF9DSVhRLThqU3A0TURGVFdnV2dVZElCRUNfd1xceDIyIGhyZWZcXHgzZFxceDIyaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWlcXHgzZEFLQU9qc3NVcmc4LVhuNnRlcmtaWmFvQldOQ1M1bjcwSGZpVklZRFBzRkRZcnlSZlNBVzk0WG9pMVhWSkdZdHZFa0VTYk9OSU5pdTlLXzVISUlOUkV4eFpKWXkzRTJFMkRiYkstZWxxZUJPdHBKc0R2YXhBX2c4eHdYcG1CNHhYYmd5N2hjNlBnSUhwTjVMN2c1U3lDSnNBWExQWmpmUHlIVk5RYl9DVjNfZk9SakNxTWE3bk81SUhyZHAwTWp2UUxucDRqdUFUV24ybTByS3hpaEZPTjAxRFVfZ1l0ODFQUkU4T25MazZzUzR2cVZ5b3JMeXdad2RvLWEyNHFXUTdlSUFjSnJ5Ul9nSzQybDB0MDhOOXlIb01CdVQ3Rk5JSGdOT0wxSTJ4d3AzSTEzRkVRSXBkMVJaSHk2ZVlCa0dVZzc1THJBd0VtYkRWUUR0X3dLRWRQUWFoVHZQZW1qRlBIaElrTnIwVTBpUnd2UjktVDA4eXBacmxOS1V5aTZ2eWVYQzZiYW13Q1p2MVlNTDRLd0ZEallnb0d6QW55N0x1TXJCZUNaTzdpMWR4MlBvMnBnRm40MXh1a2t0S2lqdTR4QWZIdGZOTmxOVUx2c3A3M3dqU0gyR0FkSDFZVnNyZ0c4bGVpekpSMWNZeUdtbDB0MFJPdG1JODA0V2pwUjZacndBNUY5R1g3alJYNnJESld4LWJzd0ZKRGhmYVhGeWJ2U2M2NUExeWJjVzA4dTZnb1hWSVAtQlhLSmxZMTVHdUVwME56MGhFQVBJZHB6UlRtNHlkVFF4YVA1N2ZvM0JYeTQzbk9FaUpOM1MwMm1nZjlyRk5wNUlvS1Q1Rm1xQzR2QkNvUWp4dGh2OUwxN2RtUE5qWTVJUk1rdFAyam5JWXIxdWxTVTlmTkk4VHBHZkVobTJST3hHMS04bVhRem5zb2NkWEVaMlJpVnhrRF9PamM4U1J6TWczZXA3QVdDZDVvc2R0Q0hxTTZiRVNPOW0xLTk3YWVJcmx2dTNzQ2JyQ2dPZzZ0YVd4VWpVV3hfY0dQbEEteTVlWk1yOE5zUzU2WUVfREF0WUFuUTBmdk1EMTFrVFlndEEwMzZvN2JuMG9rWWc4cXkyRFlPWVJUdlB0TVlNN213TVZjTkFUd08xQXpJbDl0SHhHaExNWWlFX0NRN1p6TGp0b1ZYRmx0NjZVdC0wY2ZhV1R3VTI1dFNnUzY5Z1lSTnZ1ejF1S1RzWnNsS2ZBU3dNT3FkblVQMDRyYnpHN3NfRDJzSXpGUUVzQlZHZy1QQWJXRC1ZMmhkbTlaY0R5UFo5eXFWOW5wZkg5dDJlMFNSZ2h1NGQ1Z1dSZ256QmpUYnZUS2J2alRGSHcxcFJWOFZNVTVmX0g0Y3ctV2toT0JiMHExNTlXQS1HUFBSTnZGVDZteUUyU1pyN1dFZ0tpNTNrNUhsM2pYTEgyOHExR0kzNUtWY2REY0hCckpzelBPSHRqc2JIM1VnUEZ5b05aNGpJQmU0UWdXcGJ0TGpqZ292bFJyMHlacGRkdUdXY000dWl1LWNrd2loMnZtVWlGNHlCbGNFVFFHX0ZYVngwMHRFTjBoY0xUcE1Bdlo0Wjc1akpGRC1QUlBNTUhrcXlXSG15SXN0eVdDdTA3SUpicWlMZEZmWFl5VVJocmpPRmVWcEFDTmlpSlpMRUVINWh4NGdDckZOUDdNLXVZMnpJZkJOZTBjY2o5YUpwQ2lKTldrX3F2czJZbTEzLVg0aUNQcTNOVHU5S05YMEtqX1hzZDVZRDEtc0p5ZFZWMmlBajN5ZGtraWdfT0djNHIzbkVFdUlRblo5SERJdzBtSk55MDFsbldHN1NGZ3JBcWMzcVR6S0gyekZRMjc1eFRWRVVrNkQzRGg0Tl9KbVRRT2ZTa1JkeDhldUpmQnRIRlRXaE94V2dcXHgyNmFtcDtzYWlcXHgzZEFNZmwtWVE1ZjVHX3E4WUEwcWhTUmtERDcxczNyR3VHNnhJaklLaWxxUFo4amNXY1NIcW5pNWticVQyd0JJSkQyNml2SXoxZXI5SW8xM3lOalVFMHFwU19PeWxQVGJUbVhjZDlSNEk4X2U4SGRYM3NFZjB1ZVQtdUdOQnhZaVhMaHBBTFdDS1RFWXQyVFpCd3V2eHF0UzU0RFFkeVVzdEh3UGdEd05jSE9pejVoVkZmTnJSV2c2X2tXeHR3RXRucmFMZWlFZ2I2dTNkSXY1UWxkQlNMQVA5SktFa3V3VUFTQWIyZTE0RWxaUTZUazMwSmVzamFVaUM4VkJST2k5QnZpZ2dDWV9JanJibFFBaTlTSVFodFhfV2tRcVlmc3JSQU9wY09UdGVjeEZqOUtjOFhndTI5XzZHZndncFlqdGs3MHUzR2ZlNThZSEpaXFx4MjZhbXA7c2lnXFx4M2RDZzBBcktKU3pLN0hTcFZKcnN3ZFxceDI2YW1wO2Zic19hZWlkXFx4M2QlNUJnd19mYnNhZWlkJTVEXFx4MjZhbXA7dXJsZml4XFx4M2QxXFx4MjZhbXA7YWR1cmxcXHgzZGh0dHBzOi8vd3d3Lm5lc3ByZXNzby5jb20vY2EvZW4vb3JkZXIvbWFjaGluZXMvdmVydHVvJTNGdXRtX3NvdXJjZSUzRFBhaWQtRGlzcGxheSUyNnV0bV9tZWRpdW0lM0RCQUUlMjZ1dG1fY29udGVudCUzREJBRV9XYXZlbWFrZXJfQ09NX1BSX0RWX0RWMzYwX0NBLVBSLVlFUC1Db25zLURpc3BsYXktRFYzNjAtUHJvc3AtTGF0dGlzc2ltYS1EVjM2MC1SRUMtM1BELV9Qcm9zcGVjdGluZ19DUE1fT1BYX19FTl8lMjUzRSUyNTNFRGlzcGxheUJhbm5lcl9WMV9MQ0xfRE5QX09UX18zMDB4MjUwX2dpZl8lMjZ1dG1fY2FtcGFpZ24lM0RDQV8yMDIzLURlY19CMkNfTE9DX1lFUDIwMjNfT25lLXNob3RfUFJPX0NCX05vXyUyNnV0bV9zb3VyY2VfcGxhdGZvcm0lM0REViUyNnV0bV9jcmVhdGl2ZV9mb3JtYXQlM0REaXNwbGF5QmFubmVyJTI2dXRtX21hcmtldGluZ190YWN0aWMlM0RQUiUyNmRjbGlkJTNEJTI1ZWRjbGlkIVxceDIyXFx4M2VcXHgzY2ltZyBzcmNcXHgzZFxceDIyaHR0cHM6Ly9zMC4ybWRuLm5ldC9zaW1nYWQvMjM1MjUyMDQ3NTc1NTU5MzY5MlxceDIyIGFsdFxceDNkXFx4MjJBZHZlcnRpc2VtZW50XFx4MjIgYm9yZGVyXFx4M2RcXHgyMjBcXHgyMiB3aWR0aFxceDNkXFx4MjIzMDBcXHgyMiBoZWlnaHRcXHgzZFxceDIyMjUwXFx4MjIgc3R5bGVcXHgzZFxceDIyZGlzcGxheTpibG9ja1xceDIyXFx4M2VcXHgzYy9hXFx4M2VcXHgzY3NjcmlwdCBkYXRhLWpjXFx4M2RcXHgyMjc0XFx4MjIgZGF0YS1qYy12ZXJzaW9uXFx4M2RcXHgyMnIyMDIzMTIwN1xceDIyIGRhdGEtamNwLWEtaWRcXHgzZFxceDIyaW1nX2FuY2hfQ0lYUS04alNwNE1ERlRXZ1dnVWRJQkVDX3dcXHgyMiBkYXRhLWpjcC1mb3Itc3VyZS1vcGVuLWJyb3dzZXJcXHgzZFxceDIyZmFsc2VcXHgyMiBkYXRhLWpjcC1mb3Itc3VyZS1vcGVuLWN1c3RvbS10YWJzXFx4M2RcXHgyMmZhbHNlXFx4MjIgZGF0YS1qY3AtY2Mtb3ZlcmxheVxceDNkXFx4MjJcXHgyMiBkYXRhLWpjcC1jYy1idXR0b25cXHgzZFxceDIyXFx4MjIgZGF0YS1qY3AtaXMtZmxlZGdlXFx4M2RcXHgyMmZhbHNlXFx4MjIgZGF0YS1qY3AtdHVydGxleC1ldmVudC1hZC1zaWduYWxzXFx4M2RcXHgyMlxceDIyXFx4&i=3-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: VPgJ2oyGx1eqcp80hW3pqO2B3m6reAf_fVEzwJ5R0Mv4eTWVOYq7fg==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
345 B 62ms
55ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=M2UoZnVuY3Rpb24oKXtcXHgyN3VzZSBzdHJpY3RcXHgyNzsvKiAgQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy4gU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAgKi8gdmFyIG1cXHgzZHRoaXN8fHNlbGY7ZnVuY3Rpb24gcChhLGIpe2E6e3ZhciBjXFx4M2RbXFx4MjJDTE9TVVJFX0ZMQUdTXFx4MjJdO2Zvcih2YXIgZFxceDNkbSxlXFx4M2QwO2VcXHgzY2MubGVuZ3RoO2UrKylpZihkXFx4M2RkW2NbZV1dLG51bGxcXHgzZFxceDNkZCl7Y1xceDNkbnVsbDticmVhayBhfWNcXHgzZGR9YVxceDNkY1xceDI2XFx4MjZjW2FdO3JldHVybiBudWxsIVxceDNkYT9hOmJ9O3ZhciB0XFx4M2RwKDYxMDQwMTMwMSwhMSksdVxceDNkcCg1NzI0MTczOTIsITApO3ZhciB4O2NvbnN0IHlcXHgzZG0ubmF2aWdhdG9yO3hcXHgzZHk%2FeS51c2VyQWdlbnREYXRhfHxudWxsOm51bGw7ZnVuY3Rpb24geihhKXtyZXR1cm4gdD94P3guYnJhbmRzLnNvbWUoKHticmFuZDpifSlcXHgzZFxceDNlYlxceDI2XFx4MjYtMSFcXHgzZGIuaW5kZXhPZihhKSk6ITE6ITF9ZnVuY3Rpb24gQShhKXt2YXIgYjthOntpZihiXFx4M2RtLm5hdmlnYXRvcilpZihiXFx4M2RiLnVzZXJBZ2VudClicmVhayBhO2JcXHgzZFxceDIyXFx4MjJ9cmV0dXJuLTEhXFx4M2RiLmluZGV4T2YoYSl9O2Z1bmN0aW9uIEIoKXtyZXR1cm4gdD8hIXhcXHgyNlxceDI2MFxceDNjeC5icmFuZHMubGVuZ3RoOiExfWZ1bmN0aW9uIEQoKXtyZXR1cm4gQigpP3ooXFx4MjJDaHJvbWl1bVxceDIyKTooQShcXHgyMkNocm9tZVxceDIyKXx8QShcXHgyMkNyaU9TXFx4MjIpKVxceDI2XFx4MjYhKEIoKT8wOkEoXFx4MjJFZGdlXFx4MjIpKXx8QShcXHgyMlNpbGtcXHgyMil9OyFBKFxceDIyQW5kcm9pZFxceDIyKXx8RCgpO0QoKTtBKFxceDIyU2FmYXJpXFx4MjIpXFx4MjZcXHgyNihEKCl8fChCKCk%2FMDpBKFxceDIyQ29hc3RcXHgyMikpfHwoQigpPzA6QShcXHgyMk9wZXJhXFx4MjIpKXx8KEIoKT8wOkEoXFx4MjJFZGdlXFx4MjIpKXx8KEIoKT96KFxceDIyTWljcm9zb2Z0IEVkZ2VcXHgyMik6QShcXHgyMkVkZy9cXHgyMikpfHxCKClcXHgyNlxceDI2eihcXHgyMk9wZXJhXFx4MjIpKTt2YXIgRVxceDNkIXU7bGV0IEdcXHgzZCF1O3ZhciBIXFx4M2RTeW1ib2woKTtmdW5jdGlvbiBJKGEpe2NvbnN0IGJcXHgzZGFbSF18MDsxIVxceDNkXFx4M2QoYlxceDI2MSlcXHgyNlxceDI2KE9iamVjdC5pc0Zyb3plbihhKVxceDI2XFx4MjYoYVxceDNkQXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYSkpLGFbSF1cXHgzZGJ8MSl9ZnVuY3Rpb24gSigpe3ZhciBhXFx4M2RbXTthW0hdfFxceDNkMTtyZXR1cm4gYX1mdW5jdGlvbiBLKGEpe2FcXHgzZGFcXHgzZVxceDNlMTRcXHgyNjEwMjM7cmV0dXJuIDBcXHgzZFxceDNkXFx4M2RhPzUzNjg3MDkxMjphfTt2YXIgYWFcXHgzZHt9LGJhXFx4M2R7fTtmdW5jdGlvbiBjYShhKXtyZXR1cm4hKCFhfHxcXHgyMm9iamVjdFxceDIyIVxceDNkXFx4M2R0eXBlb2YgYXx8YS5vIVxceDNkXFx4M2RiYSl9ZnVuY3Rpb24gTChhKXtyZXR1cm4gbnVsbCFcXHgzZFxceDNkYVxceDI2XFx4MjZcXHgyMm9iamVjdFxceDIyXFx4M2RcXHgzZFxceDNkdHlwZW9mIGFcXHgyNlxceDI2IUFycmF5LmlzQXJyYXkoYSlcXHgyNlxceDI2YS5jb25zdHJ1Y3RvclxceDNkXFx4M2RcXHgzZE9iamVjdH1sZXQgTSxkYVxceDNkIXU7ZnVuY3Rpb24gTihhLGIsYyl7aWYoIUFycmF5LmlzQXJyYXkoYSl8fGEubGVuZ3RoKXJldHVybiExO2NvbnN0IGRcXHgzZGFbSF18MDtpZihkXFx4MjYxKXJldHVybiEwO2lmKCEoYlxceDI2XFx4MjYoQXJyYXkuaXNBcnJheShiKT9iLmluY2x1ZGVzKGMpOmIuaGFzKGMpKSkpcmV0dXJuITE7YVtIXVxceDNkZHwxO3JldHVybiEwfXZhciBPO2NvbnN0IGVhXFx4M2RbXTtlYVtIXVxceDNkNTU7T1xceDNkT2JqZWN0LmZyZWV6ZShlYSk7Y2xhc3MgZmF7fWNsYXNzIGhhe31PYmplY3QuZnJlZXplKG5ldyBmYSk7T2JqZWN0LmZyZWV6ZShuZXcgaGEpO2Z1bmN0aW9uIGlhKCl7Y29uc3QgYVxceDNkRXJyb3IoXFx4MjJpbnQzMlxceDIyKTthLl9fY2xvc3VyZV9fZXJyb3JfX2NvbnRleHRfXzk4NDM4Mnx8KGEuX19jbG9zdXJlX19lcnJvcl9fY29udGV4dF9fOTg0MzgyXFx4M2R7fSk7YS5fX2Nsb3N1cmVfX2Vycm9yX19jb250ZXh0X185ODQzODIuc2V2ZXJpdHlcXHgzZFxceDIyd2FybmluZ1xceDIyO3JldHVybiBhfTtmdW5jdGlvbiBqYShhKXtpZihcXHgyMm51bWJlclxceDIyIVxceDNkXFx4M2R0eXBlb2YgYSl0aHJvdyBpYSgpO2lmKCFOdW1iZXIuaXNGaW5pdGUoYSkpdGhyb3cgaWEoKTtyZXR1cm4gYXwwfTtsZXQga2E7ZnVuY3Rpb24gbGEoYSxiKXtyZXR1cm4gbWEoYil9ZnVuY3Rpb24gbWEoYSl7c3dpdGNoKHR5cGVvZiBhKXtjYXNlIFxceDIybnVtYmVyXFx4MjI6cmV0dXJuIGlzRmluaXRlKGEpP2E6U3RyaW5nKGEpO2Nhc2UgXFx4MjJib29sZWFuXFx4MjI6cmV0dXJuIGE%2FMTowO2Nhc2UgXFx4MjJvYmplY3RcXHgyMjppZihhKXtpZihBcnJheS5pc0FycmF5KGEpKXJldHVybiBkYXx8IU4oYSx2b2lkIDAsOTk5OSk%2FYTp2b2lkIDA7aWYobnVsbCFcXHgzZGFcXHgyNlxceDI2YSBpbnN0YW5jZW9mIFVpbnQ4QXJyYXkpe2xldCBiXFx4M2RcXHgyMlxceDIyLGNcXHgzZDA7Y29uc3QgZFxceDNkYS5sZW5ndGgtMTAyNDA7Zm9yKDtjXFx4M2NkOyliK1xceDNkU3RyaW5nLmZyb21DaGFyQ29kZS5hcHBseShudWxsLGEuc3ViYXJyYXkoYyxjK1xceDNkMTAyNDApKTtiK1xceDNkU3RyaW5nLmZyb21DaGFyQ29kZS5hcHBseShudWxsLGM%2FYS5zdWJhcnJheShjKTphKTtyZXR1cm4gYnRvYShiKX19fXJldHVybiBhfTtmdW5jdGlvbiBuYShhLGIsYyxkLGUsZil7aWYobnVsbCFcXHgzZGEpe2lmKEFycmF5LmlzQXJyYXkoYSkpYVxceDNkZVxceDI2XFx4MjYwXFx4M2RcXHgzZGEubGVuZ3RoXFx4MjZcXHgyNihhW0hdfDApXFx4MjYxP3ZvaWQgMDpmXFx4MjZcXHgyNihhW0hdfDApXFx4MjYyP2E6b2EoYSxiLGMsdm9pZCAwIVxceDNkXFx4M2RkLGUsZik7ZWxzZSBpZihMKGEpKXtjb25zdCBrXFx4M2R7fTtmb3IobGV0IGggaW4gYSlrW2hdXFx4M2RuYShhW2hdLGIsYyxkLGUsZik7YVxceDNka31lbHNlIGFcXHgzZGIoYSxkKTtyZXR1cm4gYX19ZnVuY3Rpb24gb2EoYSxiLGMsZCxlLGYpe2NvbnN0IGtcXHgzZGR8fGM%2FYVtIXXwwOjA7ZFxceDNkZD8hIShrXFx4MjYzMik6dm9pZCAwO2FcXHgzZEFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGEpO2ZvcihsZXQgaFxceDNkMDtoXFx4M2NhLmxlbmd0aDtoKyspYVtoXVxceDNkbmEoYVtoXSxiLGMsZCxlLGYpO2NcXHgyNlxceDI2YyhrLGEpO3JldHVybiBhfWZ1bmN0aW9uIHBhKGEpe3JldHVybiBhLm1cXHgzZFxceDNkXFx4M2RhYT9hLnRvSlNPTigpOm1hKGEpfTtmdW5jdGlvbiBRKGEsYixjKXthXFx4M2RhLmc7bGV0IGRcXHgzZGFbSF07aWYoZFxceDI2Mil0aHJvdyBFcnJvcigpO2E6e3ZhciBlXFx4M2RLKGQpO2lmKGJcXHgzZVxceDNkZSl7bGV0IGZcXHgzZGQ7aWYoZFxceDI2MjU2KWVcXHgzZGFbYS5sZW5ndGgtMV07ZWxzZXtpZihudWxsXFx4M2RcXHgzZGMpYnJlYWsgYTtlXFx4M2RhW2UrKCshIShkXFx4MjY1MTIpLTEpXVxceDNke307ZnxcXHgzZDI1Nn1lW2JdXFx4M2RjO2YhXFx4M2RcXHgzZGRcXHgyNlxceDI2KGFbSF1cXHgzZGYpfWVsc2UgYVtiKygrISEoZFxceDI2NTEyKS0xKV1cXHgzZGMsZFxceDI2MjU2XFx4MjZcXHgyNihjXFx4M2RhW2EubGVuZ3RoLTFdLGIgaW4gY1xceDI2XFx4MjZkZWxldGUgY1tiXSl9fWZ1bmN0aW9uIFIoYSxiLGMpe2lmKG51bGwhXFx4M2RjXFx4MjZcXHgyNlxceDIyc3RyaW5nXFx4MjIhXFx4M2RcXHgzZHR5cGVvZiBjKXRocm93IEVycm9yKCk7UShhLGIsYyl9O2Z1bmN0aW9uIFMoYSl7TVxceDNkITA7dHJ5e3JldHVybiBKU09OLnN0cmluZ2lmeShhLnRvSlNPTigpLGxhKX1maW5hbGx5e01cXHgzZCExfX12YXIgVVxceDNkY2xhc3N7Y29uc3RydWN0b3IoKXthOnt2YXIgYVxceDNkdm9pZCAwO251bGxcXHgzZFxceDNkYVxceDI2XFx4MjYoYVxceDNka2EpO2thXFx4M2R2b2lkIDA7aWYobnVsbFxceDNkXFx4M2RhKXt2YXIgYlxceDNkOTY7YVxceDNkW119ZWxzZXtpZighQXJyYXkuaXNBcnJheShhKSl0aHJvdyBFcnJvcigpO2JcXHgzZGFbSF18MDtpZihiXFx4MjY2NClicmVhayBhO2J8XFx4M2Q2NDt2YXIgY1xceDNkYS5sZW5ndGg7aWYoY1xceDI2XFx4MjYoLS1jLEwoYVtjXSkpKXtifFxceDNkMjU2O2MtXFx4M2QrISEoYlxceDI2NTEyKS0xO2lmKDEwMjRcXHgzY1xceDNkYyl0aHJvdyBFcnJvcigpO2JcXHgzZGJcXHgyNi0xNjc2MDgzM3woY1xceDI2MTAyMylcXHgzY1xceDNjMTR9fWFbSF1cXHgzZGJ9dGhpcy5nXFx4M2RhfXRvSlNPTigpe2lmKE0pdmFyIGFcXHgzZFQodGhpcyx0aGlzLmcsITEpO2Vsc2UgYVxceDNkb2EodGhpcy5nLHBhLHZvaWQgMCx2b2lkIDAsITEsITEpLGFcXHgzZFQodGhpcyxhLCEwKTtyZXR1cm4gYX19O1UucHJvdG90eXBlLm1cXHgzZGFhOyBVLnByb3RvdHlwZS50b1N0cmluZ1xceDNkZnVuY3Rpb24oKXtyZXR1cm4gVCh0aGlzLHRoaXMuZywhMSkudG9TdHJpbmcoKX07IGZ1bmN0aW9uIFQoYSxiLGMpe2NvbnN0IGRcXHgzZGEuY29uc3RydWN0b3Iuczt2YXIgZVxceDNkKGM%2FYS5nOmIpW0hdLGZcXHgzZEsoZSksa1xceDNkITE7aWYoZFxceDI2XFx4MjZkYSl7aWYoIWMpe2JcXHgzZEFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGIpO3ZhciBoO2lmKGIubGVuZ3RoXFx4MjZcXHgyNkwoaFxceDNkYltiLmxlbmd0aC0xXSkpZm9yKGtcXHgzZDA7a1xceDNjZC5sZW5ndGg7aysrKWlmKGRba11cXHgzZVxceDNkZil7T2JqZWN0LmFzc2lnbihiW2IubGVuZ3RoLTFdXFx4M2R7fSxoKTticmVha31rXFx4M2QhMH1mXFx4M2RiO2NcXHgzZCFjO2hcXHgzZGEuZ1tIXTthXFx4M2RLKGgpO2hcXHgzZCshIShoXFx4MjY1MTIpLTE7dmFyIGc7Zm9yKGxldCBGXFx4M2QwO0ZcXHgzY2QubGVuZ3RoO0YrKyl7dmFyIG5cXHgzZGRbRl07aWYoblxceDNjYSl7bitcXHgzZGg7dmFyIHFcXHgzZGZbbl07bnVsbFxceDNkXFx4M2RxP2Zbbl1cXHgzZGM%2FTzpKKCk6Y1xceDI2XFx4MjZxIVxceDNkXFx4M2RPXFx4MjZcXHgyNkkocSl9ZWxzZXtpZighZyl7dmFyIGxcXHgzZHZvaWQgMDtmLmxlbmd0aFxceDI2XFx4MjZMKGxcXHgzZGZbZi5sZW5ndGgtMV0pP2dcXHgzZGw6Zi5wdXNoKGdcXHgzZHt9KX1xXFx4M2RnW25dO251bGxcXHgzZFxceDNkZ1tuXT9nW25dXFx4M2RjP086SigpOmNcXHgyNlxceDI2cSFcXHgzZFxceDNkT1xceDI2XFx4MjZJKHEpfX19Z1xceDNkIGIubGVuZ3RoO2lmKCFnKXJldHVybiBiO2xldCB2LEM7aWYoTChsXFx4M2RiW2ctMV0pKXthOnt2YXIgclxceDNkbDtmXFx4M2R7fTtjXFx4M2QhMTtmb3IodmFyIHcgaW4gcil7YVxceDNkclt3XTtpZihBcnJheS5pc0FycmF5KGEpKXtoXFx4M2RhO2lmKCFHXFx4MjZcXHgyNk4oYSxkLCt3KXx8IUVcXHgyNlxceDI2Y2EoYSlcXHgyNlxceDI2MFxceDNkXFx4M2RcXHgzZGEuc2l6ZSlhXFx4M2RudWxsO2EhXFx4M2RoXFx4MjZcXHgyNihjXFx4M2QhMCl9bnVsbCFcXHgzZGE%2FZlt3XVxceDNkYTpjXFx4M2QhMH1pZihjKXtmb3IobGV0IEYgaW4gZil7clxceDNkZjticmVhayBhfXJcXHgzZG51bGx9fXIhXFx4M2RsXFx4MjZcXHgyNih2XFx4M2QhMCk7Zy0tfWZvcihlXFx4M2QrISEoZVxceDI2NTEyKS0xOzBcXHgzY2c7Zy0tKXt3XFx4M2RnLTE7bFxceDNkYlt3XTtpZighKG51bGxcXHgzZFxceDNkbHx8IUdcXHgyNlxceDI2TihsLGQsdy1lKXx8IUVcXHgyNlxceDI2Y2EobClcXHgyNlxceDI2MFxceDNkXFx4M2RcXHgzZGwuc2l6ZSkpYnJlYWs7Q1xceDNkITB9aWYoIXZcXHgyNlxceDI2IUMpcmV0dXJuIGI7dmFyIFA7az9QXFx4M2RiOlBcXHgzZEFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGIsMCxnKTtiXFx4M2RQO2tcXHgyNlxceDI2KGIubGVuZ3RoXF&i=4-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: txUDxryi5_uaSzvn0pMDo0A2MAsHSnr9eXnOrhD9uPhu_NCSg0uRaQ==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
347 B 64ms
57ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=x4M2RnKTtyXFx4MjZcXHgyNmIucHVzaChyKTtyZXR1cm4gYn07dmFyIHFhXFx4M2RjbGFzcyBleHRlbmRzIFV7fTt2YXIgcmFcXHgzZGNsYXNzIGV4dGVuZHMgVXt9O2Z1bmN0aW9uIHNhKGFcXHgzZHdpbmRvdyl7cmV0dXJuIGF9Oy8qICBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMCAqLyB2YXIgdGFcXHgzZC9eKD8hamF2YXNjcmlwdDopKD86W2EtejAtOSsuLV0rOnxbXlxceDI2OlxcXFwvPyNdKig%2FOltcXFxcLz8jXXwkKSkvaTtsZXQgVjtmdW5jdGlvbiB1YShhLGIsYyxkKXtjb25zdCBlXFx4M2QvXihodHRwcz86W146P10rWy9dcGNzWy9dY2xpY2tbXi9dKz8pKD86XFx4MjZueFteXFx4MjZdK1xceDI2bnlbXlxceDI2XStcXHgyNmRpbVteXFx4MjZdKyk%2FKFxceDI2YWR1cmxcXHgzZC4qKS8uZXhlYyhhKTtyZXR1cm4gZT9lWzFdK2BcXHgyNm54XFx4M2Qke2J9XFx4MjZueVxceDNkJHtjfVxceDI2ZGltXFx4M2Qke2R9YCtlWzJdOmF9ZnVuY3Rpb24gdmEoYSl7Y29uc3QgYlxceDNkYS5jdXJyZW50VGFyZ2V0LGNcXHgzZGIucXVlcnlTZWxlY3RvcihcXHgyMmltZ1thbHRdXFx4MjIpO2lmKGMpe2NvbnN0IHtpOmQsajplLGg6Zn1cXHgzZFcoYSxjLm9mZnNldExlZnQsYy5vZmZzZXRUb3AsYy53aWR0aCxjLmhlaWdodCk7YVxceDNkdWEoYi5ocmVmLGQsZSxmKTt0YS50ZXN0KGEpXFx4MjZcXHgyNihiLmhyZWZcXHgzZGEpfX0gdmFyIHdhXFx4M2QoYSxiKVxceDNkXFx4M2V7c2EobSk%2FLmZlbmNlPy5zZXRSZXBvcnRFdmVudERhdGFGb3JBdXRvbWF0aWNCZWFjb25zKHtldmVudFR5cGU6YSxldmVudERhdGE6YixkZXN0aW5hdGlvbjpbXFx4MjJidXllclxceDIyXSxvbmNlOiEwfSl9LFhcXHgzZChhLGIsYylcXHgzZFxceDNle2NvbnN0IGRcXHgzZHNhKG0pO1xceDIyYnV5ZXJcXHgyMlxceDNkXFx4M2RjP2Q%2FLmZlbmNlPy5yZXBvcnRFdmVudCh7ZXZlbnRUeXBlOmEsZXZlbnREYXRhOmIsZGVzdGluYXRpb246W1xceDIyYnV5ZXJcXHgyMl19KTpcXHgyMmNvbXBvbmVudC1zZWxsZXJcXHgyMlxceDNkXFx4M2RjXFx4MjZcXHgyNmQ%2FLmZlbmNlPy5yZXBvcnRFdmVudCh7ZXZlbnRUeXBlOmEsZGVzdGluYXRpb246W1xceDIyY29tcG9uZW50LXNlbGxlclxceDIyXX0pfTsgZnVuY3Rpb24gWShhKXtjb25zdCBiXFx4M2RuZXcgcmE7UihiLDEsYSk7YVxceDNkUyhWKTtSKGIsNCxhKTtSKGIsMTAsRGF0ZS5ub3coKS50b1N0cmluZygpKTt3YShcXHgyMnJlc2VydmVkLnRvcF9uYXZpZ2F0aW9uXFx4MjIsUyhiKSk7d2EoXFx4MjJyZXNlcnZlZC50b3BfbmF2aWdhdGlvbl9zdGFydFxceDIyLFMoYikpO1goXFx4MjJjbGlja1xceDIyLFMoYiksXFx4MjJidXllclxceDIyKTtYKFxceDIycmVzZXJ2ZWQudG9wX25hdmlnYXRpb25cXHgyMixudWxsLFxceDIyY29tcG9uZW50LXNlbGxlclxceDIyKTtYKFxceDIyY2xpY2tcXHgyMixudWxsLFxceDIyY29tcG9uZW50LXNlbGxlclxceDIyKX1mdW5jdGlvbiBXKGEsYixjLGQsZSl7cmV0dXJue2k6K01hdGgucm91bmQoYS5jbGllbnRYLWIpLGo6K01hdGgucm91bmQoYS5jbGllbnRZLWMpLGg6YCR7K2R9eCR7K2V9YCxsOnZvaWQgMH19IGZ1bmN0aW9uIHhhKGEsYil7dm9pZCAwIVxceDNkbS5BRk1BX0NvbW11bmljYXRvclxceDI2XFx4MjZ2b2lkIDAhXFx4M2RtLkFGTUFfQ29tbXVuaWNhdG9yLnNlbmRNZXNzYWdlXFx4MjZcXHgyNihhLnByZXZlbnREZWZhdWx0KCksbS5BRk1BX0NvbW11bmljYXRvci5zZW5kTWVzc2FnZShcXHgyMm9wZW5cXHgyMix7YTpcXHgyMmFwcFxceDIyLHU6YS5jdXJyZW50VGFyZ2V0LmhyZWYsc3lzdGVtX2Jyb3dzZXI6ITAsdXNlX2ZpcnN0X3BhY2thZ2U6ITAsdXNlX3J1bm5pbmdfcHJvY2VzczohMCx1c2VfY3VzdG9tX3RhYnM6Yn0pKX07Y29uc3QgeWFcXHgzZGZ1bmN0aW9uKGEsYlxceDNkbnVsbCl7cmV0dXJuIGJcXHgyNlxceDI2Yi5nZXRBdHRyaWJ1dGUoXFx4MjJkYXRhLWpjXFx4MjIpXFx4M2RcXHgzZFxceDNkU3RyaW5nKGEpP2I6ZG9jdW1lbnQucXVlcnlTZWxlY3RvcihgWyR7XFx4MjJkYXRhLWpjXFx4MjJ9XFx4M2RcXHgyMiR7YX1cXHgyMl1gKX0oNzQsZG9jdW1lbnQuY3VycmVudFNjcmlwdCk7aWYobnVsbFxceDNkXFx4M2R5YSl0aHJvdyBFcnJvcihcXHgyMkpTQyBub3QgZm91bmQgNzRcXHgyMik7Y29uc3QgemFcXHgzZHt9LFpcXHgzZHlhLmF0dHJpYnV0ZXM7Zm9yKGxldCBhXFx4M2RaLmxlbmd0aC0xOzBcXHgzY1xceDNkYTthLS0pe2NvbnN0IGJcXHgzZFpbYV0ubmFtZTswXFx4M2RcXHgzZFxceDNkYi5pbmRleE9mKFxceDIyZGF0YS1qY3AtXFx4MjIpXFx4MjZcXHgyNih6YVtiLnN1YnN0cmluZyg5KV1cXHgzZFpbYV0udmFsdWUpfSAoYVxceDNkXFx4M2V7Y29uc3QgYlxceDNkZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoYVtcXHgyMmEtaWRcXHgyMl0pLGNcXHgzZFxceDIydHJ1ZVxceDIyXFx4M2RcXHgzZFxceDNkYVtcXHgyMmZvci1zdXJlLW9wZW4tYnJvd3NlclxceDIyXSxkXFx4M2RcXHgyMnRydWVcXHgyMlxceDNkXFx4M2RcXHgzZGFbXFx4MjJmb3Itc3VyZS1vcGVuLWN1c3RvbS10YWJzXFx4MjJdO3ZhciBlXFx4M2RhW1xceDIyY2Mtb3ZlcmxheVxceDIyXSxmXFx4M2RhW1xceDIyY2MtYnV0dG9uXFx4MjJdO2NvbnN0IGtcXHgzZGU%2FZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoZSk6bnVsbCxoXFx4M2RmP2RvY3VtZW50LmdldEVsZW1lbnRCeUlkKGYpOm51bGw7ZVxceDNkXFx4MjJ0cnVlXFx4MjJcXHgzZFxceDNkXFx4M2RhW1xceDIyaXMtZmxlZGdlXFx4MjJdO2ZcXHgzZGtcXHgyNlxceDI2aDtWXFx4M2RuZXcgcWE7aWYoZSl7Y29uc3QgZ1xceDNkZj9rOmIucXVlcnlTZWxlY3RvcihcXHgyMmltZ1thbHRdXFx4MjIpOyhmP2s6YikuYWRkRXZlbnRMaXN0ZW5lcihcXHgyMm1vdXNlZG93blxceDIyLHFcXHgzZFxceDNle2NvbnN0IHtpOmwsajp2LGg6QyxsOnJ9XFx4M2RXKHEsZy5vZmZzZXRMZWZ0LGcub2Zmc2V0VG9wLGcuY2xpZW50V2lkdGgsZy5jbGllbnRIZWlnaHQpO2xcXHgyNlxceDI2UShWLDIsbnVsbFxceDNkXFx4M2RsP2w6amEobCkpO3ZcXHgyNlxceDI2UShWLDMsbnVsbFxceDNkXFx4M2R2P3Y6IGphKHYpKTtDXFx4MjZcXHgyNlIoViw3LEMpO3JcXHgyNlxceDI2UihWLDQscil9KTtjb25zdCBuXFx4M2RhW1xceDIydHVydGxleC1ldmVudC1hZC1zaWduYWxzXFx4MjJdO2g%2FKGguYWRkRXZlbnRMaXN0ZW5lcihcXHgyMmNsaWNrXFx4MjIsKClcXHgzZFxceDNle1kobil9KSxoLmFkZEV2ZW50TGlzdGVuZXIoXFx4MjJhdXhjbGlja1xceDIyLCgpXFx4M2RcXHgzZXtZKG4pfSkpOihiLmFkZEV2ZW50TGlzdGVuZXIoXFx4MjJjbGlja1xceDIyLCgpXFx4M2RcXHgzZXtZKG4pfSksYi5hZGRFdmVudExpc3RlbmVyKFxceDIyYXV4Y2xpY2tcXHgyMiwoKVxceDNkXFx4M2V7WShuKX0pKX1lbHNlIGlmKGIuYWRkRXZlbnRMaXN0ZW5lcihcXHgyMm1vdXNlZG93blxceDIyLHZhKSxmXFx4MjZcXHgyNmsuYWRkRXZlbnRMaXN0ZW5lcihcXHgyMm1vdXNlZG93blxceDIyLGdcXHgzZFxceDNle2NvbnN0IHtpOm4sajpxLGg6bH1cXHgzZFcoZyxrLm9mZnNldExlZnQsay5vZmZzZXRUb3Asay5jbGllbnRXaWR0aCxrLmNsaWVudEhlaWdodCk7Z1xceDNkdWEoaC5ocmVmLG4scSxsKTt0YS50ZXN0KGcpXFx4MjZcXHgyNihoLmhyZWZcXHgzZGcpfSksY3x8ZCliLmFkZEV2ZW50TGlzdGVuZXIoXFx4MjJjbGlja1xceDIyLGdcXHgzZFxceDNle3hhKGcsZCl9KSxoXFx4MjZcXHgyNmguYWRkRXZlbnRMaXN0ZW5lcihcXHgyMmNsaWNrXFx4MjIsIGdcXHgzZFxceDNle3hhKGcsZCl9KX0pKHphKTt9KS5jYWxsKHRoaXMpO1xceDNjL3NjcmlwdFxceDNlXFx4M2NzdHlsZVxceDNlZGl2e21hcmdpbjowO3BhZGRpbmc6MDt9LmFiZ2Nwe2hlaWdodDoxNXB4O3BhZGRpbmctcmlnaHQ6MXB4O3BhZGRpbmctdG9wOjFweDtwYWRkaW5nLWxlZnQ6OXB4O3BhZGRpbmctYm90dG9tOjEzcHg7cmlnaHQ6MHB4O3RvcDowcHg7cG9zaXRpb246YWJzb2x1dGU7d2lkdGg6MTVweDt6LWluZGV4OjIxNDc0ODM2NDY7fS5hYmdje2Rpc3BsYXk6YmxvY2s7aGVpZ2h0OjE1cHg7cG9zaXRpb246YWJzb2x1dGU7cmlnaHQ6MXB4O3RvcDoxcHg7dGV4dC1yZW5kZXJpbmc6Z2VvbWV0cmljUHJlY2lzaW9uO3otaW5kZXg6MjE0NzQ4MzY0Njt9LmFiZ2J7ZGlzcGxheTpub25lO2hlaWdodDoxNXB4O30uYWJnYywuYWJnY3AsLmphciAuYWJnYywuamFyIC5hYmdjcCwuamFyIC5jYmJ7b3BhY2l0eToxO30uYWJnc3tkaXNwbGF5Om5vbmU7aGVpZ2h0OjEwMCU7fS5hYmdse3RleHQtZGVjb3JhdGlvbjpub25lO30uYWJncyBzdmcsLmFiZ2Igc3Zne2Rpc3BsYXk6aW5saW5lLWJsb2NrO2hlaWdodDoxNXB4O3dpZHRoOmF1dG87dmVydGljYWwtYWxpZ246dG9wO30uYWJnYyAuaWwtd3JhcHtiYWNrZ3JvdW5kLWNvbG9yOiNmZmZmZmY7aGVpZ2h0OjE1cHg7d2hpdGUtc3BhY2U6bm93cmFwO30uYWJnYyAuaWwtd3JhcC5leHB7Ym9yZGVyLWJvdHRvbS1sZWZ0LXJhZGl1czo1cHg7fS5hYmdjIC5pbC10ZXh0LC5hYmdjIC5pbC1pY29ue2Rpc3BsYXk6aW5saW5lLWJsb2NrO30uYWJnYyAuaWwtdGV4dHtwYWRkaW5nLXJpZ2h0OjFweDtwYWRkaW5nLWxlZnQ6NXB4O2hlaWdodDoxNXB4O3dpZHRoOjU1cHg7fS5hYmdjIC5pbC1pY29ue2hlaWdodDoxNXB4O3dpZHRoOjE1cHg7fS5hYmdjIC5pbC10ZXh0IHN2Z3tmaWxsOiMwMDAwMDA7fS5hYmdjIC5pbC1pY29uIHN2Z3tmaWxsOiMwMGFlY2R9XFx4M2Mvc3R5bGVcXHgzZVxceDNjZGl2IGlkXFx4M2RcXHgyMmFiZ2NwXFx4MjIgY2xhc3NcXHgzZFxceDIyYWJnY3BcXHgyMlxceDNlXFx4M2NkaXYgaWRcXHgzZFxceDIyYWJnY1xceDIyIGNsYXNzXFx4M2RcXHgyMmFiZ2NcXHgyMiBkaXJcXHgzZFxceDIybHRyXFx4MjJcXHgzZVxceDNjZGl2IGlkXFx4M2RcXHgyMmFiZ2JcXHgyMiBjbGFzc1xceDNkXFx4MjJhYmdiXFx4MjJcXHgzZVxceDNjZGl2IGNsYXNzXFx4M2RcXHgyMmlsLXdyYXBcXHgyMlxceDNlXFx4M2NkaXYgY2xhc3NcXHgzZFxceDIyaWwtaWNvblxceDIyXFx4M2VcXHgzY3N2ZyB4bWxuc1xceDNkXFx4MjJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2Z1xceDIyIHhtbG5zOnhsaW5rXFx4M2RcXHgyMmh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmtcXHgyMiB2aWV3Qm94XFx4M2RcXHgyMjAgMCAxNSAxNVxceDIyXFx4M2VcXHgzY2NpcmNsZSBjeFxceDNkXFx4MjI2XFx4MjIgY3lcXHgzZFxceDIyNlxceDIyIHJcXHgzZFxceDIyMC42N1xceDIyXFx4M2VcXHgzYy9jaXJjbGVcXHgzZVxceDNjcGF0aCBkXFx4M2RcXHgyMk00LjIsMTEuM1EzLjMsMTEuOCwzLjMsMTAuNzVMMy4zLDQuMVEzLjMsMy4xLDQuMywzLjVMMTAuNCw3LjBRMTIuMCw3LjUsMTAuNCw4LjBMNi42NSwxMC4wTDYuNjUsNy43NWEwLjY1LDAuNjUsMCwxLDAsLTEuMywwTDUuMzUsMTAuNzVhMC45LDAuOSwwLDAsMCwxLjMsMC44TDEyLjcsOC4yUTEzLjcsNy41LDEyLjcsNi43TDMuMywxLjZRMi4yLDEuMywxLjgsMi41TDEuOCwxMi41UTIuMiwxMy45LDMuMywxMy4zTDQuOCwxMi41QTAuMywwLjMsMCwxLDAsNC4yLDExLjNaXFx4MjJcXHgzZVxceDNjL3BhdGhcXHgzZVxceDNjL3N2Z1xceDNlXFx4M2MvZGl2XFx4M2VcXHgzYy9kaXZcXHgzZVxceDNjL2RpdlxceDNlXFx4M2NkaXYgaWRcXHgzZFxceDIyYWJnc1xceDIyIGNsYXNzXFx4M2RcXHgyMmFiZ3NcXHgyMlxceDNlXFx4M2NhIGlkXFx4M2RcXHgyMmFiZ2xcXHgyMiBjbGFzc1xceDNkXFx4MjJhYmdsXFx4MjIgaHJlZlxceDNkXFx4MjJodHRwczovL3d3dy5nb29nbGUuY29tL3VybD9jdFxceDNkYWJnXFx4MjZhbXA7cVxceDNkaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS9hZHNlbnNlL3N1cHBvcnQvYmluL3JlcXVlc3QucHklM0Zjb250YWN0JTNEYWJnX2FmYyUyNnVybCUzRCUyNmdsJTNEQ0ElMjZobCUzRGVuJTI2YWkwJTNEXFx4MjZhbXA7dXNnXFx4M2RBT3ZWYXczWG5uUTItN0VzOUU5c1NvZU9URjlBXFx4MjIg&i=5-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: uBX0vC4kPtsTQ1XAXUk-YGwW9vwP9Rd_JYuNLjD-4_WKeSI4crjbyw==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
346 B 71ms
65ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=dGFyZ2V0XFx4M2RcXHgyMl9ibGFua1xceDIyXFx4M2VcXHgzY2RpdiBjbGFzc1xceDNkXFx4MjJpbC13cmFwIGV4cFxceDIyXFx4M2VcXHgzY2RpdiBjbGFzc1xceDNkXFx4MjJpbC10ZXh0XFx4MjJcXHgzZVxceDNjc3ZnIHhtbG5zXFx4M2RcXHgyMmh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnXFx4MjIgeG1sbnM6eGxpbmtcXHgzZFxceDIyaHR0cDovL3d3dy53My5vcmcvMTk5OS94bGlua1xceDIyIHZpZXdCb3hcXHgzZFxceDIyMCAwIDU5IDE2XFx4MjJcXHgzZVxceDNjcGF0aCBkXFx4M2RcXHgyMk00LjUxIDQuMjRMOC4wMiAxMi44M0w2LjczIDEyLjgzTDUuNzIgMTAuMjFMMi4xNCAxMC4yMUwxLjE5IDEyLjgzTC0wLjAxIDEyLjgzTDMuMjkgNC4yNEw0LjUxIDQuMjRaTTIuNDYgOS4zMUw1LjM4IDkuMzFMNS4zOCA5LjMxUTQuMzIgNi41MiA0LjE5IDYuMTRMNC4xOSA2LjE0TDQuMTkgNi4xNFE0LjA1IDUuNzcgMy44OSA1LjEzTDMuODkgNS4xM0wzLjg2IDUuMTNMMy44NiA1LjEzUTMuNzAgNiAzLjQyIDYuNzRMMy40MiA2Ljc0TDIuNDYgOS4zMVpNMTMuODMgNC4yNEwxMy44MyAxMi44M0wxMi44NSAxMi44M0wxMi44NSAxMi4wNEwxMi44MyAxMi4wNEwxMi44MyAxMi4wNFExMi4yNiAxMi45NyAxMS4xMSAxMi45N0wxMS4xMSAxMi45N0wxMS4xMSAxMi45N1E5Ljk3IDEyLjk3IDkuMjAgMTIuMDdMOS4yMCAxMi4wN0w5LjIwIDEyLjA3UTguNDQgMTEuMTYgOC40NCA5LjcyTDguNDQgOS43Mkw4LjQ0IDkuNzJROC40NCA4LjIxIDkuMTYgNy4zNEw5LjE2IDcuMzRMOS4xNiA3LjM0UTkuODggNi40NyAxMS4wNiA2LjQ3TDExLjA2IDYuNDdMMTEuMDYgNi40N1ExMi4xOCA2LjQ3IDEyLjc2IDcuMzJMMTIuNzYgNy4zMkwxMi43OCA3LjMyTDEyLjc4IDQuMjRMMTMuODMgNC4yNFpNMTEuMjIgMTIuMTFMMTEuMjIgMTIuMTFMMTEuMjIgMTIuMTFRMTEuOTEgMTIuMTEgMTIuMzkgMTEuNTRMMTIuMzkgMTEuNTRMMTIuMzkgMTEuNTRRMTIuODcgMTAuOTcgMTIuODcgOS44MUwxMi44NyA5LjgxTDEyLjg3IDkuODFRMTIuODcgOC42OCAxMi40MyA4LjAwTDEyLjQzIDguMDBMMTIuNDMgOC4wMFExMS45OSA3LjMzIDExLjE3IDcuMzNMMTEuMTcgNy4zM0wxMS4xNyA3LjMzUTEwLjM1IDcuMzMgOS45MyA3Ljk5TDkuOTMgNy45OUw5LjkzIDcuOTlROS41MiA4LjY1IDkuNTIgOS43Mkw5LjUyIDkuNzJMOS41MiA5LjcyUTkuNTIgMTAuNDkgOS43NCAxMS4wM0w5Ljc0IDExLjAzTDkuNzQgMTEuMDNROS45NyAxMS41NyAxMC4zNyAxMS44NEwxMC4zNyAxMS44NEwxMC4zNyAxMS44NFExMC43OCAxMi4xMSAxMS4yMiAxMi4xMVpNMjEuNzQgOS44MUwyMi44OCAxMC4xMEwyMi44OCAxMC4xMFEyMi41MCAxMS41NSAyMS41NyAxMi4yNkwyMS41NyAxMi4yNkwyMS41NyAxMi4yNlEyMC42MyAxMi45NyAxOS4zMiAxMi45N0wxOS4zMiAxMi45N0wxOS4zMiAxMi45N1ExNy4yMSAxMi45NyAxNi4yNSAxMS42NUwxNi4yNSAxMS42NUwxNi4yNSAxMS42NVExNS4yOSAxMC4zMyAxNS4yOSA4LjQ3TDE1LjI5IDguNDdMMTUuMjkgOC40N1ExNS4yOSA2LjQyIDE2LjQyIDUuMjVMMTYuNDIgNS4yNUwxNi40MiA1LjI1UTE3LjU1IDQuMDkgMTkuMzQgNC4wOUwxOS4zNCA0LjA5TDE5LjM0IDQuMDlRMjAuNTkgNC4wOSAyMS40OCA0LjczTDIxLjQ4IDQuNzNMMjEuNDggNC43M1EyMi4zNyA1LjM3IDIyLjczIDYuNjBMMjIuNzMgNi42MEwyMS42MiA2Ljg2TDIxLjYyIDYuODZRMjEuMzMgNS45NiAyMC43NiA1LjUxTDIwLjc2IDUuNTFMMjAuNzYgNS41MVEyMC4xOSA1LjA2IDE5LjMyIDUuMDZMMTkuMzIgNS4wNkwxOS4zMiA1LjA2UTE3LjkyIDUuMDYgMTcuMTkgNS45OUwxNy4xOSA1Ljk5TDE3LjE5IDUuOTlRMTYuNDYgNi45MSAxNi40NiA4LjQ2TDE2LjQ2IDguNDZMMTYuNDYgOC40NlExNi40NiAxMC4yNSAxNy4yMyAxMS4xM0wxNy4yMyAxMS4xM0wxNy4yMyAxMS4xM1ExNy45OSAxMiAxOS4yMiAxMkwxOS4yMiAxMkwxOS4yMiAxMlEyMC4yMyAxMiAyMC44NiAxMS40NkwyMC44NiAxMS40NkwyMC44NiAxMS40NlEyMS40OSAxMC45MSAyMS43NCA5LjgxTDIxLjc0IDkuODFaTTI5LjIzIDguODlMMjkuMjMgMTIuODNMMjguMTcgMTIuODNMMjguMTcgOC45MEwyOC4xNyA4LjkwUTI4LjE3IDguMTQgMjcuODQgNy43NkwyNy44NCA3Ljc2TDI3Ljg0IDcuNzZRMjcuNTEgNy4zOCAyNi44NiA3LjM4TDI2Ljg2IDcuMzhMMjYuODYgNy4zOFEyNi4yMSA3LjM4IDI1LjcxIDcuODNMMjUuNzEgNy44M0wyNS43MSA3LjgzUTI1LjIwIDguMjcgMjUuMjAgOS40M0wyNS4yMCA5LjQzTDI1LjIwIDEyLjgzTDI0LjE1IDEyLjgzTDI0LjE1IDQuMjRMMjUuMjAgNC4yNEwyNS4yMCA3LjMyTDI1LjIwIDcuMzJRMjUuOTUgNi40NyAyNy4wOCA2LjQ3TDI3LjA4IDYuNDdMMjcuMDggNi40N1EyNy42OCA2LjQ3IDI4LjIzIDYuNzFMMjguMjMgNi43MUwyOC4yMyA2LjcxUTI4Ljc4IDYuOTYgMjkuMDAgNy40N0wyOS4wMCA3LjQ3TDI5LjAwIDcuNDdRMjkuMjMgNy45OCAyOS4yMyA4Ljg5TDI5LjIzIDguODlaTTMzLjM1IDYuNDdMMzMuMzUgNi40N0wzMy4zNSA2LjQ3UTM0LjYxIDYuNDcgMzUuNDQgNy4yOUwzNS40NCA3LjI5TDM1LjQ0IDcuMjlRMzYuMjcgOC4xMSAzNi4yNyA5LjYyTDM2LjI3IDkuNjJMMzYuMjcgOS42MlEzNi4yNyAxMS40NiAzNS4zNyAxMi4yMUwzNS4zNyAxMi4yMUwzNS4zNyAxMi4yMVEzNC40OCAxMi45NyAzMy4zNSAxMi45N0wzMy4zNSAxMi45N0wzMy4zNSAxMi45N1EzMi4xNyAxMi45NyAzMS4zMSAxMi4xOUwzMS4zMSAxMi4xOUwzMS4zMSAxMi4xOVEzMC40NCAxMS40MSAzMC40NCA5LjcyTDMwLjQ0IDkuNzJMMzAuNDQgOS43MlEzMC40NCA4LjA4IDMxLjI4IDcuMjdMMzEuMjggNy4yN0wzMS4yOCA3LjI3UTMyLjEyIDYuNDcgMzMuMzUgNi40N1pNMzMuMzUgMTIuMTFMMzMuMzUgMTIuMTFMMzMuMzUgMTIuMTFRMzQuMjUgMTIuMTEgMzQuNzIgMTEuNDRMMzQuNzIgMTEuNDRMMzQuNzIgMTEuNDRRMzUuMTkgMTAuNzcgMzUuMTkgOS42OEwzNS4xOSA5LjY4TDM1LjE5IDkuNjhRMzUuMTkgOC41MSAzNC42NiA3LjkyTDM0LjY2IDcuOTJMMzQuNjYgNy45MlEzNC4xMyA3LjMzIDMzLjM1IDcuMzNMMzMuMzUgNy4zM0wzMy4zNSA3LjMzUTMyLjU1IDcuMzMgMzIuMDMgNy45M0wzMi4wMyA3LjkzTDMyLjAzIDcuOTNRMzEuNTIgOC41MyAzMS41MiA5LjcyTDMxLjUyIDkuNzJMMzEuNTIgOS43MlEzMS41MiAxMC45MCAzMi4wNCAxMS41MEwzMi4wNCAxMS41MEwzMi4wNCAxMS41MFEzMi41NyAxMi4xMSAzMy4zNSAxMi4xMVpNMzguNTUgNi42MUwzOC41NSAxMi44M0wzNy40OSAxMi44M0wzNy40OSA2LjYxTDM4LjU1IDYuNjFaTTM4LjU1IDQuMjRMMzguNTUgNS40M0wzNy40OSA1LjQzTDM3LjQ5IDQuMjRMMzguNTUgNC4yNFpNNDQuMjAgMTAuNTVMNDUuMjUgMTAuNjhMNDUuMjUgMTAuNjhRNDUuMDUgMTEuODcgNDQuMzEgMTIuNDJMNDQuMzEgMTIuNDJMNDQuMzEgMTIuNDJRNDMuNTggMTIuOTcgNDIuNjYgMTIuOTdMNDIuNjYgMTIuOTdMNDIuNjYgMTIuOTdRNDEuMzAgMTIuOTcgNDAuNTYgMTIuMDhMNDAuNTYgMTIuMDhMNDAuNTYgMTIuMDhRMzkuODMgMTEuMjAgMzkuODMgOS43M0wzOS44MyA5LjczTDM5LjgzIDkuNzNRMzkuODMgOC41MiA0MC4yNSA3Ljc5TDQwLjI1IDcuNzlMNDAuMjUgNy43OVE0MC42OCA3LjA2IDQxLjMxIDYuNzZMNDEuMzEgNi43Nkw0MS4zMSA2Ljc2UTQxLjk1IDYuNDcgNDIuNjYgNi40N0w0Mi42NiA2LjQ3TDQyLjY2IDYuNDdRNDMuNjIgNi40NyA0NC4zMCA2Ljk3TDQ0LjMwIDYuOTdMNDQuMzAgNi45N1E0NC45OCA3LjQ2IDQ1LjE0IDguNDNMNDUuMTQgOC40M0w0NC4xMiA4LjU5TDQ0LjEyIDguNTlRNDMuOTYgNy45NiA0My42MSA3LjY1TDQzLjYxIDcuNjVMNDMuNjEgNy42NVE0My4yNSA3LjMzIDQyLjcwIDcuMzNMNDIuNzAgNy4zM0w0Mi43MCA3LjMzUTQxLjgyIDcuMzMgNDEuMzYgNy45Nkw0MS4zNiA3Ljk2TDQxLjM2IDcuOTZRNDAuOTAgOC41OCA0MC45MCA5LjcxTDQwLjkwIDkuNzFMNDAuOTAgOS43MVE0MC45MCAxMC44NiA0MS4zNSAxMS40OEw0MS4zNSAxMS40OEw0MS4zNSAxMS40OFE0MS44MCAxMi4xMSA0Mi42NCAxMi4xMUw0Mi42NCAxMi4xMUw0Mi42NCAxMi4xMVE0My4zMiAxMi4xMSA0My43MSAxMS43Mkw0My43MSAxMS43Mkw0My43MSAxMS43MlE0NC4xMCAxMS4zMyA0NC4yMCAxMC41NUw0NC4yMCAxMC41NVpNNTEuNTYgOS45OEw1MS41NiA5Ljk4TDQ2LjkwIDkuOThMNDYuOTAgOS45OFE0Ni45NyAxMS4wMiA0Ny40OSAxMS41Nkw0Ny40OSAxMS41Nkw0Ny40OSAxMS41NlE0OC4wMiAxMi4xMSA0OC44MCAxMi4xMUw0OC44MCAxMi4xMUw0OC44MCAxMi4xMVE0OS40MSAxMi4xMSA0OS44MiAxMS43OUw0OS44MiAxMS43OUw0OS44MiAxMS43OVE1MC4yMyAxMS40NyA1MC40NCAxMC44Mkw1MC40NCAxMC44Mkw1MS41MyAxMC45Nkw1MS41MyAxMC45NlE1MS4yNiAxMS45MyA1MC41NiAxMi40NUw1MC41NiAxMi40NUw1MC41NiAxMi40NVE0OS44NiAxMi45NyA0OC44MCAxMi45N0w0OC44MCAxMi45N0w0OC44MCAxMi45N1E0Ny40MCAxMi45NyA0Ni42MSAxMi4xMUw0Ni42MSAxMi4xMUw0Ni42MSAxMi4xMVE0NS44MyAxMS4yNiA0NS44MyA5Ljc3TDQ1LjgzIDkuNzdMNDUuODMgOS43N1E0NS44MyA4LjMwIDQ2LjU5IDcuMzhMNDYuNTkgNy4zOEw0Ni41OSA3LjM4UTQ3LjM2IDYuNDcgNDguNzQgNi40N0w0OC43NCA2LjQ3TDQ4Ljc0IDYuNDdRNDkuNDIgNi40NyA1MC4wNSA2Ljc3TDUwLjA1IDYuNzdMNTAuMDUgNi43N1E1MC42OCA3LjA3IDUxLjEyIDcuNzhMNTEuMTIgNy43OEw1MS4xMiA3Ljc4UTUxLjU2IDguNTAgNTEuNTYgOS45OFpNNDYuOTYgOS4xMkw1MC40OCA5LjEyTDUwLjQ4IDkuMTJRNTAuNDEgOC4xNyA0OS44OSA3Ljc1TDQ5Ljg5IDcuNzVMNDkuODkgNy43NVE0OS4zNyA3LjMzIDQ4Ljc0IDcuMzNMNDguNzQgNy4zM0w0OC43NCA3LjMzUTQ4IDcuMzMgNDcuNTIgNy44M0w0Ny41MiA3LjgzTDQ3LjUyIDcuODNRNDcuMDQgOC4zMyA0Ni45NiA5LjEyTDQ2Ljk2IDkuMTJaTTU3LjMzIDguMjFMNTYuMzAgOC4zNUw1Ni4zMCA4LjM1UTU2LjIzIDcuODQgNTUuODkgNy41OEw1NS44OSA3LjU4TDU1Ljg5IDcuNThRNTUuNTUgNy4zMyA1NC45NCA3LjMzTDU0Ljk0IDcuMzNMNTQuOTQgNy4zM1E1NC4zMyA3LjMzIDUzLjk2IDcuNTRMNTMuOTYgNy41NEw1My45NiA3LjU0UTUzLjU5IDcuNzQgNTMuNTkgOC4xM0w1My41OSA4LjEzTDUzLjU5IDguMTNRNTMuNTkgOC41MCA1My44OSA4LjY2TDUzLjg5IDguNjZMNTMuODkgOC42NlE1NC4xOCA4LjgyIDU1LjA1IDkuMDVMNTUuMDUgOS4wNUw1NS4wNSA5LjA1UTU2LjA0IDkuMzAgNTYuNTMgOS40OUw1Ni41MyA5LjQ5TDU2LjUzIDkuNDlRNTcuMDIgOS42OSA1Ny4yOSAxMC4wM0w1Ny4yOSAxMC4wM0w1Ny4yOSAxMC4wM1E1Ny41NiAxMC4zOCA1Ny41NiAxMS4wMEw1Ny41NiAxMS4wMEw1Ny41NiAxMS4wMFE1Ny41NiAxMS44NCA1Ni44OCAxMi40MEw1Ni44OCAxMi40MEw1Ni44OCAxMi40MFE1Ni4yMCAxMi45NyA1NS4wNyAxMi45N0w1NS4wNyAxMi45N0w1NS4wNyAxMi45N1E1My44OCAxMi45NyA1My4yMiAxMi40N0w1My4yMiAxMi40N0w1My4yMiAxMi40N1E1Mi41NSAxMS45NyA1Mi40MCAxMC45N0w1Mi40MCAxMC45N0w1My40NSAxMC44MUw1My40NSAxMC44MVE1My41MyAxMS40NiA1My45MyAxMS43OEw1My45MyAxMS43OEw1My45MyAxMS43OFE1NC4zMyAxMi4xMSA1NS4wNSAxMi4xMUw1NS4wNSAxMi4xMUw1NS4wNSAxMi4xMVE1NS43NSAxMi4xMSA1Ni4xMiAxMS44Mkw1Ni4xMiAxMS44Mkw1Ni4xMiAxMS44MlE1Ni40OCAxMS41MyA1Ni40OCAxMS4xMUw1Ni40OCAxMS4xMUw1Ni40OCAxMS4xMVE1Ni40OCAxMC44MyA1Ni4zMSAxMC42Nkw1Ni4zMSAxMC42Nkw1Ni4zMSAxMC42NlE1Ni4xNCAxMC40OSA1NS44OSAxMC40MEw1NS44OSAxMC40MEw1NS44OSAxMC40MFE1NS42MyAxMC4zMiA1NC43NCAxMC4xMEw1NC43NCAxMC4xMEw1NC43&i=6-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: JXyzcrUfJpdfIGwqNmqDt--iTWxtNhGF4xsr4WXWzP0rN430slZM3w==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
346 B 74ms
67ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=NCAxMC4xMFE1My40MiA5Ljc5IDUzLjAwIDkuMzNMNTMuMDAgOS4zM0w1My4wMCA5LjMzUTUyLjU3IDguODggNTIuNTcgOC4yNkw1Mi41NyA4LjI2TDUyLjU3IDguMjZRNTIuNTcgNy40OCA1My4xOSA2Ljk3TDUzLjE5IDYuOTdMNTMuMTkgNi45N1E1My44MSA2LjQ3IDU0Ljg2IDYuNDdMNTQuODYgNi40N0w1NC44NiA2LjQ3UTU1Ljk3IDYuNDcgNTYuNTkgNi45MUw1Ni41OSA2LjkxTDU2LjU5IDYuOTFRNTcuMjEgNy4zNCA1Ny4zMyA4LjIxTDU3LjMzIDguMjFaXFx4MjIvXFx4M2VcXHgzYy9zdmdcXHgzZVxceDNjL2RpdlxceDNlXFx4M2NkaXYgY2xhc3NcXHgzZFxceDIyaWwtaWNvblxceDIyXFx4M2VcXHgzY3N2ZyB4bWxuc1xceDNkXFx4MjJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2Z1xceDIyIHhtbG5zOnhsaW5rXFx4M2RcXHgyMmh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmtcXHgyMiB2aWV3Qm94XFx4M2RcXHgyMjAgMCAxNSAxNVxceDIyXFx4M2VcXHgzY2NpcmNsZSBjeFxceDNkXFx4MjI2XFx4MjIgY3lcXHgzZFxceDIyNlxceDIyIHJcXHgzZFxceDIyMC42N1xceDIyXFx4M2VcXHgzYy9jaXJjbGVcXHgzZVxceDNjcGF0aCBkXFx4M2RcXHgyMk00LjIsMTEuM1EzLjMsMTEuOCwzLjMsMTAuNzVMMy4zLDQuMVEzLjMsMy4xLDQuMywzLjVMMTAuNCw3LjBRMTIuMCw3LjUsMTAuNCw4LjBMNi42NSwxMC4wTDYuNjUsNy43NWEwLjY1LDAuNjUsMCwxLDAsLTEuMywwTDUuMzUsMTAuNzVhMC45LDAuOSwwLDAsMCwxLjMsMC44TDEyLjcsOC4yUTEzLjcsNy41LDEyLjcsNi43TDMuMywxLjZRMi4yLDEuMywxLjgsMi41TDEuOCwxMi41UTIuMiwxMy45LDMuMywxMy4zTDQuOCwxMi41QTAuMywwLjMsMCwxLDAsNC4yLDExLjNaXFx4MjJcXHgzZVxceDNjL3BhdGhcXHgzZVxceDNjL3N2Z1xceDNlXFx4M2MvZGl2XFx4M2VcXHgzYy9kaXZcXHgzZVxceDNjL2FcXHgzZVxceDNjL2RpdlxceDNlXFx4M2MvZGl2XFx4M2VcXHgzYy9kaXZcXHgzZVxceDNjc2NyaXB0IGRhdGEtamNcXHgzZFxceDIyNjBcXHgyMiBzcmNcXHgzZFxceDIyaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanMvcjIwMjMxMjA3L3IyMDExMDkxNC9hYmdfbGl0ZV9meTIwMjEuanNcXHgyMiBhc3luYyBkYXRhLWpjLXZlcnNpb25cXHgzZFxceDIycjIwMjMxMjA3XFx4MjIgZGF0YS1qY3AtYXR0cmlidXRpb24tZGF0YVxceDNkXFx4MjJbbnVsbCxudWxsLG51bGwsMCxudWxsLDAsMCwxLDAsMCwwLDEsMCwwLDAsbnVsbCwwLG51bGwsMCxudWxsLG51bGwsbnVsbCxudWxsLDAsbnVsbCxudWxsLDAsbnVsbCxudWxsLFxceDI2cXVvdDtyaWdodFxceDI2cXVvdDssMCxudWxsLFxceDI2cXVvdDtyMjAyMzEyMDcvcjIwMTEwOTE0XFx4MjZxdW90O11cXHgyMlxceDNlXFx4M2Mvc2NyaXB0XFx4M2UnKTtkb2N1bWVudC53cml0ZSgnXFx4M2MvZGl2XFx4M2UnKTtpZiAoIXdpbmRvdy5tcmFpZCkge2RvY3VtZW50LndyaXRlKCdcXHgzYy9kaXZcXHgzZScpO30oZnVuY3Rpb24oKSB7KGZ1bmN0aW9uKCl7dmFyIHMgPSBkb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNldEF0dHJpYnV0ZSgnZGF0YS1qYycsICc4NicpO3Muc3JjID0gJ2h0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2pzL3IyMDIzMTIwNy9yMjAxMTA5MTQvZWxlbWVudHMvaHRtbC9vbXJocF9meTIwMjEuanMnO3Muc2V0QXR0cmlidXRlKCdkYXRhLWpjLXZlcnNpb24nLCAncjIwMjMxMjA3Jyk7dmFyIHNzID0gZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ3NjcmlwdCcpWzBdO2lmIChzcyAmJiBzcy5wYXJlbnROb2RlKSB7c3MucGFyZW50Tm9kZS5pbnNlcnRCZWZvcmUocywgc3MpO319KSgpO3dpbmRvdy5kaWNuZiA9IHtlYXZwOiB0cnVlLGVicnA6IHRydWUsYXBmYTogdHJ1ZSxhdHNiOiB0cnVlLGJ2c3Q6ICdyMjAyMzEyMDcnLGVlaWQ6ICdjdXFIWlliUEU3WEE2dG9Qb0tLSS1BOCcsYXVuYjogdHJ1ZSxhZHNnOiAnJyx1ZmZwOiB0cnVlLH07KGZ1bmN0aW9uKCl7ZnVuY3Rpb24gYWEoYSl7dmFyIGI9MDtyZXR1cm4gZnVuY3Rpb24oKXtyZXR1cm4gYjxhLmxlbmd0aD97ZG9uZTohMSx2YWx1ZTphW2IrK119Ontkb25lOiEwfX19dmFyIGJhPVwiZnVuY3Rpb25cIj09dHlwZW9mIE9iamVjdC5kZWZpbmVQcm9wZXJ0aWVzP09iamVjdC5kZWZpbmVQcm9wZXJ0eTpmdW5jdGlvbihhLGIsYyl7aWYoYT09QXJyYXkucHJvdG90eXBlfHxhPT1PYmplY3QucHJvdG90eXBlKXJldHVybiBhO2FbYl09Yy52YWx1ZTtyZXR1cm4gYX07IGZ1bmN0aW9uIGNhKGEpe2E9W1wib2JqZWN0XCI9PXR5cGVvZiBnbG9iYWxUaGlzJiZnbG9iYWxUaGlzLGEsXCJvYmplY3RcIj09dHlwZW9mIHdpbmRvdyYmd2luZG93LFwib2JqZWN0XCI9PXR5cGVvZiBzZWxmJiZzZWxmLFwib2JqZWN0XCI9PXR5cGVvZiBnbG9iYWwmJmdsb2JhbF07Zm9yKHZhciBiPTA7YjxhLmxlbmd0aDsrK2Ipe3ZhciBjPWFbYl07aWYoYyYmYy5NYXRoPT1NYXRoKXJldHVybiBjfXRocm93IEVycm9yKFwiQ2Fubm90IGZpbmQgZ2xvYmFsIG9iamVjdFwiKTt9dmFyIGRhPWNhKHRoaXMpO2Z1bmN0aW9uIG4oYSxiKXtpZihiKWE6e3ZhciBjPWRhO2E9YS5zcGxpdChcIi5cIik7Zm9yKHZhciBkPTA7ZDxhLmxlbmd0aC0xO2QrKyl7dmFyIGU9YVtkXTtpZighKGUgaW4gYykpYnJlYWsgYTtjPWNbZV19YT1hW2EubGVuZ3RoLTFdO2Q9Y1thXTtiPWIoZCk7YiE9ZCYmbnVsbCE9YiYmYmEoYyxhLHtjb25maWd1cmFibGU6ITAsd3JpdGFibGU6ITAsdmFsdWU6Yn0pfX0gZnVuY3Rpb24gZWEoYSl7dmFyIGI9XCJ1bmRlZmluZWRcIiE9dHlwZW9mIFN5bWJvbCYmU3ltYm9sLml0ZXJhdG9yJiZhW1N5bWJvbC5pdGVyYXRvcl07aWYoYilyZXR1cm4gYi5jYWxsKGEpO2lmKFwibnVtYmVyXCI9PXR5cGVvZiBhLmxlbmd0aClyZXR1cm57bmV4dDphYShhKX07dGhyb3cgRXJyb3IoU3RyaW5nKGEpK1wiIGlzIG5vdCBhbiBpdGVyYWJsZSBvciBBcnJheUxpa2VcIik7fXZhciBmYT1cImZ1bmN0aW9uXCI9PXR5cGVvZiBPYmplY3QuYXNzaWduP09iamVjdC5hc3NpZ246ZnVuY3Rpb24oYSxiKXtmb3IodmFyIGM9MTtjPGFyZ3VtZW50cy5sZW5ndGg7YysrKXt2YXIgZD1hcmd1bWVudHNbY107aWYoZClmb3IodmFyIGUgaW4gZClPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoZCxlKSYmKGFbZV09ZFtlXSl9cmV0dXJuIGF9O24oXCJPYmplY3QuYXNzaWduXCIsZnVuY3Rpb24oYSl7cmV0dXJuIGF8fGZhfSk7IHZhciBoYT1cImZ1bmN0aW9uXCI9PXR5cGVvZiBPYmplY3QuY3JlYXRlP09iamVjdC5jcmVhdGU6ZnVuY3Rpb24oYSl7ZnVuY3Rpb24gYigpe31iLnByb3RvdHlwZT1hO3JldHVybiBuZXcgYn0saWE7aWYoXCJmdW5jdGlvblwiPT10eXBlb2YgT2JqZWN0LnNldFByb3RvdHlwZU9mKWlhPU9iamVjdC5zZXRQcm90b3R5cGVPZjtlbHNle3ZhciBqYTthOnt2YXIga2E9e2E6ITB9LG5hPXt9O3RyeXtuYS5fX3Byb3RvX189a2E7amE9bmEuYTticmVhayBhfWNhdGNoKGEpe31qYT0hMX1pYT1qYT9mdW5jdGlvbihhLGIpe2EuX19wcm90b19fPWI7aWYoYS5fX3Byb3RvX18hPT1iKXRocm93IG5ldyBUeXBlRXJyb3IoYStcIiBpcyBub3QgZXh0ZW5zaWJsZVwiKTtyZXR1cm4gYX06bnVsbH12YXIgb2E9aWE7IGZ1bmN0aW9uIHQoYSxiKXthLnByb3RvdHlwZT1oYShiLnByb3RvdHlwZSk7YS5wcm90b3R5cGUuY29uc3RydWN0b3I9YTtpZihvYSlvYShhLGIpO2Vsc2UgZm9yKHZhciBjIGluIGIpaWYoXCJwcm90b3R5cGVcIiE9YylpZihPYmplY3QuZGVmaW5lUHJvcGVydGllcyl7dmFyIGQ9T2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcihiLGMpO2QmJk9iamVjdC5kZWZpbmVQcm9wZXJ0eShhLGMsZCl9ZWxzZSBhW2NdPWJbY107YS5kYT1iLnByb3RvdHlwZX1mdW5jdGlvbiBwYSgpe2Zvcih2YXIgYT1OdW1iZXIodGhpcyksYj1bXSxjPWE7Yzxhcmd1bWVudHMubGVuZ3RoO2MrKyliW2MtYV09YXJndW1lbnRzW2NdO3JldHVybiBifW4oXCJPYmplY3QuaXNcIixmdW5jdGlvbihhKXtyZXR1cm4gYT9hOmZ1bmN0aW9uKGIsYyl7cmV0dXJuIGI9PT1jPzAhPT1ifHwxL2I9PT0xL2M6YiE9PWImJmMhPT1jfX0pOyBuKFwiQXJyYXkucHJvdG90eXBlLmluY2x1ZGVzXCIsZnVuY3Rpb24oYSl7cmV0dXJuIGE%2FYTpmdW5jdGlvbihiLGMpe3ZhciBkPXRoaXM7ZCBpbnN0YW5jZW9mIFN0cmluZyYmKGQ9U3RyaW5nKGQpKTt2YXIgZT1kLmxlbmd0aDtjPWN8fDA7Zm9yKDA%2BYyYmKGM9TWF0aC5tYXgoYytlLDApKTtjPGU7YysrKXt2YXIgZj1kW2NdO2lmKGY9PT1ifHxPYmplY3QuaXMoZixiKSlyZXR1cm4hMH1yZXR1cm4hMX19KTsgbihcIlN0cmluZy5wcm90b3R5cGUuaW5jbHVkZXNcIixmdW5jdGlvbihhKXtyZXR1cm4gYT9hOmZ1bmN0aW9uKGIsYyl7aWYobnVsbD09dGhpcyl0aHJvdyBuZXcgVHlwZUVycm9yKFwiVGhlICd0aGlzJyB2YWx1ZSBmb3IgU3RyaW5nLnByb3RvdHlwZS5pbmNsdWRlcyBtdXN0IG5vdCBiZSBudWxsIG9yIHVuZGVmaW5lZFwiKTtpZihiIGluc3RhbmNlb2YgUmVnRXhwKXRocm93IG5ldyBUeXBlRXJyb3IoXCJGaXJzdCBhcmd1bWVudCB0byBTdHJpbmcucHJvdG90eXBlLmluY2x1ZGVzIG11c3Qgbm90IGJlIGEgcmVndWxhciBleHByZXNzaW9uXCIpO3JldHVybi0xIT09dGhpcy5pbmRleE9mKGIsY3x8MCl9fSk7bihcImdsb2JhbFRoaXNcIixmdW5jdGlvbihhKXtyZXR1cm4gYXx8ZGF9KTsvKiAgQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy4gU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAgKi8gdmFyIHg9dGhpc3x8c2VsZjtmdW5jdGlvbiBxYShhLGIpe2E6e3ZhciBjPVtcIkNMT1NVUkVfRkxBR1NcIl07Zm9yKHZhciBkPXgsZT0wO2U8Yy5sZW5ndGg7ZSsrKWlmKGQ9ZFtjW2VdXSxudWxsPT1kKXtjPW51bGw7YnJlYWsgYX1jPWR9YT1jJiZjW2FdO3JldHVybiBudWxsIT1hP2E6Yn07dmFyIHJhPXFhKDYxMDQwMTMwMSwhMSksc2E9cWEoNTcyNDE3MzkyLCEwKTt2YXIgeSx0YT14Lm5hdmlnYXRvcjt5PXRhP3RhLnVzZXJBZ2VudERhdGF8fG51bGw6bnVsbDtmdW5jdGlvbiB1YShhKXtyZXR1cm4gcmE%2FeT95LmJyYW5kcy5zb21lKGZ1bmN0aW9uKGIpe3JldHVybihiPWIuYnJhbmQpJiYtMSE9Yi5pbmRleE9mKGEpfSk6ITE6ITF9ZnVuY3Rpb24gQShhKXt2YXIgYjthOntpZihiPXgubmF2aWdhdG9yKWlmKGI9Yi51c2VyQWdlbnQpYnJlYWsgYTtiPVwiXCJ9cmV0dXJuLTEhPWIuaW5kZXhPZihhKX07ZnVuY3Rpb24gQigpe3JldHVybiByYT8hIXkmJjA8eS5icmFuZHMubGVuZ3RoOiExfWZ1bmN0aW9uIHZhKCl7cmV0dXJuIEIoKT91YShcIkNocm9taXVtXCIpOihBKFwiQ2hyb21lXCIpfHxBKFwiQ3JpT1NcIikpJiYhKEIoKT8wOkEoXCJFZGdlXCIpKXx8QShcIlNpbGtcIil9O3ZhciB3YT1BcnJheS5wcm90b3R5cGUuaW5kZXhPZj9mdW5jdGlvbihhLGIpe3JldHVybiBBcnJheS5wcm90b3R5cGUuaW5kZXhPZi5jYWxsKGEsYix2b2lkIDApfTpmdW5jdGlvbihhLGIpe2lmKFwic3RyaW5nXCI9PT10eXBlb2YgYSlyZXR1cm5cInN0cmluZ1wiIT09dHlwZW9mIGJ8fDEhPWIubGVuZ3RoPy0xOmEuaW5kZXhPZihiLDApO2Zvcih2YXIgYz0wO2M8YS5sZW5ndGg7YysrKWlmKGMgaW4gYSYmYVtjXT09PWIpcmV0dXJuIGM7cmV0dXJuLTF9LHhhPUFycmF5LnByb3RvdHlwZS5mb3JFYWNoP2Z1bmN0aW9uKGEsYil7QXJyYXkucHJvdG90eXBlLmZvckVhY2guY2FsbChhLGIsdm9pZCAwKX06ZnVuY3Rpb24oYSxiKXtmb3IodmFyIGM9YS5sZW5ndGgsZD1cInN0cmluZ1wiPT09dHlwZW9mIGE%2FYS5zcGxpdChcIlwiKTphLGU9MDtlPGM7ZSsrKWUgaW4gZCYmYi5jYWxsKHZvaWQgMCxkW2VdLGUsYSl9O2Z1bmN0aW9uIHlhKGEpe3lhW1wiIFwiXShhKTtyZXR1cm4gYX15YVtcIiBcIl09ZnVuY3Rpb24oKXt9O3ZhciB6YT1CKCk%2FITE6QShcIlRyaWRlbnRcIil8fEEoXCJNU0lFXC&i=7-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: BW4yHX0qMT2S1wc46hcyxkffAHRleE3mJHL3OnaCztj8dWkWkeSIAA==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
347 B 76ms
71ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=IpOyFBKFwiQW5kcm9pZFwiKXx8dmEoKTt2YSgpO0EoXCJTYWZhcmlcIikmJih2YSgpfHwoQigpPzA6QShcIkNvYXN0XCIpKXx8KEIoKT8wOkEoXCJPcGVyYVwiKSl8fChCKCk%2FMDpBKFwiRWRnZVwiKSl8fChCKCk%2FdWEoXCJNaWNyb3NvZnQgRWRnZVwiKTpBKFwiRWRnL1wiKSl8fEIoKSYmdWEoXCJPcGVyYVwiKSk7dmFyIEFhPXt9LEU9bnVsbDsgZnVuY3Rpb24gQmEoYSxiKXt2b2lkIDA9PT1iJiYoYj0wKTtpZighRSl7RT17fTtmb3IodmFyIGM9XCJBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWmFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6MDEyMzQ1Njc4OVwiLnNwbGl0KFwiXCIpLGQ9W1wiKy89XCIsXCIrL1wiLFwiLV89XCIsXCItXy5cIixcIi1fXCJdLGU9MDs1PmU7ZSsrKXt2YXIgZj1jLmNvbmNhdChkW2VdLnNwbGl0KFwiXCIpKTtBYVtlXT1mO2Zvcih2YXIgZz0wO2c8Zi5sZW5ndGg7ZysrKXt2YXIgaD1mW2ddO3ZvaWQgMD09PUVbaF0mJihFW2hdPWcpfX19Yj1BYVtiXTtjPUFycmF5KE1hdGguZmxvb3IoYS5sZW5ndGgvMykpO2Q9Yls2NF18fFwiXCI7Zm9yKGU9Zj0wO2Y8YS5sZW5ndGgtMjtmKz0zKXt2YXIgaz1hW2ZdLGw9YVtmKzFdO2g9YVtmKzJdO2c9YltrPj4yXTtrPWJbKGsmMyk8PDR8bD4%2BNF07bD1iWyhsJjE1KTw8MnxoPj42XTtoPWJbaCY2M107Y1tlKytdPWcraytsK2h9Zz0wO2g9ZDtzd2l0Y2goYS5sZW5ndGgtZil7Y2FzZSAyOmc9IGFbZisxXSxoPWJbKGcmMTUpPDwyXXx8ZDtjYXNlIDE6YT1hW2ZdLGNbZV09YlthPj4yXStiWyhhJjMpPDw0fGc%2BPjRdK2grZH1yZXR1cm4gYy5qb2luKFwiXCIpfTt2YXIgQ2E9XCJ1bmRlZmluZWRcIiE9PXR5cGVvZiBVaW50OEFycmF5LERhPSF6YSYmXCJmdW5jdGlvblwiPT09dHlwZW9mIGJ0b2E7dmFyIEVhPSFzYSxGYT0hc2E7dmFyIEY9XCJmdW5jdGlvblwiPT09dHlwZW9mIFN5bWJvbCYmXCJzeW1ib2xcIj09PXR5cGVvZiBTeW1ib2woKT9TeW1ib2woKTp2b2lkIDA7dmFyIEdhPUY%2FZnVuY3Rpb24oYSxiKXthW0ZdfD1ifTpmdW5jdGlvbihhLGIpe3ZvaWQgMCE9PWEucz9hLnN8PWI6T2JqZWN0LmRlZmluZVByb3BlcnRpZXMoYSx7czp7dmFsdWU6Yixjb25maWd1cmFibGU6ITAsd3JpdGFibGU6ITAsZW51bWVyYWJsZTohMX19KX07ZnVuY3Rpb24gSGEoYSl7dmFyIGI9RyhhKTsxIT09KGImMSkmJihPYmplY3QuaXNGcm96ZW4oYSkmJihhPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGEpKSxIKGEsYnwxKSl9dmFyIEc9Rj9mdW5jdGlvbihhKXtyZXR1cm4gYVtGXXwwfTpmdW5jdGlvbihhKXtyZXR1cm4gYS5zfDB9LElhPUY%2FZnVuY3Rpb24oYSl7cmV0dXJuIGFbRl19OmZ1bmN0aW9uKGEpe3JldHVybiBhLnN9LEg9Rj9mdW5jdGlvbihhLGIpe2FbRl09Yn06ZnVuY3Rpb24oYSxiKXt2b2lkIDAhPT1hLnM%2FYS5zPWI6T2JqZWN0LmRlZmluZVByb3BlcnRpZXMoYSx7czp7dmFsdWU6Yixjb25maWd1cmFibGU6ITAsd3JpdGFibGU6ITAsZW51bWVyYWJsZTohMX19KX07IGZ1bmN0aW9uIEphKCl7dmFyIGE9W107R2EoYSwxKTtyZXR1cm4gYX1mdW5jdGlvbiBLYShhKXthPWE%2BPjE0JjEwMjM7cmV0dXJuIDA9PT1hPzUzNjg3MDkxMjphfTt2YXIgTGE9e30sTWE9e307ZnVuY3Rpb24gTmEoYSl7cmV0dXJuISghYXx8XCJvYmplY3RcIiE9PXR5cGVvZiBhfHxhLmNhIT09TWEpfWZ1bmN0aW9uIEooYSl7cmV0dXJuIG51bGwhPT1hJiZcIm9iamVjdFwiPT09dHlwZW9mIGEmJiFBcnJheS5pc0FycmF5KGEpJiZhLmNvbnN0cnVjdG9yPT09T2JqZWN0fXZhciBPYSxQYT0hc2E7ZnVuY3Rpb24gUWEoYSxiLGMpe2lmKCFBcnJheS5pc0FycmF5KGEpfHxhLmxlbmd0aClyZXR1cm4hMTt2YXIgZD1HKGEpO2lmKGQmMSlyZXR1cm4hMDtpZighKGImJihBcnJheS5pc0FycmF5KGIpP2IuaW5jbHVkZXMoYyk6Yi5oYXMoYykpKSlyZXR1cm4hMTtIKGEsZHwxKTtyZXR1cm4hMH12YXIgSyxSYT1bXTtIKFJhLDU1KTtLPU9iamVjdC5mcmVlemUoUmEpO09iamVjdC5mcmVlemUobmV3IGZ1bmN0aW9uKCl7fSk7T2JqZWN0LmZyZWV6ZShuZXcgZnVuY3Rpb24oKXt9KTtmdW5jdGlvbiBTYShhKXtpZihcImJvb2xlYW5cIiE9PXR5cGVvZiBhKXt2YXIgYj10eXBlb2YgYTt0aHJvdyBFcnJvcihcIkV4cGVjdGVkIGJvb2xlYW4gYnV0IGdvdCBcIisoXCJvYmplY3RcIiE9Yj9iOmE%2FQXJyYXkuaXNBcnJheShhKT9cImFycmF5XCI6YjpcIm51bGxcIikrXCI6IFwiK2EpO31yZXR1cm4gYX07dmFyIFRhO2Z1bmN0aW9uIFVhKGEsYixjKXtudWxsPT1hJiYoYT1UYSk7VGE9dm9pZCAwO2lmKG51bGw9PWEpe3ZhciBkPTk2O2M%2FKGE9W2NdLGR8PTUxMik6YT1bXTtiJiYoZD1kJi0xNjc2MDgzM3woYiYxMDIzKTw8MTQpfWVsc2V7aWYoIUFycmF5LmlzQXJyYXkoYSkpdGhyb3cgRXJyb3IoKTtkPUcoYSk7aWYoZCY2NClyZXR1cm4gYTtkfD02NDtpZihjJiYoZHw9NTEyLGMhPT1hWzBdKSl0aHJvdyBFcnJvcigpO2E6e2M9ZDtpZihkPWEubGVuZ3RoKXt2YXIgZT1kLTE7aWYoSihhW2VdKSl7Y3w9MjU2O2I9ZS0oKyEhKGMmNTEyKS0xKTtpZigxMDI0PD1iKXRocm93IEVycm9yKCk7ZD1jJi0xNjc2MDgzM3woYiYxMDIzKTw8MTQ7YnJlYWsgYX19aWYoYil7Yj1NYXRoLm1heChiLGQtKCshIShjJjUxMiktMSkpO2lmKDEwMjQ8Yil0aHJvdyBFcnJvcigpO2Q9YyYtMTY3NjA4MzN8KGImMTAyMyk8PDE0fWVsc2UgZD1jfX1IKGEsZCk7cmV0dXJuIGF9O2Z1bmN0aW9uIFZhKGEsYil7cmV0dXJuIFdhKGIpfWZ1bmN0aW9uIFdhKGEpe3N3aXRjaCh0eXBlb2YgYSl7Y2FzZSBcIm51bWJlclwiOnJldHVybiBpc0Zpbml0ZShhKT9hOlN0cmluZyhhKTtjYXNlIFwiYm9vbGVhblwiOnJldHVybiBhPzE6MDtjYXNlIFwib2JqZWN0XCI6aWYoYSl7aWYoQXJyYXkuaXNBcnJheShhKSlyZXR1cm4gUGF8fCFRYShhLHZvaWQgMCw5OTk5KT9hOnZvaWQgMDtpZihDYSYmbnVsbCE9YSYmYSBpbnN0YW5jZW9mIFVpbnQ4QXJyYXkpe2lmKERhKXtmb3IodmFyIGI9XCJcIixjPTAsZD1hLmxlbmd0aC0xMDI0MDtjPGQ7KWIrPVN0cmluZy5mcm9tQ2hhckNvZGUuYXBwbHkobnVsbCxhLnN1YmFycmF5KGMsYys9MTAyNDApKTtiKz1TdHJpbmcuZnJvbUNoYXJDb2RlLmFwcGx5KG51bGwsYz9hLnN1YmFycmF5KGMpOmEpO2E9YnRvYShiKX1lbHNlIGE9QmEoYSk7cmV0dXJuIGF9fX1yZXR1cm4gYX07ZnVuY3Rpb24gWGEoYSxiLGMsZCxlLGYpe2lmKG51bGwhPWEpe2lmKEFycmF5LmlzQXJyYXkoYSkpYT1lJiYwPT1hLmxlbmd0aCYmRyhhKSYxP3ZvaWQgMDpmJiZHKGEpJjI%2FYTpZYShhLGIsYyx2b2lkIDAhPT1kLGUsZik7ZWxzZSBpZihKKGEpKXt2YXIgZz17fSxoO2ZvcihoIGluIGEpZ1toXT1YYShhW2hdLGIsYyxkLGUsZik7YT1nfWVsc2UgYT1iKGEsZCk7cmV0dXJuIGF9fWZ1bmN0aW9uIFlhKGEsYixjLGQsZSxmKXt2YXIgZz1kfHxjP0coYSk6MDtkPWQ%2FISEoZyYzMik6dm9pZCAwO2E9QXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYSk7Zm9yKHZhciBoPTA7aDxhLmxlbmd0aDtoKyspYVtoXT1YYShhW2hdLGIsYyxkLGUsZik7YyYmYyhnLGEpO3JldHVybiBhfWZ1bmN0aW9uIFphKGEpe3JldHVybiBhLmFhPT09TGE%2FYS50b0pTT04oKTpXYShhKX07ZnVuY3Rpb24gJGEoYSxiLGMpe3ZhciBkPWEubCxlPUlhKGQpO2lmKGUmMil0aHJvdyBFcnJvcigpO2FiKGQsZSxiLGMpO3JldHVybiBhfWZ1bmN0aW9uIGFiKGEsYixjLGQpe3ZhciBlPUthKGIpO2lmKGM%2BPWUpe3ZhciBmPWI7aWYoYiYyNTYpZT1hW2EubGVuZ3RoLTFdO2Vsc2V7aWYobnVsbD09ZClyZXR1cm47ZT1hW2UrKCshIShiJjUxMiktMSldPXt9O2Z8PTI1Nn1lW2NdPWQ7ZiE9PWImJkgoYSxmKX1lbHNlIGFbYysoKyEhKGImNTEyKS0xKV09ZCxiJjI1NiYmKGE9YVthLmxlbmd0aC0xXSxjIGluIGEmJmRlbGV0ZSBhW2NdKX1mdW5jdGlvbiBMKGEsYixjKXtpZihudWxsIT1jJiZcInN0cmluZ1wiIT09dHlwZW9mIGMpdGhyb3cgRXJyb3IoKTtyZXR1cm4gJGEoYSxiLGMpfTtmdW5jdGlvbiBNKGEsYixjKXt0aGlzLmw9VWEoYSxiLGMpfU0ucHJvdG90eXBlLnRvSlNPTj1mdW5jdGlvbigpe2lmKE9hKXZhciBhPWJiKHRoaXMsdGhpcy5sLCExKTtlbHNlIGE9WWEodGhpcy5sLFphLHZvaWQgMCx2b2lkIDAsITEsITEpLGE9YmIodGhpcyxhLCEwKTtyZXR1cm4gYX07ZnVuY3Rpb24gY2IoYSl7T2E9ITA7dHJ5e3JldHVybiBKU09OLnN0cmluZ2lmeShhLnRvSlNPTigpLFZhKX1maW5hbGx5e09hPSExfX1NLnByb3RvdHlwZS5hYT1MYTtNLnByb3RvdHlwZS50b1N0cmluZz1mdW5jdGlvbigpe3JldHVybiBiYih0aGlzLHRoaXMubCwhMSkudG9TdHJpbmcoKX07IGZ1bmN0aW9uIGJiKGEsYixjKXt2YXIgZD1hLmNvbnN0cnVjdG9yLmJhLGU9SWEoYz9hLmw6YiksZj1LYShlKSxnPSExO2lmKGQmJlBhKXtpZighYyl7Yj1BcnJheS5wcm90b3R5cGUuc2xpY2UuY2FsbChiKTt2YXIgaDtpZihiLmxlbmd0aCYmSihoPWJbYi5sZW5ndGgtMV0pKWZvcihnPTA7ZzxkLmxlbmd0aDtnKyspaWYoZFtnXT49Zil7T2JqZWN0LmFzc2lnbihiW2IubGVuZ3RoLTFdPXt9LGgpO2JyZWFrfWc9ITB9Zj1iO2M9IWM7aD1JYShhLmwpO2E9S2EoaCk7aD0rISEoaCY1MTIpLTE7Zm9yKHZhciBrLGwscD0wO3A8ZC5sZW5ndGg7cCsrKWlmKGw9ZFtwXSxsPGEpe2wrPWg7dmFyIG09ZltsXTtudWxsPT1tP2ZbbF09Yz9LOkphKCk6YyYmbSE9PUsmJkhhKG0pfWVsc2Uga3x8KG09dm9pZCAwLGYubGVuZ3RoJiZKKG09ZltmLmxlbmd0aC0xXSk%2Faz1tOmYucHVzaChrPXt9KSksbT1rW2xdLG51bGw9PWtbbF0%2Fa1tsXT1jP0s6SmEoKTpjJiZtIT09SyYmSGEobSl9az1iLmxlbmd0aDsgaWYoIWspcmV0dXJuIGI7dmFyIHE7aWYoSihmPWJbay0xXSkpe2E6e3ZhciB2PWY7Yz17fTthPSExO2Zvcih2YXIgciBpbiB2KXtoPXZbcl07aWYoQXJyYXkuaXNBcnJheShoKSl7cD1oO2lmKCFGYSYmUWEoaCxkLCtyKXx8IUVhJiZOYShoKSYmMD09PWguc2l6ZSloPW51bGw7aCE9cCYmKGE9ITApfW51bGwhPWg%2FY1tyXT1oOmE9ITB9aWYoYSl7Zm9yKHZhciB6IGluIGMpe3Y9YzticmVhayBhfXY9bnVsbH19diE9ZiYmKHE9ITApO2stLX1mb3IoZT0rISEoZSY1MTIpLTE7MDxrO2stLSl7cj1rLTE7Zj1iW3JdO2lmKCEobnVsbD09Znx8IUZhJiZRYShmLGQsci1lKXx8IUVhJiZOYShmKSYmMD09PWYuc2l6ZSkpYnJlYWs7dmFyIHc9ITB9aWYoIXEmJiF3KXJldHVybiBiO3ZhciB1O2c%2FdT1iOnU9QXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYiwwLGspO2I9dTtnJiYoYi5sZW5ndGg9ayk7diYmYi5wdXNoKHYpO3JldHVybiBifTtmdW5jdGlvbiBkYihhKXt0aGlzLmw9VWEoYSl9dChkYixNKTtmdW5jdGlvbiBlYihhLGIpe3RoaXMua2V5PWE7dGhpcy5kZWZhdWx0VmFsdWU9dm9pZCAwPT09Yj8hMTpiO3RoaXMudmFsdWVUeXBlPVwiYm9vbGVhblwifTt2YXIgZmI9bmV3IGViKFwiMTAwMDAwXCIpLGdiPW5ldyBlYihcIjQ1MzU3MTU2XCIsITApLGhiPW5ldyBlYihcIjQ1MzUwODkwXCIpLGliPW5ldyBlYihcIjQ1NDE0ODkyXCIpO3ZhciBqYj1bXCJBN0NRWGdsWnpUclRoakdUQkVuMXJXVHhIT0V0a1dpdnd6Z2VhK05qeWFyZHJ3bGllU2pWdXlHNDRQa1lnSVBHczhROXN2RDhzRjNZZWRuMEJCQmpYQWtBQUFDRmV5SnZjbWxuYVc0aU9pSm9kSFJ3Y3pvdkwyUnZkV0pzWldOc2FXTnJMbTVsZERvME5ETWlMQ0ptWldGMGRYSmxJam9pVUhKcGRtRmplVk5oYm1SaWIzaEJaSE5CVUVseklpd2laWGh3YVhKNUlqb3hOamsxTVRZM09UazVMQ0pwYzFOMVltUnZiV0ZwYmlJNmRISjFaU3dpYVhOVWFHbHlaRkJoY25SNUlqcDBjblZsZlE9PVwiXTtmdW5jdGlvbiBrYihhLGIpe3JldHVyblwiJmFkdXJsPVwiPT1hLnN1YnN0cmluZyhhLmxlbmd0aC03KT9hLnN1YnN0cmluZygwLGEubGVuZ3RoLTcpK2IrXCImYWR1cmw9XCI6YStifTtmdW5jdGlvbiBPKGEpe3JldHVybiBhPXZvaWQgMD09PWE%2Fd2luZG93OmF9O3ZhciBQPXguZGljbmZ8fHt9O2Z1bmN0&i=8-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 1yElO_qvCvfOy_zAogilhEjAKkjCokOOXb1bsWNM6CTN5TpCpNDCrA==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
346 B 77ms
72ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=aW9uIGxiKGEpe3ZhciBiPSExLGM7cmV0dXJuIGZ1bmN0aW9uKCl7Ynx8KGM9YSgpLGI9ITApO3JldHVybiBjfX07ZnVuY3Rpb24gbWIoYSxiLGMpe2EuYWRkRXZlbnRMaXN0ZW5lciYmYS5hZGRFdmVudExpc3RlbmVyKGIsYywhMSl9ZnVuY3Rpb24gbmIoYSxiLGMpe2EucmVtb3ZlRXZlbnRMaXN0ZW5lciYmYS5yZW1vdmVFdmVudExpc3RlbmVyKGIsYywhMSl9O2Z1bmN0aW9uIG9iKGEpe3ZhciBiPVwiSlwiO2lmKGEuSiYmYS5oYXNPd25Qcm9wZXJ0eShiKSlyZXR1cm4gYS5KO2I9bmV3IGE7cmV0dXJuIGEuSj1ifTt2YXIgcGI9UmVnRXhwKFwiXig%2FOihbXjovPyMuXSspOik%2FKD86Ly8oPzooW15cXFxcXFxcXC8%2FI10qKUApPyhbXlxcXFxcXFxcLz8jXSo%2FKSg%2FOjooWzAtOV0rKSk%2FKD89W1xcXFxcXFxcLz8jXXwkKSk%2FKFtePyNdKyk%2FKD86XFxcXD8oW14jXSopKT8oPzojKFtcXFxcc1xcXFxTXSopKT8kXCIpO2Z1bmN0aW9uIHFiKGEsYixjLGQpe2Zvcih2YXIgZT1jLmxlbmd0aDswPD0oYj1hLmluZGV4T2YoYyxiKSkmJmI8ZDspe3ZhciBmPWEuY2hhckNvZGVBdChiLTEpO2lmKDM4PT1mfHw2Mz09ZilpZihmPWEuY2hhckNvZGVBdChiK2UpLCFmfHw2MT09Znx8Mzg9PWZ8fDM1PT1mKXJldHVybiBiO2IrPWUrMX1yZXR1cm4tMX12YXIgcmI9LyN8JC8sc2I9L1s%2FJl0oJHwjKS87ZnVuY3Rpb24gdGIoYSl7dHJ5e3ZhciBiO2lmKGI9ISFhJiZudWxsIT1hLmxvY2F0aW9uLmhyZWYpYTp7dHJ5e3lhKGEuZm9vKTtiPSEwO2JyZWFrIGF9Y2F0Y2goYyl7fWI9ITF9cmV0dXJuIGJ9Y2F0Y2goYyl7cmV0dXJuITF9fWZ1bmN0aW9uIHViKGEsYil7Yj12b2lkIDA9PT1iPyExOmI7dmFyIGM9dm9pZCAwPT09Yz94OmM7Zm9yKHZhciBkPTA7YyYmNDA%2BZCsrJiYoIWImJiF0YihjKXx8IWEoYykpOylhOnt0cnl7dmFyIGU9Yy5wYXJlbnQ7aWYoZSYmZSE9Yyl7Yz1lO2JyZWFrIGF9fWNhdGNoKGYpe31jPW51bGx9fWZ1bmN0aW9uIHZiKCl7aWYoIWdsb2JhbFRoaXMuY3J5cHRvKXJldHVybiBNYXRoLnJhbmRvbSgpO3RyeXt2YXIgYT1uZXcgVWludDMyQXJyYXkoMSk7Z2xvYmFsVGhpcy5jcnlwdG8uZ2V0UmFuZG9tVmFsdWVzKGEpO3JldHVybiBhWzBdLzY1NTM2LzY1NTM2fWNhdGNoKGIpe3JldHVybiBNYXRoLnJhbmRvbSgpfX0gZnVuY3Rpb24gd2IoYSxiKXtpZihhKWZvcih2YXIgYyBpbiBhKU9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChhLGMpJiZiKGFbY10sYyxhKX12YXIgeGI9W107ZnVuY3Rpb24geWIoKXt2YXIgYT14Yjt4Yj1bXTthPWVhKGEpO2Zvcih2YXIgYj1hLm5leHQoKTshYi5kb25lO2I9YS5uZXh0KCkpe2I9Yi52YWx1ZTt0cnl7YigpfWNhdGNoKGMpe319fWZ1bmN0aW9uIHpiKGEsYil7XCJjb21wbGV0ZVwiPT09YS5yZWFkeVN0YXRlfHxcImludGVyYWN0aXZlXCI9PT1hLnJlYWR5U3RhdGU%2FKHhiLnB1c2goYiksMT09eGIubGVuZ3RoJiYod2luZG93LlByb21pc2U%2FUHJvbWlzZS5yZXNvbHZlKCkudGhlbih5Yik6d2luZG93LnNldEltbWVkaWF0ZT9zZXRJbW1lZGlhdGUoeWIpOnNldFRpbWVvdXQoeWIsMCkpKTphLmFkZEV2ZW50TGlzdGVuZXIoXCJET01Db250ZW50TG9hZGVkXCIsYil9IGZ1bmN0aW9uIEFiKGEsYil7Yj12b2lkIDA9PT1iP2RvY3VtZW50OmI7cmV0dXJuIGIuY3JlYXRlRWxlbWVudChTdHJpbmcoYSkudG9Mb3dlckNhc2UoKSl9O2Z1bmN0aW9uIFEoYSxiLGMsZCl7QmIoeCxhLHZvaWQgMD09PWI%2FbnVsbDpiLCExLHZvaWQgMD09PWM%2FITE6Yyx2b2lkIDA9PT1kPyExOmQpfWZ1bmN0aW9uIEJiKGEsYixjLGQsZSxmKXtmPXZvaWQgMD09PWY%2FITE6ZjthLmdvb2dsZV9pbWFnZV9yZXF1ZXN0c3x8KGEuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzPVtdKTt2YXIgZz1BYihcIklNR1wiLGEuZG9jdW1lbnQpO2lmKGN8fGUpe3ZhciBoPWZ1bmN0aW9uKGspe2MmJmMoayk7aWYoZSl7az1hLmdvb2dsZV9pbWFnZV9yZXF1ZXN0czt2YXIgbD13YShrLGcpOzA8PWwmJkFycmF5LnByb3RvdHlwZS5zcGxpY2UuY2FsbChrLGwsMSl9bmIoZyxcImxvYWRcIixoKTtuYihnLFwiZXJyb3JcIixoKX07bWIoZyxcImxvYWRcIixoKTttYihnLFwiZXJyb3JcIixoKX1kJiYoZy5yZWZlcnJlclBvbGljeT1cIm5vLXJlZmVycmVyXCIpO2YmJihnLmF0dHJpYnV0aW9uU3JjPVwiXCIpO2cuc3JjPWI7YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHMucHVzaChnKX0gdmFyIENiPWxiKGZ1bmN0aW9uKCl7cmV0dXJuXCJyZWZlcnJlclBvbGljeVwiaW4gQWIoXCJJTUdcIil9KTtmdW5jdGlvbiBEYigpe3RoaXMuZz17fX1mdW5jdGlvbiBSKGEpe0VifHwoRWI9bmV3IEdiKTt2YXIgYj1FYi5nW2Eua2V5XTtpZihcInByb3RvXCI9PT1hLnZhbHVlVHlwZSl7dHJ5e3ZhciBjPUpTT04ucGFyc2UoYik7aWYoQXJyYXkuaXNBcnJheShjKSlyZXR1cm4gY31jYXRjaChkKXt9cmV0dXJuIGEuZGVmYXVsdFZhbHVlfXJldHVybiB0eXBlb2YgYj09PXR5cGVvZiBhLmRlZmF1bHRWYWx1ZT9iOmEuZGVmYXVsdFZhbHVlfTtmdW5jdGlvbiBHYigpe3RoaXMuZz17fTt2YXIgYT1kb2N1bWVudC5jdXJyZW50U2NyaXB0O2E9KGE9KGE9dm9pZCAwPT09YT9udWxsOmEpJiZcIjBcIj09PWEuZ2V0QXR0cmlidXRlKFwiZGF0YS1qY1wiKT9hOmRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJ1tkYXRhLWpjPVwiMFwiXScpKSYmYS5nZXRBdHRyaWJ1dGUoXCJkYXRhLWpjLWZsYWdzXCIpfHxcIlwiO3RyeXt2YXIgYj1KU09OLnBhcnNlKGEpWzBdO2E9XCJcIjtmb3IodmFyIGM9MDtjPGIubGVuZ3RoO2MrKylhKz1TdHJpbmcuZnJvbUNoYXJDb2RlKGIuY2hhckNvZGVBdChjKV5cIlxcdTAwMDNcXHUwMDA3XFx1MDAwM1xcdTAwMDdcXGJcXHUwMDA0XFx1MDAwNFxcdTAwMDZcXHUwMDA1XFx1MDAwM1wiLmNoYXJDb2RlQXQoYyUxMCkpO3RoaXMuZz1KU09OLnBhcnNlKGEpfWNhdGNoKGQpe319dmFyIEViO3QoR2IsRGIpO2Z1bmN0aW9uIEhiKGEsYil7dmFyIGM9dm9pZCAwPT09Yz97fTpjO3RoaXMuZXJyb3I9YTt0aGlzLmNvbnRleHQ9Yi5jb250ZXh0O3RoaXMubXNnPWIubWVzc2FnZXx8XCJcIjt0aGlzLmlkPWIuaWR8fFwianNlcnJvclwiO3RoaXMubWV0YT1jfTt2YXIgSWI9UmVnRXhwKFwiXmh0dHBzPzovLyhcXFxcd3wtKStcXFxcLmNkblxcXFwuYW1wcHJvamVjdFxcXFwuKG5ldHxvcmcpKFxcXFw%2FfC98JClcIik7ZnVuY3Rpb24gSmIoYSxiKXt0aGlzLmc9YTt0aGlzLmg9Yn1mdW5jdGlvbiBLYihhLGIpe3RoaXMudXJsPWE7dGhpcy5TPSEhYjt0aGlzLmRlcHRoPW51bGx9O3ZhciBMYj1udWxsO2Z1bmN0aW9uIE1iKCl7dmFyIGE9dm9pZCAwPT09YT94OmE7cmV0dXJuKGE9YS5wZXJmb3JtYW5jZSkmJmEubm93JiZhLnRpbWluZz9NYXRoLmZsb29yKGEubm93KCkrYS50aW1pbmcubmF2aWdhdGlvblN0YXJ0KTpEYXRlLm5vdygpfWZ1bmN0aW9uIE5iKCl7dmFyIGE9dm9pZCAwPT09YT94OmE7cmV0dXJuKGE9YS5wZXJmb3JtYW5jZSkmJmEubm93P2Eubm93KCk6bnVsbH07ZnVuY3Rpb24gT2IoYSxiKXt2YXIgYz1OYigpfHxNYigpO3RoaXMubGFiZWw9YTt0aGlzLnR5cGU9Yjt0aGlzLnZhbHVlPWM7dGhpcy5kdXJhdGlvbj0wO3RoaXMudGFza0lkPXRoaXMuc2xvdElkPXZvaWQgMDt0aGlzLnVuaXF1ZUlkPU1hdGgucmFuZG9tKCl9O3ZhciBTPXgucGVyZm9ybWFuY2UsUGI9ISEoUyYmUy5tYXJrJiZTLm1lYXN1cmUmJlMuY2xlYXJNYXJrcyksVD1sYihmdW5jdGlvbigpe3ZhciBhO2lmKGE9UGIpe3ZhciBiO2lmKG51bGw9PT1MYil7TGI9XCJcIjt0cnl7YT1cIlwiO3RyeXthPXgudG9wLmxvY2F0aW9uLmhhc2h9Y2F0Y2goYyl7YT14LmxvY2F0aW9uLmhhc2h9YSYmKExiPShiPWEubWF0Y2goL1xcYmRlaWQ9KFtcXGQsXSspLykpP2JbMV06XCJcIil9Y2F0Y2goYyl7fX1iPUxiO2E9ISFiLmluZGV4T2YmJjA8PWIuaW5kZXhPZihcIjEzMzdcIil9cmV0dXJuIGF9KTsgZnVuY3Rpb24gUWIoKXt2YXIgYT13aW5kb3c7dGhpcy5oPVtdO3RoaXMuaT1hfHx4O3ZhciBiPW51bGw7YSYmKGEuZ29vZ2xlX2pzX3JlcG9ydGluZ19xdWV1ZT1hLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWV8fFtdLHRoaXMuaD1hLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWUsYj1hLmdvb2dsZV9tZWFzdXJlX2pzX3RpbWluZyk7dGhpcy5nPVQoKXx8KG51bGwhPWI%2FYjoxPk1hdGgucmFuZG9tKCkpfWZ1bmN0aW9uIFJiKGEpe2EmJlMmJlQoKSYmKFMuY2xlYXJNYXJrcyhcImdvb2dfXCIrYS5sYWJlbCtcIl9cIithLnVuaXF1ZUlkK1wiX3N0YXJ0XCIpLFMuY2xlYXJNYXJrcyhcImdvb2dfXCIrYS5sYWJlbCtcIl9cIithLnVuaXF1ZUlkK1wiX2VuZFwiKSl9UWIucHJvdG90eXBlLnN0YXJ0PWZ1bmN0aW9uKGEsYil7aWYoIXRoaXMuZylyZXR1cm4gbnVsbDthPW5ldyBPYihhLGIpO2I9XCJnb29nX1wiK2EubGFiZWwrXCJfXCIrYS51bmlxdWVJZCtcIl9zdGFydFwiO1MmJlQoKSYmUy5tYXJrKGIpO3JldHVybiBhfTsgUWIucHJvdG90eXBlLmVuZD1mdW5jdGlvbihhKXtpZih0aGlzLmcmJlwibnVtYmVyXCI9PT10eXBlb2YgYS52YWx1ZSl7YS5kdXJhdGlvbj0oTmIoKXx8TWIoKSktYS52YWx1ZTt2YXIgYj1cImdvb2dfXCIrYS5sYWJlbCtcIl9cIithLnVuaXF1ZUlkK1wiX2VuZFwiO1MmJlQoKSYmUy5tYXJrKGIpOyF0aGlzLmd8fDIwNDg8dGhpcy5oLmxlbmd0aHx8dGhpcy5oLnB1c2goYSl9fTtmdW5jdGlvbiBTYigpe3RoaXMuaT1cIiZcIjt0aGlzLmg9e307dGhpcy5qPTA7dGhpcy5nPVtdfWZ1bmN0aW9uIFRiKGEsYil7dmFyIGM9e307Y1thXT1iO3JldHVybltjXX1mdW5jdGlvbiBVYihhLGIsYyxkLGUpe3ZhciBmPVtdO3diKGEsZnVuY3Rpb24oZyxoKXsoZz1WYihnLGIsYyxkLGUpKSYmZi5wdXNoKGgrXCI9XCIrZyl9KTtyZXR1cm4gZi5qb2luKGIpfSBmdW5jdGlvbiBWYihhLGIsYyxkLGUpe2lmKG51bGw9PWEpcmV0dXJuXCJcIjtiPWJ8fFwiJlwiO2M9Y3x8XCIsJFwiO1wic3RyaW5nXCI9PXR5cGVvZiBjJiYoYz1jLnNwbGl0KFwiXCIpKTtpZihhIGluc3RhbmNlb2YgQXJyYXkpe2lmKGQ9ZHx8MCxkPGMubGVuZ3RoKXtmb3IodmFyIGY9W10sZz0wO2c8YS5sZW5ndGg7ZysrKWYucHVzaChWYihhW2ddLGIsYyxkKzEsZSkpO3JldHVybiBmLmpvaW4oY1tkXSl9fWVsc2UgaWYoXCJvYmplY3RcIj09dHlwZW9mIGEpcmV0dXJuIGU9ZXx8MCwyPmU%2FZW5jb2RlVVJJQ29tcG9uZW50KFViKGEsYixjLGQsZSsxKSk6XCIuLi5cIjtyZXR1cm4gZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhhKSl9IGZ1bmN0aW9uIFdiKGEsYil7dmFyIGM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tXCIrYixkPVhiKGEpLWIubGVuZ3RoO2lmKDA%2BZClyZXR1cm5cIlwiO2EuZy5zb3J0KGZ1bmN0aW9uKHAsbSl7cmV0dXJuIHAtbX0pO2I9bnVsbDtmb3IodmFyIGU9XCJcIixmPTA7ZjxhLmcubGVuZ3RoO2YrKylmb3IodmFyIGc9YS5nW2ZdLGg9YS5oW2ddLGs9MDtrPGgubGVuZ3RoO2srKyl7aWYoIWQpe2I9bnVsbD09Yj9nOmI7YnJlYWt9dmFyIGw9VWIoaFtrXSxhLmksXCIsJFwiKTtpZihsKXtsPWUrbDtpZihkPj1sLmxlbmd0aCl7ZC09bC5sZW5ndGg7Yys9bDtlPWEuaTticmVha31iPW51bGw9PWI%2FZzpifX1hPVwiXCI7bnVsbCE9YiYmKGE9ZStcInRybj1cIitiKTtyZXR1cm4gYythfWZ1bmN0aW9uIFhiKGEpe3ZhciBiPTEsYztmb3IoYyBpbiBhLmgpYj1jLmxlbmd0aD5iP2MubGVuZ3RoOmI7cmV0dXJuIDM5OTctYi1hLmkubGVuZ3RoLTF9O2Z1bmN0aW9uIFliKGEsYixjKXt0aGlzLm09YTt0aGlzLm89Yjt0aGlzLmc9dm9pZCAwPT09Yz9udWxsOmM7dGhpcy5oPW51bGw7dGhpcy5pPSExO3RoaXMuQT10aGlzLmp9ZnVuY3Rpb24gWmIoYSxiLGMsZCl7dHJ5e2lmKGEuZyYmYS5nLmcpe3ZhciBlPWEuZy5zdGFydChiLnRvU3RyaW5nKCksMyk7dmFyIGY9YygpO2EuZy5lbmQoZSl9ZWxzZSBmPWMoKX1jYXRjaChrKXtjPWEubzt0cnl7UmIoZSksYz1hLkEoYixuZXcgSGIoayx7bWVz&i=9-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: JZIioTQ-K_e9xfHI7cDusUJ2ljQTnSKPRQJ3cIZkP_-uWtRZ02uEgg==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
347 B 80ms
75ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=c2FnZTokYihrKX0pLHZvaWQgMCxkKX1jYXRjaChsKXthLmooMjE3LGwpfWlmKGMpe3ZhciBnLGg7bnVsbD09KGc9d2luZG93LmNvbnNvbGUpfHxudWxsPT0oaD1nLmVycm9yKXx8aC5jYWxsKGcsayl9ZWxzZSB0aHJvdyBrO31yZXR1cm4gZn0gZnVuY3Rpb24gYWMoYSxiLGMsZCxlKXtyZXR1cm4gZnVuY3Rpb24oKXt2YXIgZj1wYS5hcHBseSgwLGFyZ3VtZW50cyk7cmV0dXJuIFpiKGEsYixmdW5jdGlvbigpe3JldHVybiBjLmFwcGx5KGQsZil9LGUpfX0gWWIucHJvdG90eXBlLmo9ZnVuY3Rpb24oYSxiLGMsZCxlKXtlPWV8fFwianNlcnJvclwiO3RyeXt2YXIgZj1uZXcgU2I7Zi5nLnB1c2goMSk7Zi5oWzFdPVRiKFwiY29udGV4dFwiLGEpO2IuZXJyb3ImJmIubWV0YSYmYi5pZHx8KGI9bmV3IEhiKGIse21lc3NhZ2U6JGIoYil9KSk7aWYoYi5tc2cpe3ZhciBnPWIubXNnLnN1YnN0cmluZygwLDUxMik7Zi5nLnB1c2goMik7Zi5oWzJdPVRiKFwibXNnXCIsZyl9dmFyIGg9Yi5tZXRhfHx7fTtpZih0aGlzLmgpdHJ5e3RoaXMuaChoKX1jYXRjaChsYSl7fWlmKGQpdHJ5e2QoaCl9Y2F0Y2gobGEpe31iPVtoXTtmLmcucHVzaCgzKTtmLmhbM109YjtkPXg7Yj1bXTtnPW51bGw7ZG97dmFyIGs9ZDtpZih0YihrKSl7dmFyIGw9ay5sb2NhdGlvbi5ocmVmO2c9ay5kb2N1bWVudCYmay5kb2N1bWVudC5yZWZlcnJlcnx8bnVsbH1lbHNlIGw9ZyxnPW51bGw7Yi5wdXNoKG5ldyBLYihsfHxcIlwiKSk7dHJ5e2Q9ay5wYXJlbnR9Y2F0Y2gobGEpe2Q9bnVsbH19d2hpbGUoZCYmIGshPWQpO2w9MDtmb3IodmFyIHA9Yi5sZW5ndGgtMTtsPD1wOysrbCliW2xdLmRlcHRoPXAtbDtrPXg7aWYoay5sb2NhdGlvbiYmay5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMmJmsubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zLmxlbmd0aD09Yi5sZW5ndGgtMSlmb3IocD0xO3A8Yi5sZW5ndGg7KytwKXt2YXIgbT1iW3BdO20udXJsfHwobS51cmw9ay5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnNbcC0xXXx8XCJcIixtLlM9ITApfXZhciBxPW5ldyBLYih4LmxvY2F0aW9uLmhyZWYsITEpO2s9bnVsbDt2YXIgdj1iLmxlbmd0aC0xO2ZvcihtPXY7MDw9bTstLW0pe3ZhciByPWJbbV07IWsmJkliLnRlc3Qoci51cmwpJiYoaz1yKTtpZihyLnVybCYmIXIuUyl7cT1yO2JyZWFrfX1yPW51bGw7dmFyIHo9Yi5sZW5ndGgmJmJbdl0udXJsOzAhPXEuZGVwdGgmJnomJihyPWJbdl0pO3ZhciB3PW5ldyBKYihxLHIpO2lmKHcuaCl7dmFyIHU9dy5oLnVybHx8XCJcIjtmLmcucHVzaCg0KTtmLmhbNF09VGIoXCJ0b3BcIiwgdSl9dmFyIEk9e3VybDp3LmcudXJsfHxcIlwifTtpZih3LmcudXJsKXt2YXIgTj13LmcudXJsLm1hdGNoKHBiKSxDPU5bMV0sRD1OWzNdLG1hPU5bNF07cT1cIlwiO0MmJihxKz1DK1wiOlwiKTtEJiYocSs9XCIvL1wiLHErPUQsbWEmJihxKz1cIjpcIittYSkpO3ZhciBGYj1xfWVsc2UgRmI9XCJcIjtJPVtJLHt1cmw6RmJ9XTtmLmcucHVzaCg1KTtmLmhbNV09STtiYyh0aGlzLm0sZSxmLHRoaXMuaSxjKX1jYXRjaChsYSl7dHJ5e2JjKHRoaXMubSxlLHtjb250ZXh0OlwiZWNtc2VyclwiLHJjdHg6YSxtc2c6JGIobGEpLHVybDp3JiZ3LmcudXJsfSx0aGlzLmksYyl9Y2F0Y2gobGQpe319cmV0dXJuIHRoaXMub307IGZ1bmN0aW9uICRiKGEpe3ZhciBiPWEudG9TdHJpbmcoKTthLm5hbWUmJi0xPT1iLmluZGV4T2YoYS5uYW1lKSYmKGIrPVwiOiBcIithLm5hbWUpO2EubWVzc2FnZSYmLTE9PWIuaW5kZXhPZihhLm1lc3NhZ2UpJiYoYis9XCI6IFwiK2EubWVzc2FnZSk7aWYoYS5zdGFjayl7YT1hLnN0YWNrO3ZhciBjPWI7dHJ5ey0xPT1hLmluZGV4T2YoYykmJihhPWMrXCJcXG5cIithKTtmb3IodmFyIGQ7YSE9ZDspZD1hLGE9YS5yZXBsYWNlKFJlZ0V4cChcIigoaHR0cHM%2FOi8uLiovKVteLzpdKjpcXFxcZCsoPzoufFxcbikqKVxcXFwyXCIpLFwiJDFcIik7Yj1hLnJlcGxhY2UoUmVnRXhwKFwiXFxuICpcIixcImdcIiksXCJcXG5cIil9Y2F0Y2goZSl7Yj1jfX1yZXR1cm4gYn07ZnVuY3Rpb24gY2MoKXt9O2Z1bmN0aW9uIGRjKCl7dGhpcy5nPU1hdGgucmFuZG9tKCl9ZnVuY3Rpb24gZWMoKXt2YXIgYT1mYyxiPXdpbmRvdy5nb29nbGVfc3J0OzA8PWImJjE%2BPWImJihhLmc9Yil9ZnVuY3Rpb24gYmMoYSxiLGMsZCxlKXtpZigoKHZvaWQgMD09PWQ%2FMDpkKT9hLmc6TWF0aC5yYW5kb20oKSk8KGV8fC4wMSkpdHJ5e2lmKGMgaW5zdGFuY2VvZiBTYil2YXIgZj1jO2Vsc2UgZj1uZXcgU2Isd2IoYyxmdW5jdGlvbihoLGspe3ZhciBsPWYscD1sLmorKztoPVRiKGssaCk7bC5nLnB1c2gocCk7bC5oW3BdPWh9KTt2YXIgZz1XYihmLFwiL3BhZ2VhZC9nZW5fMjA0P2lkPVwiK2IrXCImXCIpO2cmJlEoZyl9Y2F0Y2goaCl7fX07dmFyIGZjLGdjLFU9bmV3IFFiO2Z1bmN0aW9uIGhjKCl7d2luZG93Lmdvb2dsZV9tZWFzdXJlX2pzX3RpbWluZ3x8KFUuZz0hMSxVLmghPVUuaS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlJiYoVCgpJiZ4YShVLmgsUmIpLFUuaC5sZW5ndGg9MCkpfShmdW5jdGlvbihhKXtmYz1udWxsIT1hP2E6bmV3IGRjO1wibnVtYmVyXCIhPT10eXBlb2Ygd2luZG93Lmdvb2dsZV9zcnQmJih3aW5kb3cuZ29vZ2xlX3NydD1NYXRoLnJhbmRvbSgpKTtlYygpO2djPW5ldyBZYihmYywhMCxVKTtnYy5oPWZ1bmN0aW9uKCl7fTtnYy5pPSEwO1wiY29tcGxldGVcIj09d2luZG93LmRvY3VtZW50LnJlYWR5U3RhdGU%2FaGMoKTpVLmcmJm1iKHdpbmRvdyxcImxvYWRcIixmdW5jdGlvbigpe2hjKCl9KX0pKCk7dmFyIGljPVtcIkZSQU1FXCIsXCJJTUdcIixcIklGUkFNRVwiXSxqYz0vXlswMV0ocHgpPyQvO2Z1bmN0aW9uIGtjKGEpe3JldHVyblwic3RyaW5nXCI9PT10eXBlb2YgYT9kb2N1bWVudC5nZXRFbGVtZW50QnlJZChhKTphfSBmdW5jdGlvbiBsYyhhLGIsYyxkLGUsZixnKXtjPXZvaWQgMD09PWM%2FITA6YztkPXZvaWQgMD09PWQ%2FITE6ZDtmPXZvaWQgMD09PWY%2FITE6ZjtnPXZvaWQgMD09PWc%2FITE6ZztpZihhPWtjKGEpKXtlfHwoZT1mdW5jdGlvbihDLEQsbWEpe0MuYWRkRXZlbnRMaXN0ZW5lcihELG1hKX0pO2Zvcih2YXIgaD0hMSxrPWZ1bmN0aW9uKEMpe2h8fChoPSEwLGIoQykpfSxsLHAsbT0wO208aWMubGVuZ3RoOysrbSlpZihpY1ttXT09YS50YWdOYW1lKXtwPTM7bD1bYV07YnJlYWt9bHx8KGw9YS5xdWVyeVNlbGVjdG9yQWxsKGljLmpvaW4oXCIsXCIpKSxwPTIpO3ZhciBxPTAsdj0wLHI9IWcsej1hPSExO209e307Zm9yKHZhciB3PTA7dzxsLmxlbmd0aDttPXtCOm0uQn0sdysrKXt2YXIgdT1sW3ddO2lmKCEoXCJJTUdcIj09dS50YWdOYW1lJiYodS5jb21wbGV0ZSYmKCF1Lm5hdHVyYWxXaWR0aHx8IXUubmF0dXJhbEhlaWdodCl8fCh2b2lkIDA9PT1nPzA6ZykmJnUuc3R5bGUmJlwibm9uZVwiPT09dS5zdHlsZS5kaXNwbGF5KXx8IGpjLnRlc3QodS5nZXRBdHRyaWJ1dGUoXCJ3aWR0aFwiKSkmJmpjLnRlc3QodS5nZXRBdHRyaWJ1dGUoXCJoZWlnaHRcIikpKSl7bS5CPVwiSU1HXCI9PT11LnRhZ05hbWU7aWYoXCJJTUdcIj09dS50YWdOYW1lKXZhciBJPXUubmF0dXJhbFdpZHRoJiZ1Lm5hdHVyYWxIZWlnaHQ%2FITA6ITE7ZWxzZSB0cnl7ST1cImNvbXBsZXRlXCI9PT0odS5yZWFkeVN0YXRlP3UucmVhZHlTdGF0ZTp1LmNvbnRlbnRXaW5kb3cmJnUuY29udGVudFdpbmRvdy5kb2N1bWVudCYmdS5jb250ZW50V2luZG93LmRvY3VtZW50LnJlYWR5U3RhdGUpPyEwOiExfWNhdGNoKEMpe0k9dm9pZCAwPT09ZD8hMTpkfWlmKEkpYT0hMCxtLkImJihyPSEwKTtlbHNle3ErKzt2YXIgTj1mdW5jdGlvbihDKXtyZXR1cm4gZnVuY3Rpb24oRCl7cS0tOyFxJiZyJiZrKHApO0MuQiYmKEQ9RCYmXCJlcnJvclwiPT09RC50eXBlLHYtLSxEfHwocj0hMCksIXYmJnomJnImJmsocCkpfX0obSk7ZSh1LFwibG9hZFwiLE4pO20uQiYmKHYrKyxlKHUsXCJlcnJvclwiLCBOKSl9fX0wPT09diYmKHI9ITApO2w9bnVsbDtpZigwPT09cSYmIWEmJlwiY29tcGxldGVcIj09PXguZG9jdW1lbnQucmVhZHlTdGF0ZSlwPTU7ZWxzZSBpZihxfHwhYSl7ZSh4LFwibG9hZFwiLGZ1bmN0aW9uKCl7IWZ8fCF2JiZyP2soNCk6ej0hMH0pO3JldHVybn1jJiZrKHApfX07ZnVuY3Rpb24gbWMoYSxiLGMpe2lmKGEpZm9yKHZhciBkPTA7bnVsbCE9YSYmNTAwPmQmJiFjKGEpOysrZClhPWIoYSl9ZnVuY3Rpb24gbmMoYSxiKXttYyhhLGZ1bmN0aW9uKGMpe3RyeXtyZXR1cm4gYz09PWMucGFyZW50P251bGw6Yy5wYXJlbnR9Y2F0Y2goZCl7fXJldHVybiBudWxsfSxiKX1mdW5jdGlvbiBvYyhhLGIpe2lmKFwiSUZSQU1FXCI9PWEudGFnTmFtZSliKGEpO2Vsc2V7YT1hLnF1ZXJ5U2VsZWN0b3JBbGwoXCJJRlJBTUVcIik7Zm9yKHZhciBjPTA7YzxhLmxlbmd0aCYmIWIoYVtjXSk7KytjKTt9fWZ1bmN0aW9uIHBjKGEpe3JldHVybihhPWEub3duZXJEb2N1bWVudCkmJihhLnBhcmVudFdpbmRvd3x8YS5kZWZhdWx0Vmlldyl8fG51bGx9IGZ1bmN0aW9uIHFjKGEsYixjKXt0cnl7dmFyIGQ9SlNPTi5wYXJzZShjLmRhdGEpfWNhdGNoKGcpe31pZihcIm9iamVjdFwiPT09dHlwZW9mIGQmJmQmJlwiY3JlYXRpdmVMb2FkXCI9PT1kLnR5cGUpe3ZhciBlPXBjKGEpO2lmKGMuc291cmNlJiZlKXt2YXIgZjtuYyhjLnNvdXJjZSxmdW5jdGlvbihnKXt0cnl7aWYoZy5wYXJlbnQ9PT1lKXJldHVybiBmPWcsITB9Y2F0Y2goaCl7fX0pO2YmJm9jKGEsZnVuY3Rpb24oZyl7aWYoZy5jb250ZW50V2luZG93PT09ZilyZXR1cm4gYihkKSwhMH0pfX19ZnVuY3Rpb24gcmMoYSl7cmV0dXJuXCJzdHJpbmdcIj09PXR5cGVvZiBhP2RvY3VtZW50LmdldEVsZW1lbnRCeUlkKGEpOmF9IGZ1bmN0aW9uIHNjKGEsYil7dmFyIGM9cmMoYSk7aWYoYylpZihjLm9uQ3JlYXRpdmVMb2FkKWMub25DcmVhdGl2ZUxvYWQoYik7ZWxzZXt2YXIgZD1iP1tiXTpbXSxlPWZ1bmN0aW9uKGYpe2Zvcih2YXIgZz0wO2c8ZC5sZW5ndGg7KytnKXRyeXtkW2ddKDEsZil9Y2F0Y2goaCl7fWQ9e3B1c2g6ZnVuY3Rpb24oaCl7aCgxLGYpfX19O2Mub25DcmVhdGl2ZUxvYWQ9ZnVuY3Rpb24oZil7ZC5wdXNoKGYpfTtjLnNldEF0dHJpYnV0ZShcImRhdGEtY3JlYXRpdmUtbG9hZC1saXN0ZW5lclwiLFwiXCIpO2MuYWRkRXZlbnRMaXN0ZW5lcihcImNyZWF0aXZlTG9hZFwiLGZ1bmN0aW9uKGYpe2UoZi5kZXRhaWwpfSk7eC5hZGRFdmVudExpc3RlbmVyKFwibWVzc2FnZVwiLGZ1bmN0aW9uKGYpe3FjKGMsZSxmKX0pfX07ZnVuY3Rpb24gVihhKXt2YXIgYj10aGlzO3RoaXMuaD0hMTt0aGlzLmc9W107YShmdW5jdGlvbihjKXt0YyhiLGMpfSl9ZnVuY3Rpb24gdGMoYSxiKXtpZighYS5oKWlmKGIgaW5zdGFuY2VvZiBWKWIudGhlbihmdW5jdGlvbihjKXt0YyhhLGMpfSk7ZWxzZXthLmg9ITA7YS5pPWI7Zm9yKGI9MDtiPGEuZy5sZW5ndGg7KytiKXVjKGEsYS5nW2JdKTthLmc9W119fWZ1bmN0aW9uIHVjKGEsYil7YS5oP2IoYS5pKTphLmcucHVzaChiKX1WLnByb3RvdHlwZS50aGVuPWZ1bmN0aW9uKGEpe3ZhciBiPXRoaXM7cmV0dXJuIG5ldyBWKGZ1bmN0aW9uKGMpe3VjKGIsZnVuY3Rpb24oZCl7YyhhKGQpKX0pfSl9OyBmdW5jdGlvbiB2YyhhKXt2YXIgYj1hLmxlbmd0aCxjPTA7cmV0dXJuIG5ldyBWKGZ1bmN0aW9uKGQpe2lmKDA9PWIpZChbXSk7ZWxzZSBmb3IodmFyIGU9W10sZj17djowfTtmLnY8YjtmPXt2OmYudn0sKytmLnYpYVtmLnZdLnRoZW4oZnVuY3Rpb24oZyl7cmV0dXJuIGZ1bmN0aW9uKGgpe2VbZy52XT1oOysrYz09YiYmZChlKX19KGYpKX0pfWZ1bmN0aW9uIHdjKCl7dmFyIGEsYj1uZXcgVihmdW5jdGlvbihjKXthPWN9KTtyZXR1cm4gbmV3IHhjKGIsYSl9ZnVuY3Rpb24geGMoYSxiKXt0aGlzLnByb21pc2U9YTt0aGlzLnJlc29sdmU9Yn07ZnVuY3Rpb24geWMoYSl7cmV0dXJuIGEucHJlcmVuZGVyaW5nPzM6e3Zpc2libGU6MSxoaWRkZW46MixwcmVyZW5kZXI6MyxwcmV2aWV3OjQsdW5sb2FkZWQ6NX1bYS52aXNpYmlsaXR5U3RhdGV8fG&i=10-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 03oNqFw_w0gJEnEjyvRUWqaG2XZBKeO1XxR9DzxPmZHH0NtF-X88GQ==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
346 B 83ms
78ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=Eud2Via2l0VmlzaWJpbGl0eVN0YXRlfHxhLm1velZpc2liaWxpdHlTdGF0ZXx8XCJcIl18fDB9ZnVuY3Rpb24gemMoYSl7dmFyIGI7YS52aXNpYmlsaXR5U3RhdGU%2FYj1cInZpc2liaWxpdHljaGFuZ2VcIjphLm1velZpc2liaWxpdHlTdGF0ZT9iPVwibW96dmlzaWJpbGl0eWNoYW5nZVwiOmEud2Via2l0VmlzaWJpbGl0eVN0YXRlJiYoYj1cIndlYmtpdHZpc2liaWxpdHljaGFuZ2VcIik7cmV0dXJuIGJ9O2Z1bmN0aW9uIEFjKGEsYixjKXtmdW5jdGlvbiBkKGspe3RyeXt2YXIgbD1cIm9iamVjdFwiPT09dHlwZW9mIGsuZGF0YT9rLmRhdGE6SlNPTi5wYXJzZShrLmRhdGEpO2c9PT1sLnBhd19pZCYmKHdpbmRvdy5jbGVhclRpbWVvdXQoaCksd2luZG93LnJlbW92ZUV2ZW50TGlzdGVuZXIoXCJtZXNzYWdlXCIsZCksbC5zaWduYWw%2FYihsLnNpZ25hbCk6bC5lcnJvciYmYyhsLmVycm9yKSl9Y2F0Y2gocCl7az17bXNnOlwicG9zdG1lc3NhZ2VFcnJvclwiLGVycjpwIGluc3RhbmNlb2YgRXJyb3I%2FcC5tZXNzYWdlOlwibm9uRXJyb3JcIixkYXRhOm51bGw9PWsuZGF0YT9cIm51bGxcIjo1MDA8ay5kYXRhLmxlbmd0aD9rLmRhdGEuc3Vic3RyaW5nKDAsNTAwKTprLmRhdGF9LG9iKGNjKSxsPVtdLCFrLmVpZCYmbC5sZW5ndGgmJihrLmVpZD1sLnRvU3RyaW5nKCkpLGJjKGZjLFwicGF3X3NpZ3NcIixrLCEwKX19dmFyIGU9e30sZj0yMDA7ZT12b2lkIDA9PT1lP3t9OmU7Yj12b2lkIDA9PT1iP2Z1bmN0aW9uKCl7fTogYjtjPXZvaWQgMD09PWM%2FZnVuY3Rpb24oKXt9OmM7Zj12b2lkIDA9PT1mPzIwMDpmO3ZhciBnPVN0cmluZyhNYXRoLmZsb29yKDIxNDc0ODM2NDcqdmIoKSkpLGg9MDt3aW5kb3cuYWRkRXZlbnRMaXN0ZW5lcihcIm1lc3NhZ2VcIixmdW5jdGlvbihrKXthYyhnYyw5MDMsZnVuY3Rpb24oKXtkKGspfSkoKX0pO2EucG9zdE1lc3NhZ2UoT2JqZWN0LmFzc2lnbih7fSx7cGF3X2lkOmd9LGUpKTtoPXdpbmRvdy5zZXRUaW1lb3V0KGZ1bmN0aW9uKCl7d2luZG93LnJlbW92ZUV2ZW50TGlzdGVuZXIoXCJtZXNzYWdlXCIsZCk7YyhcIlBBVyBHTUEgcG9zdG1lc3NhZ2UgdGltZWQgb3V0LlwiKX0sZil9IGZ1bmN0aW9uIEJjKCl7dmFyIGE9d2luZG93LGIsYztpZihhLmdtYVNka3x8KG51bGw9PShiPWEud2Via2l0KT8wOm51bGw9PShjPWIubWVzc2FnZUhhbmRsZXJzKT8wOmMuZ2V0R21hVmlld1NpZ25hbHMpKXJldHVybiBhO3RyeXt2YXIgZD13aW5kb3cucGFyZW50LGUsZjtpZihkLmdtYVNka3x8KG51bGw9PShlPWQud2Via2l0KT8wOm51bGw9PShmPWUubWVzc2FnZUhhbmRsZXJzKT8wOmYuZ2V0R21hVmlld1NpZ25hbHMpKXJldHVybiBkfWNhdGNoKGcpe31yZXR1cm4gbnVsbH07ZnVuY3Rpb24gQ2MoYSl7dGhpcy5sPVVhKGEpfXQoQ2MsTSk7ZnVuY3Rpb24gRGMoYSl7dGhpcy5sPVVhKGEpfXQoRGMsTSk7ZnVuY3Rpb24gRWMoYSxiKXtyZXR1cm4gTChhLDIsYil9ZnVuY3Rpb24gRmMoYSxiKXtyZXR1cm4gTChhLDMsYil9ZnVuY3Rpb24gR2MoYSxiKXtyZXR1cm4gTChhLDQsYil9ZnVuY3Rpb24gSGMoYSxiKXtyZXR1cm4gTChhLDUsYil9ZnVuY3Rpb24gSWMoYSxiKXtyZXR1cm4gTChhLDksYil9IGZ1bmN0aW9uIEpjKGEsYil7dmFyIGM9YS5sLGQ9SWEoYyk7aWYoZCYyKXRocm93IEVycm9yKCk7aWYobnVsbD09YilhYihjLGQsMTApO2Vsc2V7dmFyIGU9RyhiKSxmPWUsZz0hISgyJmUpfHwhISgyMDQ4JmUpLGg9Z3x8T2JqZWN0LmlzRnJvemVuKGIpLGs7aWYoaz0haClrPSExO2Zvcih2YXIgbD0hMCxwPSEwLG09MDttPGIubGVuZ3RoO20rKyl7dmFyIHE9YlttXTtnfHwocT0hIShHKHEubCkmMiksbCYmKGw9IXEpLHAmJihwPXEpKX1nfHwoZXw9NSxlPWw%2FZXw4OmUmLTksZT1wP2V8MTY6ZSYtMTcpO2lmKGt8fGgmJmUhPT1mKWI9QXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYiksZj0wLGU9MiZkP2V8MjplJi0zLGU9MzImZD9lfDMyOmUmLTMzLGUmPS0yMDQ5O2UhPT1mJiZIKGIsZSk7YWIoYyxkLDEwLGIpfXJldHVybiBhfWZ1bmN0aW9uIEtjKGEsYil7cmV0dXJuICRhKGEsMTEsbnVsbD09Yj9iOlNhKGIpKX1mdW5jdGlvbiBMYyhhLGIpe3JldHVybiBMKGEsMSxiKX0gZnVuY3Rpb24gTWMoYSxiKXtyZXR1cm4gJGEoYSw3LG51bGw9PWI%2FYjpTYShiKSl9RGMuYmE9WzEwLDZdO3ZhciBOYz1cInBsYXRmb3JtIHBsYXRmb3JtVmVyc2lvbiBhcmNoaXRlY3R1cmUgbW9kZWwgdWFGdWxsVmVyc2lvbiBiaXRuZXNzIGZ1bGxWZXJzaW9uTGlzdCB3b3c2NFwiLnNwbGl0KFwiIFwiKTtmdW5jdGlvbiBPYyhhKXt2YXIgYjtyZXR1cm4gbnVsbCE9KGI9YS5nb29nbGVfdGFnX2RhdGEpP2I6YS5nb29nbGVfdGFnX2RhdGE9e319ZnVuY3Rpb24gUGMoYSl7dmFyIGIsYztyZXR1cm5cImZ1bmN0aW9uXCI9PT10eXBlb2YobnVsbD09KGI9YS5uYXZpZ2F0b3IpP3ZvaWQgMDpudWxsPT0oYz1iLnVzZXJBZ2VudERhdGEpP3ZvaWQgMDpjLmdldEhpZ2hFbnRyb3B5VmFsdWVzKX0gZnVuY3Rpb24gUWMoYSl7aWYoIVBjKGEpKXJldHVybiBudWxsO3ZhciBiPU9jKGEpO2lmKGIudWFjaF9wcm9taXNlKXJldHVybiBiLnVhY2hfcHJvbWlzZTthPWEubmF2aWdhdG9yLnVzZXJBZ2VudERhdGEuZ2V0SGlnaEVudHJvcHlWYWx1ZXMoTmMpLnRoZW4oZnVuY3Rpb24oYyl7bnVsbCE9Yi51YWNofHwoYi51YWNoPWMpO3JldHVybiBjfSk7cmV0dXJuIGIudWFjaF9wcm9taXNlPWF9IGZ1bmN0aW9uIFJjKGEpe3ZhciBiO3JldHVybiBLYyhKYyhIYyhFYyhMYyhHYyhNYyhJYyhGYyhuZXcgRGMsYS5hcmNoaXRlY3R1cmV8fFwiXCIpLGEuYml0bmVzc3x8XCJcIiksYS5tb2JpbGV8fCExKSxhLm1vZGVsfHxcIlwiKSxhLnBsYXRmb3JtfHxcIlwiKSxhLnBsYXRmb3JtVmVyc2lvbnx8XCJcIiksYS51YUZ1bGxWZXJzaW9ufHxcIlwiKSwobnVsbD09KGI9YS5mdWxsVmVyc2lvbkxpc3QpP3ZvaWQgMDpiLm1hcChmdW5jdGlvbihjKXt2YXIgZD1uZXcgQ2M7ZD1MKGQsMSxjLmJyYW5kKTtyZXR1cm4gTChkLDIsYy52ZXJzaW9uKX0pKXx8W10pLGEud293NjR8fCExKX1mdW5jdGlvbiBTYyhhKXt2YXIgYixjO3JldHVybiBudWxsIT0oYz1udWxsPT0oYj1RYyhhKSk%2Fdm9pZCAwOmIudGhlbihmdW5jdGlvbihkKXtyZXR1cm4gUmMoZCl9KSk%2FYzpudWxsfTtmdW5jdGlvbiBUYyhhKXtyZXR1cm5bXCJvbWlkX3YxX3ByZXNlbnRcIixcIm9taWRfdjFfcHJlc2VudF93ZWJcIixcIm9taWRfdjFfcHJlc2VudF9hcHBcIl0uc29tZShmdW5jdGlvbihiKXt0cnl7dmFyIGM9YS5mcmFtZXMmJiEhYS5mcmFtZXNbYl19Y2F0Y2goZCl7Yz0hMX1yZXR1cm4gY30pfTtmdW5jdGlvbiBVYygpe3RoaXMuZz14LmRvY3VtZW50O3RoaXMubz14O3RoaXMuaD1udWxsO3RoaXMuaT10aGlzLmo9XCJcIjt0aGlzLnU9VmMoKTtXYyh0aGlzKX0gZnVuY3Rpb24gV2MoYSl7dmFyIGI9W10sYz1SKGhiKXx8ISFQLmF1YjtpZihjfHxQLmF1bmIpe3ZhciBkPVNjKGEubyk7ZCYmKGQ9ZC50aGVuKGZ1bmN0aW9uKG0pe209Y2IobSk7Zm9yKHZhciBxPVtdLHY9MCxyPTA7cjxtLmxlbmd0aDtyKyspe3ZhciB6PW0uY2hhckNvZGVBdChyKTsyNTU8eiYmKHFbdisrXT16JjI1NSx6Pj49OCk7cVt2KytdPXp9bT1CYShxLDMpO2Euaj1tfSksYyYmYi5wdXNoKGQpKX1pZihSKGdiKXx8UihpYikpe2M9QmMoKTt2YXIgZTtpZihudWxsPT1jPzA6bnVsbD09KGU9Yy5nbWFTZGspPzA6ZS5nZXRWaWV3U2lnbmFscykoZT1jLmdtYVNkay5nZXRWaWV3U2lnbmFscygpKSYmIVIoaWIpJiYoYS5pPVwiJm1zPVwiK2UpO2Vsc2V7dmFyIGYsZztpZihudWxsPT1jPzA6bnVsbD09KGY9Yy53ZWJraXQpPzA6bnVsbD09KGc9Zi5tZXNzYWdlSGFuZGxlcnMpPzA6Zy5nZXRHbWFWaWV3U2lnbmFscyl7dmFyIGgsaztBYyhudWxsPT1jP3ZvaWQgMDpudWxsPT0oaD1jLndlYmtpdCk%2FIHZvaWQgMDpudWxsPT0oaz1oLm1lc3NhZ2VIYW5kbGVycyk%2Fdm9pZCAwOmsuZ2V0R21hVmlld1NpZ25hbHMsZnVuY3Rpb24obSl7UihpYil8fChhLmk9XCImXCIrbSl9LGZ1bmN0aW9uKCl7fSl9fX1QLnVtaSYmKGU9bmV3IFYoZnVuY3Rpb24obSl7YS5oPW19KSxiLnB1c2goZSkpO2lmKFAuZWJycGZhfHxSKGZiKSl7dmFyIGw9d2MoKTtiLnB1c2gobC5wcm9taXNlKTt6YihhLmcsZnVuY3Rpb24oKXtsYyhhLmcuYm9keSxsLnJlc29sdmUpfSl9Mz09eWMoYS5nKSYmMz09eWMoYS5nKSYmYi5wdXNoKFhjKGEpKTtpZihQLm9weGR2JiZhLnUpe3ZhciBwPXdjKCk7Yi5wdXNoKHAucHJvbWlzZSk7ZT14Lm9tcmhwO1wiZnVuY3Rpb25cIj09PXR5cGVvZiBlP2UocC5yZXNvbHZlKTooZT14LmRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoXCJzY3JpcHRbZGF0YS1qYz0nODYnXVwiKSkmJmUuYWRkRXZlbnRMaXN0ZW5lcihcImxvYWRcIixmdW5jdGlvbigpe3gub21yaHAocC5yZXNvbHZlKX0pfWEubT12YyhiKX0gZnVuY3Rpb24gWWMoYSl7dmFyIGI9YS5zZWFyY2gocmIpO3ZhciBjPXFiKGEsMCxcImFzZVwiLGIpO2lmKDA%2BYyliPW51bGw7ZWxzZXt2YXIgZD1hLmluZGV4T2YoXCImXCIsYyk7aWYoMD5kfHxkPmIpZD1iO2I9ZGVjb2RlVVJJQ29tcG9uZW50KGEuc2xpY2UoYys0LC0xIT09ZD9kOjApLnJlcGxhY2UoL1xcKy9nLFwiIFwiKSl9aWYoYj09PSgyKS50b1N0cmluZygpKXt2YXIgZT14LmRvY3VtZW50O2U9dm9pZCAwPT09ZT9kb2N1bWVudDplO3ZhciBmO2U9bnVsbCE9KGY9ZS5mZWF0dXJlUG9saWN5KSYmZi5hbGxvd2VkRmVhdHVyZXMoKS5pbmNsdWRlcyhcImF0dHJpYnV0aW9uLXJlcG9ydGluZ1wiKT82OjU7Zj1hLnNlYXJjaChyYik7Yj0wO2ZvcihkPVtdOzA8PShjPXFiKGEsYixcIm5pc1wiLGYpKTspZC5wdXNoKGEuc3Vic3RyaW5nKGIsYykpLGI9TWF0aC5taW4oYS5pbmRleE9mKFwiJlwiLGMpKzF8fGYsZik7ZC5wdXNoKGEuc2xpY2UoYikpO2Quam9pbihcIlwiKS5yZXBsYWNlKHNiLFwiJDFcIik7bnVsbCE9IGUmJmVuY29kZVVSSUNvbXBvbmVudChTdHJpbmcoZSkpO2U9ITE7Zj0hMDtlPXZvaWQgMD09PWU%2FITE6ZTtmPXZvaWQgMD09PWY%2FITE6Zjt4LmZldGNoPyhlPXtrZWVwYWxpdmU6ITAsY3JlZGVudGlhbHM6XCJpbmNsdWRlXCIscmVkaXJlY3Q6XCJmb2xsb3dcIixtZXRob2Q6XCJnZXRcIixtb2RlOlwibm8tY29yc1wifSxmJiYoZS5tb2RlPVwiY29yc1wiLFwic2V0QXR0cmlidXRpb25SZXBvcnRpbmdcImluIFhNTEh0dHBSZXF1ZXN0LnByb3RvdHlwZT9lLmF0dHJpYnV0aW9uUmVwb3J0aW5nPXtldmVudFNvdXJjZUVsaWdpYmxlOlwidHJ1ZVwiLHRyaWdnZXJFbGlnaWJsZTpcImZhbHNlXCJ9OmUuaGVhZGVycz17XCJBdHRyaWJ1dGlvbi1SZXBvcnRpbmctRWxpZ2libGVcIjpcImV2ZW50LXNvdXJjZVwifSkseC5mZXRjaChhLGUpKTpRKGEsdm9pZCAwLGUsZil9ZWxzZSBpZihQLmF0c2Ipe2U9dm9pZCAwPT09ZT8hMTplO2lmKGY9eC5uYXZpZ2F0b3IpZj14Lm5hdmlnYXRvci51c2VyQWdlbnQsZj0vQ2hyb21lLy50ZXN0KGYpJiYgIS9FZGdlLy50ZXN0KGYpPyEwOiExO2YmJngubmF2aWdhdG9yLnNlbmRCZWFjb24%2FeC5uYXZpZ2F0b3Iuc2VuZEJlYWNvbihhKTpRKGEsdm9pZCAwLGUpfWVsc2UgUShhKX1mdW5jdGlvbiBWYygpe3ZhciBhPU8oeCkub21pZDNwLGI9ISFhJiZcImZ1bmN0aW9uXCI9PT10eXBlb2YgYS5yZWdpc3RlclNlc3Npb25PYnNlcnZlciYmXCJmdW5jdGlvblwiPT09dHlwZW9mIGEuYWRkRXZlbnRMaXN0ZW5lcjtifHx1YihmdW5jdGlvbihjKXtUYyhjKSYmKGI9ITApO3JldHVybiBifSwhMCk7cmV0dXJuIGJ9ZnVuY3Rpb24gWGMoYSl7cmV0dXJuIG5ldyBWKGZ1bmN0aW9uKGIpe3ZhciBjPXpjKGEuZyk7aWYoYyl7dmFyIGQ9ZnVuY3Rpb24oKXszIT15YyhhLmcpJiYobmIoYS5nLGMsZCksYigpKX07bWIoYS5nLGMsZCl9fSl9O2Z1bmN0aW9uIFcoKXtyZXR1cm4obmV3IERhdGUpLmdldFRpbWUoKX1mdW5jdGlvbiBaYygpe3RyeXt2YXIgYT12b2lkIDA9PT1hP2RvY3VtZW50OmE7dmFyIGI7cmV0dXJuIShudWxsPT0oYj1hLmZlYX&i=11-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: Vw2-UqiUp2JMxFJCHqQbaTMGLcI-TM-apZhfRyqYbhb2z81QS1_p-g==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
347 B 83ms
47ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=R1cmVQb2xpY3kpfHwhYi5mZWF0dXJlcygpLmluY2x1ZGVzKFwiYXR0cmlidXRpb24tcmVwb3J0aW5nXCIpKX1jYXRjaChjKXtyZXR1cm4hMX19dmFyIFg9bmV3IFliKG5ldyBkYywhMSk7ZnVuY3Rpb24gWShhKXthLnVtaT1QLnVtaT8xOjA7YS5lYXZwPVAuZWF2cD8xOjA7YS5lYnJwPVAuZWJycD8xOjA7YS5idnN0PVAuYnZzdHx8XCJuXCI7YS5vcHhiPVAub3B4Yj8xOjA7YS5hdW5iPVAuYXVuYj8xOjA7YS5hdWI9UC5hdWI%2FMTowO2EuZmxkPVAuZmxkPzE6MDthLnVmZnA9UC51ZmZwPzE6MDthLmVzcGE9UC5lc3BhPzE6MDthLmFpZmJsPVAuYWlmYmw%2FMTowO1omJihhLm9taWQ9Wi51PzE6MCl9IGZ1bmN0aW9uICRjKGEsYil7dGhpcy5JPWE7dGhpcy5vPXRoaXMuaT10aGlzLmc9ITE7dGhpcy5PPTE7dGhpcy5qPVAuZWF2cD8xOjA7dGhpcy5oPVAuZWJycD8xOjA7dGhpcy5YPSEhUC5vcHhiO3RoaXMuRD10aGlzLkE9bnVsbDt0aGlzLkg9d2MoKTt0aGlzLk49VygpO3RoaXMuTT1udWxsO3RoaXMuVj0uMDAxPk1hdGgucmFuZG9tKCk7dGhpcy5SPVAuZWVpZHx8XCJcIjt0aGlzLkw9dGhpcy5tPW51bGw7dGhpcy5XPShNYXRoLnJhbmRvbSgpK1wiXCIpLnNsaWNlKC01KTt0aGlzLnU9ITE7dGhpcy5DPW51bGw7dGhpcy5LPTA7dGhpcy5GPXRoaXMuRz1udWxsO3RoaXMuUD0hIVAuZmxkO3RoaXMuVD1QLmFkc2d8fFwiXCI7dGhpcy5aPSEhUC51ZmZwO3RoaXMuWT0hIVAuZXNwYTt2YXIgYyxkO3RoaXMuVT0tMSE9KG51bGw9PShjPXgubmF2aWdhdG9yKT92b2lkIDA6bnVsbD09KGQ9Yy51c2VyQWdlbnQpP3ZvaWQgMDpkLmluZGV4T2YoXCJGaXJlZm94XCIpKTthZCh0aGlzLGIpfXZhciBaOyBmdW5jdGlvbiBiZChhLGIpe2ImJjAhPT1hLmgmJihhLkw9VygpLWEuTixjZChhLGIpLnRoZW4oZnVuY3Rpb24oYyl7YyYmKGEuQT1jKTthLm89ITA7ZGQoYSl9KSl9ZnVuY3Rpb24gZWQoKXt0cnl7dWIoZnVuY3Rpb24oYSl7YT1hLmRvY3VtZW50O2lmKGpiLmxlbmd0aCYmYS5oZWFkKWZvcih2YXIgYj1lYShqYiksYz1iLm5leHQoKTshYy5kb25lO2M9Yi5uZXh0KCkpaWYoKGM9Yy52YWx1ZSkmJmEuaGVhZCl7dmFyIGQ9QWIoXCJNRVRBXCIpO2EuaGVhZC5hcHBlbmRDaGlsZChkKTtkLmh0dHBFcXVpdj1cIm9yaWdpbi10cmlhbFwiO2QuY29udGVudD1jfXJldHVybiExfSwhMSl9Y2F0Y2goYSl7fX1mdW5jdGlvbiBhZChhLGIpe2JkKGEsYik7ZWQoKTswIT09YS5ofHwwIT09YS5qP2ZkKGEpP2dkKGEpLnRoZW4oZnVuY3Rpb24oKXtoZChhKX0pOmhkKGEpOmEuQz0xO29iKFVjKS5tLnRoZW4oZnVuY3Rpb24oKXthLmc9ITA7ZGQoYSl9KTtpZChhKTtkZChhKX0gZnVuY3Rpb24gY2QoYSxiKXtyZXR1cm4gbmV3IFYoZnVuY3Rpb24oYyl7ZnVuY3Rpb24gZChlLGYpe2EuRD1lO2MoZil9c2MoYixkKTtsYyhiLGQsITAsITEsdm9pZCAwLCEwLGEuVSl9KX1mdW5jdGlvbiBmZChhKXthLnU9VmMoKTthLkM9YS51PzQ6MTtyZXR1cm4gYS51fWZ1bmN0aW9uIGdkKGEpe3JldHVybiBuZXcgVihmdW5jdGlvbihiKXt2YXIgYz1hYyhYLDExODQsZnVuY3Rpb24oZSl7YS5DPTM7ZSYmKGEuRz1lLnNyYyxhLkY9ZS5zZGspO2IoKX0sbnVsbCxZKSxkPXgub21yaHA7XCJmdW5jdGlvblwiPT09dHlwZW9mIGQ%2FZChjKTooZD14LmRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoXCJzY3JpcHRbZGF0YS1qYz0nODYnXVwiKSkmJmQuYWRkRXZlbnRMaXN0ZW5lcihcImxvYWRcIixhYyhYLDExODMsZnVuY3Rpb24oKXt4Lm9tcmhwKGMpfSxudWxsLFkpKX0pfWZ1bmN0aW9uIGhkKGEpe2EuaT0hMDtkZChhKX0gZnVuY3Rpb24gZGQoYSl7aWYoYS5nKXt2YXIgYj1udWxsLGM9MDsyIT09YS5PP2I9MDoxPT09YS5qJiZhLmcmJmEuaT9iPTEyOjE9PT1hLmgmJmEuZyYmYS5pJiZhLm8mJihiPTExKTtpZihudWxsIT1iKWE6e2lmKDA9PT1iPzE9PT1hLmgmJmEuZyYmYS5pJiZhLm8%2FYz0yOjE9PT1hLmomJmEuZyYmYS5pJiYoYz0xKToxMj09PWImJjE9PT1hLmgmJmEuZyYmYS5pJiZhLm8mJihjPTIpLGEuWCYmKGEuViYmXCJcIiE9PWEuSSYmYS51JiYoYS5tfHwwIT09Ynx8amQoYSwhMCksMTIhPT1iJiYxIT09YyYmMiE9PWN8fGpkKGEsITEpKSwwPT09YiYmMD09PWMpKWJyZWFrIGE7dmFyIGQ9VygpLGU9a2QoYSxiLGMsZCk7MD09PWImJihhLk89MixhLk09ZCk7aWYoMTI9PT1ifHxjKWEuaj0yO2lmKDExPT09Ynx8Mj09PWMpYS5oPTI7aWYoYS5QKXtlPW5ldyBkYjtMKGUsMSxhLlQpO2U9Y2IoZSk7aWYoMD09PWIpe2Q9Tyh4KTt2YXIgZjtudWxsPT1kfHxudWxsPT0oZj1kLmZlbmNlKXx8Zi5yZXBvcnRFdmVudCh7ZXZlbnRUeXBlOlwiaW1wcmVzc2lvblwiLCBldmVudERhdGE6ZSxkZXN0aW5hdGlvbjpbXCJidXllclwiXX0pO3ZhciBnO251bGw9PWR8fG51bGw9PShnPWQuZmVuY2UpfHxnLnJlcG9ydEV2ZW50KHtldmVudFR5cGU6XCJpbXByZXNzaW9uXCIsZGVzdGluYXRpb246W1wiY29tcG9uZW50LXNlbGxlclwiXX0pfWlmKDExPT09Ynx8Mj09PWMpe3ZhciBoLGs7bnVsbD09KGg9Tyh4KSl8fG51bGw9PShrPWguZmVuY2UpfHxrLnJlcG9ydEV2ZW50KHtldmVudFR5cGU6XCJiMnJpbXByZXNzaW9uXCIsZXZlbnREYXRhOmUsZGVzdGluYXRpb246W1wiYnV5ZXJcIl19KX19ZWxzZSBlJiYoKChmPWEuWSYmWmMoKSl8fGEuWikmJnguZmV0Y2g%2FKGc9e21ldGhvZDpcIkdFVFwiLGtlZXBhbGl2ZTohMCxjcmVkZW50aWFsczpcImluY2x1ZGVcIn0sZj9cInNldEF0dHJpYnV0aW9uUmVwb3J0aW5nXCJpbiBYTUxIdHRwUmVxdWVzdC5wcm90b3R5cGU%2FKGcuYXR0cmlidXRpb25SZXBvcnRpbmc9e2V2ZW50U291cmNlRWxpZ2libGU6ITAsdHJpZ2dlckVsaWdpYmxlOiExfSxnLm1vZGU9IFwibm8tY29yc1wiKTpnLmhlYWRlcnM9e1wiQXR0cmlidXRpb24tUmVwb3J0aW5nLUVsaWdpYmxlXCI6XCJldmVudC1zb3VyY2VcIn06Zy5tb2RlPVwibm8tY29yc1wiLHguZmV0Y2goa2IoZSxcIiZmdGNoPTFcIiksZykpOlljKGUpKTswPT09YiYmYS5ILnJlc29sdmUoKX19fWZ1bmN0aW9uIGpkKGEsYil7dmFyIGM9bnVsbDtiP2EubT1XKCk6Yz1hLm0%2FVygpLWEubTpcIj9cIjthPVwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1vcHhoYiZldnQ9XCIrKGI%2FXCJkXCI6XCJvXCIpKyhcIiZlaWQ9XCIrZW5jb2RlVVJJQ29tcG9uZW50KGEuUikpKyhudWxsPT1jP1wiXCI6XCImdHRwPVwiK2MpO1ljKGEpfSBmdW5jdGlvbiBrZChhLGIsYyxkKXtpZihcIlwiPT09YS5JKXJldHVybiBudWxsO3ZhciBlPXtvbWlkOmEudT8xOjAscm06YS5DLGN0cHQ6ZC1hLk59OzAhPT1iJiYoZS52dD1iLGUuZHRwdD1kLShhLk18fDApKTswIT09YyYmKGUuY2J2cD1jKTthLkQmJihlLmRldHQ9YS5EKTthLkEmJihlLmJlaWQ9YS5BLmV2ZW50SWQsZS52ZW5kPWEuQS52ZW5kb3IpO251bGwhPWEuTCYmKGUuY3N0ZD1hLkwpOyhiPVAuYnZzdCkmJihlLmNpc3Y9YisoXCIuXCIrYS5XKSk7MCE9PWEuSyYmKGUudndicz1hLkspO2EuRyYmKGUub3Bycz1hLkcpO2EuRiYmKGUub3BzZD1hLkYpOyhiPW9iKFVjKS5qKSYmKGUudWFjaD1iKTtlLmFyYWU9TnVtYmVyKFpjKCkpO3ZhciBmPVwiXCI7d2IoZSxmdW5jdGlvbihnLGgpe2YrPVwiJlwiK2grXCI9XCIrZW5jb2RlVVJJQ29tcG9uZW50KGcpfSk7cmV0dXJuIGtiKGEuSSxmKX0gZnVuY3Rpb24gaWQoYSl7dmFyIGI9YS5SO2lmKGImJihiPXhbXCJibGxzblwiK2JdLFwiZnVuY3Rpb25cIj09PXR5cGVvZiBiKSl0cnl7YihmdW5jdGlvbihjKXtjJiYoYS5LPWMuYmxvY2s%2FMjoxKX0pfWNhdGNoKGMpe319O08oKS5idHJwPWZ1bmN0aW9uKGEsYil7cmV0dXJuIFpiKFgsMTE4MyxmdW5jdGlvbigpe3ZhciBjPVo9bmV3ICRjKGEsYik7cmV0dXJuIGFjKFgsMTE4MyxmdW5jdGlvbihkKXtiZChjLGQpfSxZKX0sWSl9OyBPKCkucGRpYjM9ZnVuY3Rpb24oYSxiKXtaYihYLDExODUsZnVuY3Rpb24oKXt2YXIgYz1aO2MuSC5wcm9taXNlLnRoZW4oZnVuY3Rpb24oKXt2YXIgZD1PKHgpLGU7aWYoYy5QJiYobnVsbD09KGU9ZC5mZW5jZSk%2FMDplLnJlcG9ydEV2ZW50KSlkLmZlbmNlLnJlcG9ydEV2ZW50KHtkZXN0aW5hdGlvblVSTDphfSk7ZWxzZSBpZihiKXt2YXIgZj12b2lkIDA9PT1mPyExOmY7Q2IoKT9CYih3aW5kb3csYSxudWxsLCEwLGYpOihkPXguZG9jdW1lbnQsZC5ib2R5PyhlPWQuZ2V0RWxlbWVudEJ5SWQoXCJnb29nLXNyY2xlc3MtaWZyYW1lXCIpLGV8fChlPUFiKFwiSUZSQU1FXCIpLGUuc3R5bGUuZGlzcGxheT1cIm5vbmVcIixlLmlkPVwiZ29vZy1zcmNsZXNzLWlmcmFtZVwiLGQuYm9keS5hcHBlbmRDaGlsZChlKSksZD1lKTpkPW51bGwsZCYmZC5jb250ZW50V2luZG93JiZCYihkLmNvbnRlbnRXaW5kb3csYSxudWxsLCEwLGYpKX1lbHNlIFEoYSl9KX0sWSl9OyBPKCkudnY9ZnVuY3Rpb24oKXt2YXIgYT1vYihVYyk7aWYoIWEuaCl0aHJvdyBFcnJvcihcImFpdjo6ZXJyXCIpO2EuaCgpfTtPKCkuc2FzcmM9ZnVuY3Rpb24oYSl7Wi5ILnByb21pc2UudGhlbihmdW5jdGlvbigpe3ZhciBiPXguZG9jdW1lbnQuY3JlYXRlRWxlbWVudChcImltZ1wiKTtiLnN0eWxlLmRpc3BsYXk9XCJub25lXCI7Yi5hdHRyaWJ1dGlvblNyYz1hO3guZG9jdW1lbnQuYm9keS5hcHBlbmRDaGlsZChiKX0pfTt9KS5jYWxsKHRoaXMpO3dpbmRvdy5zdGNjID0gYnRycChcImh0dHBzOi8vZ29vZ2xlYWRzNC5nLmRvdWJsZWNsaWNrLm5ldC9wY3Mvdmlldz94YWlcXHgzZEFLQU9qc3Q4RWVNMmkxaldKX2NwRUdWVnRfS1dfNHJ6R1U3aDA1TVhHNnR2OGdTV09WOUZ0dWhXVlNzYTE2MUZETTU0aFZqdFhmZXc5b1RheGJXVEdyQk11bUZ2NExUTW1PdVZDUng5eXVLOS1la0lPUHFHeVVjTjZwQ3lkSFpyeHRYMXluMEdERnBUUlZsTG5TeXNhS1NGeTFPbVdLWHpLSnZrQ1ZVNjdhRFVrbC1meXhVSGZ1WEk3NVhBTlV3MUdJaDVTZDZoVXRQYy1tdWpPR1NlTnhRQ0pGTElJNWI5QXRZQXhDWkRsUnhVZjJDZVFaYXRkd2kxSXlJZHotdnZBcnlzZ2dtOUFDUWFGZ1VzXzZfcXFXQlppUE9aa1BSd0FBODZuNFdhbzJuRXVGRzRydzhDa2hSaFAtQ2RUT0U1UDN5SkR2UmtienAyR24zanpvdm9fdnFoYnhiSlVrZWpzQ2lwcEVOZi1PdnEwWWJoNGtDVzdOckNJemZDS1RlRzJhRU4xUG9OU2dvYzRWbnMwUmdpejZHS1dkenhsVU1rencyNWdVZnJFNDFnOUhMSXpTMkFjXzZKZGE3WWFOaENNb1otWWpRUFVHcDYwVzBsMlY3UjdXbjNOMjJERlBKSWhCbEtlLXliUEhDeWpIdWtjcldHVFZ6dnZadnZCWU5mTnA4MDhJeVlXNjhOVno5ek5zS3NfMFhtZncxV01RN1hzeGU0Qk1QODROU2NjWmNrVF9fai1SVzhaMy1YcmdFaG9ZNTNXUDJhdXBxS2x2d0lzeHRNaVptc1BPcWs4OXJYUk51TS16VnA2dW9iZnVlMlVjWHYzUm9rU3NuelAzZllMNzVHVEpGaDN0YzRwSFFTbVJfTGZPbTFnR0xUdVJ6VTh2OEtncWhGMk5TTktfYm1Ndms5M0ZVSi12dm1tSzFKTTVRUEY2N0JoYy1ualA1UGVsTE0zLUUwcnNFUmQ0MG9hc1dmX0k4aTh0MDc5dmx3VDNyclliNFRiNWNfVmtDNFU4ZmFyc01acHQ1eXRPbE1zRnJISzJrQzBzMlpoVFJuYUp4OGpMQVA2TGVLbjFrTndpTWREaDdCUmowTEtoc292YkQxWk9LMjh4bS1pdGl0UkkzY2tUcWs5b2gtRzVic1ZUU0JfLXNESmFwdWoxWmsyampPSUdubVlEdmhqeWJtWlNBT29yb2pVdnI0TndXanp4RFdLcHk5ZENDU3RHeGFkVFE1ajE4Tjk0R0RpRllHbjlQVG5LYXp1T0xTMXBhdEJhOTZPbDFjRHptOFhLR1c4Ulo2WVJaYVZkTDR3T0JDd1llNFJreHk5elFfbkdjdER1MC10V2R2WTNUREVMY2tNbi0tTnEzVjk5Q1RDTWtUMG5aQm1XZjFRVlVoQk8yUk1lclhtcWlleDRQZ2h0SlB3NkpnN05BTnFaTHpNT3VWalEydWRqRUZ2WlRaV01tck12MUlBRzNJdm94UTNfTVZ4X2F2dC1mNWFFQ2p0LTJWMjNhdnA0c21xSjczdnFTRGxoVEx2bG9RemRHSWh3THpVSElTUk9PZ3ZzME5rNjl6UUJkRTdiXzBxbk04cFI4SVVyRWY4RUpIRnM0S25UZlJJU2I0UFEySHZyV2JhOHR0ZGtReTVSU3VTWlBhUnA4Y2lOVF&i=12-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: cbklKwUj7Rr-Z3PJvXA6_CMn5WiVUAfBu5NA9VuKrUzM_CgDttzWxg==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
346 B 85ms
49ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=lMUmNhUXpQNDJEOGdUaUFXT3ZRYk5Jb2hwQ2Q0cEJudklmR2xoWXptd3RlcWFoclhoTnc4VnQyOXVxbHlKSV9meW5QWGs1WFpFTGJVRk8zdEVPcHd3Nm92ZHJRUXZ5bUNqMl91bXYySGRSZkNaSkUxV3NpZXQ1eEw1NGpGTkxWc05qdU56UW15a3FZZ2xnejd2SHZTZDByWldnX1Q1WUZuV1FDZ0ZjZ1dTbDZybFEzRTl3cXk4QTNoSE1BVVhmTjVDR0NjZ0RReHFHXzhnUjNnMmpvZUNuSExPZU1JVjdoQnk3WGlZbFdNZ1J5Z3FCOVpUdHpTMkUyNDROQm5LX0o4SS1aX3B5VldtNmlGeFpjR19QaGhZdWhfN2twZlFEc1JHc1k5QWxXUWUySEtPNm91b3JUNG5Hc3N6Z1xceDI2c2FpXFx4M2RBTWZsLVlUT3BNWVZULXl0UDZIUDhqbzh4WktUWXlvR1V2dVB0M2ZkX0E3aHI2aFJhTlBTTERzTWJPV1hFTlBSVGliUTlKSGtZZlVNMUlMSHAzb1JpSGlUQ1Q0czljbU9neEdGWXl3TkhoVmwwd0FrWVhiY2VZOU1VWGZkY0dGN2g2dXBmRi11RUU2MEkwWTh3SjNzNzNjelR6c3hLQnR6d295cE4tWng4ckd5Y09zNjJDM1JDc01xOXVNZy1CQlcyZ0hIeUVrZVZBdTNhaWllenpkd24xOG9XVFlTU1ZETXhVV2dZSkJOREZkZkNudmVrQjRoQ09TT3htdmNWZmRmS2tQSGtXVmRSM1AxQ3FyRkE1c1ZtcHhYTE03VWxSb1ZKT2VmeUR3WVV0Ym5ZWmYwSFlDU1p5NjBmZnFmR19tQ2NCSk9FVTB6TjVFTUNHZ0FNRG5tZUU3cHkwa3pHclRYUHR4dHZNRHJRZng1MUd1dTNxUDZGTDhTWUtNR1NVVW1feW16OXVWeHRlVF9qampSRDJCWUlJc0tjdEZEaE5ZcFQ1OEhvR3Y1cHFPZ0MxWUN6UkJ0VVY4bmRySmZPUjlFY3djc0lRRGpaZWhkeHlqemM3OVY0bWlRbjI2RlJkRkZaNjF1QkxsQ0x5QVQteHNkTk9TZmpHcUZNeUVcXHgyNnNpZ1xceDNkQ2cwQXJLSlN6S3Z0azJWS3lXaWxFQUVcXHgyNnVhY2hfbVxceDNkJTVCVUFDSCU1RFxceDI2cHJcXHgzZG1pc3NpbmdleGNoYW5nZXByaWNlbWFjcm9cXHgyNmZic19hZWlkXFx4M2QlNUJnd19mYnNhZWlkJTVEXFx4MjZ1cmxmaXhcXHgzZDFcXHgyNmFkdXJsXFx4M2RcIiwgZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoXCJnY2NfY3VxSFpZYlBFN1hBNnRvUG9LS0ktQThcIikpO30pKCk7KGZ1bmN0aW9uKCkge2lmICghd2luZG93Lkdvb2dsZVR5RnhoWSB8fCB0eXBlb2Ygd2luZG93Lkdvb2dsZVR5RnhoWS5wdXNoICE9PSAnZnVuY3Rpb24nKSB7d2luZG93Lkdvb2dsZVR5RnhoWSA9IFtdO313aW5kb3cuR29vZ2xlVHlGeGhZLnB1c2goeydfc2NzXyc6ICdCSjEtSGN1cUhaWWJQRTdYQTZ0b1BvS0tJLUE4QUFBQUFPQUhnQkFJJywnX2JndV8nOiAnaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9iZy9EdHRfLUxSM1d4cHp3VjBHc2NmdHExQV9EMW93c3R2eG9UbldXaHdZNE93LmpzJywnX2JncF8nOiAnQ1l5aWFHNm1pbTNMMFgvRnFBVVlTMjdnbDV5UldaWDRLZHpBYndyTFF0QkRuMm11bkNNR243ZUxJZ3k1c3VBZ1k4eS9zc3RlWEx0OGNDNG1yVFpxeGcwWXhEQjFxTVR3dUpuY1FYb1VvVm01c2NXV3lWN2NMRTB1NmJpTm1RVU9mOFRLdWtHTHFQVmNHWDhGMDJVbi8wNXZRYWxoRFBwdEZ5d1dEK1BpVGRMdnlxZFZjdnREUVVRU1c4WndBb053QUFsVDlzZmZ1d3JxNEFoVEpkSzRpamJYN1pBeEIvNzJwbkN0V1E5dFpEZ29STC9zSEl6a3FyUnlQMjA0V2ZtVGxuWE5NeVhFNGFRM3Qzb3Q5V3JjaVgzSVdibWNkNVpTRjRVcEJ5UTF6RDRad3JsYjEvNjJ3SXBZUmxMWjBXZkJkSHVCTXpLRjN3LzZnNUVjZnZlc0NWcW95SnVmdmpSWkpvRStRU2xVdEd6MTgxVklROWRUQUFEeWtkREplc09iSkNpeHdWRUpvRmlHb0VjcW1KMUxhN0wvLzJoSzF4RHF4d005Q0phQ3hSTHF5d2ZobVptZDVUNG96OUtqTlNqSFI1NmFLM2VaUWVPK0xycFNXVmJSVzZUVUVISDFvUEhIbGM0NU5CVUJlazVHajVNYjNGRzBYSTU3SUpJQzFlWG9NbktiT0E0dTZlN2E2N28wTkx1WE1LR2F5VVN1cjJoaWpWYm5jOEcxWmkvTnZkSnBDZVFLZVdaeWQxTTFVY0pLSkpEb295aFpvYmk4cVJEVFNteGVSNnpjUUx4aC9TejV4SW5JRmtnTzM4UzFXemJLTnFwWEszc3NmMHRiMVlpYmdHdCtTcHNyN1FCZWVlbHJMekp4N2wyeVl0bXpUelFZSVE5N0hXVFZvcldIaE85MEszbVQyc3Rody9SYTlUOHllYStBM01Dek5pSEJXZ1ZqdEh6Zk5OYzZWc2hsR0ZudVhRN1JVVTZNTFBLY29JWEdYVnE1VjFYcWExOFVnVEUxTytVSnIzUUdraXBSMEVRMkFQYkhVTWJKeFlWWGhhMHRjRm5SZ3RnTEhmMEFhOTFXMTlxY0I5d3R0d3Q3aUk3Y3EvQm5lU05rT0ZscHVNN09BNE4rN2lQLzZXdDZ5dlY0UEVEbXpYdzhZTlFoNEttOWo3QnBES2ZoNDF3N1pidFdzci9mTjhTa0RvSFlmRUdkTWlGQ09rVExJN3BDWDFBS09kYXZESkZrTnJDTTM3QjZxZjhmVCtDcDJtd3ZRWHBSVUY1aHVpMHhhcm5qUFJxTGErbVpsNS9oc3BHcGFtSXVWUTc4UjFBWEsvWittYjlNbDdIam5iZTMxQThwaUJhU3J0TGp3NkRoSXJ1eTIxRHZuNm1mdFd6akZSaEtKRVdyWUNNcUV1T1VPYzNaUzQxWDllc1lucHQyTitVSlRueDRZQWtOZ0o2eHpoU1U4aFRkbkZ5RDUzNWNyWXBONXVTTzhDQkFtdGJQM1UwQnBjb090QjkrV2h1SWZ0ay9pWGFndUxON3U3R3hkYjVBZTNFdjJySE9tUnVlMG1TOVlVNXRWRk5HYzYvWXQ0US96M1h6c213Z3ZvUUdBSW5Ga0cyeFRxYVFtcTJpOTRNN3RxeUdscVlrUWUxcHpZZFJtU1pna2NTbnREMm9pQWJlVnlVR3dha3UxMlJBSU5WUnVhaEplejRaRTloUzRSTGkzM0QzK0NWekV3cXE5c0lrRHZNc3ZWU0pnRHNmdmsvSGorUU5QWUZRUGFCNlRiYUNoMnlZVkR1a2pOU1QreDFOc2pzbURPZkZ4b2VvODNzR3NPOXA1czFZOHZMcFpBdjYvRWpDbWZEdyt1MWwyd2Eva3RqczBkTlNaWm8wbGV0VzRhSUVSekNDME8xV1V3aG1xVmhzVWVJMmQxTStwMTBmd1FTV0FyeWZJM1Y3QTJ1UFFqMXlzd3lvM3EreGhpcGNXYmEyVWZ6dWR5eHhGKzdINXU1eGd0OURWYjlnd0RNczIxWCtRMUJmSlN3NmdmYU1YaGdSLytRbzlRUVY3V1NONXZ1dm5IRE8zUFBmQ0RwYzJZRHo3N0hCanNINzh1d3FnY1UyeVZWUUVYclhGNmV4LzUvZGtjalUvZjU4ZVdyK0tjT0JQTFMxenVDaHJkYWZmNmFEazdxN21Za2IrM3FEUlYxNjNjUHByVHBHWUdLTmJzdk42cXFISFc2THFiS1BXUkxCMW5ZcGwxNktwVEtqeEppbmw5bHhRNmQrdFRwY09mR0VQWlp4bmRzSFFlVzB0OUxwNlBhajl6KzBFVEtUR0gyV1Z5WGZ1Vm9jOTdOU2lraEYzcHBBUHNMbFppWUhHSzBwdklqYmhWelM3NmlBeTlEL082MTJ5V2FCVVVDTFdYZDk5VGhNQnhNZ0thVDQ0TWFwOTJsZHBHbi9tVzl4R2ozT2R4WnNOdE1hY1pXSEt1Rk4yc1JiREdWaU5uL1NFVHZQcFV6ZXdZeUpLdEc3MVhBbHFlYlBxN0xkRHFSaEpXUDdldnFObGwrQ0ZJNUtGZkVaQmZtUkV6a3E0Y01LYm9paGg4QTRZRXFWcUJzNnhxNXpmdGJKK21tK01nelN3T2VQdnRwNDdIUWdKbjF2MVArL2hXemQ0cDE2eHE5S0ZNTERIVFFkNjhZTVBYdldnUzl3UzRDVHJzYlljdzR0VHFxQkNES2xaM3pNWlF6RGhyazAvNjk4QWRicUNnLzBQNG9CMEF0RTRxRVp4R20zSmJiVllWYTBmOVFwSVlZMjdIMUkzREZzMkNrcDVRTEJQcjhaRDlXTStFV05ROTM3ejlXcjBpSTdzZkw0eUtocUQ1bElJQnFuc0U3c0JjR0FoQndGZDJzaUkyWmxtMGd4TkFlWWJ3cDBhZG5CMkM5alZ3YWl2Zm85MldxUFdkZlQzOXZ2UiszYnNwK3J1OUIxSkJNTklKeFNrQXBDM2xBSzA1cGlHbGNiMVJwUnZQRkFKZnVyYUJSRWNXcFQ5eGhHeTFVZkJYR2I2Ym4xdnFjUllyZmJVOTBXOFNjS3NwL3hCblFOT1FwaklGR2hSY1ArSklQaXlzdkZhUjgvTHpKUkxMTVRRTVZQeGJ0NWNYM251T1VVcE8wZEN2QVBBVWpLTGxES1AwSStWZ1JMSFlGYlJabDRFRDVKSFQrMEFEYXhqeWYvalk1NGt0U2Nvb0lIMjByVnJhOGk5SHYrLytYNnl0T3loeFpNazBVbkJtUnFCUVJEelNUa3hFV1Z3WG16Y1pRL3lNckFOOENLdEQyc3I3V1lqTGpVK2l4RS96c1NFRWFtNDhQK0JMM0lhUXZLZmNoRzA5Vko5NWgzTUpML2ZzVW96TkFBek5ZbzBSMUFrczFhc2dzbkNvZjJ4YTJRNTkwNEZxTzBUWkhHOXYrNGRrQThSQjM4eUUwUzEvWHRqNDZUdCtiUG9pNjVtTy9QY2RNVXV5eWN4YzVhU2ZkMng1WExLWURSVzd0UDRSV3d6VG13Ni83T1ZlbVNGb0RIZFRMZjlyN2ZJVkp6U3gzZEdCWkRsQm0yS0N2MlFZVVdGejFYaXF5SUE4TDlwdlkvaDRmOHhmaDBBRHJCWCtNbnhkeHFScVBqTXlPbmlOeEc1K0o2T2ZPK1NJMVFwRHNxUWtIRmROTm5NTUpYNWFGQ1h6OHkxMVRwcTFXYi84TGlJaTcxRGdFejQ0RFZDYmo3endsYk8xT05hZFNPUEJ2MzNvaDEza2pkYjdNR3lTU1B2UE1GaUdQamNEbCtGbkZDamtnU3FzTisySFJqVWI5a0NtZzVtYkZFMUdGcWRwdStWTXQ5K0hwdGIxb0ZnamRTZFYvMjBwd2licEQxcUdwS282UTcxTkhSNERoNTMxRCt0ODZoSUc5L0MrR3lBVVRKRlBRWGdrZW9LbS93VVYvQWlFcmdwYUZGZHhFQmc4bXZlQVVPd2NZWGY5SWEvQVhxVjJPRmNHU2NPaGhDejBpNS9UUSt2YkFQK2E3blZwWU05VFNnQW1PdjZSbmN4T2dpajNiRDk0QkhqOWl6aW5tYVdPWUNLVmlDQU5iNXRVNzZmbUJ4Z0xFMG5PazRqRlRZUlh5MktTOS9yRlpsYk5GMi9rR3NlOHlWWS9EV2pWM1N6cWhNcWljSFJxRzVHZ05ZUFBGQ0JDODhFa0dCUE9oMUszckxtN28wY0VyTVZCV2JIekNacWFma2ZtdEwwdGtJS3pCZzZmdUdudWJWMVhoNUl6OVpYOFlJd1dKcDVCb0VGTVZxWGIzRGNCZEwrUjFSSXdUb2tLRVluaWlXUDlzaUtZb20xRWZmQmtQU2xkdkxKVUJIbmZ2ZzNlYldtSVRrNmd6TFlyQjhzS2JhUjlhZUxiVmtCS2NOdlZMd0lnZGhTaVQ2SmZNdTZMb0JHemtPTFpzeUs0ZFBVcnNFaE9EK0tBOXlQS3ZWc1dNenUwYUxwbG12SVNIM0dWYkZJQUhmUmRtSHdZdzIzN0ZIOGZrS0R6MUVNM1dMVEtmc1pFUUM2dzJoc282TUozdVFBRzZwQnhUMEpReGVRUkVpRzJOYmx5aDdUTkdKWXpZS1F6ZXZHYnFIb203VURSWDhlQ3Y0em1OVlpWeGEzZDUxclBDQnJrL3hseU91UUVQTkp1THFkTEdJdzQ3cUhwV0NmNDNzY3NkR1E4V1FQMVp6MEpDeWVybkNURTlJWHBaTE0xZlNGdHBITUprY0xrdStWbEg1ZllCd2tSN1A1S2dRaEhHS1gyLzBJSlY4NXF3Mm9jWEE0Vlo2OTJPc09KTFJscmd1TzlwSHc3SGZnVEt1Z0FOeEtTOVVreXo0eG05V0FtUVFwRXZrb3lPYVcvaThVekZBaVRWK0NvK0VzdVp0bEhWOEExdVBqV1A1SFp4YTh3UVVzYU5GVkhoOEdVQ29kL05uNzJHc243QmFqVUNUQ1grSVFEMzFDamRGM3BLU3k1YUpHekEzd0FEN3BLdnc0TXFkN3ZPTGJuaGswazhEM3prajh1Wk1tZUs4MFk3czcrb1Vrb09xNjhDZ0tHYXBMUktOVG9EbnpRdlE0eGxtNzNMMTVoWlAwb3hHUFNmVFZDT01vb0VqVm5sYkRTNHIxb1BFcUczZ2xFd25MTjVGZE9IL1JBdWErVis3Q0VJTWxHckVJL2RPbkNNanRsN3UwS0V3Z2ZQNDlMNUt0bFNxLzlPd0QvT2NoaVBRaGxrS2xPRld1U2lWUTRTZ2k1dGUzcVFlSU4vYmo2TXBjZUo1U3hpM0prV2g0L0dpUmNxU0Zvc2RFQ0hLZC9vczdLVFJ4aXArYlFyK2dCVVE2M29lRG5hMGVDVlVhQ1lUcUpOVFNKSGtrU1JrdnpWYnpEY1VIODY2eml2QjVXeW5qaDdZVTB4eGlhWUFoOStpSUZFOWdDTHRsV21xcW9UcGx4ZUc5K1ZNZGdiNm9KMTRXNVJOMmROTHlLczV2ajl6WXd1cXJWOXg2Y3BoVFhDWFBoTXFtcFRRaHR4dk0xN0xSbFpnTGZ2MExWTC84NnhpNU9xQmtUdTEwY05aVCtOMXVib0tlZHJLSUxxTE1KM1RqdUZUWkpUU0xEMUVBdWVVa1NHUUEzYStEUXBPVHhkT3Byc3FjWXBjcThVNkVEMjVFZWYyNUp0VWVRaWZaS3RYYVBjWXZwc0J6WTVVbS9hTTdncnJ1bVptNUhXZDEzTUpkNk5GOWRYYVd0d1ZBdkluNEdvVWk0WTkraDB4SGxFOXltSlU0WkovYjE0bjhyaUxXRHp1RUhmRFNMZVB0ODVXeEk4RzRBcGZDN3lKRG1xNlM0RHAvVU1uNi9GYzF4cGM0TjJqY201eDYxMkxMWFZPQUpPcUdHbXdkSHdwZFJJSmprbVl1cjA4V05LdzhpYVFBV3VROE1kT1h2VDNKT0VicDVVVUx2bVEwSno5SUtGWE5maVB2MVdGaVRwc2NDcEw2MTF5RmJYRTBnS0tCbk8wcUZyM3ZoZWp3VVozNGRNUEpTYml6NktER0lObWR4YjhnK2JrWWxuc0Y1YVpZMUI4NU9GSFVQbHNlKzBrdUxhc3NjRytSMXVYYno4ZC9QaElWY1R0OEE0dDFROVdseHQzOUowV0wwVXM3emRZK1V5NjdLSERJNVdES2xtMXlON2hzeD&i=13-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: V5dBGhQKJIEVxnoAkyz1nAuenyNfIrqVZrcfMK5lmH5zM-i_0VYZ7Q==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
347 B 86ms
50ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=lHUG1NUExFelRmRGVJKzBZYlp1dkhrdWoxZHZ5YVc4em5jUFM5Vm1jWnRwSkx2dFE3T2hRYVB0Vk5ydFBmeU14eU5UU0JhbUJvMWdWcXBqU0JSamhSRFNpVVljSW9iTUpFL21xRTRnL1BFVnQ2TFdZOHVBY01ma24yNDRIdTBwWkIyMURSS080a1JEMWc0ekVqWDhVc2RwRnUwMHFlelBxd3ZMMWd6WXdrN1lKemJCYXdEeDAwdlNPN1R6d3J6VG1LaWVSUkJ4SktYc3ljNzhkQWF1OVFuYzJJV05QaUM1aU1wL1d3amNpQUVuQjVsUk5xL0xCNS9TRXVKMFdXdE1YQTNQZVJLazY2b0p3akIyNitRV3J1dERqd2xPeTFFNU9PdUZGak40SVJ1cnorREphSjdYYVIwcFFKZnBtRjByVnRpdFdsakFySG84bDNRRHRWT2loRTF0RUlVTlFsVjBzTDh4K2JQSm1kUzJLSXVxcEZ5RDdHaUNUZHBWNk5PTzdVUDZSWUhUMmVtN3hocThrVnR1MkcwbFhOM1BOVHBrZEZreVNNSk9RWTVxU0NqVm1FcXZNWlJ3QjlGUlhhSDRWa3hUZ1Y0ZjRiTjFCWW9LZkpKUjlaYjNoa3dCbjJCaGxtSWFzRUpqSzFqMnErQ1NtSnBoUUZVcDIxYXozSTVvUkZQWEpadXlCS01PYzlwbThOWFJscEkwNVJZYmVpWHJ6RTEzZnZQOHArUXZpRWdKSE1OZlJpa2ZrTlFuSSszN1VDempibzJqODYvOXdsSm9XajAyZHdzZnM0bHZINzd2L0w5bGVDSFJOMWdpOVk0VDkzOUJtcGk0NzErT0RGY2ltR1czSzk1ZnIxRWJSMDF1dEM5bkNFWWF3ZGN5WmxUalJSemFpQ3BVc1FXUnhuMUlxaXZYTGkyK1ZXMnFKajRaY3J1anErbXlVdzR1dWJwbm1IbklpUHJnakVIdkcyak1FWU5kUXh0RTRORWZpZkMvMkpRRDN2dHhMSFZUQ2lKdW1JendjLzhiTlZ0Q1hidEl4bmhKUmNETDZHbDczelo2Nm5Hc3R2MVhaK21wajd1RGdvSkNrTnkxMWJVdU5JeEFSK3JpblQ2aTRaQlF1ZW1HMkcya1NkY1REYVMvalgwaDVYSi9CVE9SRWp2NWI1TTZYcjFpcWFzOS9hUlFHTmVISE9LUlJtMDliVlF6Q29IMS92bGpXOEZBZlMwMzgycWpvajRDS2FDL2xsNjlBdGk3NytvbVJhZm8rcWorT0pvYmt4Kyt1N0dqTnloWHFwR3NucExnNEZuYkprY05ONXNYVlhoWEhuMEIrS3AvaW1xKzNtdk1WMnBPcGRWMEUvSVl3S1BLTVZMSW9QLzlhT2VXSXJpdnZSQ0hLQ3E2YURFWml1d0ptcnU0TVQzSldheEd0K095bHRaRXJWYUhwZ3JqcElZd0RpbGhWTDljY2N1a0k5NE9tMWZXK0NGZlJLdkJIY1Z6TDliTzQxbkFpSnpqTDUzQ1N0TGMrZVl0NnJXWTB1NGZqWnNCVUpHS2JrOCttT0pZand1TzZLMDNTcXBHQU4vVVVDYVFQR3ZUUlBEREVjbUN2TEFwRS9HU2tYWGtYbnlnSDVEeUdQK25manh3YmM3b0xQTXR1NDRIcE9BcWdkS0lXUzVaY0cxdjVwV3AzTU5rZ0hiaXh5YzZiTjFwMjNzK3c1WGsvdTdVWGdNZGYxWE8vWjV2MDZrU0p1ZHlmeHBURll5Z2RnVjhFVVJyK3VFYVBBOG9mVGNOZER5eE9sMHUyaWxldjBiaDY2RUdkWU05KzNnNHRTemZwZDIySDl5NkVHODkveG9Ja2YreDNxWlVVMTZFYUpuRmlPdXB1b1BSOCswYkxoQ3h0L2tvVVVlTUwxMmxWK2JKZmNNUnhxbjNlT0Q2SXZyV0o1MU5qL2JvYUl3Y1Z6SjlXZjNwVWtET0srNCtndmZZd2M3eTBtTXBiMFRVU3pWbnZyNkU0UExpZHBkbm1zT1hDamxjbzBPM1N4Q1kyUE8zYmlaU3dyWHl5RU1FeXBGVjJvR2d4bjlsTDhJYWtkdWU0VWxET2VPWmU0ZlZlbHY2dU9ZVkdCMjFscWhCelRCL0ZOTDBqa0krT2xrcjFXL25TQVVPMTNNRXpjK2tpN3JaM0l2QkxXQVRISXBsOU0yNXNia3RrRUVrWUVFMVJDWFpjY05sNWwvN3dnejJrSENGU09WeTUxOU4yMkIxWnNUYjVGVmJHcTRSRG1sN2pNeC9FeHQyQmF0amU3M2dsSE1JamR2MW5BUWlUYnpUWUM2S2NCMVA5dGcvUEtHNXFvR2VlNUkwd3prbVFCNkZUdldMUzAvQndIZmppblVSUnhDN2UzRDVRclVaN2RVRHIvNGNVZE9UdnRFUHJLemxpU29VWEdlWkZhWE1ZdytFVmdSSW8zbU1YTVNvaFZDbzlRcnZ5cTdKT0FCUmFnWkRnekcwN0wwL3FDV2JudGd3UnZtRTNTQkJNbWgxN0I1L3VFQi8rdStzL3A2aCtkcGUrdzFXWWpQU1A0M2VlZjhwUExwL1gxNWY0SmRzRUdKYzB5dUgyRzRjblRxRzdZZzlqQkdVTDlPMjhrK2s4TG5zTkNxc1hqZVRTTzdyR25MZ2FmRG9DTUljNHRReGUvNzBqcGxrdVRXQzdRMTViS3MvdWxUck1INzhjenI0eHJ2N05rZnNPTjlkSlJIY2l1S0sxTVFZd1ZkRzZxSTFxRGxZK2JWMVZBVEw2OXViRnhFWTlBWGZ2M05BaGgyellnRVV3RjVsenNoajZTd2Qwekk5S2d5aFNIZkFwcXExOEZ4MnZ1NnVneVo1aDFZTHpMbXVCck9NRHVLK2QzNGsvZlVZT0VvOER5UXhmcHprcElHQ01FbCtEd0FSa3NtS296OFZaWjlEbkZ1Y2VydTg1a3E5S3h0LytHVUlpbjE1WmRDeHRlVHhZbHE0Zm5JVng1SjBaUnQxWncwNjJYcWxGemZlbnZ0TFpjRTlxbGFLbDA5SmwyYS9VdFZ6M3IwcnByOXkzbnp1aGVCQk9HVko3S1RJRWJ0V1JyNTV6YWpYLzMyeDdYMUZtZ2pZU0ZleG4xd1lkMHI0bURNNXdZWVdSNmpvKzVXc0RQanh6NnRDZHJSNjdxTWJYdjM4TzRJYndNdEM4ankyTUVkbmpxSVRkR28yYWczZmpId1RuQTZtT1I5Q0t2OEhOYXhRYW8vL1g5SjFjR2JoaHl1WTlDck1XSjFiR0lJN3NoWTZBUDdjaW5uL0RRaUZhcGJHWUhaK3NVM0U3L1I5bFJQMDRud3hjdlFuSlZwazliU2dBbjNhZVA2cE96SDJxa29FWllGV0ErbGNrS1dkYUI2QXE3dWpXSW9qVUI3NmVpT3BmVHVYN3I2bFBFS1FHcTJPcXpuUWM5bWRvMk5rNWdVZkpwVytyK085S1BWVVRZdmFVTnNXbFppeGM0ZzRLb3NjL0diNVVlaFlVNXJvODZCYUhmS2RUbjdkNEdJSHpsYXQwL0xBdy9ha0VBdXNtUjF3Y1l3WFB1dXVPQmVCK3NMOVNYM09TRzlRcmsxTUdWWVE5dlZHSnp3bG16dVlMbnRCSG1HdXFYZFFJWVZqaU5NMndGRnBhODVzZnh3OTdZRVJoUjROOHhsY2sxK3Q0MzJLYTF2eEhNcGQxZVQwL1VURVRYb09ROXZGV3pwb1NvMlA5NGpwQjByOGtCc2NaOHI4cDZCNkhLNG40a25kR1ZSdDV2Ym04ZEx0bTJUdHlCMlEyRm1wd0FLMmhzNDBRREg0WHBHNjdJSE0zV1p6MlhrbVVwemVwOWIyVXROeGFOd0IyUHZMMnUvZHBEbjRrUWhZT2JhRzhVTjZ6bUVTTWNzQzJ2QkVGRDZpaThQNFp2RENXa3lyR2V5Q1YwU1ZQNEhySmZHYnJBQ0ttcTVObXRNL25rTUlsQWZrZUV2R1VacHVIU05zRXpRSTNqTVUwd3RVRlBHN3lHN0hsTHJtVmMvMDRVZjNpei9IZEw3cmVWbUhSay9FZW1majY2WkU0UjNqTHVUNkRUVWE3RWhkaldxdXBvZnNUN3V5UXlmd2JOUEVhTWJwZm5YRXBTbENseFcxTFhRaUJNdmREdVgwVFRBTUZkT0hEVmgwUTZwekZ4bWp1Tk91ZG1UZmc3ZEExVVNqOGhoeERkMmltV3pDQk5SMXZrRllNSnZIZTZPV1lGQjdMQzNoR1BRWE51ZVV0SGJKSnZDS0pDN255VXNJRmYrT2V2SHFsRUNNTUgvVTVhL0NYTE9wcVNaUi9wQkUxdUI0a0t0b1lBU3pjTFl0WVIwelpuRXJ3WEJNVFN2U3RCZmtpTGc4YWhOSGNOOFMrUGMydWxYdk1kcjhjYnc1emNSeWZjeHF3NG9Ud2psUjlSOHZuU0gvTHZDNlFZOHJ1K3lhclM5blBHOWl4eUhYSXRhTmlhVEIyajJsTlRKaEdIUE1hL2RuSXVYQmlPYmE4MXQxYmk4L1M2c0dDTitvVDkyZTVSSUo4RWkzSkdpYWZZS2NUS0hGbzMrYUJQb2NTOE9sejNia0dXWXIxcFc5SC9DUElFYWI5dkx5OU8yWTRtdkIyQUQ1dDVibE41WElVQlYzbmtvYUxvK09nemg5SXJQdXZYWG05SFIrZStSVFg1eFJYa29GN0ZZS2swV1h2cW9LS0k1eUlQZWpGcjB0ZG5rRko1dGRmclJBYzJJdHhibGhMemtIWFVGZGdEVTNxSnZnK3Y1Q1NYMkwxcXVqcFN6VjVEMmFoR1EvVGZwWlcvMXZoT21YZnJETExVNmVkc1pha0VySkVpNXNFTk9GUDAwTmFBcE15T0c1a2YrSjNON3N3aDJscFhCQm9jSnBXUDhhRTFLd0dJbjJCeFpFRDJCa2FtTXJ2VXoxeVc4QWFyaVlXK2VOYUU3b3F4aEs1djIvYVhldW1kS3JKR1dzWWQxOGN0THhzYmI5bmtaQkN0VHE4cS9GZG1nSXpkUWhFVGVzalZ0UDZwNGthQllJclk2SWZXVk5JdHNxaENNQk1MY2g4Q0xQbkxMVW5lbEdpNGpUY1JQdHlhOGYycW9leW9CZGJNMStBTTROeEtxT0k2SGxEcTJyNS8xWlBDYzBvZTM1ekVudGk4VlJYVHNHNXIvYTFLSFhBT04wRWtzZkhteHgrV2JpZU1xcHZManhXWmNVck5CSThCOExnTmU1ZU1aQnJTdzlCeW9Rc1NlTHgwcFB1T0NYRnY1QllOajNMYmxKRTZ1R29VdXFlNTdHeU9xV3JYa3E0enlOMmpkWkRDUFY1cFZHMHR6bzR0VnQxcFE5Q0YwTm95eW85dnc1UGw2N3MzQjFvbHNBcEtSR2ZTVVoyaUE3anVDS1BpWGpHN1NncUF5K1dUaUsxN3VQaWVaMExhUThHTnNpclFrclVNWGJQdDJGbTdtRU9BSUxIeFNGL1NJYW1qMmM4WnJoUVBqRmVNSTRpQ21ERGdaY2VMd0lvaU9leEkrYUxNODA3elVtR2k5TDVqMjQzZEZxb2NVNjlmOUw3eTVSRUpQdlQ0QlJ2SWc3ckZucks1ZGY5bngwa0Z2a0FIcDc5b011RWVzNXp4a2J0V0xZNy9nRzRTZXdhTUlTWGF2TCtyR0Y5dEJpR09BOXBkbVd6RS9QaU9xZHp3MkJ5SFcwTFV6MVVLYWxHeUtESWZZWWplaEorUDNwUThheHhsNzBqbXhORzM2NEhjOVJGdzFFNFhZallmbUJYYmV2ZHJrZE14T1UzZmV4ZmEvY0h3dWllMWFrNnBOSXdpZ1RoMU9RcXc0VHRyL3FhajlkN2NwQmpHY2VtemxNRHBKZjd3RGtLVW1qYkUwTUtLYzZWQVhYNjNhS1FpYnJyVFBPUmlYSk1KL2JhVFVCMFl5dnNDYVBPMkpyYUF2K3I2Sm1NLy83elBxK0hzSVJYRkZGSVBmS0R2REM4UUk0VlZ3dlM3c0s2eVR5MGVkZko3QzRXbmc3U0xYN3ByZ25QRkN2QmZBLy80MlZjTmdsYUR6Zmo0S05tV2pRRnk1ZCt0UDVPZkd2S0xzNk9FVVVYWlFtSlNoYVZrYzQyVmtHYlh6Y01EMjV2NmNjOC9KeTlVRU82YldZUmlqN1g5bGFrcmc3U2d3M2MzNlVCMWpsRGNYUWQ3RFFTZUJMd1NBNklQOGhZZEtxaVY1amIyenV3R3o1YXRtSW5CdHZUT01tVU4zenFPbGU1UWdoRFgrb0haWHJjRHBOZ3hhMlBweUR6Q3BrRlVWbkxZWjk2cXplT2ZwSUF1ajNhMnJQOWNLbCtydEdBeDk1djN4amhGZEhyVkxCbC9yUVhrdEkrQzAzcVMwSU1XZjdubm1EVys5d0N5OHdZR21VYVJsWUpHUXN3OG9MMlBVbXVNYkJldVc4dHlVeVlyYUg4Vk8zZktocU1UdXlrV0x2clNJSjJhTCt2RHhmcGduR2NaTVNWK211ZGFIZ3BIWmlTT3dQYUdaa2x2NU5BYjJnMWpDa3FXTG85Q3hGL0lDV2p6MThCbFFDU1F2aldmUjFzVXRjb1lXMmk4Z1h3OXBkQ21lMUx4T0ltS0FzZkJoTmpqKzBMRTZGUk5yankwVVdQazFKZ1BmT1VsV2gzY1VVMERzYXpwWW1oS2Q3ZVI5YmtRaWhhbXZtVjdxdlJkUFIxTWw1MFFVeTFLOFF0cDR6MXVPLy9pL2VuQTUwT1gwb29obTRGTkowa2MwNklNcEdaMG5tZWZ0NWQyN1pKZVczWEViR3VFU0R3TWZ2bktmaW5EemdjVWtIMnZKaGVXZDZ5Q3c3eHBsSUNlamw0K093Y0pqZC9WWDJSNWttSG1MSWtzM0loU0Z4aVBkYXlOaVJFd3NsYTdVVW44dHFCUzNESUlWS1ZTbHNJb2t6Wm1sanE1TElhWmNGRDNLb1h5KzhSa1R3Rkd1UjdXaDdqSkp0d2picitJcHhuNmxpTzd6em5tNkJsaDNMamduUmh4aUU2MFF4bnFoSkpSc2RKWjVEK1gyaEhFT3RPb0xJcWtvRmZJQUpkOCt1RGVBVVFESXNBNThXN0RRem0xYnZTd1NkMXkrdUlZQ2c1M0EyYmZ3RjBxdVVyejlqcDVkMmt4QmkxdGZVaTJYenlXQjJLYW1jcmhtUkFkbW0vcGJ1ZVI2RS9LZTBvRkVUN2JKcE42ak1QTUJnelYraEFoQnFYTytiZDRPYlUzSnROaDlMWWVtdlRZV1p2UVFwWTZJQXpOOHpMM1ZMRFRiL05lSzZnTDI2RExCNkxLY2JMT054UkZON3N1d0F4bmR1bDRXYkg2eXgwNm5NT1JDS0pDdW1QWEl3ZlNKN1R5M3BMd2RZMEFnZWNqWXN1YnU1K0hhVmcvM1haTmQwVHladUI2dXFDK2ZhcE45OU5wNm1BNWRzRW0xRXNkNG02VkptUzR6Wk9ia1JMNnQ4NE12Z2wvalRvQi9JYnM5aDFKNFRlN0Fsc0tENHQ2WDRDZlBQdC83K1ZDRkdpMWZiTG1LVnNOWHBSRkZPQ1ZsazdWVThoV3Q1SVBDZ2hvZ1JPM0RBK3RMVDZtN3N0MnZFdnp0QTBEeS9MWnB3SVhKQzhlbFJYQlhCYmRTdDJzQjdtVU5CcGdvVzF5MFlHSTNXY1N1THVwcVpqOVZDRDhwYjFCKzFFOWx4WGRWTXY2U2lwMXlDL0JRWjdDS3R3dnd5TlJpSHJFRmV5TEc2a2h4UHR6cUl3OEpGZHlqdy93bzNLVWttZ3Q3WFdaTG1GbHdTQkl5Q0FkOEs2bVByRkxmRmFqQWVrU1NyQ2pRNWFCN2thT2E2ZUkyOEpNcjQ3TVdzUEE0SUVrLzRwRkVuckhQQms3SnVkMFpjcWVYWGUvT2xLV2g3dnc1cWdSZlRZbW1rTERtdWMzM3JKcHhnQlJYcWJMay92WGh6ZTZNSlUya08vL3dWc2ExeVI5SWpYZnlkWVhkWV&i=14-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: NESIvq1Hx3LSw2R5Qqp9kvhoTSHQPf2mVMqHlqMpdE4uw073D4H5_Q==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
346 B 88ms
52ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=FFeWFva2dCK3BYeTNJV1prWHJBeFpkS1lrTkxvTTJsaTVEVW56a2o1cDUrYlNPNGN3QjdvUUhSdXJGblZOV0RVOXkyL1hqdk1HRWpZVU94WGlYNUlzdk5KOGpra0Nzd3pmM3VkOTVCMGpOS3pSeWxmbk1ybytZU1F5OFBnZE1FY2NyMU0rYWc2NDhKb1VjOTdZaEpzZDdiN3BxTEV4Mzl4S2N0U3graE12SitGc1JXMXBuNVhmWFVrWTNkb3g2dnZ0VEU3My8wNTloSEZVYjdTWkZ2Nkh6N1d3NTR3SUNiZjZrZER1cXJjQ3A1MTRVUEtwejAvVG9rSXNKZW0zRmlVeVdRaWFydXdiS05icGltdWFjZHRNbU1sTGF2VXYveEp2TDFFT2hyVDNaQnlxa2JBNG5PclZqbjhLT2xranFHOCtwQXJFSCsrdE84bWVNZ2dFWGpKd2t5ejliZEIvSXJYSE5nUUExSGR4dHRhM2xkaHo5VEpORHFGTjA1c21KYW9jUmYvcVQ2MG5NZVl1VG82S0VYWEo1NjZGd05aL1lqbFdCRGgwRGlleVMyNm4xN2pCV3FCRmV5ZGp4Y1Q4Q1JGTjhmT29kcVlJdFBUYm8vUk9vSmVHYzUycWZtdURQVEVKQnlvSXdKbkxiNnA4WWI4byswNVFZeDF1ZmxkYWxIRHJ2VkJOOTNFQmpZV2paVk9WVDZGZWhESFVSbDRpdlFhVzdQK2IvWmpjR2hiWDQ1UUREWWJHRzZYSWFsald0dzNyQ1N4SlFrd2xoQ3pkSjR5VnBsNHh6amVhTXFBRWtEUXV3Rnc1cTJTT0FNVnAvSnE3R1BqdVJTZjMzTUNrNG5uY1RkS090NWFFWEtQOUFOdVFFU2tic1B0MjRyMVAwNi9OTUxQa1lHYVFtKy9MUCtjaE5LdHpyS0lpZVByRFQ3MlJBQ0ZHamdXQldRdkJMa3UrQWl3ZTlZQ2JNdytJbkFmRWVENXBEK1R4U1QxRUNIcTUwZ3N4T2o0UVl0eUdXSUZ6RGlRWGJpcVpZUGp3OVpGTEtKV1YwZXlPb0NZL25EY2VPMXp0MkFiZ2M1UktTcVRpeUJVQUE4Wkd3MEJOS0JCOFc5Yi8rdTVyWlpPQXg4QmtYNGhsNEpxZlNzTzdlRWtZY3g5UHVXVnNnTHQreU9uenJpZGF5TkFOVUxTV21LcFp6eDE1VnFQYkVleTF3clJvQnZkbUNZakk3eVNKZlh2TjY4UHpaTW82WTViN1hZNG5ad0xJa1BuSkJHQVRVaUlMc1FBd1FsTHhaN01Ba0RnNmxJTzlDTXdmYTcyOEUzaFc4Rm9MNTRGc3B1TGh5Z3VYNnFnNmhXaEZsYnZkYTgxZGVIZUlablIyQUVLWVBpK2l1UWtubFpRUy9Idm5rRitnQ2ZMdDduRDZhYVZ3cnVoRmxrNjYzL1NUQXpUdXkrTGZseTRSNWUwVktNcWlySmxHd1RpN25tQTBFdzlqUlc1ZERhZnJNZVJ4SjdPVnF3L2o4YlF3ZXJwdGxneGdUMzBMTDgrUFB6cEtQQVJaVmpDVWMrbzY2YnJ4eXZiQ0VJSkp5bkRTZGxFcis0SDRrbzlVcHI2aGw1WVFDcWdla1piRXh2R25PWVdBbWFETUZzUEV2cnBZUS9qdWRhWEp5UkdTY3FEY2pRRFN0UThtbFVVVUtlR1pGSWlJa2w3UUdZQlkzNldaeGxWM0VSUk5Db0lRRlFydmppTjRYSitIU29rdTFjb1FVMTJqUmZJdkg5ei9GTkEzS253dU10UkFrTzFnUmhIaEg1RzgzeVdVR0ppb2dEZWhuWEg0NEpEWldwdFRJa245TjBiSWc0WHhZRDhvOEU1TkFjTi9ERTI1aE9rdW00d1BGM1RHVU8xdjhkRUdQc1J2NXRqWjkzd2pOTm1TVjlJVWhQcWo5MU9JV0pqRmJLNkVQcEU2Rlk5cVc3RDc0WEhCQ0RGc0RxQkkzcTJNd3ZsWUZMb1RoNTc0SWUwbERNWWU0eFI0aUxFNERiMVlaL0hSNlo5Slk5TWNFK2J2SWRHWDRjNldVb0JSTWQ2alorSE92WlhPWmt0SUNaZTh6MWRrZURaWCtJeWdTWUdobU1GYllmcVN3Z0tucFNMdEF1ZUZGZkJYSFQ2aXNQNlBSTzBUNE40WHE4Z2RkSGpQdTdQK0FGWGFYMENjT0FmU253bFd2YTJRZW4zbU1HM1dBaU5OcmFJb3ZKMDQ0MEkzREt1WThLcXRiZGFDcXpBNS9HM2ZZVW4zcVhKR0hMVlZVUitubTBySXZDR0ZldUpmRTBOZjdHOElwb0gzR3NycWRUZ0U5RHZwVmtnd2xhQnA1QjVFM0phdkNhUFZJeC9oVmhINzVaRFJOdDJNNktqcy9rRWViWGkwakdSUDhMT2dKSUxVbFZRb3FBeFlHRXVidjZFY2FpMkdUOHZETHFqaFNaaG9DV0VseHJjd1ZpdFVOOG5FL3dEZGJtTHRjSUM5Wi8wWWVzcXRlN1hoTytXTUZPLzlqMlRKV3lJNkIwMzJBdUZPQitZeGRqZit4d2pCKzZRcjVTaGpMSlpWK1UyYVFmbFBOL2U1UGswTGMrdFdOVm9yaUxXT3J1SzZXUGJIUEV2RXVDT0V5dnRSVkR0RmpFQnVmM0hjRTFZVVpBTkVXaHBBRkVvQldCUno4UVN4Zk1jblVtQi8rcllmdVozMTIzTHlrSDV5ZWh5cVF4aVJweFdLbkVMMG9SWEFidWpZaXZJNVpHQjZYQmJzeXZ6QmxKYlMzUTQ5UGFMWEtUd2ZHY3pLTjlHNjRiZUpNT3RtcUtWNVBoR2lJdTMxZ21GVkZxS0cvWFpnTlpSUmpDQytvaWJ0emNHTE1Wb0lwMFB4NTZKT0xNSlN1TThyNGtSZ0JtL2xHK2t1dnhRSDFxZy92c2U0RUYzWWpKbnNQOE4reDc4aDVKek9TaEdMK0toUnVZV2l1SGV3cmVWZUhHZEFiTERaT2EvSW5XSmZXUE1oUFJZUm5GTzJQeng4eXBFZXFTWFdLaVo0b2k3WnJWK0dlc01TZ29YRGlOK0dhVzZSOTR4Q3JBNFlSRnBVL1IySUZPMHEralo3NEt0SWpjcHhjL2Vqa2VqeElhd05CVWhxT3Zia2NmMG8wL0ZUbm5ncm5pWnhPVGR6RkNZWlFWdU5qbENmcVBHSllXVWRPdGVCNGdCZWdTV3BsTlhpdEpvbnYzMXp3eVNQU1FWaFZMTnpObGNkSnord1kreGFxdnF3YVMra1FnZkdIUVczYldVMTVSVXk0OVhTMEtYR0hlWjgxd0crMGlVcjlYdzZLR2V4SEpNRkxSOTZrQmVrWXFUTHlpVVdJMUZTamxZWVlmcTl1YUQrSHlEVmlLMlhWbDRuL1ZGeUk3Y25Kb1o5QXV3RU1sOEdtMFhWUnpiMDMrRENYS1ZIRmVGdWtJQTAyRHhYQVEzaWQ4UXhNdElPckNjcTZZL0Q3c2EySXF2eHdRU2xMK09IWjhTdC8yNzh5Wlgzb3hzMGcwbU4wek5rL21oZmNvcWs4ZGhiMTRZYkNnV2pXVnM0aW85YStiNlVIMjRGUnlaV255bEE0aEU5cWJTelFHRk9xeUhycGJwVzlqOHpFM25QcGswaVRoVFRreUJXMHBESUJRQXBrTGFVSUdoWkhaMWxxdVp0S1FKRmxYQkNQWFpsc3hNdEpxckRsRlJ2NTE0eHBSbCs4ZklLWk81THRwTTcyemtDRkhxWnUxR01kVU02UTJaVmF3b1BRYS9XdFdtcnpGdEx1VEhRdTlxbDZ2YmJab0NzVFZ2VEtmdDZvRjQrald6RWd0ejRINFd2N09IODlUejMyOHFsYWdaYnpqM0I0MjJLeEFSVnUzTTFaSnE4YkFKQklmb0tNYTVQNDIwMlIrcEp2Mkkzek12aTZuc1B2MGo1VGYyMXNGQWJReXVjOWRkMkkzaFRaS3dSKytYd0ZkM2hzWWYwM3lNbVBuWURBK1hPZGE2a25EeUQxeFRzY0lqY2QwUEJZSUpoZ3Jqb09wVWJCTXE2Zzc0eVRhaHBnU1JXL3UvbXdaUXIvSUJydHBCZlN2aVlxY0Q0QkxQTHpoZkpjNk1rUlBROTB3U1huaGFMZHMwUkJuZUczbzgxNjJxeCtpQ0xrSEI2cVdXamRQY3d2VWk1aTdKaUx0MjVleDBsaVJ4b0pROTM4RjVHQm9yTFpiT3NrWUZoTmp4azlaNEpCeWhGZ2QzcWRER3lRWmFldVhQSHNqM0s5emVkZldjRVJlNGhDL3RIYStxb3ZSTVEzSGFPK1c4SWVOdndxOWErL3ZXeDZxVlNKTzltMEdFbHVTK0txdzMxVGJTaVBvOU1jdWdFRDlQeGhUSlJ4MHRqTjN0Y0hYdUNtbGRsd21YWmJTVmo2TjRZcG45NkpLUUE3UTdiTjdNRVkzOGZ3OXI3ZFZCcE1nRGNNK2NWdWVPQjJ2Nyt5TmJVRW9NejM3YzlTb2pUWjhLWFlGMVAwUUp4MlZHdDFJcFk0WkJJOXc2TXl0WEVxSFlkejUyNjdhVjBpMHdFT3pvZGpGTG45SGthUVRhMFd6bUZCRmtIbEc5WnJaOE4xRzR2QndtNERuckVTMGpUbjVWWHlaRUYvMUN0eE9lODZ6c0lJaC9CQmNrbmZWWk53WEVvelh0OGczMy95VDMwNTRCdmhzV3d4RC9nV2hldHV4K3Q1OTVqSFBNVGNDNXJCejZzRVJ3aGlLZ3V5azluNGJrOUNzazl1Vnc5NzkxbW5ZRmRlRzRlVEc0ODVTOWpxT0RzbWdYYlhGMjdoMGNwVCsxYWdOLzhrV3JOLzRoV0Vxb1I3M25vTS82S1oyTStUaDF2WnVZMEtTY29uY2pXUUpKa2MxdUNEdFNVekRXNk0vU2RlRUFkRVFvWHpRZGFSaU5LTFJ2aG1YUE5QeG03dFcycC8yNDRQbnBaZE5vWDBXMkxqV2RjU0ZtL1NWTUx2WHk0YjVjZ0VDcHhLRXFUU3F1VmdTd0JFWDR3ZnVHMllXbDFCRFBMSE1ja3ZaTXEyd2Fod05vaTYyOFZ1K09PUWlpenlnRXNGNTFwOElvOWk2Z3o1ME4yVHBXRnFQejRtbS9lSGxYQlZZajFTSGxkQmg0TzhXeWxBalJjRm54NjY2Zm8rczdJYzlIVWlwRTE5ZStuTEM1bXI3V3k4cTdCMXBjbXJSb0p3aDFaT0ZtU1dMUkpoek5SVGNyQy9WTmdMaVp4aEZQZnd2dit1aEhaU0lucDhvUWRaaDZzSHZQZjlvYjlwcXF5bXpOK2ZMVVNFTW1tRUhmMTRMOWFXaGlaaGVkbkxscjBrZlR0TU9NWnI5NitBRCtDTzJSMHZhUVJib2duLzl2T3hjWkJWRThKeThBNDJMRGJseTMxYTBGcmVDRW9zUHRtTzA1aXBXUG9tcStxeGI0bFdhaW4yWmtGRlBhZkhmT0N6V0IzZlFJYlgvR2dRUjljWW9tWjlUa2Y0US8rRHdxSUhtYndxRnJ6UDg5TkxjOS9GMGpzYWFBdStsM3pNR21kY2t6Z2dSRHM3ekM5VkhXWDRwM1d6YWxvcHQvWmFoc1Z6ZDk3OVd6RXFuVHZpQmMxSUdWb2RzNHRkcFM4L2VIY0ZYWXhUckRzeEdHalpyL2ZKZ2JiLzNDZGlsTTVTdFlld0JSUDdqTVBVRU5kMDNGeHVYdlVQV3VQa2d4Snp5VGR1bHlLZ0RBRXpXMTRVSXowbUNvV0hLK1V0aklYZzVMR0hXcmtrcnl2dnZEbXY3OFp2SEhCaEE1bUtIbER4TU4razZjMzcxbVh0eGxBNVF1RytZQkZPSFVsMlE0VENrdndha1ZYckt0aWc5N2h3bGpsMXFjM2Z2SG5QeVhab1dMamtBeEhpSFFzOHRvVE1mTjMycmlNT0dYcm9IV1dzekZVQld6MmdBRUNBZDFmZkpPZm95YldRdmN0aFlsUXBvcjh3cy9EME9kSTZhRFh1bE5tdnhqSjQ1SHVIZkRlV0VyV2llanUxdnJPL2w4ZFVIVUNSY1B0Z3dRUW1EazhlZzN5UXNtTHQ3S0xId2RsL2E3dkl4TjhXSzVPMS92TTI4bWN3V2cvTVF1QnRWa05EMk93RkVPcEp0VjVyYnhlVVdmL0lGcVUwRk15enZIRmtPd2d3Q3lBY1AxMHJaMDhQbGREVHZhbUpQT1pTdjAybVlQdjBONU0vUWFDSzlMQmQ2bWpBcWwzU0UzQ0taOHFyMUFsYUoyTU4xdlZ1RHlYNTNQUUpQSmZPVHhSTVQ5M1pVTFY5NTFBU3ZLU2RUWVJ6UkN5WXhKem96U2tzckxwSlBuM0ZIWU81NWRPcUlGYU00dDF2OGtha0VHeGNlUVZ3Q2VrSXRab2xXcWFZdUtNTmFtYzhSaUhnZm1saHByV0dUOGdEenFHWTVNY3plZFVXS2NIVW40M2krK3JiWFNuaFZWcENQSVBqQ0pFSy8zNkQvb0M0OUhoR1ltUE1CM0RFWUM1MzI4eUo4Q3pFK3VqWUsySStVZjNtd25YeUpUNVpZNjBsK1ZuWU4yVGU4NENaVnBZMUFzM0diNDc2c1B1NW1RL1hWN0o2OW5mR2JxNFY0Mi8xVlVqbnNGZW9lbDJqTmlaOHV2WDQrTEppZFBNTnRxWk5Mdnp4RktESEhoVjdTWkN0clJDUFFOYVhyMlJVSWJYR0gzNEtHNEwwelNZbVZnS2NMeEl4d2tvRldGLzl6aHNBXFx4M2RcXHgzZCcsJ19pZnJfJzogJ2ZhbHNlJywnX2lzZmxfJzogJ2ZhbHNlJ30pO3ZhciBnc29kYXIgPSBkb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtnc29kYXIudHlwZSA9ICd0ZXh0L2phdmFzY3JpcHQnO2dzb2Rhci5hc3luYyA9IHRydWU7Z3NvZGFyLnNyYyA9ICcvL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vc29kYXIvUTEyemdNbVQuanMnO3ZhciBzID0gZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ3NjcmlwdCcpWzBdO3MucGFyZW50Tm9kZS5pbnNlcnRCZWZvcmUoZ3NvZGFyLCBzKTt9KSgpOzwvc2NyaXB0PjxkaXYgaWQ9XCJhZF91bml0XCI%2BPGRpdiBjbGFzcz1cIkdvb2dsZUNyZWF0aXZlQ29udGFpbmVyQ2xhc3NcIiBpZD1cImdjY19jdXFIWlliUEU3WEE2dG9Qb0tLSS1BOFwiIGRhdGEtY3JlYXRpdmUtbG9hZC1saXN0ZW5lcj1cIlwiPjxhIHRhcmdldD1cIl9ibGFua1wiIGlkPVwiaW1nX2FuY2hfQ0lYUS04alNwNE1ERlRXZ1dnVWRJQkVDX3dcIiBocmVmPVwiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzc1VyZzgtWG42dGVya1paYW9CV05DUzVuNzBIZmlWSVlEUHNGRFlyeVJmU0FXOTRYb2kxWFZKR1l0dkVrRVNiT05JTml1OUtfNUhJSU5SRXh4WkpZeTNFMkUyRGJiSy1lbHFlQk90cEpzRHZheEFfZzh4d1hwbUI0eFhiZ3k3aGM2UGdJSHBONUw3ZzVTeUNKc0FYTFBaamZQeUhWTlFiX0NWM19mT1JqQ3FNYTduTzVJSHJkcDBNanZRTG5wNGp1QVRXbjJtMHJLeGloRk9OMDFEVV9nWXQ4MVBSRThPbkxrNnNTNHZxVnlvckx5d1p3ZG8tYTI0cVdRN2VJQWNKcnlSX2dLNDJsMHQwOE45eUhvTUJ1VDdGTklIZ05PTDFJMnh3cDNJMTNGRVFJcGQxUlpIeTZlWUJrR1VnNzVMckF3RW1iRFZRRHRfd0tFZFBRYWhUdlBlbWpGUEhoSWtOcjBVMGlSd3ZSOS1UMDh5cFpy&i=15-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: Mb3xqiY4H6JuQ-ZLqbmJ0O_gQDaiuWVopploC-lHy1kS7Y_IJcz7cA==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
346 B 90ms
54ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=bE5LVXlpNnZ5ZVhDNmJhbXdDWnYxWU1MNEt3RkRqWWdvR3pBbnk3THVNckJlQ1pPN2kxZHgyUG8ycGdGbjQxeHVra3RLaWp1NHhBZkh0Zk5ObE5VTHZzcDczd2pTSDJHQWRIMVlWc3JnRzhsZWl6SlIxY1l5R21sMHQwUk90bUk4MDRXanBSNlpyd0E1RjlHWDdqUlg2ckRKV3gtYnN3RkpEaGZhWEZ5YnZTYzY1QTF5YmNXMDh1NmdvWFZJUC1CWEtKbFkxNUd1RXAwTnowaEVBUElkcHpSVG00eWRUUXhhUDU3Zm8zQlh5NDNuT0VpSk4zUzAybWdmOXJGTnA1SW9LVDVGbXFDNHZCQ29Ranh0aHY5TDE3ZG1QTmpZNUlSTWt0UDJqbklZcjF1bFNVOWZOSThUcEdmRWhtMlJPeEcxLThtWFF6bnNvY2RYRVoyUmlWeGtEX09qYzhTUnpNZzNlcDdBV0NkNW9zZHRDSHFNNmJFU085bTEtOTdhZUlybHZ1M3NDYnJDZ09nNnRhV3hValVXeF9jR1BsQS15NWVaTXI4TnNTNTZZRV9EQXRZQW5RMGZ2TUQxMWtUWWd0QTAzNm83Ym4wb2tZZzhxeTJEWU9ZUlR2UHRNWU03bXdNVmNOQVR3TzFBeklsOXRIeEdoTE1ZaUVfQ1E3WnpManRvVlhGbHQ2NlV0LTBjZmFXVHdVMjV0U2dTNjlnWVJOdnV6MXVLVHNac2xLZkFTd01PcWRuVVAwNHJiekc3c19EMnNJekZRRXNCVkdnLVBBYldELVkyaGRtOVpjRHlQWjl5cVY5bnBmSDl0MmUwU1JnaHU0ZDVnV1JnbnpCalRidlRLYnZqVEZIdzFwUlY4Vk1VNWZfSDRjdy1Xa2hPQmIwcTE1OVdBLUdQUFJOdkZUNm15RTJTWnI3V0VnS2k1M2s1SGwzalhMSDI4cTFHSTM1S1ZjZERjSEJySnN6UE9IdGpzYkgzVWdQRnlvTlo0aklCZTRRZ1dwYnRMampnb3ZsUnIweVpwZGR1R1djTTR1aXUtY2t3aWgydm1VaUY0eUJsY0VUUUdfRlhWeDAwdEVOMGhjTFRwTUF2WjRaNzVqSkZELVBSUE1NSGtxeVdIbXlJc3R5V0N1MDdJSmJxaUxkRmZYWXlVUmhyak9GZVZwQUNOaWlKWkxFRUg1aHg0Z0NyRk5QN00tdVkyeklmQk5lMGNjajlhSnBDaUpOV2tfcXZzMlltMTMtWDRpQ1BxM05UdTlLTlgwS2pfWHNkNVlEMS1zSnlkVlYyaUFqM3lka2tpZ19PR2M0cjNuRUV1SVFuWjlIREl3MG1KTnkwMWxuV0c3U0ZnckFxYzNxVHpLSDJ6RlEyNzV4VFZFVWs2RDNEaDROX0ptVFFPZlNrUmR4OGV1SmZCdEhGVFdoT3hXZyZhbXA7c2FpPUFNZmwtWVE1ZjVHX3E4WUEwcWhTUmtERDcxczNyR3VHNnhJaklLaWxxUFo4amNXY1NIcW5pNWticVQyd0JJSkQyNml2SXoxZXI5SW8xM3lOalVFMHFwU19PeWxQVGJUbVhjZDlSNEk4X2U4SGRYM3NFZjB1ZVQtdUdOQnhZaVhMaHBBTFdDS1RFWXQyVFpCd3V2eHF0UzU0RFFkeVVzdEh3UGdEd05jSE9pejVoVkZmTnJSV2c2X2tXeHR3RXRucmFMZWlFZ2I2dTNkSXY1UWxkQlNMQVA5SktFa3V3VUFTQWIyZTE0RWxaUTZUazMwSmVzamFVaUM4VkJST2k5QnZpZ2dDWV9JanJibFFBaTlTSVFodFhfV2tRcVlmc3JSQU9wY09UdGVjeEZqOUtjOFhndTI5XzZHZndncFlqdGs3MHUzR2ZlNThZSEpaJmFtcDtzaWc9Q2cwQXJLSlN6SzdIU3BWSnJzd2QmYW1wO2Zic19hZWlkPSU1Qmd3X2Zic2FlaWQlNUQmYW1wO3VybGZpeD0xJmFtcDthZHVybD1odHRwczovL3d3dy5uZXNwcmVzc28uY29tL2NhL2VuL29yZGVyL21hY2hpbmVzL3ZlcnR1byUzRnV0bV9zb3VyY2UlM0RQYWlkLURpc3BsYXklMjZ1dG1fbWVkaXVtJTNEQkFFJTI2dXRtX2NvbnRlbnQlM0RCQUVfV2F2ZW1ha2VyX0NPTV9QUl9EVl9EVjM2MF9DQS1QUi1ZRVAtQ29ucy1EaXNwbGF5LURWMzYwLVByb3NwLUxhdHRpc3NpbWEtRFYzNjAtUkVDLTNQRC1fUHJvc3BlY3RpbmdfQ1BNX09QWF9fRU5fJTI1M0UlMjUzRURpc3BsYXlCYW5uZXJfVjFfTENMX0ROUF9PVF9fMzAweDI1MF9naWZfJTI2dXRtX2NhbXBhaWduJTNEQ0FfMjAyMy1EZWNfQjJDX0xPQ19ZRVAyMDIzX09uZS1zaG90X1BST19DQl9Ob18lMjZ1dG1fc291cmNlX3BsYXRmb3JtJTNERFYlMjZ1dG1fY3JlYXRpdmVfZm9ybWF0JTNERGlzcGxheUJhbm5lciUyNnV0bV9tYXJrZXRpbmdfdGFjdGljJTNEUFIlMjZkY2xpZCUzRCUyNWVkY2xpZCFcIj48aW1nIHNyYz1cImh0dHBzOi8vczAuMm1kbi5uZXQvc2ltZ2FkLzIzNTI1MjA0NzU3NTU1OTM2OTJcIiBhbHQ9XCJBZHZlcnRpc2VtZW50XCIgYm9yZGVyPVwiMFwiIHdpZHRoPVwiMzAwXCIgaGVpZ2h0PVwiMjUwXCIgc3R5bGU9XCJkaXNwbGF5OmJsb2NrXCI%2BPC9hPjxzY3JpcHQgZGF0YS1qYz1cIjc0XCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjMxMjA3XCIgZGF0YS1qY3AtYS1pZD1cImltZ19hbmNoX0NJWFEtOGpTcDRNREZUV2dXZ1VkSUJFQ193XCIgZGF0YS1qY3AtZm9yLXN1cmUtb3Blbi1icm93c2VyPVwiZmFsc2VcIiBkYXRhLWpjcC1mb3Itc3VyZS1vcGVuLWN1c3RvbS10YWJzPVwiZmFsc2VcIiBkYXRhLWpjcC1jYy1vdmVybGF5PVwiXCIgZGF0YS1qY3AtY2MtYnV0dG9uPVwiXCIgZGF0YS1qY3AtaXMtZmxlZGdlPVwiZmFsc2VcIiBkYXRhLWpjcC10dXJ0bGV4LWV2ZW50LWFkLXNpZ25hbHM9XCJcIj4oZnVuY3Rpb24oKXsndXNlIHN0cmljdCc7LyogIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wICovIHZhciBtPXRoaXN8fHNlbGY7ZnVuY3Rpb24gcChhLGIpe2E6e3ZhciBjPVtcIkNMT1NVUkVfRkxBR1NcIl07Zm9yKHZhciBkPW0sZT0wO2U8Yy5sZW5ndGg7ZSsrKWlmKGQ9ZFtjW2VdXSxudWxsPT1kKXtjPW51bGw7YnJlYWsgYX1jPWR9YT1jJiZjW2FdO3JldHVybiBudWxsIT1hP2E6Yn07dmFyIHQ9cCg2MTA0MDEzMDEsITEpLHU9cCg1NzI0MTczOTIsITApO3ZhciB4O2NvbnN0IHk9bS5uYXZpZ2F0b3I7eD15P3kudXNlckFnZW50RGF0YXx8bnVsbDpudWxsO2Z1bmN0aW9uIHooYSl7cmV0dXJuIHQ%2FeD94LmJyYW5kcy5zb21lKCh7YnJhbmQ6Yn0pPT5iJiYtMSE9Yi5pbmRleE9mKGEpKTohMTohMX1mdW5jdGlvbiBBKGEpe3ZhciBiO2E6e2lmKGI9bS5uYXZpZ2F0b3IpaWYoYj1iLnVzZXJBZ2VudClicmVhayBhO2I9XCJcIn1yZXR1cm4tMSE9Yi5pbmRleE9mKGEpfTtmdW5jdGlvbiBCKCl7cmV0dXJuIHQ%2FISF4JiYwPHguYnJhbmRzLmxlbmd0aDohMX1mdW5jdGlvbiBEKCl7cmV0dXJuIEIoKT96KFwiQ2hyb21pdW1cIik6KEEoXCJDaHJvbWVcIil8fEEoXCJDcmlPU1wiKSkmJiEoQigpPzA6QShcIkVkZ2VcIikpfHxBKFwiU2lsa1wiKX07IUEoXCJBbmRyb2lkXCIpfHxEKCk7RCgpO0EoXCJTYWZhcmlcIikmJihEKCl8fChCKCk%2FMDpBKFwiQ29hc3RcIikpfHwoQigpPzA6QShcIk9wZXJhXCIpKXx8KEIoKT8wOkEoXCJFZGdlXCIpKXx8KEIoKT96KFwiTWljcm9zb2Z0IEVkZ2VcIik6QShcIkVkZy9cIikpfHxCKCkmJnooXCJPcGVyYVwiKSk7dmFyIEU9IXU7bGV0IEc9IXU7dmFyIEg9U3ltYm9sKCk7ZnVuY3Rpb24gSShhKXtjb25zdCBiPWFbSF18MDsxIT09KGImMSkmJihPYmplY3QuaXNGcm96ZW4oYSkmJihhPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGEpKSxhW0hdPWJ8MSl9ZnVuY3Rpb24gSigpe3ZhciBhPVtdO2FbSF18PTE7cmV0dXJuIGF9ZnVuY3Rpb24gSyhhKXthPWE%2BPjE0JjEwMjM7cmV0dXJuIDA9PT1hPzUzNjg3MDkxMjphfTt2YXIgYWE9e30sYmE9e307ZnVuY3Rpb24gY2EoYSl7cmV0dXJuISghYXx8XCJvYmplY3RcIiE9PXR5cGVvZiBhfHxhLm8hPT1iYSl9ZnVuY3Rpb24gTChhKXtyZXR1cm4gbnVsbCE9PWEmJlwib2JqZWN0XCI9PT10eXBlb2YgYSYmIUFycmF5LmlzQXJyYXkoYSkmJmEuY29uc3RydWN0b3I9PT1PYmplY3R9bGV0IE0sZGE9IXU7ZnVuY3Rpb24gTihhLGIsYyl7aWYoIUFycmF5LmlzQXJyYXkoYSl8fGEubGVuZ3RoKXJldHVybiExO2NvbnN0IGQ9YVtIXXwwO2lmKGQmMSlyZXR1cm4hMDtpZighKGImJihBcnJheS5pc0FycmF5KGIpP2IuaW5jbHVkZXMoYyk6Yi5oYXMoYykpKSlyZXR1cm4hMTthW0hdPWR8MTtyZXR1cm4hMH12YXIgTztjb25zdCBlYT1bXTtlYVtIXT01NTtPPU9iamVjdC5mcmVlemUoZWEpO2NsYXNzIGZhe31jbGFzcyBoYXt9T2JqZWN0LmZyZWV6ZShuZXcgZmEpO09iamVjdC5mcmVlemUobmV3IGhhKTtmdW5jdGlvbiBpYSgpe2NvbnN0IGE9RXJyb3IoXCJpbnQzMlwiKTthLl9fY2xvc3VyZV9fZXJyb3JfX2NvbnRleHRfXzk4NDM4Mnx8KGEuX19jbG9zdXJlX19lcnJvcl9fY29udGV4dF9fOTg0MzgyPXt9KTthLl9fY2xvc3VyZV9fZXJyb3JfX2NvbnRleHRfXzk4NDM4Mi5zZXZlcml0eT1cIndhcm5pbmdcIjtyZXR1cm4gYX07ZnVuY3Rpb24gamEoYSl7aWYoXCJudW1iZXJcIiE9PXR5cGVvZiBhKXRocm93IGlhKCk7aWYoIU51bWJlci5pc0Zpbml0ZShhKSl0aHJvdyBpYSgpO3JldHVybiBhfDB9O2xldCBrYTtmdW5jdGlvbiBsYShhLGIpe3JldHVybiBtYShiKX1mdW5jdGlvbiBtYShhKXtzd2l0Y2godHlwZW9mIGEpe2Nhc2UgXCJudW1iZXJcIjpyZXR1cm4gaXNGaW5pdGUoYSk%2FYTpTdHJpbmcoYSk7Y2FzZSBcImJvb2xlYW5cIjpyZXR1cm4gYT8xOjA7Y2FzZSBcIm9iamVjdFwiOmlmKGEpe2lmKEFycmF5LmlzQXJyYXkoYSkpcmV0dXJuIGRhfHwhTihhLHZvaWQgMCw5OTk5KT9hOnZvaWQgMDtpZihudWxsIT1hJiZhIGluc3RhbmNlb2YgVWludDhBcnJheSl7bGV0IGI9XCJcIixjPTA7Y29uc3QgZD1hLmxlbmd0aC0xMDI0MDtmb3IoO2M8ZDspYis9U3RyaW5nLmZyb21DaGFyQ29kZS5hcHBseShudWxsLGEuc3ViYXJyYXkoYyxjKz0xMDI0MCkpO2IrPVN0cmluZy5mcm9tQ2hhckNvZGUuYXBwbHkobnVsbCxjP2Euc3ViYXJyYXkoYyk6YSk7cmV0dXJuIGJ0b2EoYil9fX1yZXR1cm4gYX07ZnVuY3Rpb24gbmEoYSxiLGMsZCxlLGYpe2lmKG51bGwhPWEpe2lmKEFycmF5LmlzQXJyYXkoYSkpYT1lJiYwPT1hLmxlbmd0aCYmKGFbSF18MCkmMT92b2lkIDA6ZiYmKGFbSF18MCkmMj9hOm9hKGEsYixjLHZvaWQgMCE9PWQsZSxmKTtlbHNlIGlmKEwoYSkpe2NvbnN0IGs9e307Zm9yKGxldCBoIGluIGEpa1toXT1uYShhW2hdLGIsYyxkLGUsZik7YT1rfWVsc2UgYT1iKGEsZCk7cmV0dXJuIGF9fWZ1bmN0aW9uIG9hKGEsYixjLGQsZSxmKXtjb25zdCBrPWR8fGM%2FYVtIXXwwOjA7ZD1kPyEhKGsmMzIpOnZvaWQgMDthPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGEpO2ZvcihsZXQgaD0wO2g8YS5sZW5ndGg7aCsrKWFbaF09bmEoYVtoXSxiLGMsZCxlLGYpO2MmJmMoayxhKTtyZXR1cm4gYX1mdW5jdGlvbiBwYShhKXtyZXR1cm4gYS5tPT09YWE%2FYS50b0pTT04oKTptYShhKX07ZnVuY3Rpb24gUShhLGIsYyl7YT1hLmc7bGV0IGQ9YVtIXTtpZihkJjIpdGhyb3cgRXJyb3IoKTthOnt2YXIgZT1LKGQpO2lmKGI%2BPWUpe2xldCBmPWQ7aWYoZCYyNTYpZT1hW2EubGVuZ3RoLTFdO2Vsc2V7aWYobnVsbD09YylicmVhayBhO2U9YVtlKygrISEoZCY1MTIpLTEpXT17fTtmfD0yNTZ9ZVtiXT1jO2YhPT1kJiYoYVtIXT1mKX1lbHNlIGFbYisoKyEhKGQmNTEyKS0xKV09YyxkJjI1NiYmKGM9YVthLmxlbmd0aC0xXSxiIGluIGMmJmRlbGV0ZSBjW2JdKX19ZnVuY3Rpb24gUihhLGIsYyl7aWYobnVsbCE9YyYmXCJzdHJpbmdcIiE9PXR5cGVvZiBjKXRocm93IEVycm9yKCk7UShhLGIsYyl9O2Z1bmN0aW9uIFMoYSl7TT0hMDt0cnl7cmV0dXJuIEpTT04uc3RyaW5naWZ5KGEudG9KU09OKCksbGEpfWZpbmFsbHl7TT0hMX19dmFyIFU9Y2xhc3N7Y29uc3RydWN0b3IoKXthOnt2YXIgYT12b2lkIDA7bnVsbD09YSYmKGE9a2EpO2thPXZvaWQgMDtpZihudWxsPT1hKXt2YXIgYj05NjthPVtdfWVsc2V7aWYoIUFycmF5LmlzQXJyYXkoYSkpdGhyb3cgRXJyb3IoKTtiPWFbSF18MDtpZihiJjY0KWJyZWFrIGE7Ynw9NjQ7dmFyIGM9YS5sZW5ndGg7aWYoYyYmKC0tYyxMKGFbY10pKSl7Ynw9MjU2O2MtPSshIShiJjUxMiktMTtpZigxMDI0PD1jKXRocm93IEVycm9yKCk7Yj1iJi0xNjc2MDgzM3woYyYxMDIzKTw8MTR9fWFbSF09Yn10aGlzLmc9YX10b0pTT04oKXtpZihNKXZhciBhPVQodGhpcyx0aGlzLmcsITEpO2Vsc2UgYT1vYSh0aGlzLmcscGEsdm9pZCAwLHZvaWQgMCwhMSwhMSksYT1UKHRoaXMsYSwhMCk7cmV0dXJuIGF9fTtVLnByb3RvdHlwZS5tPWFhOy&i=16-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: cRdEklqYwXbFG9aBfiVG5e2Tndw3TXgPgm_-GIdMi9-CXhJDLhTRuA==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
344 B 91ms
56ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=BVLnByb3RvdHlwZS50b1N0cmluZz1mdW5jdGlvbigpe3JldHVybiBUKHRoaXMsdGhpcy5nLCExKS50b1N0cmluZygpfTsgZnVuY3Rpb24gVChhLGIsYyl7Y29uc3QgZD1hLmNvbnN0cnVjdG9yLnM7dmFyIGU9KGM%2FYS5nOmIpW0hdLGY9SyhlKSxrPSExO2lmKGQmJmRhKXtpZighYyl7Yj1BcnJheS5wcm90b3R5cGUuc2xpY2UuY2FsbChiKTt2YXIgaDtpZihiLmxlbmd0aCYmTChoPWJbYi5sZW5ndGgtMV0pKWZvcihrPTA7azxkLmxlbmd0aDtrKyspaWYoZFtrXT49Zil7T2JqZWN0LmFzc2lnbihiW2IubGVuZ3RoLTFdPXt9LGgpO2JyZWFrfWs9ITB9Zj1iO2M9IWM7aD1hLmdbSF07YT1LKGgpO2g9KyEhKGgmNTEyKS0xO3ZhciBnO2ZvcihsZXQgRj0wO0Y8ZC5sZW5ndGg7RisrKXt2YXIgbj1kW0ZdO2lmKG48YSl7bis9aDt2YXIgcT1mW25dO251bGw9PXE%2FZltuXT1jP086SigpOmMmJnEhPT1PJiZJKHEpfWVsc2V7aWYoIWcpe3ZhciBsPXZvaWQgMDtmLmxlbmd0aCYmTChsPWZbZi5sZW5ndGgtMV0pP2c9bDpmLnB1c2goZz17fSl9cT1nW25dO251bGw9PWdbbl0%2FZ1tuXT1jP086SigpOmMmJnEhPT1PJiZJKHEpfX19Zz0gYi5sZW5ndGg7aWYoIWcpcmV0dXJuIGI7bGV0IHYsQztpZihMKGw9YltnLTFdKSl7YTp7dmFyIHI9bDtmPXt9O2M9ITE7Zm9yKHZhciB3IGluIHIpe2E9clt3XTtpZihBcnJheS5pc0FycmF5KGEpKXtoPWE7aWYoIUcmJk4oYSxkLCt3KXx8IUUmJmNhKGEpJiYwPT09YS5zaXplKWE9bnVsbDthIT1oJiYoYz0hMCl9bnVsbCE9YT9mW3ddPWE6Yz0hMH1pZihjKXtmb3IobGV0IEYgaW4gZil7cj1mO2JyZWFrIGF9cj1udWxsfX1yIT1sJiYodj0hMCk7Zy0tfWZvcihlPSshIShlJjUxMiktMTswPGc7Zy0tKXt3PWctMTtsPWJbd107aWYoIShudWxsPT1sfHwhRyYmTihsLGQsdy1lKXx8IUUmJmNhKGwpJiYwPT09bC5zaXplKSlicmVhaztDPSEwfWlmKCF2JiYhQylyZXR1cm4gYjt2YXIgUDtrP1A9YjpQPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGIsMCxnKTtiPVA7ayYmKGIubGVuZ3RoPWcpO3ImJmIucHVzaChyKTtyZXR1cm4gYn07dmFyIHFhPWNsYXNzIGV4dGVuZHMgVXt9O3ZhciByYT1jbGFzcyBleHRlbmRzIFV7fTtmdW5jdGlvbiBzYShhPXdpbmRvdyl7cmV0dXJuIGF9Oy8qICBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMCAqLyB2YXIgdGE9L14oPyFqYXZhc2NyaXB0OikoPzpbYS16MC05Ky4tXSs6fFteJjpcXC8%2FI10qKD86W1xcLz8jXXwkKSkvaTtsZXQgVjtmdW5jdGlvbiB1YShhLGIsYyxkKXtjb25zdCBlPS9eKGh0dHBzPzpbXjo%2FXStbL11wY3NbL11jbGlja1teL10rPykoPzombnhbXiZdKyZueVteJl0rJmRpbVteJl0rKT8oJmFkdXJsPS4qKS8uZXhlYyhhKTtyZXR1cm4gZT9lWzFdK2Ambng9JHtifSZueT0ke2N9JmRpbT0ke2R9YCtlWzJdOmF9ZnVuY3Rpb24gdmEoYSl7Y29uc3QgYj1hLmN1cnJlbnRUYXJnZXQsYz1iLnF1ZXJ5U2VsZWN0b3IoXCJpbWdbYWx0XVwiKTtpZihjKXtjb25zdCB7aTpkLGo6ZSxoOmZ9PVcoYSxjLm9mZnNldExlZnQsYy5vZmZzZXRUb3AsYy53aWR0aCxjLmhlaWdodCk7YT11YShiLmhyZWYsZCxlLGYpO3RhLnRlc3QoYSkmJihiLmhyZWY9YSl9fSB2YXIgd2E9KGEsYik9PntzYShtKT8uZmVuY2U%2FLnNldFJlcG9ydEV2ZW50RGF0YUZvckF1dG9tYXRpY0JlYWNvbnMoe2V2ZW50VHlwZTphLGV2ZW50RGF0YTpiLGRlc3RpbmF0aW9uOltcImJ1eWVyXCJdLG9uY2U6ITB9KX0sWD0oYSxiLGMpPT57Y29uc3QgZD1zYShtKTtcImJ1eWVyXCI9PWM%2FZD8uZmVuY2U%2FLnJlcG9ydEV2ZW50KHtldmVudFR5cGU6YSxldmVudERhdGE6YixkZXN0aW5hdGlvbjpbXCJidXllclwiXX0pOlwiY29tcG9uZW50LXNlbGxlclwiPT1jJiZkPy5mZW5jZT8ucmVwb3J0RXZlbnQoe2V2ZW50VHlwZTphLGRlc3RpbmF0aW9uOltcImNvbXBvbmVudC1zZWxsZXJcIl19KX07IGZ1bmN0aW9uIFkoYSl7Y29uc3QgYj1uZXcgcmE7UihiLDEsYSk7YT1TKFYpO1IoYiw0LGEpO1IoYiwxMCxEYXRlLm5vdygpLnRvU3RyaW5nKCkpO3dhKFwicmVzZXJ2ZWQudG9wX25hdmlnYXRpb25cIixTKGIpKTt3YShcInJlc2VydmVkLnRvcF9uYXZpZ2F0aW9uX3N0YXJ0XCIsUyhiKSk7WChcImNsaWNrXCIsUyhiKSxcImJ1eWVyXCIpO1goXCJyZXNlcnZlZC50b3BfbmF2aWdhdGlvblwiLG51bGwsXCJjb21wb25lbnQtc2VsbGVyXCIpO1goXCJjbGlja1wiLG51bGwsXCJjb21wb25lbnQtc2VsbGVyXCIpfWZ1bmN0aW9uIFcoYSxiLGMsZCxlKXtyZXR1cm57aTorTWF0aC5yb3VuZChhLmNsaWVudFgtYiksajorTWF0aC5yb3VuZChhLmNsaWVudFktYyksaDpgJHsrZH14JHsrZX1gLGw6dm9pZCAwfX0gZnVuY3Rpb24geGEoYSxiKXt2b2lkIDAhPW0uQUZNQV9Db21tdW5pY2F0b3ImJnZvaWQgMCE9bS5BRk1BX0NvbW11bmljYXRvci5zZW5kTWVzc2FnZSYmKGEucHJldmVudERlZmF1bHQoKSxtLkFGTUFfQ29tbXVuaWNhdG9yLnNlbmRNZXNzYWdlKFwib3BlblwiLHthOlwiYXBwXCIsdTphLmN1cnJlbnRUYXJnZXQuaHJlZixzeXN0ZW1fYnJvd3NlcjohMCx1c2VfZmlyc3RfcGFja2FnZTohMCx1c2VfcnVubmluZ19wcm9jZXNzOiEwLHVzZV9jdXN0b21fdGFiczpifSkpfTtjb25zdCB5YT1mdW5jdGlvbihhLGI9bnVsbCl7cmV0dXJuIGImJmIuZ2V0QXR0cmlidXRlKFwiZGF0YS1qY1wiKT09PVN0cmluZyhhKT9iOmRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoYFske1wiZGF0YS1qY1wifT1cIiR7YX1cIl1gKX0oNzQsZG9jdW1lbnQuY3VycmVudFNjcmlwdCk7aWYobnVsbD09eWEpdGhyb3cgRXJyb3IoXCJKU0Mgbm90IGZvdW5kIDc0XCIpO2NvbnN0IHphPXt9LFo9eWEuYXR0cmlidXRlcztmb3IobGV0IGE9Wi5sZW5ndGgtMTswPD1hO2EtLSl7Y29uc3QgYj1aW2FdLm5hbWU7MD09PWIuaW5kZXhPZihcImRhdGEtamNwLVwiKSYmKHphW2Iuc3Vic3RyaW5nKDkpXT1aW2FdLnZhbHVlKX0gKGE9Pntjb25zdCBiPWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKGFbXCJhLWlkXCJdKSxjPVwidHJ1ZVwiPT09YVtcImZvci1zdXJlLW9wZW4tYnJvd3NlclwiXSxkPVwidHJ1ZVwiPT09YVtcImZvci1zdXJlLW9wZW4tY3VzdG9tLXRhYnNcIl07dmFyIGU9YVtcImNjLW92ZXJsYXlcIl0sZj1hW1wiY2MtYnV0dG9uXCJdO2NvbnN0IGs9ZT9kb2N1bWVudC5nZXRFbGVtZW50QnlJZChlKTpudWxsLGg9Zj9kb2N1bWVudC5nZXRFbGVtZW50QnlJZChmKTpudWxsO2U9XCJ0cnVlXCI9PT1hW1wiaXMtZmxlZGdlXCJdO2Y9ayYmaDtWPW5ldyBxYTtpZihlKXtjb25zdCBnPWY%2FazpiLnF1ZXJ5U2VsZWN0b3IoXCJpbWdbYWx0XVwiKTsoZj9rOmIpLmFkZEV2ZW50TGlzdGVuZXIoXCJtb3VzZWRvd25cIixxPT57Y29uc3Qge2k6bCxqOnYsaDpDLGw6cn09VyhxLGcub2Zmc2V0TGVmdCxnLm9mZnNldFRvcCxnLmNsaWVudFdpZHRoLGcuY2xpZW50SGVpZ2h0KTtsJiZRKFYsMixudWxsPT1sP2w6amEobCkpO3YmJlEoViwzLG51bGw9PXY%2FdjogamEodikpO0MmJlIoViw3LEMpO3ImJlIoViw0LHIpfSk7Y29uc3Qgbj1hW1widHVydGxleC1ldmVudC1hZC1zaWduYWxzXCJdO2g%2FKGguYWRkRXZlbnRMaXN0ZW5lcihcImNsaWNrXCIsKCk9PntZKG4pfSksaC5hZGRFdmVudExpc3RlbmVyKFwiYXV4Y2xpY2tcIiwoKT0%2Be1kobil9KSk6KGIuYWRkRXZlbnRMaXN0ZW5lcihcImNsaWNrXCIsKCk9PntZKG4pfSksYi5hZGRFdmVudExpc3RlbmVyKFwiYXV4Y2xpY2tcIiwoKT0%2Be1kobil9KSl9ZWxzZSBpZihiLmFkZEV2ZW50TGlzdGVuZXIoXCJtb3VzZWRvd25cIix2YSksZiYmay5hZGRFdmVudExpc3RlbmVyKFwibW91c2Vkb3duXCIsZz0%2Be2NvbnN0IHtpOm4sajpxLGg6bH09VyhnLGsub2Zmc2V0TGVmdCxrLm9mZnNldFRvcCxrLmNsaWVudFdpZHRoLGsuY2xpZW50SGVpZ2h0KTtnPXVhKGguaHJlZixuLHEsbCk7dGEudGVzdChnKSYmKGguaHJlZj1nKX0pLGN8fGQpYi5hZGRFdmVudExpc3RlbmVyKFwiY2xpY2tcIixnPT57eGEoZyxkKX0pLGgmJmguYWRkRXZlbnRMaXN0ZW5lcihcImNsaWNrXCIsIGc9Pnt4YShnLGQpfSl9KSh6YSk7fSkuY2FsbCh0aGlzKTs8L3NjcmlwdD48c3R5bGU%2BZGl2e21hcmdpbjowO3BhZGRpbmc6MDt9LmFiZ2Nwe2hlaWdodDoxNXB4O3BhZGRpbmctcmlnaHQ6MXB4O3BhZGRpbmctdG9wOjFweDtwYWRkaW5nLWxlZnQ6OXB4O3BhZGRpbmctYm90dG9tOjEzcHg7cmlnaHQ6MHB4O3RvcDowcHg7cG9zaXRpb246YWJzb2x1dGU7d2lkdGg6MTVweDt6LWluZGV4OjIxNDc0ODM2NDY7fS5hYmdje2Rpc3BsYXk6YmxvY2s7aGVpZ2h0OjE1cHg7cG9zaXRpb246YWJzb2x1dGU7cmlnaHQ6MXB4O3RvcDoxcHg7dGV4dC1yZW5kZXJpbmc6Z2VvbWV0cmljUHJlY2lzaW9uO3otaW5kZXg6MjE0NzQ4MzY0Njt9LmFiZ2J7ZGlzcGxheTpub25lO2hlaWdodDoxNXB4O30uYWJnYywuYWJnY3AsLmphciAuYWJnYywuamFyIC5hYmdjcCwuamFyIC5jYmJ7b3BhY2l0eToxO30uYWJnc3tkaXNwbGF5Om5vbmU7aGVpZ2h0OjEwMCU7fS5hYmdse3RleHQtZGVjb3JhdGlvbjpub25lO30uYWJncyBzdmcsLmFiZ2Igc3Zne2Rpc3BsYXk6aW5saW5lLWJsb2NrO2hlaWdodDoxNXB4O3dpZHRoOmF1dG87dmVydGljYWwtYWxpZ246dG9wO30uYWJnYyAuaWwtd3JhcHtiYWNrZ3JvdW5kLWNvbG9yOiNmZmZmZmY7aGVpZ2h0OjE1cHg7d2hpdGUtc3BhY2U6bm93cmFwO30uYWJnYyAuaWwtd3JhcC5leHB7Ym9yZGVyLWJvdHRvbS1sZWZ0LXJhZGl1czo1cHg7fS5hYmdjIC5pbC10ZXh0LC5hYmdjIC5pbC1pY29ue2Rpc3BsYXk6aW5saW5lLWJsb2NrO30uYWJnYyAuaWwtdGV4dHtwYWRkaW5nLXJpZ2h0OjFweDtwYWRkaW5nLWxlZnQ6NXB4O2hlaWdodDoxNXB4O3dpZHRoOjU1cHg7fS5hYmdjIC5pbC1pY29ue2hlaWdodDoxNXB4O3dpZHRoOjE1cHg7fS5hYmdjIC5pbC10ZXh0IHN2Z3tmaWxsOiMwMDAwMDA7fS5hYmdjIC5pbC1pY29uIHN2Z3tmaWxsOiMwMGFlY2R9PC9zdHlsZT48ZGl2IGlkPVwiYWJnY3BcIiBjbGFzcz1cImFiZ2NwXCI%2BPGRpdiBpZD1cImFiZ2NcIiBjbGFzcz1cImFiZ2NcIiBkaXI9XCJsdHJcIj48ZGl2IGlkPVwiYWJnYlwiIGNsYXNzPVwiYWJnYlwiPjxkaXYgY2xhc3M9XCJpbC13cmFwXCI%2BPGRpdiBjbGFzcz1cImlsLWljb25cIj48c3ZnIHhtbG5zPVwiaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmdcIiB4bWxuczp4bGluaz1cImh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmtcIiB2aWV3Qm94PVwiMCAwIDE1IDE1XCI%2BPGNpcmNsZSBjeD1cIjZcIiBjeT1cIjZcIiByPVwiMC42N1wiPjwvY2lyY2xlPjxwYXRoIGQ9XCJNNC4yLDExLjNRMy4zLDExLjgsMy4zLDEwLjc1TDMuMyw0LjFRMy4zLDMuMSw0LjMsMy41TDEwLjQsNy4wUTEyLjAsNy41LDEwLjQsOC4wTDYuNjUsMTAuMEw2LjY1LDcuNzVhMC42NSwwLjY1LDAsMSwwLC0xLjMsMEw1LjM1LDEwLjc1YTAuOSwwLjksMCwwLDAsMS4zLDAuOEwxMi43LDguMlExMy43LDcuNSwxMi43LDYuN0wzLjMsMS42UTIuMiwxLjMsMS44LDIuNUwxLjgsMTIuNVEyLjIsMTMuOSwzLjMsMTMuM0w0LjgsMTIuNUEwLjMsMC4zLDAsMSwwLDQuMiwxMS4zWlwiPjwvcGF0aD48L3N2Zz48L2Rpdj48L2Rpdj48L2Rpdj48ZGl2IGlkPVwiYWJnc1wiIGNsYXNzPVwiYWJnc1wiPjxhIGlkPVwiYWJnbFwiIGNsYXNzPVwiYWJnbFwiIGhyZWY9XCJodHRwczovL3d3dy5nb29nbGUuY29tL3VybD9jdD1hYmcmYW1wO3E9aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS9hZHNlbnNlL3N1cHBvcnQvYmluL3JlcXVlc3QucHklM0Zjb250YWN0JTNEYWJnX2FmYyUyNnVybCUzRCUyNmdsJTNEQ0ElMjZobCUzRGVuJTI2YWkwJTNEJmFtcDt1c2c9QU92VmF3M1hublEyLTdFczlFOXNTb2VPVEY5QVwiIHRhcmdldD1cIl9ibGFua1wiPjxkaXYgY2xhc3M9XCJpbC13cmFwIGV4cFwiPjxkaXYgY2xhc3M9XCJpbC10ZXh0XCI%2BPHN2ZyB4bWxucz1cImh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnXCIgeG1sbnM6eGxpbms9XCJodHRwOi8v&i=17-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: b2CuWp9dIoxLLBP6digLBubd__vileud5uyt4Q3CooS1ubVf2EFs6g==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
346 B 91ms
56ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=d3d3LnczLm9yZy8xOTk5L3hsaW5rXCIgdmlld0JveD1cIjAgMCA1OSAxNlwiPjxwYXRoIGQ9XCJNNC41MSA0LjI0TDguMDIgMTIuODNMNi43MyAxMi44M0w1LjcyIDEwLjIxTDIuMTQgMTAuMjFMMS4xOSAxMi44M0wtMC4wMSAxMi44M0wzLjI5IDQuMjRMNC41MSA0LjI0Wk0yLjQ2IDkuMzFMNS4zOCA5LjMxTDUuMzggOS4zMVE0LjMyIDYuNTIgNC4xOSA2LjE0TDQuMTkgNi4xNEw0LjE5IDYuMTRRNC4wNSA1Ljc3IDMuODkgNS4xM0wzLjg5IDUuMTNMMy44NiA1LjEzTDMuODYgNS4xM1EzLjcwIDYgMy40MiA2Ljc0TDMuNDIgNi43NEwyLjQ2IDkuMzFaTTEzLjgzIDQuMjRMMTMuODMgMTIuODNMMTIuODUgMTIuODNMMTIuODUgMTIuMDRMMTIuODMgMTIuMDRMMTIuODMgMTIuMDRRMTIuMjYgMTIuOTcgMTEuMTEgMTIuOTdMMTEuMTEgMTIuOTdMMTEuMTEgMTIuOTdROS45NyAxMi45NyA5LjIwIDEyLjA3TDkuMjAgMTIuMDdMOS4yMCAxMi4wN1E4LjQ0IDExLjE2IDguNDQgOS43Mkw4LjQ0IDkuNzJMOC40NCA5LjcyUTguNDQgOC4yMSA5LjE2IDcuMzRMOS4xNiA3LjM0TDkuMTYgNy4zNFE5Ljg4IDYuNDcgMTEuMDYgNi40N0wxMS4wNiA2LjQ3TDExLjA2IDYuNDdRMTIuMTggNi40NyAxMi43NiA3LjMyTDEyLjc2IDcuMzJMMTIuNzggNy4zMkwxMi43OCA0LjI0TDEzLjgzIDQuMjRaTTExLjIyIDEyLjExTDExLjIyIDEyLjExTDExLjIyIDEyLjExUTExLjkxIDEyLjExIDEyLjM5IDExLjU0TDEyLjM5IDExLjU0TDEyLjM5IDExLjU0UTEyLjg3IDEwLjk3IDEyLjg3IDkuODFMMTIuODcgOS44MUwxMi44NyA5LjgxUTEyLjg3IDguNjggMTIuNDMgOC4wMEwxMi40MyA4LjAwTDEyLjQzIDguMDBRMTEuOTkgNy4zMyAxMS4xNyA3LjMzTDExLjE3IDcuMzNMMTEuMTcgNy4zM1ExMC4zNSA3LjMzIDkuOTMgNy45OUw5LjkzIDcuOTlMOS45MyA3Ljk5UTkuNTIgOC42NSA5LjUyIDkuNzJMOS41MiA5LjcyTDkuNTIgOS43MlE5LjUyIDEwLjQ5IDkuNzQgMTEuMDNMOS43NCAxMS4wM0w5Ljc0IDExLjAzUTkuOTcgMTEuNTcgMTAuMzcgMTEuODRMMTAuMzcgMTEuODRMMTAuMzcgMTEuODRRMTAuNzggMTIuMTEgMTEuMjIgMTIuMTFaTTIxLjc0IDkuODFMMjIuODggMTAuMTBMMjIuODggMTAuMTBRMjIuNTAgMTEuNTUgMjEuNTcgMTIuMjZMMjEuNTcgMTIuMjZMMjEuNTcgMTIuMjZRMjAuNjMgMTIuOTcgMTkuMzIgMTIuOTdMMTkuMzIgMTIuOTdMMTkuMzIgMTIuOTdRMTcuMjEgMTIuOTcgMTYuMjUgMTEuNjVMMTYuMjUgMTEuNjVMMTYuMjUgMTEuNjVRMTUuMjkgMTAuMzMgMTUuMjkgOC40N0wxNS4yOSA4LjQ3TDE1LjI5IDguNDdRMTUuMjkgNi40MiAxNi40MiA1LjI1TDE2LjQyIDUuMjVMMTYuNDIgNS4yNVExNy41NSA0LjA5IDE5LjM0IDQuMDlMMTkuMzQgNC4wOUwxOS4zNCA0LjA5UTIwLjU5IDQuMDkgMjEuNDggNC43M0wyMS40OCA0LjczTDIxLjQ4IDQuNzNRMjIuMzcgNS4zNyAyMi43MyA2LjYwTDIyLjczIDYuNjBMMjEuNjIgNi44NkwyMS42MiA2Ljg2UTIxLjMzIDUuOTYgMjAuNzYgNS41MUwyMC43NiA1LjUxTDIwLjc2IDUuNTFRMjAuMTkgNS4wNiAxOS4zMiA1LjA2TDE5LjMyIDUuMDZMMTkuMzIgNS4wNlExNy45MiA1LjA2IDE3LjE5IDUuOTlMMTcuMTkgNS45OUwxNy4xOSA1Ljk5UTE2LjQ2IDYuOTEgMTYuNDYgOC40NkwxNi40NiA4LjQ2TDE2LjQ2IDguNDZRMTYuNDYgMTAuMjUgMTcuMjMgMTEuMTNMMTcuMjMgMTEuMTNMMTcuMjMgMTEuMTNRMTcuOTkgMTIgMTkuMjIgMTJMMTkuMjIgMTJMMTkuMjIgMTJRMjAuMjMgMTIgMjAuODYgMTEuNDZMMjAuODYgMTEuNDZMMjAuODYgMTEuNDZRMjEuNDkgMTAuOTEgMjEuNzQgOS44MUwyMS43NCA5LjgxWk0yOS4yMyA4Ljg5TDI5LjIzIDEyLjgzTDI4LjE3IDEyLjgzTDI4LjE3IDguOTBMMjguMTcgOC45MFEyOC4xNyA4LjE0IDI3Ljg0IDcuNzZMMjcuODQgNy43NkwyNy44NCA3Ljc2UTI3LjUxIDcuMzggMjYuODYgNy4zOEwyNi44NiA3LjM4TDI2Ljg2IDcuMzhRMjYuMjEgNy4zOCAyNS43MSA3LjgzTDI1LjcxIDcuODNMMjUuNzEgNy44M1EyNS4yMCA4LjI3IDI1LjIwIDkuNDNMMjUuMjAgOS40M0wyNS4yMCAxMi44M0wyNC4xNSAxMi44M0wyNC4xNSA0LjI0TDI1LjIwIDQuMjRMMjUuMjAgNy4zMkwyNS4yMCA3LjMyUTI1Ljk1IDYuNDcgMjcuMDggNi40N0wyNy4wOCA2LjQ3TDI3LjA4IDYuNDdRMjcuNjggNi40NyAyOC4yMyA2LjcxTDI4LjIzIDYuNzFMMjguMjMgNi43MVEyOC43OCA2Ljk2IDI5LjAwIDcuNDdMMjkuMDAgNy40N0wyOS4wMCA3LjQ3UTI5LjIzIDcuOTggMjkuMjMgOC44OUwyOS4yMyA4Ljg5Wk0zMy4zNSA2LjQ3TDMzLjM1IDYuNDdMMzMuMzUgNi40N1EzNC42MSA2LjQ3IDM1LjQ0IDcuMjlMMzUuNDQgNy4yOUwzNS40NCA3LjI5UTM2LjI3IDguMTEgMzYuMjcgOS42MkwzNi4yNyA5LjYyTDM2LjI3IDkuNjJRMzYuMjcgMTEuNDYgMzUuMzcgMTIuMjFMMzUuMzcgMTIuMjFMMzUuMzcgMTIuMjFRMzQuNDggMTIuOTcgMzMuMzUgMTIuOTdMMzMuMzUgMTIuOTdMMzMuMzUgMTIuOTdRMzIuMTcgMTIuOTcgMzEuMzEgMTIuMTlMMzEuMzEgMTIuMTlMMzEuMzEgMTIuMTlRMzAuNDQgMTEuNDEgMzAuNDQgOS43MkwzMC40NCA5LjcyTDMwLjQ0IDkuNzJRMzAuNDQgOC4wOCAzMS4yOCA3LjI3TDMxLjI4IDcuMjdMMzEuMjggNy4yN1EzMi4xMiA2LjQ3IDMzLjM1IDYuNDdaTTMzLjM1IDEyLjExTDMzLjM1IDEyLjExTDMzLjM1IDEyLjExUTM0LjI1IDEyLjExIDM0LjcyIDExLjQ0TDM0LjcyIDExLjQ0TDM0LjcyIDExLjQ0UTM1LjE5IDEwLjc3IDM1LjE5IDkuNjhMMzUuMTkgOS42OEwzNS4xOSA5LjY4UTM1LjE5IDguNTEgMzQuNjYgNy45MkwzNC42NiA3LjkyTDM0LjY2IDcuOTJRMzQuMTMgNy4zMyAzMy4zNSA3LjMzTDMzLjM1IDcuMzNMMzMuMzUgNy4zM1EzMi41NSA3LjMzIDMyLjAzIDcuOTNMMzIuMDMgNy45M0wzMi4wMyA3LjkzUTMxLjUyIDguNTMgMzEuNTIgOS43MkwzMS41MiA5LjcyTDMxLjUyIDkuNzJRMzEuNTIgMTAuOTAgMzIuMDQgMTEuNTBMMzIuMDQgMTEuNTBMMzIuMDQgMTEuNTBRMzIuNTcgMTIuMTEgMzMuMzUgMTIuMTFaTTM4LjU1IDYuNjFMMzguNTUgMTIuODNMMzcuNDkgMTIuODNMMzcuNDkgNi42MUwzOC41NSA2LjYxWk0zOC41NSA0LjI0TDM4LjU1IDUuNDNMMzcuNDkgNS40M0wzNy40OSA0LjI0TDM4LjU1IDQuMjRaTTQ0LjIwIDEwLjU1TDQ1LjI1IDEwLjY4TDQ1LjI1IDEwLjY4UTQ1LjA1IDExLjg3IDQ0LjMxIDEyLjQyTDQ0LjMxIDEyLjQyTDQ0LjMxIDEyLjQyUTQzLjU4IDEyLjk3IDQyLjY2IDEyLjk3TDQyLjY2IDEyLjk3TDQyLjY2IDEyLjk3UTQxLjMwIDEyLjk3IDQwLjU2IDEyLjA4TDQwLjU2IDEyLjA4TDQwLjU2IDEyLjA4UTM5LjgzIDExLjIwIDM5LjgzIDkuNzNMMzkuODMgOS43M0wzOS44MyA5LjczUTM5LjgzIDguNTIgNDAuMjUgNy43OUw0MC4yNSA3Ljc5TDQwLjI1IDcuNzlRNDAuNjggNy4wNiA0MS4zMSA2Ljc2TDQxLjMxIDYuNzZMNDEuMzEgNi43NlE0MS45NSA2LjQ3IDQyLjY2IDYuNDdMNDIuNjYgNi40N0w0Mi42NiA2LjQ3UTQzLjYyIDYuNDcgNDQuMzAgNi45N0w0NC4zMCA2Ljk3TDQ0LjMwIDYuOTdRNDQuOTggNy40NiA0NS4xNCA4LjQzTDQ1LjE0IDguNDNMNDQuMTIgOC41OUw0NC4xMiA4LjU5UTQzLjk2IDcuOTYgNDMuNjEgNy42NUw0My42MSA3LjY1TDQzLjYxIDcuNjVRNDMuMjUgNy4zMyA0Mi43MCA3LjMzTDQyLjcwIDcuMzNMNDIuNzAgNy4zM1E0MS44MiA3LjMzIDQxLjM2IDcuOTZMNDEuMzYgNy45Nkw0MS4zNiA3Ljk2UTQwLjkwIDguNTggNDAuOTAgOS43MUw0MC45MCA5LjcxTDQwLjkwIDkuNzFRNDAuOTAgMTAuODYgNDEuMzUgMTEuNDhMNDEuMzUgMTEuNDhMNDEuMzUgMTEuNDhRNDEuODAgMTIuMTEgNDIuNjQgMTIuMTFMNDIuNjQgMTIuMTFMNDIuNjQgMTIuMTFRNDMuMzIgMTIuMTEgNDMuNzEgMTEuNzJMNDMuNzEgMTEuNzJMNDMuNzEgMTEuNzJRNDQuMTAgMTEuMzMgNDQuMjAgMTAuNTVMNDQuMjAgMTAuNTVaTTUxLjU2IDkuOThMNTEuNTYgOS45OEw0Ni45MCA5Ljk4TDQ2LjkwIDkuOThRNDYuOTcgMTEuMDIgNDcuNDkgMTEuNTZMNDcuNDkgMTEuNTZMNDcuNDkgMTEuNTZRNDguMDIgMTIuMTEgNDguODAgMTIuMTFMNDguODAgMTIuMTFMNDguODAgMTIuMTFRNDkuNDEgMTIuMTEgNDkuODIgMTEuNzlMNDkuODIgMTEuNzlMNDkuODIgMTEuNzlRNTAuMjMgMTEuNDcgNTAuNDQgMTAuODJMNTAuNDQgMTAuODJMNTEuNTMgMTAuOTZMNTEuNTMgMTAuOTZRNTEuMjYgMTEuOTMgNTAuNTYgMTIuNDVMNTAuNTYgMTIuNDVMNTAuNTYgMTIuNDVRNDkuODYgMTIuOTcgNDguODAgMTIuOTdMNDguODAgMTIuOTdMNDguODAgMTIuOTdRNDcuNDAgMTIuOTcgNDYuNjEgMTIuMTFMNDYuNjEgMTIuMTFMNDYuNjEgMTIuMTFRNDUuODMgMTEuMjYgNDUuODMgOS43N0w0NS44MyA5Ljc3TDQ1LjgzIDkuNzdRNDUuODMgOC4zMCA0Ni41OSA3LjM4TDQ2LjU5IDcuMzhMNDYuNTkgNy4zOFE0Ny4zNiA2LjQ3IDQ4Ljc0IDYuNDdMNDguNzQgNi40N0w0OC43NCA2LjQ3UTQ5LjQyIDYuNDcgNTAuMDUgNi43N0w1MC4wNSA2Ljc3TDUwLjA1IDYuNzdRNTAuNjggNy4wNyA1MS4xMiA3Ljc4TDUxLjEyIDcuNzhMNTEuMTIgNy43OFE1MS41NiA4LjUwIDUxLjU2IDkuOThaTTQ2Ljk2IDkuMTJMNTAuNDggOS4xMkw1MC40OCA5LjEyUTUwLjQxIDguMTcgNDkuODkgNy43NUw0OS44OSA3Ljc1TDQ5Ljg5IDcuNzVRNDkuMzcgNy4zMyA0OC43NCA3LjMzTDQ4Ljc0IDcuMzNMNDguNzQgNy4zM1E0OCA3LjMzIDQ3LjUyIDcuODNMNDcuNTIgNy44M0w0Ny41MiA3LjgzUTQ3LjA0IDguMzMgNDYuOTYgOS4xMkw0Ni45NiA5LjEyWk01Ny4zMyA4LjIxTDU2LjMwIDguMzVMNTYuMzAgOC4zNVE1Ni4yMyA3Ljg0IDU1Ljg5IDcuNThMNTUuODkgNy41OEw1NS44OSA3LjU4UTU1LjU1IDcuMzMgNTQuOTQgNy4zM0w1NC45NCA3LjMzTDU0Ljk0IDcuMzNRNTQuMzMgNy4zMyA1My45NiA3LjU0TDUzLjk2IDcuNTRMNTMuOTYgNy41NFE1My41OSA3Ljc0IDUzLjU5IDguMTNMNTMuNTkgOC4xM0w1My41OSA4LjEzUTUzLjU5IDguNTAgNTMuODkgOC42Nkw1My44OSA4LjY2TDUzLjg5IDguNjZRNTQuMTggOC44MiA1NS4wNSA5LjA1TDU1LjA1IDkuMDVMNTUuMDUgOS4wNVE1Ni4wNCA5LjMwIDU2LjUzIDkuNDlMNTYuNTMgOS40OUw1Ni41MyA5LjQ5UTU3LjAyIDkuNjkgNTcuMjkgMTAuMDNMNTcuMjkgMTAuMDNMNTcuMjkgMTAuMDNRNTcuNTYgMTAuMzggNTcuNTYgMTEuMDBMNTcuNTYgMTEuMDBMNTcuNTYgMTEuMDBRNTcuNTYgMTEuODQgNTYuODggMTIuNDBMNTYuODggMTIuNDBMNTYuODggMTIuNDBRNTYuMjAgMTIuOTcgNTUuMDcgMTIuOTdMNTUuMDcgMTIuOTdMNTUuMDcgMTIuOTdRNTMuODggMTIuOTcgNTMuMjIgMTIuNDdMNTMuMjIgMTIuNDdMNTMuMjIgMTIuNDdRNTIuNTUgMTEuOTcgNTIuNDAgMTAuOTdMNTIuNDAgMTAuOTdMNTMuNDUgMTAuODFMNTMuNDUgMTAuODFRNTMuNTMgMTEuNDYgNTMuOTMgMTEuNzhMNTMuOTMgMTEuNzhMNTMuOTMgMTEuNzhRNTQuMzMgMTIuMTEgNTUuMDUgMTIuMTFMNTUuMDUgMTIuMTFMNTUuMDUgMTIuMTFRNTUuNzUgMTIuMTEgNTYuMTIgMTEuODJMNTYuMTIgMTEuODJMNTYuMTIgMTEuODJRNTYuNDggMTEuNTMgNTYuNDggMTEuMTFMNTYuNDggMTEuMTFMNTYuNDggMTEuMTFRNTYuNDggMTAuODMgNTYuMzEgMTAuNjZMNTYuMzEgMTAuNjZMNTYuMzEgMTAuNjZRNTYuMTQgMTAuNDkgNTUuODkgMTAuNDBMNTUuODkgMTAuNDBMNTUuODkgMTAuNDBRNTUuNjMgMTAuMzIgNTQuNzQgMTAuMTBMNTQuNzQgMTAuMTBMNTQuNzQgMTAuMTBRNTMuNDIgOS43OSA1My4wMCA5LjMzTDUzLjAwIDkuMzNMNTMuMDAgOS4zM1E1Mi41NyA4Ljg4IDUyLjU3IDguMjZMNTIuNTcgOC4yNkw1Mi41NyA4LjI2UTUyLjU3IDcuNDggNTMuMTkgNi45N0w1My4xOSA2Ljk3TDUzLjE5IDYuOTdRNTMuODEgNi40NyA1NC44NiA2LjQ3TDU0Ljg2IDYuNDdMNTQuODYgNi40N1E1NS45NyA2LjQ3IDU2LjU5IDYuOTFMNTYuNTkgNi45MUw1Ni41OSA2LjkxUTU3&i=18-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: HiH5QO2-JMw_dVDmW61llYmrvwRXSysD-GB3yNz2hw4Ab_uBDhY-Kg==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
345 B 93ms
58ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=LjIxIDcuMzQgNTcuMzMgOC4yMUw1Ny4zMyA4LjIxWlwiPjwvcGF0aD48L3N2Zz48L2Rpdj48ZGl2IGNsYXNzPVwiaWwtaWNvblwiPjxzdmcgeG1sbnM9XCJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2Z1wiIHhtbG5zOnhsaW5rPVwiaHR0cDovL3d3dy53My5vcmcvMTk5OS94bGlua1wiIHZpZXdCb3g9XCIwIDAgMTUgMTVcIj48Y2lyY2xlIGN4PVwiNlwiIGN5PVwiNlwiIHI9XCIwLjY3XCI%2BPC9jaXJjbGU%2BPHBhdGggZD1cIk00LjIsMTEuM1EzLjMsMTEuOCwzLjMsMTAuNzVMMy4zLDQuMVEzLjMsMy4xLDQuMywzLjVMMTAuNCw3LjBRMTIuMCw3LjUsMTAuNCw4LjBMNi42NSwxMC4wTDYuNjUsNy43NWEwLjY1LDAuNjUsMCwxLDAsLTEuMywwTDUuMzUsMTAuNzVhMC45LDAuOSwwLDAsMCwxLjMsMC44TDEyLjcsOC4yUTEzLjcsNy41LDEyLjcsNi43TDMuMywxLjZRMi4yLDEuMywxLjgsMi41TDEuOCwxMi41UTIuMiwxMy45LDMuMywxMy4zTDQuOCwxMi41QTAuMywwLjMsMCwxLDAsNC4yLDExLjNaXCI%2BPC9wYXRoPjwvc3ZnPjwvZGl2PjwvZGl2PjwvYT48L2Rpdj48L2Rpdj48L2Rpdj48c2NyaXB0IGRhdGEtamM9XCI2MFwiIHNyYz1cImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2pzL3IyMDIzMTIwNy9yMjAxMTA5MTQvYWJnX2xpdGVfZnkyMDIxLmpzXCIgYXN5bmM9XCJcIiBkYXRhLWpjLXZlcnNpb249XCJyMjAyMzEyMDdcIiBkYXRhLWpjcC1hdHRyaWJ1dGlvbi1kYXRhPVwiW251bGwsbnVsbCxudWxsLDAsbnVsbCwwLDAsMSwwLDAsMCwxLDAsMCwwLG51bGwsMCxudWxsLDAsbnVsbCxudWxsLG51bGwsbnVsbCwwLG51bGwsbnVsbCwwLG51bGwsbnVsbCwmcXVvdDtyaWdodCZxdW90OywwLG51bGwsJnF1b3Q7cjIwMjMxMjA3L3IyMDExMDkxNCZxdW90O11cIj48L3NjcmlwdD48L2Rpdj48L2Rpdj48c2NyaXB0IHNyYz1cImh0dHBzOi8vc2VjdXJlLmFkbnhzLmNvbS9weD9pZD0xNzQzMDE0JmFtcDtzZWc9MzU1NTczOTEmYW1wO3Q9MVwiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj48L3NjcmlwdD48L2Rpdj48L2Rpdj48L2Rpdj48c2NyaXB0IGRhdGEtamM9XCIyMlwiIHNyYz1cImh0dHBzOi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanMvcjIwMjMxMjA3L3IyMDExMDkxNC9jbGllbnQvd2luZG93X2ZvY3VzX2Z5MjAyMS5qc1wiIGFzeW5jPVwiXCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjMxMjA3XCIgZGF0YS1qY3AtdXJsPVwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2ludGVyYWN0aW9uLz9haT1DMVV4VWN1cUhaWWJQRTdYQTZ0b1BvS0tJLUEtU290XzhkTDY1cTRTcEV1M3Aycl9OQVJBQklJM2t2U2xnX2FDWmdlZ0RvQUhTbmVfX0FjZ0JDYWtDQ2NubzJUSkpxVDZvQXdISUE1c0VxZ1NOQWtfUTBmR05DSTk1TjMxZU9vdjdINXUwYmJMU2RFLUVvTFFZVmU4YW1yZVdJamNpZ0t6Vkl6TmhWZFJUMkFRTHB0b1dzN3ZwcVJaTlp5UHRQQm5vcFAtWEwtM0FYdkV3ZXFhMGV0NVJEVDBwQVg4dmI5OG9PMS1xS01WOEtwMzlzZ3c2bWRnVXRqQXRmWTlRYlVvN0otOUxoVVlGa2F0NWdmdGlDUkwySTktY2hJR1pObGZjNGYtWFhscmdpQUF6bGR5QWdvUVE1UkEzWjNJWUVmaWpBaVlsZW9Lck15NGdLejBwU3FsQWJzZmRKYUxpRks3OURURFVaMUJxN2xIYV93a0c1a0t0eDZKTkE3SkctSE14SEJ4b0RHeVRrSU12SnZYSThMY2V3TjNEWmhQX19JLTVEQ3d1bnNPNjlqSkdrSXU5ZmZBWnlVUVFIYjlmYkdaMjhiZnAzQTRocFVXSVdPcjZNRzU4d0FTX3djbkswUVRnQkFPSUJkU01sODlOa0FZQm9BWk0yQVlDZ0FlVzRwQ0FBcWdIMmJheEFxZ0hqczRicUFlVDJCdW9CLTZXc1FLb0JfNmVzUUtvQjlYSkc2Z0hwcjRicUFlYUJxZ0g4OUVicUFlVzJCdW9CNnFic1FLb0I0T3RzUUtvQl8tZXNRS29COS1mc1FMWUJ3Q2dDTk9YUGJBSUF0SUlId2lBWVJBQkdCMHlBb29DT2dTQVFJQkFTTDM5d1RwWTBaWDR5TktuZ3dQeUNCdGhaSGd0YzNWaWMzbHVMVFUyTWpRMU9EWTNPVEExTmpJNU1EbUFDZ09ZQ3dISUN3R0FEQUdpREJRcUVnb1E1TFN4QXU2MXNRSzF1TEVDdTd1eEFxb05Ba05CNGcwVENPM1MtTWpTcDRNREZUV2dXZ1VkSUJFQ183QVQzcXY4RmRnVERZSVVGeG9WWjJ3dWJXOWtjMlp2Y21GdVpISnZhV1F1WTI5dGlCUUYyQlFCMEJVQi1CWUJnQmNCJmFtcDtzaWdoPXBZSk4wZVZuV004JmFtcDtjaWQ9Q0FRU1RnQXZIaGZfbmJGQTdoMU5DVG5YVUpNNzZwemtYVHVCQ0s1Zkh6elYzdnlMMkpWaDRDeGJuOTZjQXA4WVdlZXFvLTNuTzFFdFdaSEpJclVMNEg4cDFXZ1dFUUk2UVFZa1B1T09FTi1weUFcIiBkYXRhLWpjcC1nd3MtaWQ9XCJcIiBkYXRhLWpjcC1xZW0taWQ9XCJDSWJRLThqU3A0TURGVFdnV2dVZElCRUNfd1wiPjwvc2NyaXB0PjxzY3JpcHQgZGF0YS1qYz1cIjIzXCIgc3JjPVwiaHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9qcy9yMjAyMzEyMDcvcjIwMTEwOTE0L2NsaWVudC9xc19jbGlja19wcm90ZWN0aW9uX2Z5MjAyMS5qc1wiIGRhdGEtamMtdmVyc2lvbj1cInIyMDIzMTIwN1wiIGRhdGEtamNwLWluaXQtZGF0YT1cIltbW1tudWxsLDEwMDAsOTksMiw0LG51bGwsbnVsbCxudWxsLDFdLFtudWxsLDUwMCw5OSwyLDksbnVsbCxudWxsLG51bGwsMV1dXV1cIj48L3NjcmlwdD48ZGl2IHN0eWxlPVwiZGlzcGxheTogbm9uZTsgcG9zaXRpb246IGFic29sdXRlOyB6LWluZGV4OiAyMTQ3NDgzNjQ3OyB3aWR0aDogMTAwJTsgaGVpZ2h0OiAxMDAlOyB0b3A6IDBweDsgbGVmdDogMHB4O1wiPjwvZGl2PjxkaXYgc3R5bGU9XCJib3R0b206MDtyaWdodDowO3dpZHRoOjMwMHB4O2hlaWdodDoyNTBweDtiYWNrZ3JvdW5kOmluaXRpYWwgIWltcG9ydGFudDtwb3NpdGlvbjphYnNvbHV0ZSAhaW1wb3J0YW50O21heC13aWR0aDoxMDAlICFpbXBvcnRhbnQ7bWF4LWhlaWdodDoxMDAlICFpbXBvcnRhbnQ7cG9pbnRlci1ldmVudHM6bm9uZSAhaW1wb3J0YW50O2ltYWdlLXJlbmRlcmluZzpwaXhlbGF0ZWQgIWltcG9ydGFudDtiYWNrZ3JvdW5kLXJlcGVhdDpuby1yZXBlYXQgIWltcG9ydGFudDt6LWluZGV4OjIxNDc0ODM2NDc7YmFja2dyb3VuZC1pbWFnZTp1cmwoJ2RhdGE6aW1hZ2UvcG5nO2Jhc2U2NCxpVkJPUncwS0dnb0FBQUFOU1VoRVVnQUFBUTRBQUFESUJBTUFBQURyV1JLTEFBQUFCbEJNVkVVQUFBRCtBY2lXbVp6V0FBQUFBblJTVGxNQUFwaWRyQlFBQUFIQlNVUkJWSGphN2RaUlRzTXdEQURRNUFhNS8ybEJpZDBrMEUrTUVIcVZXTW5tQmRQYTdtdnRqeHg5SGZPOFYyTWQ4OXh5VlJuNnVaenA1R3VjKzhveFh2TmNHVHB6YnBIMHM1bzV0MGc2VjVXaGJYODQ4LzY2ejh6NzJ6NEZvYi8vRjE5RHIvb1liM2V5djk3MEh3OTlLanZ6dmlzNzg3NmFvQ0IwTi9Ec3BaZXVmdW4xaXREWjVLdXl6MTRhTFN2N2FMdkMwUFhlV0xYVFlzakVoNnZNV3N5ajNLY210QjFkdmtiZkhqMDUrMmF1T1hxS1FtTzhIa052L2tUdDdFdGFINW9sa25lelIyZXR5NVYzYy8xV0YzcFZkdjRENDNvSzdrdFhHWnE5L1Z5dDUrdlhoYTBPUGVicDJDVzBKMS9mMWRaTFEzUFZqL215bndUakdFV2pNblEvYjlmN2tmNnpUMzl5N2JXaGx4Umk4VVVLc1JpVm9iZVpJdnN4VGpORjlyMlhoaDZTek9TUHlrNU56ZzByUXh1djh6cXY4enF2OHpxdjh6cXY4enF2OHpxdjh6cXY4enF2OHpxdjh6cXY4enF2OHpxdjh6cXY4enF2OHpxdjh6cXY4enF2OHpxdjh6cXY4enF2OHpxdjh6cXY4enF2OHpxdjh6cXY4enF2OHpxdjh6cXY4enF2OHpxdjh6cXY4enF2OHpxdjh6cXY4enF2OHpxdjh6cXY4enF2OHpxdjh6cXY4enF2OHpxdjh6cXY4enF2OHpxdjh6cXYvMHV2ZndDSDc2b0JtYzhpdmdBQUFBQkpSVTVFcmtKZ2dnPT0nKSAhaW1wb3J0YW50O1wiPjwvZGl2PjxzY3JpcHQgaWQ9XCJnb29nbGVBY3RpdmVWaWV3RGlzcGxheVNjcmlwdFwiIHNyYz1cImh0dHBzOi8vd3d3Lmdvb2dsZXRhZ3NlcnZpY2VzLmNvbS9hY3RpdmV2aWV3L2pzL2N1cnJlbnQvdWZzX3dlYl9kaXNwbGF5LmpzP2NhY2hlPXIyMDExMDkxNFwiPjwvc2NyaXB0PjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPm9zZGxmbSgpOzwvc2NyaXB0PjxzY3JpcHQgZGF0YS1qYz1cIjI4XCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjMxMjA3XCI%2BKGZ1bmN0aW9uKCl7J3VzZSBzdHJpY3QnOy8qICBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMCAqLyB2YXIgZT10aGlzfHxzZWxmO2Z1bmN0aW9uIGYoYSxiLGMpe3JldHVybiBhLmNhbGwuYXBwbHkoYS5iaW5kLGFyZ3VtZW50cyl9ZnVuY3Rpb24gZyhhLGIsYyl7aWYoIWEpdGhyb3cgRXJyb3IoKTtpZigyPGFyZ3VtZW50cy5sZW5ndGgpe3ZhciBkPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGFyZ3VtZW50cywyKTtyZXR1cm4gZnVuY3Rpb24oKXt2YXIgaz1BcnJheS5wcm90b3R5cGUuc2xpY2UuY2FsbChhcmd1bWVudHMpO0FycmF5LnByb3RvdHlwZS51bnNoaWZ0LmFwcGx5KGssZCk7cmV0dXJuIGEuYXBwbHkoYixrKX19cmV0dXJuIGZ1bmN0aW9uKCl7cmV0dXJuIGEuYXBwbHkoYixhcmd1bWVudHMpfX1mdW5jdGlvbiBoKGEsYixjKXtoPUZ1bmN0aW9uLnByb3RvdHlwZS5iaW5kJiYtMSE9RnVuY3Rpb24ucHJvdG90eXBlLmJpbmQudG9TdHJpbmcoKS5pbmRleE9mKFwibmF0aXZlIGNvZGVcIik%2FZjpnO3JldHVybiBoLmFwcGx5KG51bGwsYXJndW1lbnRzKX07dmFyIGwsbTthOntmb3IodmFyIG49W1wiQ0xPU1VSRV9GTEFHU1wiXSxwPWUscT0wO3E8bi5sZW5ndGg7cSsrKWlmKHA9cFtuW3FdXSxudWxsPT1wKXttPW51bGw7YnJlYWsgYX1tPXB9dmFyIHI9bSYmbVs2MTA0MDEzMDFdO2w9bnVsbCE9cj9yOiExO3ZhciB0O2NvbnN0IHU9ZS5uYXZpZ2F0b3I7dD11P3UudXNlckFnZW50RGF0YXx8bnVsbDpudWxsO2Z1bmN0aW9uIHYoYSl7cmV0dXJuIGw%2FdD90LmJyYW5kcy5zb21lKCh7YnJhbmQ6Yn0pPT5iJiYtMSE9Yi5pbmRleE9mKGEpKTohMTohMX1mdW5jdGlvbiB3KGEpe3ZhciBiO2E6e2lmKGI9ZS5uYXZpZ2F0b3IpaWYoYj1iLnVzZXJBZ2VudClicmVhayBhO2I9XCJcIn1yZXR1cm4tMSE9Yi5pbmRleE9mKGEpfTtmdW5jdGlvbiB4KCl7cmV0dXJuIGw%2FISF0JiYwPHQuYnJhbmRzLmxlbmd0aDohMX1mdW5jdGlvbiB5KCl7cmV0dXJuIHgoKT92KFwiQ2hyb21pdW1cIik6KHcoXCJDaHJvbWVcIil8fHcoXCJDcmlPU1wiKSkmJiEoeCgpPzA6dyhcIkVkZ2VcIikpfHx3KFwiU2lsa1wiKX07IXcoXCJBbmRyb2lkXCIpfHx5KCk7eSgpO3coXCJTYWZhcmlcIikmJih5KCl8fCh4KCk%2FMDp3KFwiQ29hc3RcIikpfHwoeCgpPzA6dyhcIk9wZXJhXCIpKXx8KHgoKT8wOncoXCJFZGdlXCIpKXx8KHgoKT92KFwiTWljcm9zb2Z0IEVkZ2VcIik6dyhcIkVkZy9cIikpfHx4KCkmJnYoXCJPcGVyYVwiKSk7Y2xhc3Mgent9Y2xhc3MgQXt9T2JqZWN0LmZyZWV6ZShuZXcgeik7T2JqZWN0LmZyZWV6ZShuZXcgQSk7Y2xhc3MgQntjb25zdHJ1Y3RvcihhKXt0aGlzLmg9bnVsbDtjb25zdCBiPXt0b3A6MTAscmlnaHQ6MTAsYm90dG9tOjEwLGxlZnQ6MTB9O2EmJihhPWEuc3BsaXQoXCIsXCIpLDQhPWEubGVuZ3RofHxpc05hTihhWzBdKXx8aXNOYU4oYVsxXSl8fGlzTmFOKGFbMl0pfHxpc05hTihhWzNdKXx8KGIudG9wPSthWzBdLGIucmlnaHQ9K2FbMV0sYi5ib3R0b209K2FbMl0sYi5sZWZ0PSthWzNdKSk7dGhpcy5nPWJ9aShhKXt2YXIgYj0hMTtmb3IodmFyIGM9YS50YXJnZXQ7YztjPWMucGFyZW50Tm9kZSlpZihcImFiZ2NcIj09Yy5pZCl7Yj0hMDticmVha31pZighYil7dmFyIGQ9dGhpcy5oLmdldEJvdW5kaW5nQ2xpZW50UmVjdCgpO2I9ZC53aWR0aDtjPWQuaGVpZ2h0O2NvbnN0IGs9YS5jbGllbnRYLWQubGVmdDtkPWEuY2xpZW50WS1kLnRvcDtiPVwibnVtYmVyXCIhPT10eXBlb2YgYnx8XCJudW1iZXJcIiE9PXR5cGVvZiBjfHxcIm51bWJlclwiIT09dHlwZW9mIGEuY2xpZW50WHx8XCJudW1iZXJcIiE9PXR5cGVv&i=19-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: pXHQN6pIy3QDJYNteghE0udJeyeQnGddtymg7eC1aXJntcE4Tn0DLw==

GET
H2 200 place
setupad-hai-tagan.adlightning.com/ Frame 59D0 0
346 B 93ms
59ms Image
image/gif 99.84.208.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://setupad-hai-tagan.adlightning.com/place?p=1&d=ZiBhLmNsaWVudFl8fCAwPj1ifHwwPj1jfHwwPmt8fDA%2BZD8hMDprPj10aGlzLmcubGVmdCYmYi1rPj10aGlzLmcucmlnaHQmJmQ%2BPXRoaXMuZy50b3AmJmMtZD49dGhpcy5nLmJvdHRvbX1ifHwoYS5wcmV2ZW50RGVmYXVsdD9hLnByZXZlbnREZWZhdWx0KCk6YS5yZXR1cm5WYWx1ZT0hMSl9fTtmdW5jdGlvbiBDKGEsYil7Ynx8KGI9XCJcIik7Yj1uZXcgQihiKTtiLmg9YTthPWIuaDt2YXIgYz1oKGIuaSxiKTthLmFkZEV2ZW50TGlzdGVuZXImJmEuYWRkRXZlbnRMaXN0ZW5lcihcImNsaWNrXCIsYywhMSk7cmV0dXJuIGJ9dmFyIEQ9W1wiZ29vZ2xlSW5pdEljXCJdLEU9ZTtEWzBdaW4gRXx8XCJ1bmRlZmluZWRcIj09dHlwZW9mIEUuZXhlY1NjcmlwdHx8RS5leGVjU2NyaXB0KFwidmFyIFwiK0RbMF0pO2Zvcih2YXIgRjtELmxlbmd0aCYmKEY9RC5zaGlmdCgpKTspRC5sZW5ndGh8fHZvaWQgMD09PUM%2FRVtGXSYmRVtGXSE9PU9iamVjdC5wcm90b3R5cGVbRl0%2FRT1FW0ZdOkU9RVtGXT17fTpFW0ZdPUM7fSkuY2FsbCh0aGlzKTs8L3NjcmlwdD48c2NyaXB0Pmdvb2dsZUluaXRJYyhkb2N1bWVudC5ib2R5LCcxMCwxMCwxMCwxMCcpOzwvc2NyaXB0PlxuICBcbiAgXG4gIFxuXG48aWZyYW1lIHNyYz1cIi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9zb2Rhci82MmJIeWRDWC5odG1sXCIgd2lkdGg9XCIwXCIgaGVpZ2h0PVwiMFwiIHN0eWxlPVwiZGlzcGxheTogbm9uZTtcIj48L2lmcmFtZT48L2JvZHk%2BPC9odG1sPjwhLS0gSUZSQU1FIElOTkVSIENPTlRFTlQgLS0%2BPGlmcmFtZSB0aXRsZT1cIkJsYW5rXCIgc3JjPVwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQveGJiZS9waXhlbD9kPUNKaWs5d0lRMXZMTmxRSVlvNEs0X2dFd0FRJmFtcDt2PUFQRXVjTlhRZG1iNEg5RWtLTWJUTWZFY2lVUjdGbDFILUFVVE1VdGRVcmtTRG14VG1hT0V3ZmhzWmpib2ItRzB6ZlRaZDVGYlJJa1NjeXVnQXpNeWFkbGhlc0FuWFltNnZvcThLUEJhTC1meGdpSDludFNkN3c4XCIgc3R5bGU9XCJkaXNwbGF5Om5vbmVcIiBhcmlhLWhpZGRlbj1cInRydWVcIj5udWxsPC9pZnJhbWU%2BPGlmcmFtZSBzcmM9XCIvL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vc29kYXIvNjJiSHlkQ1guaHRtbFwiIHdpZHRoPVwiMFwiIGhlaWdodD1cIjBcIiBzdHlsZT1cImRpc3BsYXk6IG5vbmU7XCI%2BbnVsbDwvaWZyYW1lPiJ9&i=20-20&t=adltag_lqj82ghk_ZwBZmJk88Y&r=667f2cadf77c137b1e0605900cf7bca&c=setupad-hai&z=1
Requested by: Host: 844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
URL: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-9.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 23 Dec 2023 15:47:55 GMT
x-amz-version-id: A2LBQ.49lDzkjBtTlD.9sZF1f91pfmzx
via: 1.1 bad43b7a5f64a218c0ba43b47a8d182e.cloudfront.net (CloudFront)
last-modified: Thu, 31 Mar 2022 19:59:52 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
age: 59725
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 5Of1shFCsKTS42CkyYAMGoJgK5UidpS-twlas735b3RNYdGGjQjZHw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6F25 43 B
215 B 36ms
36ms Image
image/gif 52.7.142.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=3980a663-108f-7e1a-a23e-e161de455327&tv=%7Bc:xFxvuR,pingTime:-10,time:818,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxpUGhvbmV8fEdlY2tvfHwyMDAzMDEwN3x8NDgwfHxNb3ppbGxhLzUuMCAoaVBob25lOyBDUFUgaVBob25lIE9TIDE2XzVfMSBsaWtlIE1hYyBPUyBYKSBBcHBsZVdlYktpdC82MDUuMS4xNSAoS0hUTUwsIGxpa2UgR2Vja28pIFZlcnNpb24vMTYuNSBNb2JpbGUvMTVFMTQ4IFNhZmFyaS82MDQuMXx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703406199133%7C%7Cd4ef96f9272a1c2a93fa92a2b0efb3b2%7C%7Cd99826ce3e8db1fc4200dc7f37d115c0%7C%7C64fc805d201bf5257c54bad6913ba5b4%7C%7Cfa324c788cb58f96b0a6e8f867c09682%7C%7C2f81a8e23c1476fa15709e5239d3e021%7C%7C3c8188a2451212acc7bc9e30f274bfbc%7C%7C805d20f820dc40683a4410ccfe986a4a%7C%7C1663701684%7D
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.142.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-142-193.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:19 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6F25 42 B
64 B 89ms
88ms Fetch
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9S5v_x0BXm2QjxcEtMgitq66DNQhifQXFzlrv-DuVOBvkc6gs-46cvPmpe30Svky-w9_fp-M98weZ8gVA4CuMmX5yRxxNXiZ_2OpN1-ajmEFRUdrZlNkP6725WL-CGQO3uk-iQiupwbyzwbaklquR5p1e&sai=AMfl-YQj_tGOyTvUxYYWxHbeCXud8gM2khhDImuP66YyjVg6NPNcW-gnu658wOJGkVg_QzHpgtolvcZQRppSXdC7l_fhqfbBVGXvTnB_j_Qa6_XRLM44IcuJbnszgOKYhrkwTUTt20AzlWbanC1Kj5Qh&sig=Cg0ArKJSzK5SqcGovcAvEAE&cid=CAQSTgAvHhf_nbFA7h1NCTnXUJM76pzkXTuBCK5fHzzV3vyL2JVh4Cxbn96cAp8YWeeqo-3nO1EtWZHJIrUL4H8p1WgWEQI6QQYkPuOOEN-pyBgB&id=lidar2&mcvt=1000&p=554,799,804,1099&mtos=881,1000,1000,1000,1000&tos=881,119,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1891432341&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703406195832&rpt=2506&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6F25 42 B
64 B 58ms
58ms Fetch
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDRJpX8wh9pzrJPOPCUwNPcP8xkbVl1aUnoRxLc86Ks8LP48OYaaviBhWmgMC4jGn8I5YZFOHuFLgFEMKIGw8QWlJda1fY2--iDYj6gs0RZGTmiEM&sig=Cg0ArKJSzMcl3oNLnd2CEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=1033480528&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703406195832&rpt=2709&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F25 0
20 B 54ms
51ms Image
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9006589211242&version=m202309260101&ct=77&x=1&cor=1612398284860339700

Requested by

Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 59D0 0
0 55ms
53ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8EeM2i1jWJ_cpEGVVt_KW_4rzGU7h05MXG6tv8gSWOV9FtuhWVSsa161FDM54hVjtXfew9oTaxbWTGrBMumFv4LTMmOuVCRx9yuK9-ekIOPqGyUcN6pCydHZrxtX1yn0GDFpTRVlLnSysaKSFy1OmWKXzKJvkCVU67aDUkl-fyxUHfuXI75XANUw1GIh5Sd6hUtPc-mujOGSeNxQCJFLII5b9AtYAxCZDlRxUf2CeQZatdwi1IyIdz-vvArysggm9ACQaFgUs_6_qqWBZiPOZkPRwAA86n4Wao2nEuFG4rw8CkhRhP-CdTOE5P3yJDvRkbzp2Gn3jzovo_vqhbxbJUkejsCippENf-Ovq0Ybh4kCW7NrCIzfCKTeG2aEN1PoNSgoc4Vns0Rgiz6GKWdzxlUMkzw25gUfrE41g9HLIzS2Ac_6Jda7YaNhCMoZ-YjQPUGp60W0l2V7R7Wn3N22DFPJIhBlKe-ybPHCyjHukcrWGTVzvvZvvBYNfNp808IyYW68NVz9zNsKs_0Xmfw1WMQ7Xsxe4BMP84NSccZckT__j-RW8Z3-XrgEhoY53WP2aupqKlvwIsxtMiZmsPOqk89rXRNuM-zVp6uobfue2UcXv3RokSsnzP3fYL75GTJFh3tc4pHQSmR_LfOm1gGLTuRzU8v8KgqhF2NSNK_bmMvk93FUJ-vvmmK1JM5QPF67Bhc-njP5PelLM3-E0rsERd40oasWf_I8i8t079vlwT3rrYb4Tb5c_VkC4U8farsMZpt5ytOlMsFrHK2kC0s2ZhTRnaJx8jLAP6LeKn1kNwiMdDh7BRj0LKhsovbD1ZOK28xm-ititRI3ckTqk9oh-G5bsVTSB_-sDJapuj1Zk2jjOIGnmYDvhjybmZSAOorojUvr4NwWjzxDWKpy9dCCStGxadTQ5j18N94GDiFYGn9PTnKazuOLS1patBa96Ol1cDzm8XKGW8RZ6YRZaVdL4wOBCwYe4Rkxy9zQ_nGctDu0-tWdvY3TDELckMn--Nq3V99CTCMkT0nZBmWf1QVUhBO2RMerXmqiex4PghtJPw6Jg7NANqZLzMOuVjQ2udjEFvZTZWMmrMv1IAG3IvoxQ3_MVx_avt-f5aECjt-2V23avp4smqJ73vqSDlhTLvloQzdGIhwLzUHISROOgvs0Nk69zQBdE7b_0qnM8pR8IUrEf8EJHFs4KnTfRISb4PQ2HvrWba8ttdkQy5RSuSZPaRp8ciNTYLRcaQzP42D8gTiAWOvQbNIohpCd4pBnvIfGlhYzmwteqahrXhNw8Vt29uqlyJI_fynPXk5XZELbUFO3tEOpww6ovdrQQvymCj2_umv2HdRfCZJE1Wsiet5xL54jFNLVsNjuNzQmykqYglgz7vHvSd0rZWg_T5YFnWQCgFcgWSl6rlQ3E9wqy8A3hHMAUXfN5CGCcgDQxqG_8gR3g2joeCnHLOeMIV7hBy7XiYlWMgRygqB9ZTtzS2E244NBnK_J8I-Z_pyVWm6iFxZcG_PhhYuh_7kpfQDsRGsY9AlWQe2HKO6ouorT4nGsszg&sai=AMfl-YTOpMYVT-ytP6HP8jo8xZKTYyoGUvuPt3fd_A7hr6hRaNPSLDsMbOWXENPRTibQ9JHkYfUM1ILHp3oRiHiTCT4s9cmOgxGFYywNHhVl0wAkYXbceY9MUXfdcGF7h6upfF-uEE60I0Y8wJ3s73czTzsxKBtzwoypN-Zx8rGycOs62C3RCsMq9uMg-BBW2gHHyEkeVAu3aiiezzdwn18oWTYSSVDMxUWgYJBNDFdfCnvekB4hCOSOxmvcVfdfKkPHkWVdR3P1CqrFA5sVmpxXLM7UlRoVJOefyDwYUtbnYZf0HYCSZy60ffqfG_mCcBJOEU0zN5EMCGgAMDnmeE7py0kzGrTXPtxtvMDrQfx51Guu3qP6FL8SYKMGSUUm_ymz9uVxteT_jjjRD2BYIIsKctFDhNYpT58HoGv5pqOgC1YCzRBtUV8ndrJfOR9EcwcsIQDjZehdxyjzc79V4miQn26FRdFFZ61uBLlCLyAT-xsdNOSfjGqFMyE&sig=Cg0ArKJSzKvtk2VKyWilEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3177&vt=11&dtpt=3176&dett=2&cstd=0&cisv=r20231207.54647&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
240 B 372ms
129ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gl.modsforandroid.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:20 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: X-Requested-With

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6F25 43 B
215 B 38ms
35ms Image
image/gif 52.7.142.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=3980a663-108f-7e1a-a23e-e161de455327&tv=%7Bc:xFxvJ5,pingTime:1,time:1700,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:469%7D,%7Bpiv:0,vs:o,r:l,t:500%7D,%7Bpiv:100,vs:i,r:,t:609%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1091,o:609,n:500,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:469,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~1%5D,as:%5B51~300.250%5D%7D%7D,%7Bsl:o,t:500,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~300.250%5D%7D%7D,%7Bsl:i,t:609,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1091~100%5D,as:%5B1091~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:43,fm:tZlkOtd+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a13%7C1a14%7C1a151%7C1a152%7C1a16%7C1a17%7C1a18%7C1b11%7C1c1%7C1c2%7C1d*.10933%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:470,slcVt:%5B990,990,990,990,990,990,990,990,990,990%5D,sis:552%7D&br=c
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.142.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-142-193.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:20 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6F25 43 B
215 B 39ms
37ms Image
image/gif 52.7.142.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=3980a663-108f-7e1a-a23e-e161de455327&tv=%7Bc:xFxvJ5,pingTime:1,time:1700,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:469%7D,%7Bpiv:0,vs:o,r:l,t:500%7D,%7Bpiv:100,vs:i,r:,t:609%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1091,o:609,n:500,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:469,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~1%5D,as:%5B51~300.250%5D%7D%7D,%7Bsl:o,t:500,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~300.250%5D%7D%7D,%7Bsl:i,t:609,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1091~100%5D,as:%5B1091~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:43,fm:tZlkOtd+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a13%7C1a14%7C1a151%7C1a152%7C1a16%7C1a17%7C1a18%7C1b11%7C1c1%7C1c2%7C1d*.10933%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:470,slcVt:%5B990,990,990,990,990,990,990,990,990,990%5D,sis:552,metricId:publ1,cmr:t%7D&br=c
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.142.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-142-193.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:20 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6F25 43 B
215 B 38ms
36ms Image
image/gif 52.7.142.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=3980a663-108f-7e1a-a23e-e161de455327&tv=%7Bc:xFxvJ6,pingTime:1,time:1701,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:469%7D,%7Bpiv:0,vs:o,r:l,t:500%7D,%7Bpiv:100,vs:i,r:,t:609%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1092,o:609,n:500,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:469,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~1%5D,as:%5B51~300.250%5D%7D%7D,%7Bsl:o,t:500,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~300.250%5D%7D%7D,%7Bsl:i,t:609,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1092~100%5D,as:%5B1092~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:43,fm:tZlkOtd+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a13%7C1a14%7C1a151%7C1a152%7C1a16%7C1a17%7C1a18%7C1b11%7C1c1%7C1c2%7C1d*.10933%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:470,slcVt:%5B1091,1091,1091,1091,1091,1091,1091,1091,1091,1091%5D,sis:552,metricId:grpm3,cmr:t%7D&br=c
Requested by: Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.142.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-142-193.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:20 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 59D0 42 B
64 B 57ms
56ms Fetch
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurBj7CdvKR7Uc9YXQAgEIsi2nm5gwg7YzsMxbUR5IFaEkUjsf0uM7dOvAfOfQZ_qtnYu4wkS-LTzyGeDQqWtphVKGIuJrbVPVI_wyYOrtQyabsy-2yfGUqc89NQDtKmcL78MeuVxnb2zcADGRMaHop5RLW&sai=AMfl-YSXrqdDjDrMalMUnMaDJFvl97WPWHDdWB76Ty5PrhYX6fG_8TuGREgzPPbYXJxj84j3L1B0tquthUut_81Remk2NpVSaHz4mJsqSNBEI8DacefzNxygex9gergzhno7MSXS6as_oRqK8XXj3VNF&sig=Cg0ArKJSzGFvV6T_TaK8EAE&cid=CAQSTgAvHhf_nbFA7h1NCTnXUJM76pzkXTuBCK5fHzzV3vyL2JVh4Cxbn96cAp8YWeeqo-3nO1EtWZHJIrUL4H8p1WgWEQI6QQYkPuOOEN-pyBgB&id=lidar2&mcvt=1000&p=554,486,804,786&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=175473422&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703406195800&rpt=3974&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 13BD 43 B
479 B 41ms
40ms Image
image/gif 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=3zV14ww1zkwRQpp29NCz&gdpr=0

Requested by

Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:23:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 07KTXS1ANZKB3EM5D78Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame 13BD
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
https://ads.yieldmo.com/v000/sync?userid=KXgLyZGnkoLU&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

43 B
596 B

228ms
37ms

Image
image/gif

44.193.166.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?userid=KXgLyZGnkoLU&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 44.193.166.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-166-53.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:23 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-CA
location: https://ads.yieldmo.com/v000/sync?userid=KXgLyZGnkoLU&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-db744d8c7-f562v
expires: -1

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame 13BD
Redirect Chain

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
https://ads.yieldmo.com/v000/sync?userid=6432297309198139664&pn_id=an

43 B
599 B

266ms
36ms

Image
image/gif

44.193.166.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?userid=6432297309198139664&pn_id=an
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 44.193.166.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-166-53.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:23 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:23 GMT
an-x-request-uuid: 9f19bec8-e7ab-4e83-83a0-7728816c0d47
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.yieldmo.com/v000/sync?userid=6432297309198139664&pn_id=an
x-proxy-origin: 86.48.14.132; 86.48.14.132; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.yieldmo.com/ Frame 13BD
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
https://ads.yieldmo.com/sync?pn_id=rc&id=LQJ82KZ1-16-IVWX

43 B
600 B

87ms
35ms

Image
image/gif

44.193.166.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/sync?pn_id=rc&id=LQJ82KZ1-16-IVWX
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 44.193.166.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-166-53.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:23 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ads.yieldmo.com/sync?pn_id=rc&id=LQJ82KZ1-16-IVWX
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 29af2665c43893332e84c235bac366c1
Expires: 0

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame 13BD
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
https://ad.turn.com/r/cs?pid=45&rndcb=7476439661
https://sync.1rx.io/usersync/turn/8467002343506201181?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-77df2417-fc4d-48c7-a4e1-1f176dd3da...
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005

43 B
617 B

35ms
35ms

Image
image/gif

44.193.166.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 44.193.166.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-166-53.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:23 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

location: https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005
date: Sun, 24 Dec 2023 08:23:23 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX77df2417fc4d48c7a4e11f176dd3da08005
content-type: text/html

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 13BD 170 B
188 B 46ms
45ms Image
image/png 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c

Requested by

Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 77ms
77ms XHR
application/json 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a05156748cd3e316f673b64fd5e15b991eabd906c7c235e481f2a79cf9182f15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12217
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 98ms
98ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gl.modsforandroid.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 24 Dec 2023 08:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Dec 2023 08:23:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FB9B 13 KB
5 KB 31ms
30ms Document
text/html 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gl.modsforandroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 216970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 20:07:13 GMT
expires: Fri, 20 Dec 2024 20:07:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame B35C 829 B
1 KB 120ms
53ms Document
text/html 172.217.13.196

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.196 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-Nps6c-u4ZuoLQK5j_8vrPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gl.modsforandroid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'nonce-Nps6c-u4ZuoLQK5j_8vrPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:23:24 GMT
expires: Sun, 24 Dec 2023 08:23:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame FB9B 39 KB
15 KB 24ms
24ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 22 Dec 2023 23:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 23:23:36 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6F25 43 B
215 B 36ms
36ms Image
image/gif 52.7.142.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=3980a663-108f-7e1a-a23e-e161de455327&tv=%7Bc:xFxwLB,pingTime:5,time:5700,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:469%7D,%7Bpiv:0,vs:o,r:l,t:500%7D,%7Bpiv:100,vs:i,r:,t:609%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5091,o:609,n:500,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:469,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~1%5D,as:%5B51~300.250%5D%7D%7D,%7Bsl:o,t:500,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~300.250%5D%7D%7D,%7Bsl:i,t:609,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5091~100%5D,as:%5B5091~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:43,fm:tZlkOtd+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a13%7C1a14%7C1a151%7C1a152%7C1a16%7C1a17%7C1a18%7C1b11%7C1c1%7C1c2%7C1d*.10933%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:470,slcVt:%5B4990,4990,4990,4990,4990,4990,4990,4990,4990,4990%5D,sis:552%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.142.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-142-193.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:23:24 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET generate_204
tpc.googlesyndication.com/ Frame FB9B 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?0m_S_w

Verdicts & Comments Add Verdict or Comment

343 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

75 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 19:19:42	Name: sync Value: CgoIoQEQyLev18kxCgoIkQIQyLev18kxCgoItAIQyLev18kxCgoI5gEQyLev18kxCgoIhwIQyLev18kxCgoItwIQyLev18kxCgkIOhDIt6_XyTEKCgiMAhDIt6_XyTEKCQhfEMi3r9fJMQoJCB8QyLev18kx
gl.modsforandroid.com/	1970-01-20 17:10:13	Name: XSRF-TOKEN Value: eyJpdiI6InZ5RGdseVp0bDc5TlQzbVMrOG8yUkE9PSIsInZhbHVlIjoiNnB4elhqTjhtV2lFY3dmUmNMM0RISlwvTWRsV2wwSE5kbUhqb3k0WEpsbGxTXC9rOFR5WUJDZmZobHR5dWNwbVBEIiwibWFjIjoiMmYzNGMwOGNlNDVmYTg4MWRiOTlhNmMyMWM2YzE1OGJhMDg4YTg3N2E1OWMzNzNmOGIyMjBlNDlkM2JkMjlhNCJ9
gl.modsforandroid.com/	1970-01-20 17:10:13	Name: laravel_session Value: eyJpdiI6IjBsYm5lb3ZpbVlGcnNLYkZ4WHRrNkE9PSIsInZhbHVlIjoiejhqWWJ0QVNvcGpleGxuUkNlbGp3VFhUejJiSXRlQ0hIU0VReEtUc3JhcTRaNTREN01mOTdZTkF1MktMSGRJdiIsIm1hYyI6IjM4ODFjOGQzMGMzOTRiZWJkYWEwOGUxOGU2Yzk1MTljMTQ5N2VjY2U1NmY1Yzk5MTJjNTNjYzkxNjQ2YzljZTQifQ%3D%3D
gl.modsforandroid.com/	1970-01-20 17:10:07	Name: stpdOrigin Value: {"origin":"direct"}
gl.modsforandroid.com/	1970-01-20 17:53:18	Name: _pbjs_userid_consent_data Value: 6683316680106290
.modsforandroid.com/	1970-01-21 02:31:13	Name: cto_bundle Value: LCwD_V9WUDMyR2hEUGdEYVo2UjNuTFU5bXE3M1ZJMWRkY0syNXlLb25pZ0RRODNWZkVDWEgxVU5VWHFqeThBQ0NUQlZpT2xoYVFBSTZJMHJsNXFFMUQzQnJ1SFlQeVJiVDdlVklhSXh5czhxdnlKc0IlMkZmM0t1N0U2akcxelZrWmV0bDJa
.modsforandroid.com/	1970-01-21 02:31:13	Name: cto_bidid Value: xoK3wl9nWFYlMkZTaDRnUURRa1lMeXVnVjdqaEFQSDRJTHZqSm1nbDNCaWFCTUhsSTlMNzdMUFF4emxmcTNzZXBJQWpxb3dRRWVrdGQlMkZ4RFFSUnhQQlQ0TlNEZFElM0QlM0Q
.modsforandroid.com/	1970-01-20 23:38:54	Name: _cc_id Value: 984ff6b0ec2d8e708c8824a4cdbf9cb4
.modsforandroid.com/	1970-01-20 17:11:32	Name: panoramaId_expiry Value: 1703492593947
.modsforandroid.com/	1970-01-21 01:55:42	Name: _ym_uid Value: 170340619485699545
.modsforandroid.com/	1970-01-21 01:55:42	Name: _ym_d Value: 1703406194
.modsforandroid.com/	1970-01-21 01:55:42	Name: _au_1d Value: AU1D-0100-001703406194-RU95A13H-V349
.modsforandroid.com/	1970-01-21 01:55:42	Name: _au_last_seen_pixels Value: eyJhcG4iOjE3MDM0MDYxOTQsInR0ZCI6MTcwMzQwNjE5NCwicHViIjoxNzAzNDA2MTk0LCJydWIiOjE3MDM0MDYxOTQsInRhcGFkIjoxNzAzNDA2MTk0LCJhZHgiOjE3MDM0MDYxOTQsImdvbyI6MTcwMzQwNjE5NCwiY29sb3NzdXMiOjE3MDM0MDYxOTQsImFtbyI6MTcwMzQwNjE5NH0%3D
.modsforandroid.com/	1970-01-20 17:11:18	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-20 17:10:07	Name: test_cookie Value: CheckForPermission
.adsrvr.org/	1970-01-21 01:57:08	Name: TDID Value: 57e2c866-01e7-466a-a292-f980c7705ed0
.ad.gt/	1970-01-21 01:55:42	Name: au_id Value: AU1D-0100-001703406194-RU95A13H-V349
.turn.com/	1970-01-20 21:29:18	Name: uid Value: 8467002343506201181
.adnxs.com/	1970-01-20 19:19:42	Name: uuid2 Value: 6432297309198139664
.id5-sync.com/	1970-01-20 19:19:42	Name: id5 Value: 358f7da3-bcc1-7880-ba1a-cec2aee099d9#1703406195195#3
.modsforandroid.com/	1970-01-21 02:31:42	Name: __gads Value: ID=1ddcb0fc9f608d67:T=1703406194:RT=1703406194:S=ALNI_MYATG56umTVHj_U0cAcB1u_4X5TXg
.modsforandroid.com/	1970-01-21 02:31:42	Name: __gpi Value: UID=00000a048fd90c65:T=1703406194:RT=1703406194:S=ALNI_MbocgcZw8d1y6YenEv2EV7vW_dDBw
.amazon-adsystem.com/	1970-01-20 21:43:42	Name: ad-id Value: A8QD08z14kRCurQsp3yPhoI
.amazon-adsystem.com/	1970-01-21 02:46:06	Name: ad-privacy Value: 0
.gumgum.com/	1970-01-21 01:55:42	Name: vst Value: u_46995cd5-ea6c-4af6-8556-f9739c0e1bdb
.yahoo.com/	1970-01-21 01:56:03	Name: A3 Value: d=AQABBHTqh2UCEII-XPItI1tHe_QIBRyzRdUFEgEBAQE7iWWRZSXaxyMA_eMAAA&S=AQAAAnsC-IKbXcCyb2VStEbWcao
.analytics.yahoo.com/	1970-01-21 01:55:42	Name: IDSYNC Value: 18y3~2fs8
.id5-sync.com/	1970-01-20 19:19:42	Name: 3pi Value: 2#1703406196155#-938876828#6432297309198139664\|441#1703406195915#-672472514#u_46995cd5-ea6c-4af6-8556-f9739c0e1bdb
.sharethrough.com/	1970-01-20 17:53:18	Name: stx_user_id Value: f13e7845-45f4-41f2-a0cf-2eff9c0f4353
.dotomi.com/	1970-01-20 17:10:06	Name: DotomiTest Value: 4ada402079a1377
.disqus.com/	1970-01-21 01:55:42	Name: zeta-ssp-user-id Value: ua-f63bd2be-98b5-3378-bebd-a9a11790648a
.modsforandroid.com/	1970-01-21 01:55:42	Name: FCNEC Value: %5B%5B%22AKsRol8H8pRIgk9uOzkXAFnsB6g_lLIF9EVG2rpRMJ4IKg-bPXlmn1BRLY9sxwHHSFtLH83CPDSEzUwZmbCEE42EA-KikhSErfslKtMHMmMVG_IGngmUNAAogv1ALSA4BKuqpBpzfwZoFfwJsL4kjCGvhKkMwyHGwA%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22791%22%5D%5D%5D
.33across.com/	1970-01-21 01:55:42	Name: 33x_ps Value: u%3D212393408402963%3As1%3D1703406197171%3Ats%3D1703406197171
.lijit.com/	1970-01-21 01:55:42	Name: ljt_reader Value: H36XhRZHCb3neTs-SEKsg0yQ
.lijit.com/	1970-01-21 01:55:42	Name: _ljtrtb_279534 Value: ua-f63bd2be-98b5-3378-bebd-a9a11790648a
.modsforandroid.com/	1970-01-21 02:46:06	Name: _ga Value: GA1.2.292338600.1703406194
.modsforandroid.com/	1970-01-20 17:11:32	Name: _gid Value: GA1.2.692204670.1703406198
.3lift.com/	1970-01-20 19:19:42	Name: tluid Value: 509659560713293521694
.adnxs.com/	1970-01-20 19:19:42	Name: anj Value: dTM7k!M4/YEVNsVF']wIg2Iliot05b!]tcJ8bhzs#DNB0<'.PEUe0r:Z7#@_[P<ANXx=eZ_+Rp_VEKgYk19MI^]uQd3nXm/!0<(S*b]S=
.adnxs.com/	1970-01-20 19:19:42	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI1MDk2NTk1NjA3MTMyOTM1MjE2OTQiLCJleHBpcmVzIjoiMjAyNC0wMy0yM1QwODoyMzoxN1oifX0sImJpcnRoZGF5IjoiMjAyMy0xMi0yNFQwODoyMzoxN1oifQ==
.adkernel.com/	1969-12-31 23:59:59	Name: SSPZ Value: 176971
.adkernel.com/	1969-12-31 23:59:59	Name: DSP2F_40 Value: 649145
.adkernel.com/	1970-01-20 17:53:18	Name: ADKUID Value: A6654750835951896422
.bidswitch.net/	1970-01-21 01:55:42	Name: tuuid Value: 02744c2e-8926-440e-b879-5a37ce58596f
.bidswitch.net/	1970-01-21 01:55:42	Name: c Value: 1703406198
.bidswitch.net/	1970-01-21 01:55:42	Name: tuuid_lu Value: 1703406198
.doubleclick.net/	1970-01-20 17:53:18	Name: ar_debug Value: 1
.linkedin.com/	1970-01-20 19:19:42	Name: li_sugr Value: 3a3254d2-7241-4edf-bc5a-8199ead29b1f
.linkedin.com/	1970-01-21 01:55:42	Name: bcookie Value: "v=2&b11ddc92-cbf3-4464-8e67-4cee3dd06dc9"
.linkedin.com/	1970-01-20 17:11:32	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2910:u=1:x=1:i=1703406198:t=1703492598:v=2:sig=AQG_zrw9JNquiGkJzUFEq69jpXXuA0Xo"
.csync.loopme.me/	1970-01-20 19:21:08	Name: viewer_token Value: c66f1316-0d10-4c7d-8936-d62d7059e34b
.tapad.com/	1970-01-20 18:36:30	Name: TapAd_TS Value: 1703406201481
.tapad.com/	1970-01-20 18:36:30	Name: TapAd_DID Value: 907fc0d5-5b9d-43ff-ad2c-d08ccb2574cf
.rubiconproject.com/	1970-01-21 01:55:42	Name: khaos Value: LQJ82KZ1-16-IVWX
.adsrvr.org/	1970-01-21 01:57:08	Name: TDCPM Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIjuCmyfOYwjwQBRIWCgdzdng5dDUwEgsIhKuE1POYwjwQBRIUCgV0YXBhZBILCNS1yPjzmMI8EAUYASABKAIyCwisqsulipnCPBAFOAFaBXRhcGFkYAI.
.tapad.com/	1970-01-20 18:36:30	Name: TapAd_3WAY_SYNCS Value: 1!8600
.zemanta.com/	1970-01-21 01:55:42	Name: zuid Value: 4qgN9Ixi2dJLOHPX3fA2
.smartadserver.com/	1970-01-21 02:40:20	Name: pid Value: 7668977979458787111
.yieldmo.com/	1970-01-21 01:55:42	Name: yieldmo_id Value: 3zV14ww1zkwRQpp29NCz%7C1703376000000%7C0
.ads.yieldmo.com/	1970-01-21 01:55:42	Name: re_sync Value: pp%3D1183760%7Crc%3D1183760%7Cunl%3D1183760%7Cc%3D1183760%7Can%3D1183760
.simpli.fi/	1970-01-21 01:57:08	Name: suid Value: A373BB42926B4E869A93DBACE5242722
.mediago.io/	1970-01-21 01:55:42	Name: __mguid_ Value: d99826ce6fa6beeb2eqbz900lqj82mdd
.bidr.io/	1970-01-21 02:38:36	Name: bito Value: AAFSb07LD9UAABPhkkaYJA
.bidr.io/	1970-01-21 02:38:36	Name: bitoIsSecure Value: ok
.contextweb.com/	1970-01-21 01:48:30	Name: V Value: KXgLyZGnkoLU
.contextweb.com/	1970-01-21 01:55:42	Name: pb_rtb_ev Value: 3-1oq3\|7TZ.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 7d5a49a167fbdd33
.1rx.io/	1970-01-21 01:55:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005%22%2C%22nxtrdr%22%3Afalse%7D
.rubiconproject.com/	1970-01-21 01:55:42	Name: audit Value: 1\|Wg7RgS8AgmkNQd+YdzT0+iSxSJr6d4uBBfIT1gWY/6rWwnqaNf+hURjXoIi+dbZxJXTxRlcPKyhBK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPO1CMRdEE2oBwQEuYQQchn8CEku9gj8zs28mNgODRUYxzY7yoJVHQ3jeJRBGYIPH7rKpUjWTmmg0
pixel-us-east.rubiconproject.com/	1970-01-20 19:19:42	Name: receive-cookie-deprecation Value: 1
.targeting.unrulymedia.com/	1970-01-21 01:55:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005%22%7D
.ads.yieldmo.com/	1970-01-21 01:55:42	Name: ptrrc Value: LQJ82KZ1-16-IVWX
.ads.yieldmo.com/	1970-01-21 01:55:42	Name: ptran Value: 6432297309198139664
.ads.yieldmo.com/	1970-01-21 01:55:42	Name: ptrpp Value: KXgLyZGnkoLU
.ads.yieldmo.com/	1970-01-21 01:55:42	Name: ptrunl Value: RX-77df2417-fc4d-48c7-a4e1-1f176dd3da08-005

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://p.ad.gt/api/v1/p/533 Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://s0.2mdn.net/creatives/assets/4656611/ Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

844a0f57e27ce3e163566996742b0947.safeframe.googlesyndication.com
a.ad.gt
aax.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.yieldmo.com
ajax.googleapis.com
amazon-tam-match.dotomi.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c.ltmsphrcl.net
cdn-ima.33across.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connectid.analytics.yahoo.com
csync.loopme.me
d.turn.com
dis.criteo.com
dt.adsafeprotected.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gl.modsforandroid.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
image2.pubmatic.com
image6.pubmatic.com
invstatic101.creativecdn.com
is2-ssl.mzstatic.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
node.setupad.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.ad.gt
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.tapad.com
pixels.ad.gt
pr-bh.ybp.yahoo.com
prebid-stag.setupad.net
proc.ad.cpe.dotomi.com
px.ads.linkedin.com
rtb.gumgum.com
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
setupad-hai-tagan.adlightning.com
simage4.pubmatic.com
ssbsync-us.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
static.adsafeprotected.com
static.criteo.net
stpd.cloud
sync-amz.ads.yieldmo.com
sync.1rx.io
sync.adkernel.com
sync.colossusssp.com
sync.targeting.unrulymedia.com
tagan.adlightning.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
tpc.googlesyndication.com
100.25.207.80
104.17.25.14
104.18.31.49
104.22.4.69
104.22.5.69
104.22.52.173
104.36.115.113
108.138.128.46
13.107.42.14
13.225.214.112
13.249.42.27
141.95.33.120
142.250.64.65
142.251.40.161
142.251.40.163
142.251.40.170
142.251.41.2
15.197.193.217
151.101.129.229
159.127.42.82
159.89.25.223
162.19.138.120
172.217.13.102
172.217.13.110
172.217.13.130
172.217.13.138
172.217.13.142
172.217.13.163
172.217.13.194
172.217.13.196
172.217.13.198
172.217.13.98
172.217.165.130
172.240.155.68
172.64.152.89
172.67.23.234
172.67.38.106
172.67.68.162
174.137.133.32
18.165.83.107
18.173.132.67
18.67.65.75
192.53.122.254
198.148.27.131
23.105.14.100
23.22.194.15
23.51.57.13
23.7.29.146
3.162.114.30
3.225.218.10
34.102.146.192
34.111.113.62
34.120.107.143
34.207.52.118
34.225.221.211
34.96.70.87
35.174.197.10
35.208.249.213
35.211.178.172
35.214.195.83
35.236.220.17
35.244.159.8
35.71.139.29
37.157.5.133
44.193.166.53
50.116.194.21
50.116.194.23
51.222.239.232
52.21.193.17
52.46.128.147
52.7.142.193
52.73.63.104
54.209.94.68
63.251.86.49
64.74.236.63
67.202.105.24
67.72.99.169
68.67.160.26
69.173.151.100
69.194.240.13
74.119.119.129
74.119.119.131
74.119.119.139
74.119.119.150
8.28.7.83
8.28.7.84
87.250.250.119
96.7.64.34
99.84.208.9
99.84.222.71
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06bf8b7855777e98bd3f111a02cfcc279ee8363e6e0ede5c58644f2fc008caf4
0828ff138959647667235067a0290defa35f9000217b30ce6a5b21c1cfc61ef3
0b5aa5c730cfe86174743369fcedd67a44e4790e6520cbb0a787a98e22b1f825
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da7df27013edbc7b66916704b3feae8b58f505c9be9a471a8559d0b68847cd6
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
10d0652b61d006bc497096b7933093d115e82faeb27834506faa807089c9f9c0
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
163a01d592f788e009866259e66b17dd17060169d1c3e0cb2571fc3c206fda6e
1844de70f8a19e1bb882b6f7a1161affa42ebe90640ab3415b44819251de0843
18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a
184e7803648009592cfe4e896371ed60808e61a58c880066a90ea34d73c9fbd2
19d44854a4b979ec52fc326e1ba83ee2d8a3882dcbdf4c9ad74470eefce4e5f1
1ace805c5583fdf6179193d529a10e2865b24e37e83c482aa739432c4ce89159
1da1efdfc8a01d6095d232ba4b26d53097eabf63db001e99073b4143c82b3a6e
2353a0ab9817ebd7242eb784b308cc4ec3a68a71d83abca25e548abfbf7fa757
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
23da74b8c1ef1f22202d925e49eb84b973beb08f69ee0e52ad62b58f38968412
270f6dbb80821deabb6cd3d001d1cdaa79e3229b655a9c9b10c8e6bcc65d0808
28f5283c180d27f9223bf7d6b98255974fc099c415f9cb49fea5f75b554f4b60
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2c519a8ebd6096c02abbfd244d9af80dbb7b15cf72eecf0a6dd228bc992394ab
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
30d6529cb9a10a43d1a986f01e75a25407697a28086f21049f3912722effdb76
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31dfcc587a4a719211bdb5ae7b8c027ee644032746faab1ad0db9d93997f6e40
348f2c2a7981ee499dfe820b5e362ec2650bc1f21e79f505bc40fe7575bdf6a7
3799542bfe780adbe3d41d9c5db89e931b85f14cc35481ae40c977a74a1decb0
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3d13a779e1e3252005d139450747164e94e7b4814f7b63cb9694c6bc0d38b861
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
41218f03a7a22bc5e8494f5960c17b55bed773bab91754997f66b945d61b1d35
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41e201fd91d89ceca74cf4e91ae2ace4ad3a87e4c0983ef88c1e0800ffc10bea
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49bcc959b9c6fbea3cd8590c45733f75a0baedad72165ec5687eb9d04c4cfd21
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c863775e3dbf67cea836e76d1c16228d04974c8283464378f8fd44c3c42837a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d8fc43bffbe520fcff9f4818daaa59adba984204ac253fb4ce9d2f921a737c8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef458372f054fae977deaaf950c1941a0ccf28952241b822a6ed3afb21b11ab
5357d2c3fbf53fff943bf40fab747d7e17e0345180de8078c24908a581862d36
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5939355f15f12972c80386ef2e6a33e5268a47141b247afcccb021a358213223
5aaec1a613cf2bbe21ceed5996b16ef37a600a65680e34d0a3de13c09456513d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d9b67b814711c02b1eaabd0e02e7323d37db8851f9b41108b8504be9b0f11ab
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6186e4df12dc2db44c3332b7606845657e3fdc0bdb10b29f0d06a13cd4431229
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
633f21a86fc719e56510c65886039aeccf88c464e05df0e5855a3eae248d2f6e
655e6620c1d3612aa3a0c483a1d66ae53e49bd7e96b0a1fd6fdf5794d93676c1
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879
6aa8e9f89442ed5ac58d1dda0f543105216ce2b668c3acf728036c0028eeec77
7095c4147827beded9ff50c6928bfacd8e6b262322eab46d8d13987af35e5112
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77e2b27a3762023499f21f60486de8425ab03321245fe5dc02760c6d69e98c34
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
838c787869b3687e303cccee82306b415d512cbe43dc1c80bc995cbc51c8fbad
86f7523fd3bff5a6464ace1e296b6e5c864b4a444d833b4decd992da40f658cd
8a2770268fb74d2f9c0463b4b836e2764c553e1ad4e914ae2bc1c31a9230ab78
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8dc2d228ad6edf84ea343515e205c5ea304dd4e635fab5134df19963f64ec063
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e9258fdd3028f469079e865cc926b243bd2633bfc8b9eff2728164ed1472eea
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
978f46f059f8b7580f0ace9c2a00175c926cb91b1bb69d1b39d7fd3a9e8582ad
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9c74654dd3d7c397371b0bf55c94ee5b8c7b71e091faf6c3361f8a34004c2406
9e5aaab5298c62c90761ae5474ff51bd5323059a28c96d851319939ae36565ad
9efdc3dbfe4e09fca881a0ce261aaba4b99c4cc0e444cb06598862d4c45e8634
a05156748cd3e316f673b64fd5e15b991eabd906c7c235e481f2a79cf9182f15
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
ab803cd8d1fc9c740a17f3c0c62f5521dbadf20fa6063d695179101b60e1a36e
ac6d91420282d05297b59c2dd2568950159f4d05fcf16fd505b8f0012a4ea96e
ae954834a4e2f6dd5080f93adca8e7dd8f62acdbffd5b1fc7ea0b968a4e06a82
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3372d72841506bb02e54aae54c7d68edb210387ffc52eef44e18bfcfd0d2012
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bcf4acc65924082a4cc2548efbbdd4ae705017a3882a6b00ec0b91dd0f74550b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c27b64ffb33e715000fd36d27e0ec5ae1c7a84a1e687c332187c756dd2c93205
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c95854c0186798febbe2964481c8237ba90e782784c5039ad3af9fc128cd788b
c9f2186b786e072cda7a8398732fc99ca87d4b1282148255f247f1f21a9101bc
ca3a070218efd29308b8d7e077b99ad925c84c51f6e90de59587e9caab0ebbaf
cd84f129b64e4abaced71471dbd296657ba1058ad970d14079c6ad39c9aac61d
cec4f0861f5ac951d9aa505024ef143ab6bbe84228799a60b11a01cfcb84ba6b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff4fa7f2b6a29e998e9de4ec883bcd768025a8283c4fbd3ffc0c26d94f5d918
d29324573edadd02bb4eb6b4428575213ba89039c3ba4080fbdf503af38f86ae
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d410e5dc6339c71a1fd62d809d2fbfaafc535ebb3b55ac8ca1756da37ba3dc6f
d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33
d6ef3fd5623ae5008fa3c70b222291c40e4dcfa493ea5d4ce2b066e0788b1edc
d74a6bf78085699f17035742de4240aac4df4eac51ad0331acab312c75f0731d
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
db7f56f6f978648ac97c96dcf389650b078aee40f4fa49b295981755e12755c8
dcbe6ed7ccea53117b8183b35a64f33320e4b37c5c7af1b688a7995b874e8dea
dd3997b4575c043588f5080499bb622e9f0d395bf9ea885bc2c9eda8a6fd60df
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5fa64ae892d1929d2dc30a1bd54225012b47eb98b62aa14cc4327fd4e00a95
e2651c08f7fa61aa39c3ffea1803795a9da8e14f04f9a53abe127af4eaeceef9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f78726274cb2d940b57286e8419e3fbc2809b64892822ff0188d42234246cc6c
fc3c9eb3a36985c73023597b2849e216393deca57f3d0c9cb5c695f9d22d62e8
fcb79fca01f2a34e114504fadefbc5cc55d4eb0afe062750667e55c0662b64ae
fe55e863695f6a1f2fa947fe4830f89dead5544c8d4d4ab9ebc2096137465fa2

gl.modsforandroid.com Open in urlscan Pro 192.53.122.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

282 Requests

90 %HTTPS

0 %IPv6

63 Domains

98 Subdomains

70 IPs

7 Countries

2738 kBTransfer

7213 kBSize

75 Cookies

10 Outgoing links

Redirected requests

282 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gl.modsforandroid.com Open in urlscan Pro
192.53.122.254 Public Scan

Screenshot
Live screenshot

Full Image

282
Requests

90 %
HTTPS

0 %
IPv6

63
Domains

98
Subdomains

70
IPs

7
Countries

2738 kB
Transfer

7213 kB
Size

75
Cookies

282 HTTP transactions
2 data transactions