www.mplapks.com Open in urlscan Pro
188.114.97.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.mplapks.com/winzo-gold-apk/
Submission: On May 08 via manual (May 8th 2022, 12:47:11 pm UTC) from US — Scanned from IS

Summary HTTP 68 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 68 HTTP transactions. The main IP is 188.114.97.20, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.mplapks.com.
TLS certificate: Issued by E1 on April 5th 2022. Valid for: 3 months.

This is the only time www.mplapks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	188.114.97.20 188.114.97.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
1	104.16.89.20 104.16.89.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
9	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
14	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
22	142.250.74.193 142.250.74.193	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	172.217.18.106 172.217.18.106	15169 (GOOGLE) (GOOGLE)
1	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
68	17

6 188.114.97.20 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

www.mplapks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

adservice.google.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.74.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.164 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 119 tpc.googlesyndication.com — Cisco Umbrella Rank: 171	615 KB
14	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 65	109 KB
6	mplapks.com www.mplapks.com	451 KB
5	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 128 www.google.com — Cisco Umbrella Rank: 20	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 227	110 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111 ajax.googleapis.com — Cisco Umbrella Rank: 432	7 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
2	gstatic.com fonts.gstatic.com	22 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	36 KB
1	google.is adservice.google.is — Cisco Umbrella Rank: 223108	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 940	644 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	40 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 574	25 KB
68	13

	Domain	Requested by
22	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	www.mplapks.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
6	www.mplapks.com	www.mplapks.com
4	www.google.com	3 redirects tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	www.mplapks.com ajax.googleapis.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	ajax.googleapis.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.is	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.mplapks.com
1	cdn.jsdelivr.net	www.mplapks.com
68	16

This site contains links to these domains. Also see Links.

Domain
jobhelp.campaign.gov.uk
security.ufl.edu
www.bignox.com
en.wikipedia.org

Subject Issuer	Validity	Valid
*.mplapks.com E1	`2022-04-05` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.is GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.mplapks.com/winzo-gold-apk/
Frame ID: C62F00DF71C375629E95BE7405FA2ECA
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html
Frame ID: 53AC9A0E8305D818568ED1FCF3119307
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&adk=1812271804&adf=3025194257&lmt=1647264569&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028404&bpp=2&bdt=1450&idt=911&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=146883736258&frm=20&pv=2&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=925
Frame ID: 11734F3E337E29A63A51590C804D8000
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=243876893&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028406&bpp=1&bdt=1452&idt=928&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RNM7WacHWy&p=https%3A//www.mplapks.com&dtd=932
Frame ID: 2D4844708F8E00A7ABEFFAA87CC027EA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=3673058151&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028407&bpp=1&bdt=1453&idt=934&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=3140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=83UfRejgot&p=https%3A//www.mplapks.com&dtd=937
Frame ID: 76610E37B14248AD0B03EF2AD2DCF212
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=3844067583&adk=1164302730&adf=2970249784&pi=t.ma~as.3844067583&w=1019&fwrn=4&fwrnh=100&lmt=1647264569&rafmt=1&psa=0&format=1019x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028408&bpp=1&bdt=1454&idt=937&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=3499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EDvYc81fHk&p=https%3A//www.mplapks.com&dtd=940
Frame ID: D886786F008B9B55FB3899787BA88D1C
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 72FF46365403AC983800C63AD6947F3B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4DE65721AFB04C78B3BCA29EA81F50C1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/index.html
Frame ID: 3A577F6F3708C2EC8BB99BF24330D323
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 066BDD36CBF01458A05757412E9863BE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 051562E57A44F82F86B2EC5E119E983C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7CEE196D10F3793E0268130756F932E7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js
Frame ID: 0EE91921E3A27CCFE48F954668EFB181
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js
Frame ID: 086D081A19882FA447EB234EE8B0305E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Latest WinZO Gold APK for Android 2022 | Play More & Win More

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

68
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

17
IPs

3
Countries

1439 kB
Transfer

2719 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://jobhelp.campaign.gov.uk/5-ways-to-earn-money-from-home/
Title: earn money

Search URL Search Domain Scan URL

URL: https://security.ufl.edu/resources/mobile-device-security/
Title: Security

Search URL Search Domain Scan URL

URL: https://www.bignox.com/
Title: Nox Player

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Digital_wallet
Title: Wallet

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 56

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 57

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

68 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.mplapks.com/winzo-gold-apk/ 20 KB
7 KB 599ms
359ms Document
text/html 188.114.97.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mplapks.com/winzo-gold-apk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.20 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3026ecee4ba51cf2e560ed66b2698e06efc119b45f57329e723fa015c4c3f666

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70824d526a95af51-KEF
content-encoding: br
content-type: text/html
date: Sun, 08 May 2022 12:47:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 14 Mar 2022 13:29:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5rojvW%2Bcpaw%2Bf83ow4k4x2QVp6Z7x6BYepYcz%2BoBzdNDN%2FQd0liA9%2F4qRN%2B6VU5tBPQczVV%2Frj7UWCMPDVBkV0%2FYdhIFBqvGe9w7znMkvlhrlrlsuhH4mNPGz767S2QT6E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 402ms
112ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300

Requested by

Host: www.mplapks.com
URL: https://www.mplapks.com/winzo-gold-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

81a41332ee725620f220cce7447c45f2997530720d7e8ca35113f0aa72b58921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 May 2022 11:24:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 08 May 2022 12:47:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 May 2022 12:47:07 GMT

GET
H2 200 logo.png
www.mplapks.com/img/ 6 KB
6 KB 67ms
66ms Image
image/png 188.114.97.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mplapks.com/img/logo.png
Requested by: Host: www.mplapks.com
URL: https://www.mplapks.com/winzo-gold-apk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.20 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 728227521b213e2d81d568e627b9c235b02c23c9019faf12c1c0a0f893f823a4

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/winzo-gold-apk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:07 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:29:42 GMT
server: cloudflare
age: 134
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJ%2FVBcied4WKiGo%2Fyc6cACNC8c%2BarxGrNRz0KCPb1%2FAcOXD6BP6W%2BDCkP69JART2wlyPsDesP5ZoaaRv6OiEHKBiySEliI7QbD8p%2FBMgkUkT20V5MFDD31dd1dYd5NdVYTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70824d54cbdeaf51-KEF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6152

GET
H2 200 winzo-logo.png
www.mplapks.com/img/ 39 KB
40 KB 67ms
67ms Image
image/png 188.114.97.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mplapks.com/img/winzo-logo.png
Requested by: Host: www.mplapks.com
URL: https://www.mplapks.com/winzo-gold-apk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.20 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74226669a904375179d2d525160e9304abe3322898b63aca79bae48dffef1eb0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/winzo-gold-apk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:07 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jan 2022 16:31:12 GMT
server: cloudflare
age: 134
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVB%2FlYvjTAxVWf7mph3ai4sz1j%2FcDhebwCxnvu8mmoCeJtfRBnum%2FthHY%2F8NaV0KORG%2F8GlO7rnd5w4Li53pB6yQKEZ9urElZM8bcOebEnb5wHdh78to7PqNJNmNiaNY3Vw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70824d54cbdfaf51-KEF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40288

GET
H2 200 winzo-gold-apk.png
www.mplapks.com/img/ 50 KB
51 KB 66ms
66ms Image
image/png 188.114.97.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mplapks.com/img/winzo-gold-apk.png
Requested by: Host: www.mplapks.com
URL: https://www.mplapks.com/winzo-gold-apk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.20 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c579dd190e4486758dd2edd40c2203f7ed495765f19dccac3f40f8777c811d52

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/winzo-gold-apk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:07 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 03:11:28 GMT
server: cloudflare
age: 134
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYOy%2F%2FrKB2GnzD3VXRXJSsPqAT1YZr25mEROc03gUFdjruCwpvb2smi43YOdpTCh4iGBV%2Fm3qzwdmxPvb2ZcQBp8tY2OKX4LBbN2c68jCMM%2BoXz6mYcLMEgKTIRK9N1XYK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70824d551c01af51-KEF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51616

GET
H2 200 how-to-withdraw.png
www.mplapks.com/img/ 343 KB
344 KB 75ms
75ms Image
image/png 188.114.97.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mplapks.com/img/how-to-withdraw.png
Requested by: Host: www.mplapks.com
URL: https://www.mplapks.com/winzo-gold-apk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.20 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f25539d29321d8cfa26fc7814ca2f8b9f2ff65d5bf760da5bf3fb0464912fe8b

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/winzo-gold-apk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:07 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 02:36:20 GMT
server: cloudflare
age: 134
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kanTOcklvFO%2FvhVbZKykYpQioLD177Fu91HZuZh7KhBC3O2I1lu%2BApcqp%2B1E%2Bix9DuUtZ6vbzuqq7pspgdOq2Bt3DaFfVT5x6dt%2FkqsO1NqOk7hRckCa5RF978wu4xFoUo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70824d551c02af51-KEF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 351095

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/gh/apksman/durecdr/ 157 KB
25 KB 503ms
72ms Stylesheet
text/css 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/apksman/durecdr/bootstrap.min.css

Requested by

Host: www.mplapks.com
URL: https://www.mplapks.com/winzo-gold-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3dc166786c3a57951596e6dc973d4599b1b7c52d8243a952a31c99b9d6b894a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mplapks.com/
Origin: https://www.mplapks.com
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3725
x-jsd-version: master
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19121-FRA, cache-cdg20739-CDG
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"27285-D6PxEZi5jDzRGtuf8Sjbm2RLURc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eL9ZvaLhsfFWV2jJ1bGr7Z6j%2BoVcWGaYSi6%2FYSJt0H87ShNCHzibKQl9L12J2X%2FAyinaO0oFmj%2BOf1w87gN2JMYkR0k9Ounz%2FJCXLmTQD1C5z%2Fg70fCGWtiN%2FZTLnJpsyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 70824d57c8aeaf6f-KEF

GET
H2 200 rocket-loader.min.js Show response
www.mplapks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 61ms
61ms Script
application/javascript 188.114.97.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mplapks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.mplapks.com
URL: https://www.mplapks.com/winzo-gold-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.20 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/winzo-gold-apk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 29 Apr 2022 17:17:34 GMT
server: cloudflare
etag: W/"626c1dae-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaI7WWxt%2BmW0H%2F0GIdPTgzwk57EyX%2Fl13PTeVmVH19ldnU8iyF6BBrSEDmLL83DqUCkhiFWDCheC6MeDznFL4o5NdRrO504orTiMzHLA1IMaZC8ajafVAnxoXXTn%2FlJh6KQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70824d551c03af51-KEF
vary: Accept-Encoding
expires: Tue, 10 May 2022 12:47:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 400ms
111ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mplapks.com
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 326915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 04 May 2023 17:58:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
40 KB 648ms
115ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-217876925-8

Requested by

Host: www.mplapks.com
URL: https://www.mplapks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

614f0ee68b2c3367254e62a9fe1ded49fa55cae68926ba1401aa13a48eea67cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40738
x-xss-protection: 0
last-modified: Sun, 08 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 May 2022 12:47:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
55 KB 678ms
118ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6675146489964581

Requested by

Host: www.mplapks.com
URL: https://www.mplapks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

db2320ea3a6f92db753b1d5d7c4b4adf1e11672c4653cc6771014b849a456b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mplapks.com/
Origin: https://www.mplapks.com
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55939
x-xss-protection: 0
server: cafe
etag: 18092408497120936524
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 08 May 2022 12:47:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 646ms
111ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-217876925-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4338
date: Sun, 08 May 2022 11:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 08 May 2022 13:34:50 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205020101/ 308 KB
111 KB 657ms
126ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6675146489964581&plah=www.mplapks.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6675146489964581

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

0c4cf9169043ace3eb4e071e4427f0b1fc54f77dfb01d771b0df3b5f1c396901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112613
x-xss-protection: 0
server: cafe
etag: 6435179981697272553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 08 May 2022 12:47:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/ Frame 53AC 10 KB
5 KB 647ms
113ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6675146489964581

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mplapks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

age: 78316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 15:01:53 GMT
etag: 1428802124239944296
expires: Sat, 21 May 2022 15:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 109ms
108ms XHR
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=679002083&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&ul=en-us&de=UTF-8&dt=Latest%20WinZO%20Gold%20APK%20for%20Android%202022%20%7C%20Play%20More%20%26%20Win%20More&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=675275029&gjid=1728670670&cid=1605344969.1652014029&tid=UA-217876925-8&_gid=101855128.1652014029&_r=1&gtm=2ou540&z=1696339385

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mplapks.com/
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 May 2022 12:47:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mplapks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
644 B 392ms
120ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.mplapks.com&callback=_gfp_s_&client=ca-pub-6675146489964581

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6675146489964581&plah=www.mplapks.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

d5eea23221fbeff611276c45ccdb96b367c89e17b292217014c3f6b4a4389b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.is/adsid/ 107 B
792 B 669ms
127ms Script
application/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.is/adsid/integrator.js?domain=www.mplapks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 May 2022 12:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 646ms
112ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mplapks.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 May 2022 12:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1173 9 KB
4 KB 172ms
171ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&adk=1812271804&adf=3025194257&lmt=1647264569&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028404&bpp=2&bdt=1450&idt=911&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=146883736258&frm=20&pv=2&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=925

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c6eff547b8346ae340736e1fcbcdfe35a20abcc8671536d5d4fb4413a36e5a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mplapks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 12:47:09 GMT
expires: Sun, 08 May 2022 12:47:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 114ms
113ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220504&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

807d50bb4ffae49653bc6064a8b150784b6be83a2719d84e128da606bc59e707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 May 2022 12:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10564
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2D48 69 KB
28 KB 866ms
866ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=243876893&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028406&bpp=1&bdt=1452&idt=928&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RNM7WacHWy&p=https%3A//www.mplapks.com&dtd=932

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9148c86e424ff5eb1cb36c25c31093ca33994bb828a5a3bcb209d9a2fbd2f19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mplapks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28709
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 12:47:10 GMT
expires: Sun, 08 May 2022 12:47:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7661 106 KB
39 KB 754ms
753ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=3673058151&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028407&bpp=1&bdt=1453&idt=934&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=3140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=83UfRejgot&p=https%3A//www.mplapks.com&dtd=937

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

377fc5848ae0f715ebe77fdd9c75a573313522042f9ffdbf74fe2c7e2f2066e6

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJz7jOv3z_cCFTFDFQgdejcHmA&gqi=zbt3YpCNGefhtgevgqR4&layout=/sadbundle/%24csp%253Der3%24/2319376456553363443/Core_HTML5_Product_Global_300x250/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mplapks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 39439
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJz7jOv3z_cCFTFDFQgdejcHmA&gqi=zbt3YpCNGefhtgevgqR4&layout=/sadbundle/%24csp%253Der3%24/2319376456553363443/Core_HTML5_Product_Global_300x250/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 12:47:10 GMT
expires: Sun, 08 May 2022 12:47:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D886 95 KB
31 KB 680ms
680ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=3844067583&adk=1164302730&adf=2970249784&pi=t.ma~as.3844067583&w=1019&fwrn=4&fwrnh=100&lmt=1647264569&rafmt=1&psa=0&format=1019x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028408&bpp=1&bdt=1454&idt=937&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=3499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EDvYc81fHk&p=https%3A//www.mplapks.com&dtd=940

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c667cf4ba93004a72c593ca0d6e34e15463b41a2091d00989617f92b2f13e05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mplapks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31505
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 12:47:09 GMT
expires: Sun, 08 May 2022 12:47:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 411ms
123ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 May 2022 12:47:09 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 72FF 13 KB
5 KB 112ms
112ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mplapks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
age: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 12:47:01 GMT
expires: Mon, 08 May 2023 12:47:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4DE6 783 B
1 KB 652ms
121ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

d854c64fa1339df98a502386dc60f4bf0b0de1cc5e437dd94677077cc94c1a00

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cFa3Q7IfIvJNd/DqCyHZwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mplapks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-cFa3Q7IfIvJNd/DqCyHZwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 12:47:10 GMT
expires: Sun, 08 May 2022 12:47:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js Show response
pagead2.googlesyndication.com/bg/ Frame 72FF 35 KB
14 KB 100ms
99ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 406044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13628
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 19:59:46 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame D886 0
0 186ms
186ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmMFvzbt3YuD2GdWAmwfT-b-QB5Gcpv9hodKMjssNwq3NsYwOEAEgzv2dH2DhAqAB2dPIgQPIAQKoAwHIA8kEqgTwAU_Q7JcXjItA9_MeEgWl6td5dr1Qg7fpd4_zqU5rbUZIiP85iQ33hR6CKseZo_Ao5BBuimmUNgspuy9wSCf3NSU6hfckUBktjbzBTBbJpDgOI8HuFnuwg5-rCxInhFu4UgIkK7rVQFNF0LIPWzn3oejQLYu7dB2ZtOLoo9rdf8YkVI8V3MCq8--hXerdq3cE1isQ-eSXCpZS-Oqyb1_rWpIHbRO4hFm0f6XNcaZbJYqcKmzMZiVXb8Yv83nda_8FJvrU_NFfMMDZ4JwkaZAYpppzRalWanqEaVfzqcd2MDZXRQjvxNSYNPRczEELt9P2j8AExr_ZlbcDkgUECAQYAZIFBAgFGASgBgKAB4-st36oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCI6wXSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNjY3NTE0NjQ4OTk2NDU4MRgA&sigh=Fz2Eyz2PCIs&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=3844067583&adk=1164302730&adf=2970249784&pi=t.ma~as.3844067583&w=1019&fwrn=4&fwrnh=100&lmt=1647264569&rafmt=1&psa=0&format=1019x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028408&bpp=1&bdt=1454&idt=937&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=3499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EDvYc81fHk&p=https%3A//www.mplapks.com&dtd=940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=3844067583&adk=1164302730&adf=2970249784&pi=t.ma~as.3844067583&w=1019&fwrn=4&fwrnh=100&lmt=1647264569&rafmt=1&psa=0&format=1019x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028408&bpp=1&bdt=1454&idt=937&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=3499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EDvYc81fHk&p=https%3A//www.mplapks.com&dtd=940
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 08 May 2022 12:47:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 08 May 2022 12:47:10 GMT

GET
H2 200 1782029556535982514
tpc.googlesyndication.com/daca_images/simgad/ Frame D886 142 KB
142 KB 176ms
176ms Image
image/png 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1782029556535982514

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

43e98712095b7bcc35539879f7e625cd0c1f5a4886195f653b1895af27435e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145057
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 00:59:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 May 2023 12:47:10 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame D886 19 KB
8 KB 111ms
111ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 12:41:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame D886 3 KB
1 KB 125ms
124ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 12:46:12 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame D886 67 B
196 B 141ms
140ms Image
image/png 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 May 2022 18:15:01 GMT
x-content-type-options: nosniff
server: cafe
age: 66729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sun, 08 May 2022 18:15:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D886 120 KB
37 KB 814ms
267ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 May 2022 12:47:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame D886 15 KB
6 KB 125ms
125ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 12:41:58 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame D886 30 KB
12 KB 135ms
135ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12278
x-xss-protection: 0
server: cafe
etag: 12178443437409350037
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 12:17:52 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/ Frame 3A57 11 KB
4 KB 275ms
274ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=3673058151&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028407&bpp=1&bdt=1453&idt=934&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=3140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=83UfRejgot&p=https%3A//www.mplapks.com&dtd=937

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

0a033e6029ff70138b99333630152a831ddb4a144a900307f0261e93f0552cca

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 461705
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3193
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 04:32:05 GMT
expires: Wed, 03 May 2023 04:32:05 GMT
last-modified: Mon, 03 Aug 2020 23:17:19 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7661 0
0 143ms
142ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-KrIzbt3YtzgGbGG1fAP-u6cwAnZnvfWaN6trvnOD8GjkYePDhABIM79nR9g4QKgAZT2u8wDyAEJqAMByANIqgTdAU_Qax2OMWWC79-DHXW10U65MegAUJeH7ZccbKOAdX95Awhfa4dQZ_H0wjE3l_F7dkElEFpafx_7HB3hfB7j96jkRF_vL_6y-j_sYSOSNxOJSiaFCCLRHQa6aR_9SwvqV1I4JAmvZ6cpX9k7wuT0n0OvspR5WgzeVyVEmKz1XpiqMPcAjJzwK8wY_1TYFMxcmf4eNhrxvLcZtQfd94DPJC0UGakMJKV-rQnL17Ce-ImlLOb_AKU6Z161i-bZGSPdPV-SoPwwgFimWlz3JZHk_RbhcbEK6-iIVADK3VcjwATN-ZOU8AOSBQQIBBgBkgUECAUYBKAGLoAH1InEM6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOW6FNIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02Njc1MTQ2NDg5OTY0NTgxGAA&sigh=vZJ_bdmgEC4&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=3673058151&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028407&bpp=1&bdt=1453&idt=934&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=3140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=83UfRejgot&p=https%3A//www.mplapks.com&dtd=937
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 08 May 2022 12:47:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 08 May 2022 12:47:10 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 72FF 0
39 B 270ms
270ms Image
text/plain 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bxxu-Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 066B 143 B
222 B 100ms
99ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=3844067583&adk=1164302730&adf=2970249784&pi=t.ma~as.3844067583&w=1019&fwrn=4&fwrnh=100&lmt=1647264569&rafmt=1&psa=0&format=1019x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028408&bpp=1&bdt=1454&idt=937&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=291&ady=3499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EDvYc81fHk&p=https%3A//www.mplapks.com&dtd=940
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

age: 2429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 12:06:41 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame 7661 19 KB
8 KB 248ms
248ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 12:41:28 GMT

GET
H2 200 1307588755443062487
tpc.googlesyndication.com/simgad/ Frame 2D48 48 KB
48 KB 255ms
255ms Image
image/png 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1307588755443062487?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlh7ORvQeX2KdJQaMo--IFm9zps0Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=243876893&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028406&bpp=1&bdt=1452&idt=928&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RNM7WacHWy&p=https%3A//www.mplapks.com&dtd=932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

2fad52b277c6434d955c35614a4610c15c09540adaf4045e48f80486804adc48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:10 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48941
x-xss-protection: 0
last-modified: Thu, 05 Dec 2019 15:14:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 May 2023 12:47:10 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame 2D48 19 KB
8 KB 232ms
231ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=243876893&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028406&bpp=1&bdt=1452&idt=928&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RNM7WacHWy&p=https%3A//www.mplapks.com&dtd=932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 12:41:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 2D48 3 KB
1 KB 237ms
236ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=243876893&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028406&bpp=1&bdt=1452&idt=928&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RNM7WacHWy&p=https%3A//www.mplapks.com&dtd=932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 12:46:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D48 120 KB
37 KB 603ms
235ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=243876893&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028406&bpp=1&bdt=1452&idt=928&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RNM7WacHWy&p=https%3A//www.mplapks.com&dtd=932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 May 2022 12:47:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 2D48 15 KB
6 KB 233ms
232ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=243876893&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028406&bpp=1&bdt=1452&idt=928&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RNM7WacHWy&p=https%3A//www.mplapks.com&dtd=932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 12:41:58 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 2D48 30 KB
12 KB 239ms
238ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=243876893&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028406&bpp=1&bdt=1452&idt=928&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RNM7WacHWy&p=https%3A//www.mplapks.com&dtd=932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12278
x-xss-protection: 0
server: cafe
etag: 12178443437409350037
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 12:17:52 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2D48 0
0 142ms
142ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjXGizbt3Yp-kGbSCmwfHpomoDdG_hrdo68-UodoK1fmwv5AOEAEgzv2dH2DhAqAB_7ip9gLIAQKoAwHIA8kEqgTnAU_QDzG7YLs-56LJtwOYa3UaoYSRbgZeOA9U-dFTV8AnGm-xwOdjTkzw_p-GKhbFSaloSfgk64xkrbifP6r3HifNfdbLq62jJmDk4eglpuFM2PyYdBQL5KHE2DfWzyPj3QM_bE5_420ToTljBsVQDRPLCWBzzGdhC9K1F1p24ElkUIgz5PkDXB80IYij5UF3IiZSY79W2yrzMt3tP6GtsHl78VjEzXJpsHw4wV_G31FmjpispIqra7vz4GhYwOd-aRCk68Mp76BjfxyKDv4gy_7rxtJra6rZUgq8AvNXrAfnns2GLRlcC8AE35S_od0BkgUECAQYAZIFBAgFGASgBgKAB-nG1okBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQnvoO0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTY2NzUxNDY0ODk5NjQ1ODEYAA&sigh=Mfg4tBMhXbQ&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=243876893&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028406&bpp=1&bdt=1452&idt=928&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RNM7WacHWy&p=https%3A//www.mplapks.com&dtd=932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=243876893&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028406&bpp=1&bdt=1452&idt=928&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RNM7WacHWy&p=https%3A//www.mplapks.com&dtd=932
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 08 May 2022 12:47:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 066B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

151ms
151ms

Document
text/html

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 12:47:10 GMT
expires: Sun, 08 May 2022 12:47:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 12:47:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3A57 9 KB
3 KB 111ms
111ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 May 2022 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 08 May 2022 13:42:50 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3A57 26 KB
10 KB 112ms
112ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 May 2022 14:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80705
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 08 May 2022 14:22:05 GMT

GET
H2 200 6c324497d4f6b75609bbbadf48045be8.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/img/ Frame 3A57 46 KB
46 KB 113ms
113ms Image
image/png 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/img/6c324497d4f6b75609bbbadf48045be8.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

c31c7313a1181acacd14391c0fac059414b8bd0c7a2f2aab4849fe934a6ee143

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 456808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47295
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 23:17:19 GMT
server: sffe
date: Tue, 03 May 2022 05:53:42 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 May 2023 05:53:42 GMT

GET
H2 200 dc2e382e09ea11a79e92a042465450f0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/img/ Frame 3A57 48 KB
48 KB 124ms
123ms Image
image/png 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/img/dc2e382e09ea11a79e92a042465450f0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

74a4f2cde391fdebead339bf489a4d5a835e6066f21287f6565285a982e23f8e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 456808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48658
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 23:17:19 GMT
server: sffe
date: Tue, 03 May 2022 05:53:42 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 May 2023 05:53:42 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0515 143 B
198 B 100ms
99ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=3673058151&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028407&bpp=1&bdt=1453&idt=934&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=3140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=83UfRejgot&p=https%3A//www.mplapks.com&dtd=937
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

age: 2429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 12:06:41 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 7661 3 KB
1 KB 113ms
112ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 12:46:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7661 120 KB
37 KB 249ms
113ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 May 2022 12:47:10 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7CEE 143 B
198 B 100ms
99ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=243876893&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028406&bpp=1&bdt=1452&idt=928&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RNM7WacHWy&p=https%3A//www.mplapks.com&dtd=932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=243876893&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028406&bpp=1&bdt=1452&idt=928&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RNM7WacHWy&p=https%3A//www.mplapks.com&dtd=932
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

age: 2429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 12:06:41 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4DE6 0
0 140ms
139ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220504&jk=2459237796811734&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0515
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

165ms
165ms

Document
text/html

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 12:47:10 GMT
expires: Sun, 08 May 2022 12:47:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 12:47:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7CEE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

120ms
120ms

Document
text/html

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=243876893&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028406&bpp=1&bdt=1452&idt=928&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RNM7WacHWy&p=https%3A//www.mplapks.com&dtd=932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 12:47:10 GMT
expires: Sun, 08 May 2022 12:47:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 12:47:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 3A57 13 KB
6 KB 658ms
116ms Script
text/javascript 172.217.18.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f10.1e100.net

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 May 2022 08:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 08:23:53 GMT

GET
H2 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3A57 105 KB
36 KB 675ms
112ms Script
text/javascript 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2319376456553363443/Core_HTML5_Product_Global_300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 May 2022 12:47:11 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 143ms
142ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220504&jk=2459237796811734&bg=!hIelh8PNAAZX5TVhd-U7ACkAdvg8WqYmviJzYsx_np7AoUFSpnigESJlQ4Mf9wfApuoQaF12PzwRJAIAAABZUgAAAAJoAQcKAHPUfNgBHVQAWOu1mLKf48u0W0-gcIgvYrqIoU5VbkZ7vJijrGzdpZk8J0kgUJiKSNdgQxqs8xL4DDubUafyf2dnRAW-2myjNoLBcHRXCnWOmoT70UY7FKXqDhdigRzlS930mb05ze_XKaaxoHGLvkCHYQEGmQKVEhsQz6kao_zp2eomr1O-T5qwdacFIDdGRR-vFynTWB5fJ99wNvCSSbikmm3Aj8k8WJgK1scH4gO-Xj8LnXz6pkzLQmKyQY4GIhVBh75slSA6cm7TMIUrFlC_mERLd4qrbgb5-So9oGo-Qt1WAB4l5ymamwZFnFcW7r6wwiwY42eLq5viwd6gfPr5rtD58rEiIhteORqVy9UpYZXHOI-pNqu9cAWORKNmDXhSUADxS7WzGgbG4obvvtBnU-hryFfC8gVutWZ6DrCRFJU_odgJUF6aewd-5itAJYZiRANmIiOH8ESvW2eiaQhkslf03amY_NQ38Zkai0bDn_rDs6I1-l9aJ2sE7EpztxGacMVnwhRKXSm3lubn2WndilNnFP_RGHFTigBHMm_B0FLjzfvMMHmkdsLEvVs14ljpXGIq5TNa3XbcHcn9kKuQXHKXYCoHDlz77gG6ibjJTsSDmNz1_2jEnIDgYDH_8UVyaNJ9lzSoodeZGiZHqKu1pO8nLMBnRBmzGg1qLHOXlRWICHLIZaGFFs0xWHRU3MHPDbLfmCUCpI2brZFTS0mNIZRs8gvMVl9CJG0RZWhLiMrbPKHkJQtUmxlfifwWtH5E94p1Cf9o2PT0ILyqWZAkC5Q3x_b0vhIrULDW7a1JApMrzVNmexnGq2NFOUDICHEl0wPcVWu3ncwQYzU7NoFBSAr9MMRWTHsiXSIMHe3j086RRp02_uEt9lbSLppE795qaO-b9N_6XQ4oV7Ey5tRA-Juj4g_gB0Gr9bgjfEFvbU0ulY0TKsIAaSaIQ_2AnhQFz_3cKx1btR0A6W4TCdX336P-a6GswlpoRZDEA316qrAslCwAExLCjh6IiDRnaQm7P3dUtIoEJQ4Tug
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.mplapks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 7661 15 KB
6 KB 112ms
111ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 12:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 12:41:58 GMT

GET
DATA 200
OK truncated
/ Frame 2D48 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0c2562281923880851c07e36a5e04498976a0a9ff7d9b371d1dd6a9cc4e8eec

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EE9 35 KB
13 KB 100ms
99ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675146489964581&output=html&h=280&slotname=2722557607&adk=3417584410&adf=243876893&pi=t.ma~as.2722557607&w=336&lmt=1647264569&psa=0&format=336x280&url=https%3A%2F%2Fwww.mplapks.com%2Fwinzo-gold-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652014028406&bpp=1&bdt=1452&idt=928&shv=r20220504&mjsv=m202205020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=146883736258&frm=20&pv=1&ga_vid=1605344969.1652014029&ga_sid=1652014029&ga_hid=679002083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44762585%2C31067418&oid=2&pvsid=2459237796811734&pem=910&tmod=156576363&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RNM7WacHWy&p=https%3A//www.mplapks.com&dtd=932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 406045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13628
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 19:59:46 GMT

GET
DATA 200
OK truncated
/ Frame D886 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6016de2c76b5e971f6b7015a1b7296e6940096edff57782f96eeb7893eaeee6e

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7661 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88dfbbd824d88d17186a4e65d6124cbfe7758684610f94ee309cce974d6a03fb

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js Show response
pagead2.googlesyndication.com/bg/ Frame 086D 35 KB
13 KB 99ms
99ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 406045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13628
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 19:59:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3A57 318 B
414 B 110ms
109ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin:700&text=%20%C2%A0!%25%26-038ABCDEFGIKLMNOPRSTUWXYabdefghilmnoprsuvxy

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

fcafbaa6f4170e5439dce21d0e28ed622f0340b58e89d0707d58fb7ee7d169c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 May 2022 12:47:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 08 May 2022 12:47:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 May 2022 12:47:11 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 3A57 5 KB
6 KB 100ms
100ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDL7S38EbLLtyAN9-F6BvhomWtUS1BXzC-baSAM-ORLSTiLEE9vj6mdHu7ie53iQxU2htw7HQT&skey=d53a2c61c6b52b74&v=v24

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:700&text=%20%C2%A0!%25%26-038ABCDEFGIKLMNOPRSTUWXYabdefghilmnoprsuvxy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

ESF /

Resource Hash

82d9e0f164d95fb52cc8d1f38862e1dc2e8de3431a5f2987c6f4f1a42a45e2ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 May 2022 11:17:40 GMT
x-content-type-options: nosniff
age: 5371
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5588
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 23:42:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 08 May 2022 11:17:40 GMT

GET
H2 200 2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A57 35 KB
13 KB 100ms
99ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 May 2022 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 406045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13628
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 19:59:46 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mplapks.com/	1970-01-20 20:24:46	Name: _ga Value: GA1.2.1605344969.1652014029
.mplapks.com/	1970-01-20 02:55:00	Name: _gid Value: GA1.2.101855128.1652014029
.mplapks.com/	1970-01-20 02:53:34	Name: _gat_gtag_UA_217876925_8 Value: 1
.mplapks.com/	1970-01-20 12:15:10	Name: __gads Value: ID=a23fe6a288c03902-227b8da98ecd008e:T=1652014029:RT=1652014029:S=ALNI_MZj-zV0H9reuufasR68j3RUU8h86A
.doubleclick.net/	1970-01-20 20:24:46	Name: IDE Value: AHWqTUnDnAg0sdIXLNoZ6L7g1QxQMYB8x5sO7Bv1OkgG-1s_C0Fbq4Nj8BSJpW-pcvY
.doubleclick.net/	1970-01-20 02:53:37	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.is
ajax.googleapis.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.mplapks.com
104.16.89.20
142.250.181.238
142.250.184.194
142.250.184.234
142.250.185.166
142.250.185.66
142.250.185.98
142.250.186.164
142.250.186.40
142.250.186.67
142.250.74.193
142.250.74.194
172.217.16.130
172.217.18.106
188.114.97.20
216.58.212.162
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
0a033e6029ff70138b99333630152a831ddb4a144a900307f0261e93f0552cca
0c4cf9169043ace3eb4e071e4427f0b1fc54f77dfb01d771b0df3b5f1c396901
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2fad52b277c6434d955c35614a4610c15c09540adaf4045e48f80486804adc48
3026ecee4ba51cf2e560ed66b2698e06efc119b45f57329e723fa015c4c3f666
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
377fc5848ae0f715ebe77fdd9c75a573313522042f9ffdbf74fe2c7e2f2066e6
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
43e98712095b7bcc35539879f7e625cd0c1f5a4886195f653b1895af27435e70
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
6016de2c76b5e971f6b7015a1b7296e6940096edff57782f96eeb7893eaeee6e
614f0ee68b2c3367254e62a9fe1ded49fa55cae68926ba1401aa13a48eea67cf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
728227521b213e2d81d568e627b9c235b02c23c9019faf12c1c0a0f893f823a4
74226669a904375179d2d525160e9304abe3322898b63aca79bae48dffef1eb0
74a4f2cde391fdebead339bf489a4d5a835e6066f21287f6565285a982e23f8e
807d50bb4ffae49653bc6064a8b150784b6be83a2719d84e128da606bc59e707
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81a41332ee725620f220cce7447c45f2997530720d7e8ca35113f0aa72b58921
82d9e0f164d95fb52cc8d1f38862e1dc2e8de3431a5f2987c6f4f1a42a45e2ed
88dfbbd824d88d17186a4e65d6124cbfe7758684610f94ee309cce974d6a03fb
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9148c86e424ff5eb1cb36c25c31093ca33994bb828a5a3bcb209d9a2fbd2f19c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c31c7313a1181acacd14391c0fac059414b8bd0c7a2f2aab4849fe934a6ee143
c579dd190e4486758dd2edd40c2203f7ed495765f19dccac3f40f8777c811d52
c667cf4ba93004a72c593ca0d6e34e15463b41a2091d00989617f92b2f13e05f
c6eff547b8346ae340736e1fcbcdfe35a20abcc8671536d5d4fb4413a36e5a31
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0c2562281923880851c07e36a5e04498976a0a9ff7d9b371d1dd6a9cc4e8eec
d5eea23221fbeff611276c45ccdb96b367c89e17b292217014c3f6b4a4389b67
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d854c64fa1339df98a502386dc60f4bf0b0de1cc5e437dd94677077cc94c1a00
d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673
db2320ea3a6f92db753b1d5d7c4b4adf1e11672c4653cc6771014b849a456b64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dc166786c3a57951596e6dc973d4599b1b7c52d8243a952a31c99b9d6b894a
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
f25539d29321d8cfa26fc7814ca2f8b9f2ff65d5bf760da5bf3fb0464912fe8b
fcafbaa6f4170e5439dce21d0e28ed622f0340b58e89d0707d58fb7ee7d169c0

www.mplapks.com Open in urlscan Pro 188.114.97.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

68 Requests

100 %HTTPS

0 %IPv6

13 Domains

16 Subdomains

17 IPs

3 Countries

1439 kBTransfer

2719 kBSize

6 Cookies

4 Outgoing links

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mplapks.com Open in urlscan Pro
188.114.97.20 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

17
IPs

3
Countries

1439 kB
Transfer

2719 kB
Size

6
Cookies

68 HTTP transactions
3 data transactions