goandai.com Open in urlscan Pro
119.28.92.99 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://goandai.com/
Submission: On March 30 via api (March 30th 2022, 4:17:00 am UTC) from CA — Scanned from CA

Summary HTTP 42 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 42 HTTP transactions. The main IP is 119.28.92.99, located in Central, Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is goandai.com.

This is the only time goandai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	119.28.92.99 119.28.92.99	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
10	69.28.62.189 69.28.62.189	21859 (ZEN-ECN) (ZEN-ECN)
3	2606:4700:303... 2606:4700:3034::ac43:813c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
42	10

5 119.28.92.99 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

goandai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.28.62.189 (United States)

ASN21859 (ZEN-ECN, US)

static.oneinstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:813c (United States)

ASN13335 (CLOUDFLARENET, US)

img.shields.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 118 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	237 KB
10	oneinstack.com static.oneinstack.com	1 MB
5	goandai.com goandai.com	6 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 61	29 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 124 www.google.com — Cisco Umbrella Rank: 20	1 KB
3	shields.io img.shields.io — Cisco Umbrella Rank: 65688	3 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	37 KB
1	google.ca adservice.google.ca — Cisco Umbrella Rank: 10779	792 B
42	8

	Domain	Requested by
10	static.oneinstack.com	goandai.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	static.oneinstack.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	goandai.com	static.oneinstack.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	img.shields.io	goandai.com
2	www.google.com	1 redirects tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.ca	pagead2.googlesyndication.com
42	10

This site contains links to these domains. Also see Links.

Domain
oneinstack.com
linuxeye.com
help.aliyun.com
filezilla-project.org
paypal.me
static.oneinstack.com

Subject Issuer	Validity	Valid
static.oneinstack.com Encryption Everywhere DV TLS CA - G1	`2021-06-18` - `2022-06-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-09` - `2022-07-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://goandai.com/
Frame ID: F105B3709CB590758DD583276DCEF97C
Requests: 17 HTTP requests in this frame

Frame: https://static.oneinstack.com/ad_buttom.html
Frame ID: 707C37EB4ADAB4EA76EF684587C3C34C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3499594460&adf=3383700283&pi=t.ma~as.9167095357&w=468&lmt=1523883679&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&dt=1648613816737&bpp=16&bdt=145&idt=145&shv=r20220328&mjsv=m202203230101&ptt=5&saldr=sa&correlator=3601238187945&frm=22&ife=1&pv=2&ga_vid=734584294.1648613817&ga_sid=1648613817&ga_hid=259856680&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31065659%2C21065724%2C31065551&oid=2&pvsid=2034268974529101&pem=601&uas=0&nvt=1&top=http%3A%2F%2Fgoandai.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.ylo3agabrgpv&fsb=1&xpc=gHojbB4YDC&p=https%3A//static.oneinstack.com&dtd=161
Frame ID: 361829861A67868A4DB6EE2BF08AFEAF
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7089495A60AA503BBBFCCCFD7187B047
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Frame ID: 42305BEF7789708C36EC6BE97AB33F40
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F3237AF36E46CC1F84940FC34C3211C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DEFEA6B941DA5FC792E02257578D3896
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

欢迎您使用OneinStack

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

42
Requests

88 %
HTTPS

78 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

1771 kB
Transfer

2512 kB
Size

4
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://oneinstack.com/
Title: OneinStack官网

Search URL Search Domain Scan URL

URL: https://oneinstack.com/install/
Title: 安装、使用方法

Search URL Search Domain Scan URL

URL: https://oneinstack.com/faq/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://oneinstack.com/changelog/
Title: 更新日志

Search URL Search Domain Scan URL

URL: https://linuxeye.com/
Title: Linux

Search URL Search Domain Scan URL

URL: https://help.aliyun.com/document_detail/29716.html
Title: 详细教程

Search URL Search Domain Scan URL

URL: https://filezilla-project.org/download.php
Title: 下载地址

Search URL Search Domain Scan URL

URL: https://oneinstack.com/question/17347/
Title: 如何获取MySQL root密码?

Search URL Search Domain Scan URL

URL: https://oneinstack.com/question/oneinstack-how-to-configure-mysql-remote-connection/
Title: 如何配置MySQL远程连接?

Search URL Search Domain Scan URL

URL: https://oneinstack.com/docs/securitygroup/#11
Title: 阿里云安全组端口

Search URL Search Domain Scan URL

URL: https://oneinstack.com/docs/securitygroup/#12
Title: 腾讯云安全组端口

Search URL Search Domain Scan URL

URL: https://oneinstack.com/docs/securitygroup/#13
Title: 华为云安全组端口

Search URL Search Domain Scan URL

URL: https://paypal.me/yeho

Search URL Search Domain Scan URL

URL: https://static.oneinstack.com/images/alipay.png

Search URL Search Domain Scan URL

URL: https://static.oneinstack.com/images/weixin.png

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
goandai.com/ 18 KB
4 KB 956ms
247ms Document
text/html 119.28.92.99
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: http://goandai.com/
Protocol: HTTP/1.1
Server: 119.28.92.99 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx /
Resource Hash: bac67254d743ffbeda02aa60a2508bc3990f4c93111c2911bcc165249fe6b8e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Server: nginx
Date: Wed, 30 Mar 2022 04:16:52 GMT
Content-Type: text/html
Last-Modified: Thu, 10 Mar 2022 07:11:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6229a497-466a"
Content-Encoding: gzip

GET
H2 200 ois.css
static.oneinstack.com/assets/ 139 KB
27 KB 2443ms
89ms Stylesheet
text/css 69.28.62.189
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oneinstack.com/assets/ois.css
Requested by: Host: goandai.com
URL: http://goandai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.62.189 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/2.15 /
Resource Hash: 2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:16:54 GMT
via: S.pcw-cn-hkg-166, T.166.H, V.pcw-cn-hkg-163, T.186.H, M.gtt-us-lax-186
x-oss-request-id: 623CFF401F487433384EADF3
content-md5: FigiPMVrnmR1ZEYGL79qOA==
age: 449270
x-source: C/200
content-encoding: br
x-request-id: 1100ed13dd599e8abfb1c440590fd9c6; d56dd0160d321cb4067776152e9edc13
x-oss-object-type: Normal
last-modified: Thu, 06 Sep 2018 06:26:29 GMT
server: marco/2.15
etag: W/"1628223CC56B9E64756446062FBF6A38"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=691200
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 10073388271340420065
x-oss-server-time: 98
expires: Fri, 01 Apr 2022 23:29:04 GMT

GET
H2 200 vhost.png
static.oneinstack.com/images/ 451 KB
452 KB 2532ms
178ms Image
image/webp 69.28.62.189
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/vhost.png
Requested by: Host: goandai.com
URL: http://goandai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.62.189 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/2.15 /
Resource Hash: 1c81898c45b041eb43a884c1f889a1bc10138c1aff770c1be03fbd484507e36a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:16:54 GMT
via: S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-166, T.186.H, M.gtt-us-lax-186
x-oss-request-id: 6241A888DC44E03237A96480
content-md5: vRkM4GHxj1RKHmypU9jYJg==
age: 143791
x-source: C/200, G/200
content-length: 462032
x-request-id: 9bd84247d020e857b50b9acdca10e1b8; abd24b147cafef62cc4ce81b8976a367
x-oss-object-type: Normal
last-modified: Tue, 17 Apr 2018 00:44:34 GMT
server: marco/2.15
etag: "236f2c8c3b27b143393df0104777f43a"
vary: Accept
content-type: image/webp
cache-control: max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 13855228782985020134
x-oss-server-time: 119
expires: Tue, 05 Apr 2022 12:20:23 GMT

GET
H2 200 vhost_del.png
static.oneinstack.com/images/ 54 KB
54 KB 2694ms
342ms Image
image/webp 69.28.62.189
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/vhost_del.png
Requested by: Host: goandai.com
URL: http://goandai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.62.189 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/2.15 /
Resource Hash: a40a4c5bf8ed253cf6dc10dc566f14b8addb2fcbdfb7bd0f2f569037be50f305

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:16:54 GMT
via: S.pcw-cn-hkg-165, T.165.H, V.pcw-cn-hkg-163, T.186.H, M.gtt-us-lax-186
x-oss-request-id: 6241AB67A96699313273AC92
content-md5: xuKDQl+fITtDLX9ueypXFg==
age: 143072
x-source: C/200, G/200
content-length: 54978
x-request-id: 07905b200dd80a2dde8cab0d1531517c; 15b058c824822f590cf3571e8f9a4df0
x-oss-object-type: Normal
last-modified: Fri, 05 Jan 2018 01:33:22 GMT
server: marco/2.15
etag: "236f2c8c3b27b143393df0104777f43a"
vary: Accept
content-type: image/webp
cache-control: max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 16888844593495608369
x-oss-server-time: 65
expires: Tue, 05 Apr 2022 12:32:22 GMT

GET
H2 200 pureftpd.png
static.oneinstack.com/images/ 223 KB
224 KB 2758ms
406ms Image
image/webp 69.28.62.189
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/pureftpd.png
Requested by: Host: goandai.com
URL: http://goandai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.62.189 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/2.15 /
Resource Hash: 0525101fcb390c1123b8d0daa61d102e707b47265a290034373fb7a5b4c3682d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:16:54 GMT
via: S.pcw-cn-hkg-166, T.166.H, V.pcw-cn-hkg-165, T.186.H, M.gtt-us-lax-186
x-oss-request-id: 6241A5646FB42B3830274D5F
content-md5: 7zl7AuEWDSHbL5+n0OL7KQ==
age: 144597
x-source: C/200, G/200
content-length: 228320
x-request-id: c91bade06db4fb44f5f6acb6c5bcc43a; 53d85ac63b930d3faa7bd30bd1cde33c
x-oss-object-type: Normal
last-modified: Sun, 30 Dec 2018 14:25:48 GMT
server: marco/2.15
etag: "236f2c8c3b27b143393df0104777f43a"
vary: Accept
content-type: image/webp
cache-control: max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 4738377704576296990
x-oss-server-time: 64
expires: Tue, 05 Apr 2022 12:06:57 GMT

GET
H2 200 backup_setup.png
static.oneinstack.com/images/ 173 KB
174 KB 2770ms
418ms Image
image/webp 69.28.62.189
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/backup_setup.png
Requested by: Host: goandai.com
URL: http://goandai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.62.189 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/2.15 /
Resource Hash: 48a54e33ffed8a0e81c2d58abc7005c843f2601df0fe9c9c609a8ddf9086222e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:16:54 GMT
via: S.pcw-cn-hkg-165, T.165.H, V.pcw-cn-hkg-164, T.186.H, M.gtt-us-lax-186
x-oss-request-id: 6241A56307479330369A3774
content-md5: 659MR5IfDYlO/K4Ns6bNqg==
age: 144612
x-source: C/200, G/200
content-length: 177002
x-request-id: f32592f0c1d9d39d7e76cfd2db040d87; 59faee9370df40d95720a7c136535ad6
x-oss-object-type: Normal
last-modified: Sat, 08 Dec 2018 15:01:47 GMT
server: marco/2.15
etag: "236f2c8c3b27b143393df0104777f43a"
vary: Accept
content-type: image/webp
cache-control: max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 12530950749996754773
x-oss-server-time: 66
expires: Tue, 05 Apr 2022 12:06:42 GMT

GET
H2 200 upgrade.png
static.oneinstack.com/images/ 223 KB
224 KB 330ms
330ms Image
image/webp 69.28.62.189
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/upgrade.png
Requested by: Host: goandai.com
URL: http://goandai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.62.189 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/2.15 /
Resource Hash: 692ec8633092cda8b29b25012a5c7c6a6cb73159f12bd1600e6491dd1e088a56

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:16:54 GMT
via: S.pcw-cn-hkg-164, T.164.H, V.pcw-cn-hkg-166, T.186.H, M.gtt-us-lax-186
x-oss-request-id: 6241A5646F8C2632392989FA
content-md5: 2ibJCCM3lIIVt2qK7tU4hA==
age: 144597
x-source: C/200, G/200
content-length: 228254
x-request-id: 7cd2915796306a6dd32a9a450a894be9; 9ee129dc0e2ed60f8820bd499af7f2ac
x-oss-object-type: Normal
last-modified: Sun, 30 Dec 2018 14:25:48 GMT
server: marco/2.15
etag: "236f2c8c3b27b143393df0104777f43a"
vary: Accept
content-type: image/webp
cache-control: max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 6318895251282152936
x-oss-server-time: 56
expires: Tue, 05 Apr 2022 12:06:57 GMT

GET
H2 200 uninstall.png
static.oneinstack.com/images/ 209 KB
210 KB 331ms
330ms Image
image/webp 69.28.62.189
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/uninstall.png
Requested by: Host: goandai.com
URL: http://goandai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.62.189 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/2.15 /
Resource Hash: 048d9db1f6bcea86a022f30105476a29c834e36d5db7d80ec0997d23a79d88f8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:16:54 GMT
via: S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-164, T.186.H, M.gtt-us-lax-186
x-oss-request-id: 6241AB67EE85213239A7AB68
content-md5: FkrQbxLhJFdkNtUcZZ7+YA==
age: 143057
x-source: C/200, G/200
content-length: 214254
x-request-id: b95948308b950f1ccc358b1df9ba85d5; a268ed2bcefe28bd8e93736fd0e8d68c
x-oss-object-type: Normal
last-modified: Sun, 24 Nov 2019 02:31:03 GMT
server: marco/2.15
etag: "236f2c8c3b27b143393df0104777f43a"
vary: Accept
content-type: image/webp
cache-control: max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 13914716929911636181
x-oss-server-time: 54
expires: Tue, 05 Apr 2022 12:32:37 GMT

GET
H2 200 Paypal-donate-green.svg
img.shields.io/badge/ 1 KB
757 B 155ms
110ms Image
image/svg+xml 2606:4700:3034::ac43:813c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/badge/Paypal-donate-green.svg
Requested by: Host: goandai.com
URL: http://goandai.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8ee909e2d4c114b0b251ad90903b8b68ec6c1d28b2b731e30b507b399e872f2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

cf-ray: 6f3e0847aad9ecf6-YUL
date: Wed, 30 Mar 2022 04:16:52 GMT
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Tue, 29 Mar 2022 18:14:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6kQQxatlff5JQPVhACo6CgkkcprI%2BeZs2SFdX9QgO6AQx78DATISeB4%2BuXuOqV3%2FMc0hDkdWjiDpl9dRxt0Y8qVd0APCsMMro8m%2F8wWCPzZ2O%2BRFo8naV7DeVp8iPTGwDEglX49Hy6XqX%2FfEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 %E6%94%AF%E4%BB%98%E5%AE%9D-%E5%90%91TA%E6%8D%90%E5%8A%A9-green.svg
img.shields.io/badge/ 1 KB
784 B 143ms
99ms Image
image/svg+xml 2606:4700:3034::ac43:813c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/badge/%E6%94%AF%E4%BB%98%E5%AE%9D-%E5%90%91TA%E6%8D%90%E5%8A%A9-green.svg
Requested by: Host: goandai.com
URL: http://goandai.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c84aa672e4c9a685cd04c50283270bf44a1a70d2cd0a16ff15d568fcca7a4666

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

cf-ray: 6f3e0847aadbecf6-YUL
date: Wed, 30 Mar 2022 04:16:52 GMT
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Tue, 29 Mar 2022 18:14:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RuT%2F37CNaj8hTBxeD9pIrpLQ5u71Zu6RlHhWf0e7g7mgZrrldytvamnpNLX3lBk%2FLVKkwYlSTO5f7PNavwG2dIox3AuKHgHVvJzmUl6G49khiAtel9c1xfHRqEKgceUazqKnVQ5fmDv5AquYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 %E5%BE%AE%E4%BF%A1-%E5%90%91TA%E6%8D%90%E5%8A%A9-green.svg
img.shields.io/badge/ 1 KB
1 KB 130ms
87ms Image
image/svg+xml 2606:4700:3034::ac43:813c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/badge/%E5%BE%AE%E4%BF%A1-%E5%90%91TA%E6%8D%90%E5%8A%A9-green.svg
Requested by: Host: goandai.com
URL: http://goandai.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bdfcebb08f589965cf48f959c9bac00de449bde43863c35f29bf19e8ac3b91

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

cf-ray: 6f3e0847aadcecf6-YUL
date: Wed, 30 Mar 2022 04:16:52 GMT
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Tue, 29 Mar 2022 18:14:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fw3s8Am0msz7IGODpMbaa8Hylnq618A4R23p%2FWwbGXXMwrw4Nm5LUoGez7byL7RSVRl1lRsGkYD33XXv3Fv1rw0t8kCEdAttS4WM7PCFfGbesdq3p3KrQoyjEZh0KoMK7vqdvgps3%2BsXABI58A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pay.png
static.oneinstack.com/images/ 22 KB
22 KB 331ms
331ms Image
image/webp 69.28.62.189
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/pay.png
Requested by: Host: goandai.com
URL: http://goandai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.62.189 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/2.15 /
Resource Hash: 15429fda410aa94d83547553f34aa039bdd8cd0964df85407559c57f08cfbfef

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:16:54 GMT
via: S.pcw-cn-hkg-166, T.166.H, V.pcw-cn-hkg-163, T.186.H, M.gtt-us-lax-186
x-oss-request-id: 6241AB6738B0ED373244A294
content-md5: Da5McVQvWo9YWLv2tLjKyw==
age: 143058
x-source: C/200, G/200
content-length: 22100
x-request-id: 2386a1a7e95ca78ec3496b43176a8dc2; 4281f77b2f7d5dcb17014a08e8c3193a
x-oss-object-type: Normal
last-modified: Sun, 24 Nov 2019 02:32:35 GMT
server: marco/2.15
etag: "236f2c8c3b27b143393df0104777f43a"
vary: Accept
content-type: image/webp
cache-control: max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 16342502823700331070
x-oss-server-time: 95
expires: Tue, 05 Apr 2022 12:32:36 GMT

GET
H2 200 ois20190114.js Show response
static.oneinstack.com/assets/ 203 KB
71 KB 2448ms
96ms Script
text/javascript 69.28.62.189
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oneinstack.com/assets/ois20190114.js
Requested by: Host: goandai.com
URL: http://goandai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.62.189 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/2.15 /
Resource Hash: f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:16:54 GMT
via: S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-167, T.186.H, M.gtt-us-lax-186
x-oss-request-id: 623D001853726E34379EC42E
content-md5: CC5iM3IZ7F7//K/8Y/qkQA==
age: 449052
x-source: C/200
content-encoding: br
x-request-id: b2b6c0dfa16803d1fe3a505fdd20af48; a299e39b2e1b6d52d6c13a522df28fe1
x-oss-object-type: Normal
last-modified: Mon, 14 Jan 2019 05:54:34 GMT
server: marco/2.15
etag: W/"082E62337219EC5EFFFCAFFC63FAA440"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=691200
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 3207812737332285755
x-oss-server-time: 111
expires: Fri, 01 Apr 2022 23:32:42 GMT

GET
H2 200 ad_buttom.html Show response
static.oneinstack.com/ Frame 707C 629 B
851 B 2843ms
498ms Document
text/html 69.28.62.189
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oneinstack.com/ad_buttom.html
Requested by: Host: goandai.com
URL: http://goandai.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.62.189 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/2.15 /
Resource Hash: 7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/

Response headers

server: marco/2.15
date: Wed, 30 Mar 2022 04:16:55 GMT
content-type: text/html
vary: Accept-Encoding
x-source: C/200
x-oss-request-id: 6243D9B794C77F3136A040F0
x-oss-server-time: 3
x-oss-object-type: Normal
etag: W/"816171E30FF32058597FF2A2AF45F357"
x-oss-hash-crc64ecma: 8982108081913538273
last-modified: Mon, 16 Apr 2018 13:01:19 GMT
x-oss-storage-class: Standard
content-md5: gWFx4w/zIFhZf/Kir0XzVw==
x-request-id: 9bb8287007ed4e6aa4208843717329e1
via: S.pcw-cn-hkg-165, T.165.D, V.pcw-cn-hkg-165, T.186.D, M.gtt-us-lax-186
content-encoding: br

HEAD
H/1.1 200
OK phpinfo.php Show response
goandai.com/ 0
182 B 314ms
313ms XHR
text/html 119.28.92.99
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: http://goandai.com/phpinfo.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: HTTP/1.1
Server: 119.28.92.99 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 04:16:55 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

HEAD
H/1.1 200
OK ocp.php Show response
goandai.com/ 0
182 B 284ms
284ms XHR
text/html 119.28.92.99
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: http://goandai.com/ocp.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: HTTP/1.1
Server: 119.28.92.99 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 04:16:55 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

HEAD
H/1.1 200
OK index.php Show response
goandai.com/phpMyAdmin/ 0
1 KB 597ms
597ms XHR
text/html 119.28.92.99
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

http://goandai.com/phpMyAdmin/index.php

Requested by

Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js

Protocol

HTTP/1.1

Server

119.28.92.99 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Content-Security-Policy	default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 04:16:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-ob_mode: 1
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 30 Mar 2022 04:16:56 +0000
Server: nginx
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Wed, 30 Mar 2022 04:16:56 +0000
Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
Content-Security-Policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Robots-Tag: noindex, nofollow
X-WebKit-CSP: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Content-Security-Policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';

HEAD
H/1.1 200
OK xprober.php Show response
goandai.com/ 0
182 B 256ms
256ms XHR
text/html 119.28.92.99
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: http://goandai.com/xprober.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: HTTP/1.1
Server: 119.28.92.99 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://goandai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 04:16:56 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 707C 116 KB
40 KB 90ms
42ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: static.oneinstack.com
URL: https://static.oneinstack.com/ad_buttom.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02c6d3a7e94d73c9ffe2a016110646bf39868c0f385f0c8fdfed98fb7b16dcf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40149
x-xss-protection: 0
server: cafe
etag: 1602034025771631778
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 04:16:56 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/ Frame 707C 296 KB
107 KB 54ms
53ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

547919ee0efd074cd4761054eeca5e1833ada783ffaa744aaae29d70192e1b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109245
x-xss-protection: 0
server: cafe
etag: 15801031181269389918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 04:16:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ Frame 707C 107 B
792 B 79ms
33ms Script
application/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=static.oneinstack.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Mar 2022 04:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 707C 107 B
549 B 86ms
33ms Script
application/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=static.oneinstack.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Mar 2022 04:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3618 70 KB
29 KB 395ms
350ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3499594460&adf=3383700283&pi=t.ma~as.9167095357&w=468&lmt=1523883679&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&dt=1648613816737&bpp=16&bdt=145&idt=145&shv=r20220328&mjsv=m202203230101&ptt=5&saldr=sa&correlator=3601238187945&frm=22&ife=1&pv=2&ga_vid=734584294.1648613817&ga_sid=1648613817&ga_hid=259856680&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31065659%2C21065724%2C31065551&oid=2&pvsid=2034268974529101&pem=601&uas=0&nvt=1&top=http%3A%2F%2Fgoandai.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.ylo3agabrgpv&fsb=1&xpc=gHojbB4YDC&p=https%3A//static.oneinstack.com&dtd=161

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f2b98b87b9f34f26b736b67f3821524ab494419e6b3f5a763fc10ae0efa4b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://static.oneinstack.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 30 Mar 2022 04:16:57 GMT
server: cafe
content-length: 28693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Mar 2022 04:16:57 GMT
cache-control: private

GET
H2 200 14401938692949334463
tpc.googlesyndication.com/daca_images/simgad/ Frame 3618 13 KB
14 KB 82ms
24ms Image
image/png 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14401938692949334463

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3499594460&adf=3383700283&pi=t.ma~as.9167095357&w=468&lmt=1523883679&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&dt=1648613816737&bpp=16&bdt=145&idt=145&shv=r20220328&mjsv=m202203230101&ptt=5&saldr=sa&correlator=3601238187945&frm=22&ife=1&pv=2&ga_vid=734584294.1648613817&ga_sid=1648613817&ga_hid=259856680&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31065659%2C21065724%2C31065551&oid=2&pvsid=2034268974529101&pem=601&uas=0&nvt=1&top=http%3A%2F%2Fgoandai.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.ylo3agabrgpv&fsb=1&xpc=gHojbB4YDC&p=https%3A//static.oneinstack.com&dtd=161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c87151ac1e0ba3121994510bfd708572590b8684259f1d5caf1b00991e86861b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 00:12:10 GMT
x-content-type-options: nosniff
age: 273887
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13787
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 05:39:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 Mar 2023 00:12:10 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/ Frame 3618 19 KB
8 KB 76ms
18ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Apr 2022 04:06:54 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame 3618 2 KB
1 KB 77ms
23ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Apr 2022 04:10:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3618 119 KB
37 KB 91ms
34ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96a8e0be24180feea7bb576beda59048a96bdbf1528f0fe3c487ee6888e07782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648494235360460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Mar 2022 04:16:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame 3618 15 KB
6 KB 74ms
21ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Apr 2022 04:08:17 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame 3618 29 KB
12 KB 91ms
38ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ad67d144ec3b03d42d7b919cc1610d4996a298a5826d6b4d4caf1e2cc80f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11953
x-xss-protection: 0
server: cafe
etag: 10221244845210318712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Apr 2022 04:09:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3618 0
0 75ms
47ms Fetch
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwPFpuNlDYqOgO4aJxAPb-Z2ABbeE9d1oxuiXsuwN4afYrNsXEAEg9sGYFWD96KKB8AOgAaTdmosDyAECqAMByAPJBKoE6gFP0A2dGCV2LlCArDlXAF9CYh-FazYJlWl3dl3u1eIvT_IhZ7ypZ92uZ-Qp_tlP9uFBwRGYxU0dY11Kc-7EGSTt2YEux5F1aQ4uuiGJTAQnm3DTvUyAW-XGCFPpYjmSjKu7Egp-gXrd7eSkziWM_ZDnumTc44p0-aseogT2EcXYjRbVqW0rW6PKXXYb53LY_WWvl22vmqEBi2VdYBcrWvwYZDN7AXERQXNVogZ-cCdgoTtBp1ckdleD285_wYTyv76XoKNO0MWDdkiv3d1oqortjSRrndL6VKDQvfdlrxSUxHp_S31yNdRIg5nABKj45p7LA5IFBAgEGAGSBQQIBRgEoAYCgAfEouV0qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQpbQ80ggHCIBhEAEYH4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi00MTU3MTEzMjY2MDAxNzgyGAA&sigh=OP76jOlC7YA&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3499594460&adf=3383700283&pi=t.ma~as.9167095357&w=468&lmt=1523883679&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&dt=1648613816737&bpp=16&bdt=145&idt=145&shv=r20220328&mjsv=m202203230101&ptt=5&saldr=sa&correlator=3601238187945&frm=22&ife=1&pv=2&ga_vid=734584294.1648613817&ga_sid=1648613817&ga_hid=259856680&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31065659%2C21065724%2C31065551&oid=2&pvsid=2034268974529101&pem=601&uas=0&nvt=1&top=http%3A%2F%2Fgoandai.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.ylo3agabrgpv&fsb=1&xpc=gHojbB4YDC&p=https%3A//static.oneinstack.com&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 30 Mar 2022 04:16:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Mar 2022 04:16:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7089 143 B
163 B 21ms
20ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3499594460&adf=3383700283&pi=t.ma~as.9167095357&w=468&lmt=1523883679&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&dt=1648613816737&bpp=16&bdt=145&idt=145&shv=r20220328&mjsv=m202203230101&ptt=5&saldr=sa&correlator=3601238187945&frm=22&ife=1&pv=2&ga_vid=734584294.1648613817&ga_sid=1648613817&ga_hid=259856680&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31065659%2C21065724%2C31065551&oid=2&pvsid=2034268974529101&pem=601&uas=0&nvt=1&top=http%3A%2F%2Fgoandai.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.ylo3agabrgpv&fsb=1&xpc=gHojbB4YDC&p=https%3A//static.oneinstack.com&dtd=161

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Wed, 30 Mar 2022 03:54:55 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7089
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

41ms
40ms

Document
text/html

2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 30 Mar 2022 04:16:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Mar 2022 04:16:57 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 30 Mar 2022 04:16:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3618 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 940bbc0c334888b5fb63d6ee5737d903c26a79076020ceb6c69b8c3d7f69c8f5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 707C 14 KB
10 KB 68ms
41ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220328&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cb0812e74e1d0b9260d2c9998c71dea89a3b061ef41103c4e3652b689fb009b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Mar 2022 04:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10596
x-xss-protection: 0

GET
H3 200 CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js Show response
pagead2.googlesyndication.com/bg/ Frame 4230 35 KB
14 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 00:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13806
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Mar 2023 00:34:19 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 707C 17 KB
6 KB 84ms
56ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Mar 2022 04:16:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F323 13 KB
5 KB 19ms
19ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://static.oneinstack.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Mar 2022 00:16:38 GMT
expires: Thu, 30 Mar 2023 00:16:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 14419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DEFE 783 B
534 B 69ms
40ms Document
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f664ed05e5dc8a49d816af60b62693b372aa6661dfa53fe4dfb17259f234d3dd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eZ/1HRhOyOxSjCfGyYNyvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://static.oneinstack.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 30 Mar 2022 04:16:57 GMT
date: Wed, 30 Mar 2022 04:16:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-eZ/1HRhOyOxSjCfGyYNyvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js Show response
pagead2.googlesyndication.com/bg/ Frame F323 35 KB
14 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 00:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13806
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Mar 2023 00:34:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DEFE 0
0 54ms
54ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220328&jk=2034268974529101&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F323 0
9 B 19ms
19ms Image
text/plain 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?aIe56Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:16:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 707C 0
0 64ms
64ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220328&jk=2034268974529101&bg=!-Pul-7_NAAbzJazn0yU7ACkAdvg8Wr7sy4trJEzAwsTX3zcx8yJ10quT3k7rjAux9AJhhhElOkAGlAIAAABhUgAAAARoAQcKABBrrT8lK9JB_EVqS8nd0SyEmQMOLWegsQvHheq9K5NkVu5cjwW2TB5EapMfMH6JVaBD6CLcgbPoUP6s_35x7Bw0NITwGYQpUihnZWNeZb1LHevMkBi3ryjtnjoFjcI5PxV_HeljKCMEf_j1t0Ztf1BlRs7czlpbse18HYch1ekMkBaCgTDpIqC20A7c9EYr7rPcS4xHv6e7PorjgpVdV1C25D_4AqLo9-bPLbedtA4q5b6fMq-CbYYWBxGxOxXxbXRF8fzzrKOl4davRLv7wsEdm32ZC3W3LXjlau1pf0ASJxGYXsVZ1mDUzPM5xq2zzRm_ZOYyWIkJ72r7juZBC6cyHE6Y3JnHXcYai99VsfEcYgIGhJSBuY0CaIV8raxKzfcoGowOhN8kWWVZxEwpuh-26X4bLUFu7D0jSzFNtNPvs8M5KtauhfH6lX0KLv2d39n3T-vn5z9wDhg8fe8orhf7-72Xv1DLgppmhQsmyknnCTNWh227EReqGg28f1oXJUKTt833l0iMncW1naLy1v0yf6mPUQO5-4cjnJGZuQ_z8aR7RSFlpDnih6OnBZ_I_KJRnq4QBsXY2LkuzAWvvdwnTxoE48lgAu-6xVQMuSfosGh02NEOmFHKJte8LRYZOqwJmredHo3RIhc4VBtjz6Z5neSc5wmRyP5xEvowXZDuNKCLNM59Gziw2R58amRdRNHbonGCu7uS1BJdIEh6wMbNOCR95dmtXzv4ziyiAT_JcKbUNFat7jqFf-ISkJSYoYzXNyS3alYWkqFkfMRWbWYFRNVrdt1jPioLoxlJb57bSHJexLW1ZqcKdfoJdm6koLyOReDv7K5458TJXm_gJlOIkTGK7WBsTLoMdZphXNfq_-HdDxW3_NW7qT_GkWSqSLZOUcjc3WhlPiav6uZo_KYuW6SmWqIG7e0LSm6nGdtvlaAjyJk9zuqddb8OTyW_MOphmGJVso2NLByJLzA4LvSW83vUnlrssXqHkpGhbpJ9bjkFUkzZpKZqJq49wBO3mojS9DVYirre-laYH491mEp7u0IM92SrT-R8k3ZB9YJ3KWY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3618 42 B
64 B 39ms
39ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFIIGwKVRsJJsYc_RriLbt-hf8egM--r9lGvjcCx8cIn3dMow5tR0xDVjnP2FnT69_M4eZwVjSMrWVrlM8fIu5EUigl4ZVAhFBZo4-amD5f9WUSEY&sai=AMfl-YTpnrhldFZk_wYglis4mKd39wVmg1outOkck5jBuR6vbJLXT_J-dmEDR_c3ZlPPRt0XKRDhZLTp5x-Y&sig=Cg0ArKJSzKWKNM1TyGpvEAE&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220328&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3499594460&rs=2&la=0&cr=0&vs=4&r=v&rst=1648613816899&rpt=555&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 04:16:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
goandai.com/phpMyAdmin/	1970-01-20 02:40:05	Name: pma_lang Value: en
goandai.com/phpMyAdmin/	1969-12-31 23:59:59	Name: phpMyAdmin Value: 659ren8t7oels72c63615c8b37
.doubleclick.net/	1970-01-20 19:28:05	Name: IDE Value: AHWqTUk4BBnGOhG8tyIwCYRPPFwmeekG3vs35KjVC_wiMRxNXIr4bKjpRywEAMppf0o
.doubleclick.net/	1970-01-20 01:56:57	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
goandai.com
googleads.g.doubleclick.net
img.shields.io
pagead2.googlesyndication.com
static.oneinstack.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
119.28.92.99
2606:4700:3034::ac43:813c
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::2004
2607:f8b0:4006:81c::2001
2607:f8b0:4006:821::2002
69.28.62.189
02c6d3a7e94d73c9ffe2a016110646bf39868c0f385f0c8fdfed98fb7b16dcf4
048d9db1f6bcea86a022f30105476a29c834e36d5db7d80ec0997d23a79d88f8
0525101fcb390c1123b8d0daa61d102e707b47265a290034373fb7a5b4c3682d
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
0f2b98b87b9f34f26b736b67f3821524ab494419e6b3f5a763fc10ae0efa4b45
15429fda410aa94d83547553f34aa039bdd8cd0964df85407559c57f08cfbfef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c81898c45b041eb43a884c1f889a1bc10138c1aff770c1be03fbd484507e36a
2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5
48a54e33ffed8a0e81c2d58abc7005c843f2601df0fe9c9c609a8ddf9086222e
4cb0812e74e1d0b9260d2c9998c71dea89a3b061ef41103c4e3652b689fb009b
547919ee0efd074cd4761054eeca5e1833ada783ffaa744aaae29d70192e1b7a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
692ec8633092cda8b29b25012a5c7c6a6cb73159f12bd1600e6491dd1e088a56
7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea
940bbc0c334888b5fb63d6ee5737d903c26a79076020ceb6c69b8c3d7f69c8f5
96a8e0be24180feea7bb576beda59048a96bdbf1528f0fe3c487ee6888e07782
a40a4c5bf8ed253cf6dc10dc566f14b8addb2fcbdfb7bd0f2f569037be50f305
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b2bdfcebb08f589965cf48f959c9bac00de449bde43863c35f29bf19e8ac3b91
bac67254d743ffbeda02aa60a2508bc3990f4c93111c2911bcc165249fe6b8e2
c84aa672e4c9a685cd04c50283270bf44a1a70d2cd0a16ff15d568fcca7a4666
c87151ac1e0ba3121994510bfd708572590b8684259f1d5caf1b00991e86861b
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ad67d144ec3b03d42d7b919cc1610d4996a298a5826d6b4d4caf1e2cc80f24
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f
f664ed05e5dc8a49d816af60b62693b372aa6661dfa53fe4dfb17259f234d3dd
f8ee909e2d4c114b0b251ad90903b8b68ec6c1d28b2b731e30b507b399e872f2

goandai.com Open in urlscan Pro 119.28.92.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

42 Requests

88 %HTTPS

78 %IPv6

8 Domains

10 Subdomains

10 IPs

2 Countries

1771 kBTransfer

2512 kBSize

4 Cookies

15 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

goandai.com Open in urlscan Pro
119.28.92.99 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

88 %
HTTPS

78 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

1771 kB
Transfer

2512 kB
Size

4
Cookies

42 HTTP transactions
1 data transactions