en.dotaavalike.shop Open in urlscan Pro
2606:4700:3035::ac43:d763 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://en.dotaavalike.shop/
Submission: On February 17 via api (February 17th 2024, 12:45:46 pm UTC) from US — Scanned from US

Summary HTTP 41 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3035::ac43:d763, located in United States and belongs to CLOUDFLARENET, US. The main domain is en.dotaavalike.shop.
TLS certificate: Issued by E1 on February 15th 2024. Valid for: 3 months.

This is the only time en.dotaavalike.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3035::ac43:d763	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	1.194.250.6 1.194.250.6	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
10	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1 5	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.65.227 142.250.65.227	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:821::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
41	9

5 2606:4700:3035::ac43:d763 (United States)

ASN13335 (CLOUDFLARENET, US)

en.dotaavalike.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 1.194.250.6 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
PTR: 194.1.broad.ha.dynamic.163data.com.cn

static.oneinstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80c::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f3.1e100.net

p4-fslrscvvpzgzc-slfstgx6yu2sm2yk-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	362 KB
9	oneinstack.com static.oneinstack.com	1 MB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	44 KB
5	dotaavalike.shop en.dotaavalike.shop	6 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	gstatic.com p4-fslrscvvpzgzc-slfstgx6yu2sm2yk-if-v6exp3-v4.metric.gstatic.com	3 KB
41	7

	Domain	Requested by
10	pagead2.googlesyndication.com	static.oneinstack.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	static.oneinstack.com	en.dotaavalike.shop
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
5	en.dotaavalike.shop	static.oneinstack.com
2	www.googleadservices.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	p4-fslrscvvpzgzc-slfstgx6yu2sm2yk-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-fslrscvvpzgzc-slfstgx6yu2sm2yk-if-v6exp3-v4.metric.gstatic.com
41	8

This site contains links to these domains. Also see Links.

Domain
lempstack.com
oneinstack.com
linuxeye.com
www.alibabacloud.com
filezilla-project.org
docs.aws.amazon.com
docs.microsoft.com
t.me

Subject Issuer	Validity	Valid
dotaavalike.shop E1	`2024-02-15` - `2024-05-15`	3 months	crt.sh
static.oneinstack.com Encryption Everywhere DV TLS CA - G1	`2023-05-03` - `2024-05-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://en.dotaavalike.shop/
Frame ID: 2E537141BA2278EB3C4EDDDFA87F23B2
Requests: 13 HTTP requests in this frame

Frame: https://static.oneinstack.com/ad_buttom.html
Frame ID: 385458542647E7176D25A8CB4A811BAF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: 3C1A16BE410D5F1FF54870766E3C41C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708173940499&bpp=99&bdt=89&idt=1323&shv=r20240215&mjsv=m202402140101&ptt=5&saldr=sd&correlator=2356232850567&frm=22&ife=1&pv=2&ga_vid=95364658.1708173942&ga_sid=1708173942&ga_hid=1799105183&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C95323741%2C95324581%2C95325068%2C31081233%2C95322195%2C95324155%2C95324161%2C31081234&oid=2&pvsid=1388330515633226&tmod=1523845797&uas=0&nvt=1&top=https%3A%2F%2Fen.dotaavalike.shop%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7hziksbkie0h&fsb=1&dtd=1348
Frame ID: 11558FDE26375D886F984F8911438EA8
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9A586321CEB0E34DF968E6D6214288D9
Requests: 2 HTTP requests in this frame

Frame: https://p4-fslrscvvpzgzc-slfstgx6yu2sm2yk-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: D0DD10F2C06B0A36B8FA634850653329
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js
Frame ID: 2EF951AD4633CDC96E70D64A69B626BC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AD015B8597334FD68A14FA460852E19A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3ECF9CC8328E1C1DF76BEC0D046EF7C1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to use OneinStack

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

41
Requests

98 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

1559 kB
Transfer

2543 kB
Size

5
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://lempstack.com/
Title: OneinStack

Search URL Search Domain Scan URL

URL: https://lempstack.com/install/
Title: Install & Docs

Search URL Search Domain Scan URL

URL: https://lempstack.com/faq/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://lempstack.com/changelog/
Title: ChangeLog

Search URL Search Domain Scan URL

URL: https://oneinstack.com/
Title: OneinStack

Search URL Search Domain Scan URL

URL: https://linuxeye.com/
Title: Linux

Search URL Search Domain Scan URL

URL: https://www.alibabacloud.com/help/faq-detail/35854.htm
Title: BROWSE DOCS

Search URL Search Domain Scan URL

URL: https://filezilla-project.org/download.php
Title: Download address

Search URL Search Domain Scan URL

URL: https://lempstack.com/question/display-default-mysql-root-password/
Title: Display default MySQL root password

Search URL Search Domain Scan URL

URL: https://lempstack.com/question/how-to-setup-a-remote-mysql-connection/
Title: How to setup a remote MySQL connection?

Search URL Search Domain Scan URL

URL: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html
Title: AWS Security groups

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/azure/virtual-network/security-overview
Title: Azure Security groups

Search URL Search Domain Scan URL

URL: https://www.alibabacloud.com/help/doc-detail/58746.htm
Title: Alibabacloud Security group

Search URL Search Domain Scan URL

URL: https://t.me/oneinstack
Title: t.me/oneinstack

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 29

https://googleads.g.doubleclick.net/pagead/adview?ai=CRJ7ZdarQZabCN5rX6tkPxOWegATh2o_1dbacv97-EbaQHxABIPbBmBVgycapi8Ck2A-gAffim7QoyAECqAMByAPJBKoElQJP0AbpLygbv0iwfS8apYfFWZCs2UvqV9ym4wZJ3SnUBEDOcYpOvSXRh7e6GrXWpLk0OuuKn0x85bJsKGZTT0iYNi3UUdQ8jscng1HdIY0QuiSpzWtxCwyqn--4Gt9jPYI8likSjvVYaJKlnzqkkVedlaRkJpg-CGjeuhdiyVpgilvHm4hxNcwk1rBDEv2gd5Wb3thpSqJPX57teO762I67vpQKOOb0j_XTQGZRpgbAfbpsf5GWXoXaMBpP7fZ5Khb_j6sFJgLK3biMLAu835oaPZ6koqR1xQy7xRCU_khN9phhG-rZEyT9Tw7MKqLbX53i7Z63K3wPAfxVJ-cN95kvwwLsdsJaDGPCZLBHkaczDiKSr3eXwATh9_fhgQSIBZeb65FDkgUECAQYAZIFBAgFGASgBgKAB_ea7JMDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwHyBwQQzaRE0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WKnYlOizsoQDmglEaHR0cHM6Ly9mcmVlLndlYmNvbXBhbmlvbi5jb20vbWluaW1lLz9idG49c3RhcnQmY2FtcGFpZ249MTgwMjI1ODM3MDOACgHICwHaDBEKCxCAn7Ltw_Kj_OoBEgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi00MTU3MTEzMjY2MDAxNzgyGAA&sigh=T6Crm-NWFyo&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_oLqr_iKqeosZG-cBK2epElUp7uphkHADF2epoQyAH9prhNcvtA4PKSaSZFa0CuLpvCHH8XbTcepM9Atxd_npsIIHp2iWpXKBiSsYAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd1604f187b80a4470000000000000000%22,%222%22:%220x1bfebacbd10c4c140000000000000000%22,%223%22:%220x72944f5003487cec0000000000000000%22,%224%22:%220x9779589bbd7db9d80000000000000000%22,%225%22:%220x60272ad265cf56ef0000000000000000%22},%22debug_key%22:%2213430703741957397083%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227898460136236519985%22}&andc=true

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
en.dotaavalike.shop/ 16 KB
4 KB 308ms
257ms Document
text/html 2606:4700:3035::ac43:d763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.dotaavalike.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc51f006228bcd7055417eb4adeec52553940ee227ee1b5af9a57ab8af88c64e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 856e20e90dfdc427-EWR
content-encoding: br
content-type: text/html
date: Sat, 17 Feb 2024 12:45:38 GMT
last-modified: Fri, 27 Oct 2023 08:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qP5Pbq7uyojNgTYRj3YFmDalxsZm2nfATTcTz9V6nwy6J7PSKj9K3FwXHr0YdurM%2FMYd74F65zirCIHJRXcY3uVqHu%2FMZrHFjoMcfwa4UiAuVJZ01XcprGE7xZIVK%2Bgu1iOxW8L7vuECCtFLU1PicRPG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK ois.css
static.oneinstack.com/assets/ 139 KB
22 KB 2081ms
286ms Stylesheet
text/css 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.oneinstack.com/assets/ois.css

Requested by

Host: en.dotaavalike.shop
URL: https://en.dotaavalike.shop/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.dotaavalike.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 10:22:27 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Age: 2082193
x-link-via: xxct03:443;lismp12:443;
X-Cache-Status: HIT from KS-CLOUD-LIS-MP-12-35, HIT from KS-CLOUD-XX-CT-03-07
Connection: keep-alive
Content-Length: 21572
Last-Modified: Thu, 17 Aug 2023 03:45:47 GMT
Server: nginx
ETag: W/"64dd97eb-22ce3"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
X-Cdn-Request-ID: 11213f4414bc3d76c30922a2bcde7676
Expires: Fri, 23 Feb 2024 10:22:27 GMT

GET
H/1.1 200
OK vhost.png
static.oneinstack.com/images/ 379 KB
380 KB 2109ms
303ms Image
image/png 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/vhost.png

Requested by

Host: en.dotaavalike.shop
URL: https://en.dotaavalike.shop/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

84c830ca02a2494c46380db44abafa1fac571b0d80123941439597adc285f513

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.dotaavalike.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 10:22:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:53 GMT
Server: nginx
Age: 2082194
x-link-via: xxct03:443;ldmp12:443;
ETag: "64dd97f1-5ece5"
X-Cache-Status: HIT from KS-CLOUD-LD-MP-12-18, HIT from KS-CLOUD-XX-CT-03-19
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: f461076b10092bd72f616da9e0792470
Content-Length: 388325
Expires: Fri, 23 Feb 2024 10:22:26 GMT

GET
H/1.1 200
OK vhost_del.png
static.oneinstack.com/images/ 47 KB
48 KB 2372ms
283ms Image
image/png 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/vhost_del.png

Requested by

Host: en.dotaavalike.shop
URL: https://en.dotaavalike.shop/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

49f92e9795d87035ec87b7f6e1fac330ae32968e38c6d0d4686a4f556d269bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.dotaavalike.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 13:47:27 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:53 GMT
Server: nginx
Age: 2242693
x-link-via: xxct03:443;whmp01:443;
ETag: "64dd97f1-bd02"
X-Cache-Status: HIT from KS-CLOUD-WH-MP-01-02, HIT from KS-CLOUD-XX-CT-03-22
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: 2edd1bb695aa0797e18e97c8d663ed22
Content-Length: 48386
Expires: Wed, 21 Feb 2024 13:47:27 GMT

GET
H/1.1 200
OK pureftpd.png
static.oneinstack.com/images/ 131 KB
132 KB 2366ms
307ms Image
image/png 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/pureftpd.png

Requested by

Host: en.dotaavalike.shop
URL: https://en.dotaavalike.shop/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

b723df4db73313a01f5e2f807c069567c1a1942001ba97fd90c8a01aad18ba02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.dotaavalike.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 10:22:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:52 GMT
Server: nginx
Age: 2082194
x-link-via: xxct03:443;lymp01:443;
ETag: "64dd97f0-20c9f"
X-Cache-Status: HIT from KS-CLOUD-LY-MP-01-25, HIT from KS-CLOUD-XX-CT-03-27
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: 7d3d528515a9c27eb593cb42a9e42353
Content-Length: 134303
Expires: Fri, 23 Feb 2024 10:22:26 GMT

GET
H/1.1 200
OK backup_setup.png
static.oneinstack.com/images/ 118 KB
119 KB 2090ms
285ms Image
image/png 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/backup_setup.png

Requested by

Host: en.dotaavalike.shop
URL: https://en.dotaavalike.shop/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

434de1f778f8606a5bbaca450e1a3c52489871a58c94f27ab3f91f4206dc9340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.dotaavalike.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 10:22:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:48 GMT
Server: nginx
Age: 2082194
x-link-via: xxct03:443;whmp01:443;
ETag: "64dd97ec-1d97f"
X-Cache-Status: HIT from KS-CLOUD-WH-MP-01-12, HIT from KS-CLOUD-XX-CT-03-08
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: a11b1f148df71849aabef705620fd9a7
Content-Length: 121215
Expires: Fri, 23 Feb 2024 10:22:26 GMT

GET
H/1.1 200
OK upgrade.png
static.oneinstack.com/images/ 145 KB
146 KB 2113ms
299ms Image
image/png 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/upgrade.png

Requested by

Host: en.dotaavalike.shop
URL: https://en.dotaavalike.shop/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

2531d3aa1e0ad4b47128bd65ebef65024ed7d3b4c38c3960d715266adde3a919

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.dotaavalike.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 10:22:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:52 GMT
Server: nginx
Age: 2082194
x-link-via: xxct03:443;jnmp22:443;
ETag: "64dd97f0-24505"
X-Cache-Status: HIT from KS-CLOUD-JN-MP-22-08, HIT from KS-CLOUD-XX-CT-03-22
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: ee36be5021badc1dda41eb789474b3c6
Content-Length: 148741
Expires: Fri, 23 Feb 2024 10:22:26 GMT

GET
H/1.1 200
OK uninstall.png
static.oneinstack.com/images/ 234 KB
235 KB 288ms
288ms Image
image/png 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.oneinstack.com/images/uninstall.png

Requested by

Host: en.dotaavalike.shop
URL: https://en.dotaavalike.shop/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

9ad7d8b0735087d6c9840b8bf3874a59c1360324284a2a193ca5913aae7b6195

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.dotaavalike.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 10:22:27 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Thu, 17 Aug 2023 03:45:52 GMT
Server: nginx
Age: 2082193
x-link-via: xxct03:443;jnmp13:443;
ETag: "64dd97f0-3a9a8"
X-Cache-Status: HIT from KS-CLOUD-JN-MP-13-18, HIT from KS-CLOUD-XX-CT-03-25
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
X-Cdn-Request-ID: 87c9d895983ac90efe160e0348cc7ce5
Content-Length: 240040
Expires: Fri, 23 Feb 2024 10:22:27 GMT

GET
H/1.1 200
OK ois20190114.js Show response
static.oneinstack.com/assets/ 203 KB
61 KB 2067ms
286ms Script
application/javascript 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.oneinstack.com/assets/ois20190114.js

Requested by

Host: en.dotaavalike.shop
URL: https://en.dotaavalike.shop/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.dotaavalike.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 00:09:09 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Age: 2032591
x-link-via: xxct03:443;lismp12:443;
X-Cache-Status: HIT from KS-CLOUD-LIS-MP-12-04, HIT from KS-CLOUD-XX-CT-03-20
Connection: keep-alive
Content-Length: 62047
Last-Modified: Thu, 17 Aug 2023 03:45:47 GMT
Server: nginx
ETag: W/"64dd97eb-32de6"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
X-Cdn-Request-ID: b88d34af317a6c349f13c1af962b9699
Expires: Sat, 24 Feb 2024 00:09:09 GMT

GET
H/1.1 200
OK ad_buttom.html Show response
static.oneinstack.com/ Frame 3854 629 B
964 B 2054ms
263ms Document
text/html 1.194.250.6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.oneinstack.com/ad_buttom.html

Requested by

Host: en.dotaavalike.shop
URL: https://en.dotaavalike.shop/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

1.194.250.6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

194.1.broad.ha.dynamic.163data.com.cn

Software

nginx /

Resource Hash

7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://en.dotaavalike.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 1546476
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 403
Content-Type: text/html
Date: Tue, 30 Jan 2024 15:11:04 GMT
ETag: W/"64dd97eb-275"
Expires: Thu, 29 Feb 2024 15:11:04 GMT
Last-Modified: Thu, 17 Aug 2023 03:45:47 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding
X-Cache-Status: HIT from KS-CLOUD-NT-MP-01-30 HIT from KS-CLOUD-XX-CT-03-21
X-Cdn-Request-ID: 095e96b31dbc852cc6a9f025b92a1ea8
x-link-via: xxct03:443;ntmp01:443;

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3854 25 KB
11 KB 74ms
43ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: static.oneinstack.com
URL: https://static.oneinstack.com/ad_buttom.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c76252a83237f3df2ac5ad685f280e9a56f77b887f5d24797996b7df576f8dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10519
x-xss-protection: 0
server: cafe
etag: 1045725358741618485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 12:45:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3854 147 KB
50 KB 62ms
61ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46790e2b174a89d317217a9c2486852dba1a7d34646f3242641b0e293e8a5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51191
x-xss-protection: 0
server: cafe
etag: 3523836239656822758
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 17 Feb 2024 12:45:40 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/ Frame 3854 407 KB
138 KB 126ms
125ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

457a5873b70b931e7f81b9e6e041f7986a2434ba3c981e4863f32141dce07b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141226
x-xss-protection: 0
server: cafe
etag: 8391407713313268496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 12:45:40 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame 3C1A 9 KB
5 KB 28ms
4ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 53055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 22:01:25 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 22:01:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H2 200 phpinfo.php Show response
en.dotaavalike.shop/ 0
305 B 134ms
132ms XHR
text/html 2606:4700:3035::ac43:d763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.dotaavalike.shop/phpinfo.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.dotaavalike.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:45:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIC%2FNtQjlwlBVxPyUm56%2FS7MOC0PSHyNAr2hvdFExubnXNrO47DVIKh8TsUoAPBXeT0ImNvvxsco65x4BULO1AqlxisOsTOdTrX3J3HhEpTdy%2F4mFk5OXAmNzBaNsjNj49NookVjY0p3Tmvz1GAI2gZt"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 856e20f9a9a1c427-EWR
alt-svc: h3=":443"; ma=86400

HEAD
H2 200 ocp.php Show response
en.dotaavalike.shop/ 0
289 B 331ms
331ms XHR
text/html 2606:4700:3035::ac43:d763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.dotaavalike.shop/ocp.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.dotaavalike.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:45:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oomJvvV0SenO6ND8ULVu3l%2FKcfGU2W6kT62MkQy2S%2FVv43ggcTZsGLi3NuG39zXMz8g8IqaEUeG%2FCQyzz15Nog5FyxJP2YM3LP2A1%2FUXlmUm8BV%2FmdbJIyDNQc1eKmtdFaY2Ja0Lc7rjg0MQG%2F7PgNKW"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 856e20fa8a10c427-EWR
alt-svc: h3=":443"; ma=86400

HEAD
H2 200 index.php Show response
en.dotaavalike.shop/phpMyAdmin/ 0
1 KB 236ms
236ms XHR
text/html 2606:4700:3035::ac43:d763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://en.dotaavalike.shop/phpMyAdmin/index.php

Requested by

Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:d763 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Content-Security-Policy	default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.dotaavalike.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
date: Sat, 17 Feb 2024 12:45:41 GMT
content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-ob_mode: 1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Sat, 17 Feb 2024 12:45:41 +0000
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/html; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FS5uLxt3PLBNuBTgsyVMIBEiTErrkMuGLg7i3r%2BnCaDW5PbRQLq7FSJfIlISXjQiIjznbwVk5T6OxZuoIJvudAH6R9jErD08DTqPZGPHqRsjXdidhhf1w7n5N5hWHtTiMLowGgG2%2F97Utz5CZ0TkBleT"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
x-robots-tag: noindex, nofollow
cf-ray: 856e20fc9b9dc427-EWR
x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none';
expires: Sat, 17 Feb 2024 12:45:41 +0000

HEAD
H3 200 xprober.php Show response
en.dotaavalike.shop/ 0
463 B 356ms
356ms XHR
text/html 2606:4700:3035::ac43:d763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.dotaavalike.shop/xprober.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://en.dotaavalike.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:45:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRPnaHkt%2BFlEnO2QDdPRD7CS6l8FuXdz2riX%2BsBysrkhT9HwmfGdiNsUYVTe7ONFXOLM2aoD52qn%2Bk3xpYZXQPptn%2FQMBzhy4uTLMLMQVmTMtdEp9cbcoNi2qBBoMQVdPuzyUwfd19yLVRHVNYRDXZ8%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 856e20fe18c97d0c-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1155 102 KB
39 KB 414ms
411ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708173940499&bpp=99&bdt=89&idt=1323&shv=r20240215&mjsv=m202402140101&ptt=5&saldr=sd&correlator=2356232850567&frm=22&ife=1&pv=2&ga_vid=95364658.1708173942&ga_sid=1708173942&ga_hid=1799105183&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C95323741%2C95324581%2C95325068%2C31081233%2C95322195%2C95324155%2C95324161%2C31081234&oid=2&pvsid=1388330515633226&tmod=1523845797&uas=0&nvt=1&top=https%3A%2F%2Fen.dotaavalike.shop%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7hziksbkie0h&fsb=1&dtd=1348

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c46868f62dc362f59277f47bbf4cf96aaee21d50781a55378a69869e89c6316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39557
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 12:45:42 GMT
expires: Sat, 17 Feb 2024 12:45:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6037295749612901032
tpc.googlesyndication.com/daca_images/simgad/ Frame 1155 11 KB
11 KB 51ms
17ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6037295749612901032

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708173940499&bpp=99&bdt=89&idt=1323&shv=r20240215&mjsv=m202402140101&ptt=5&saldr=sd&correlator=2356232850567&frm=22&ife=1&pv=2&ga_vid=95364658.1708173942&ga_sid=1708173942&ga_hid=1799105183&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C95323741%2C95324581%2C95325068%2C31081233%2C95322195%2C95324155%2C95324161%2C31081234&oid=2&pvsid=1388330515633226&tmod=1523845797&uas=0&nvt=1&top=https%3A%2F%2Fen.dotaavalike.shop%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7hziksbkie0h&fsb=1&dtd=1348

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62dc9d76b5d861c7b7ffcb74620def984288966d08bf6ad0fb80ce72900644f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 21:03:52 GMT
date: Thu, 15 Feb 2024 21:03:52 GMT
x-content-type-options: nosniff
age: 142910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11281
x-xss-protection: 0
last-modified: Sat, 05 Nov 2022 17:14:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 1155 23 KB
9 KB 45ms
11ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:24:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A58 143 B
166 B 9ms
7ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3616527039&adf=3279755397&pi=t.ma~as.9167095357&w=468&fwrn=16&lmt=1692243947&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708173940499&bpp=99&bdt=89&idt=1323&shv=r20240215&mjsv=m202402140101&ptt=5&saldr=sd&correlator=2356232850567&frm=22&ife=1&pv=2&ga_vid=95364658.1708173942&ga_sid=1708173942&ga_hid=1799105183&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C95323741%2C95324581%2C95325068%2C31081233%2C95322195%2C95324155%2C95324161%2C31081234&oid=2&pvsid=1388330515633226&tmod=1523845797&uas=0&nvt=1&top=https%3A%2F%2Fen.dotaavalike.shop%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7hziksbkie0h&fsb=1&dtd=1348
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 12:26:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-fslrscvvpzgzc-slfstgx6yu2sm2yk-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame D0DD 247 B
868 B 63ms
17ms Document
text/html 142.250.65.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fslrscvvpzgzc-slfstgx6yu2sm2yk-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

sffe /

Resource Hash

99be6b0383c19c2d288561960846e2aa78ef734529e992be66291e7786640eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 203
content-security-policy-report-only: script-src 'nonce-cv1BAIQegMmwTjVHQCGkrw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 12:45:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 1155 3 KB
1 KB 48ms
16ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:24:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 1155 20 KB
8 KB 42ms
10ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 12:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85761
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:56:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1155 204 KB
61 KB 9ms
8ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 13:06:29 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 1155 36 KB
14 KB 43ms
11ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:59:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14610
x-xss-protection: 0
server: cafe
etag: 17234995959194474601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:59:15 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A58
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
39ms

Document
text/html

2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 12:45:42 GMT
expires: Sat, 17 Feb 2024 12:45:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 12:45:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1155 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c09b4b12c944728d294c4a636823bf248f556b4b0814944ce888e47b407ceb32

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iframe.html Show response
p4-fslrscvvpzgzc-slfstgx6yu2sm2yk-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame D0DD 5 KB
2 KB 24ms
23ms Document
text/html 142.250.65.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fslrscvvpzgzc-slfstgx6yu2sm2yk-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-fslrscvvpzgzc-slfstgx6yu2sm2yk-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-fslrscvvpzgzc-slfstgx6yu2sm2yk-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

sffe /

Resource Hash

97841eecbf9e465f94eb3e1e56354bb09d7533844851264eab8a0a699713d721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-fslrscvvpzgzc-slfstgx6yu2sm2yk-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1985
content-security-policy-report-only: script-src 'nonce-L6pbKaHs2FcF8v4izFA4Wg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 12:45:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1155
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CRJ7ZdarQZabCN5rX6tkPxOWegATh2o_1dbacv97-EbaQHxABIPbBmBVgycapi8Ck2A-gAffim7QoyAECqAMByAPJBKoElQJP0AbpLygbv0iwfS8apYfFWZCs2UvqV9ym4wZJ3SnUBEDOcYp...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd1604f187b80a4470000000000000000%22,%222%22:%220x1bfebacbd10c4c140000000000000000%22,%223%22:%220x72944f...

0
0

92ms
69ms

Fetch
text/css

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd1604f187b80a4470000000000000000%22,%222%22:%220x1bfebacbd10c4c140000000000000000%22,%223%22:%220x72944f5003487cec0000000000000000%22,%224%22:%220x9779589bbd7db9d80000000000000000%22,%225%22:%220x60272ad265cf56ef0000000000000000%22},%22debug_key%22:%2213430703741957397083%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2202-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227898460136236519985%22}&andc=true

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:45:42 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xd1604f187b80a4470000000000000000","2":"0x1bfebacbd10c4c140000000000000000","3":"0x72944f5003487cec0000000000000000","4":"0x9779589bbd7db9d80000000000000000","5":"0x60272ad265cf56ef0000000000000000"},"debug_key":"13430703741957397083","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"7898460136236519985"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 12:45:42 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 12:45:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd1604f187b80a4470000000000000000","2":"0x1bfebacbd10c4c140000000000000000","3":"0x72944f5003487cec0000000000000000","4":"0x9779589bbd7db9d80000000000000000","5":"0x60272ad265cf56ef0000000000000000"},"debug_key":"13430703741957397083","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["02-17"],"6":["true"]},"priority":"500","source_event_id":"7898460136236519985"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3854 16 KB
12 KB 70ms
49ms XHR
application/json 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f58d4658f77f3a59b3b0f05587d385469c39382714ffaaf496d8b126f7c9f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12296
x-xss-protection: 0

GET
H3 200 QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2EF9 51 KB
19 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QstulBizhGM5c3is5Pv1751YgUyWw_Eh0Z52b5kyfiU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cb6e9418b38463397378ace4fbf5ef9d58814c96c3f121d19e766f99327e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19784
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 13:16:11 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 127ms
70ms Preflight
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 12:45:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3854 17 KB
7 KB 49ms
49ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 12:45:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AD01 13 KB
5 KB 11ms
10ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 146306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 20:07:16 GMT
expires: Fri, 14 Feb 2025 20:07:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3ECF 829 B
998 B 34ms
32ms Document
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6492c8fc0623196f4cdde319e1b8117e8d9c9c87e2dcd40f45c37a549f8ad427

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yHvOveaGgBwuiY6Khg-3TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-yHvOveaGgBwuiY6Khg-3TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 12:45:42 GMT
expires: Sat, 17 Feb 2024 12:45:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame AD01 39 KB
15 KB 11ms
11ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 21:23:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3ECF 0
0 67ms
67ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=1388330515633226&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AD01 0
10 B 14ms
13ms Image
text/plain 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LxF4VA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 12:45:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3854 0
0 76ms
75ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=1388330515633226&bg=!ICOlI2zNAAZN4L4YbeA7ADQBe5WfOKAd-BEmouSUwwFZYOrLWYoN97kPmhtkRyh6OBvdEIyGOd-Of_TOUlKxhDR7MdxoAgAAAFFSAAAAA2gBB5kC2uvl-lI1ph4qDdn80uVEKl0T8R1uXgGe8N8oEREXsfMV2-i9bzY5XRFS6PcUixuzMneYT3JfGXMcPrJ6CIJeuQnoILX2NHIeCprrtiCZUAwBDderEwzMfBzUppIJhpwUa6CDvgmNh0nVXr-ee05SXhhcBhefIvDh5fR7Ug-chVxs5SXZtoemBb-1N-So4Sl9DQsY1un9o09pPzBdkwN-pYRrgZU_gPmWn7F-vg0N4Gsfrxa6CzZeP8YxucTHR-I50UVpg0HLTGoW3V153S6RTurDdN91r8ZD5SKuqfXLfzrWDzhrmAMllWMrP3RlS26eQq6582TYdReqAdejKnfX7CaMtoBCDdYCKOHtHp-j92ohtJ1BGUj_0sESQy911ApDYxTFLYqr0FyauFZNvaSJ8iMkz5Exp_hc5CRK12_-lDWXlcustSopJayZJW31pM8wyD-kBilZCd3yTUEGHnrBVrSGDvztpFIA1Dmo5tw5TeUcJJVR0QTpgI0ieJthmiZWob-gAOEhno3q05x6Oy9DtGlpEpHjbQZnMRyFkLAhnHvDrWIVXxo4toC5Tj7kDZREiWyYsfuwkHujqLkXxVmNU661UGhwSzNgZkevDqBXVWvCKiCxx4jLWwd2TorprHgXeqE5jwrKtyHPeGp1AnwH4TMtfQ2uCyTT11CwzF1JyrCl4FnSwR6o01ETJ5alrV1QNCW3wiHytwGdyTPVLe5GVMIhP-KR1wC7EFzCWN67907tQnKEi5ao_ODLxUZ_s4puXNjW4QEoED7jh_WcFsDAocjHeqnb8bKDqyq2bbP3yGhle9d938Ioq_zk6GSjFvgslZIiRn-KmdkXWz6wBwqjhuEGNpsjbZBQRNJNP0tImI6tcN_z07tUb5rW_QOAlH6fnhZCKt_ghA-wUSs--fKyXAFqr2xnBimnR5TfhnZJLU6kSt8f5wEztQ2W7B3jydaJh1VsLaf8534jpNY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1155 42 B
64 B 74ms
73ms Fetch
image/gif 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYQzAagiZDU7Skbmx-mCbxQ5L-hPMqqCxEbW3NXROVXv8H0RNtsNFBjU03iWVzvrILDZ37U4e6dUNm9grkrk-med-agTeHuwOTrBJiFJqNnSmMfISsTsFoMbLoj6Z8G2rtIR5MuHnHnb1pa0Iup37XZbs1KT-demM&sai=AMfl-YQ0kyb2on-sauWfldJprraBsygqoZgxQqDhW_bCAmvfa8Olq6V5uzMHFyUd602kVlh0oNb9q7stAMXlkTF2voUY4NU2epVnl_5w-Ic35bNZJhzmnSeFUgBoLLHTcPxFugFL-5yMvebxtFX3hjQ2Qw&sig=Cg0ArKJSzFhKuaR8CZmwEAE&cid=CAQSTwAvHhf_oLqr_iKqeosZG-cBK2epElUp7uphkHADF2epoQyAH9prhNcvtA4PKSaSZFa0CuLpvCHH8XbTcepM9Atxd_npsIIHp2iWpXKBiSsYAQ&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3616527039&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=410674200&rst=1708173941850&rpt=539&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 12:45:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
en.dotaavalike.shop/phpMyAdmin/	1970-01-20 19:12:45	Name: pma_lang_https Value: en
en.dotaavalike.shop/phpMyAdmin/	1969-12-31 23:59:59	Name: phpMyAdmin_https Value: 15og3kabfjnfn9054681dtrm95
.doubleclick.net/	1970-01-20 18:29:37	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 04:05:33	Name: IDE Value: AHWqTUkq7JZPI4echvUooy5RRCCSufaREk8yfjanJqwz4K2GHYKsaJ0bQBvQ2U1zk5A
.googleadservices.com/	1970-01-20 20:39:09	Name: ar_debug Value: 1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://en.dotaavalike.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://en.dotaavalike.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://en.dotaavalike.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://en.dotaavalike.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://en.dotaavalike.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://en.dotaavalike.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://en.dotaavalike.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://en.dotaavalike.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://en.dotaavalike.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

en.dotaavalike.shop
googleads.g.doubleclick.net
p4-fslrscvvpzgzc-slfstgx6yu2sm2yk-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
static.oneinstack.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
1.194.250.6
142.250.65.226
142.250.65.227
2606:4700:3035::ac43:d763
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:821::2004
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
2531d3aa1e0ad4b47128bd65ebef65024ed7d3b4c38c3960d715266adde3a919
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
42cb6e9418b38463397378ace4fbf5ef9d58814c96c3f121d19e766f99327e25
434de1f778f8606a5bbaca450e1a3c52489871a58c94f27ab3f91f4206dc9340
457a5873b70b931e7f81b9e6e041f7986a2434ba3c981e4863f32141dce07b8d
46790e2b174a89d317217a9c2486852dba1a7d34646f3242641b0e293e8a5967
473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b
49f92e9795d87035ec87b7f6e1fac330ae32968e38c6d0d4686a4f556d269bca
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62dc9d76b5d861c7b7ffcb74620def984288966d08bf6ad0fb80ce72900644f8
6492c8fc0623196f4cdde319e1b8117e8d9c9c87e2dcd40f45c37a549f8ad427
6c46868f62dc362f59277f47bbf4cf96aaee21d50781a55378a69869e89c6316
7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
84c830ca02a2494c46380db44abafa1fac571b0d80123941439597adc285f513
97841eecbf9e465f94eb3e1e56354bb09d7533844851264eab8a0a699713d721
99be6b0383c19c2d288561960846e2aa78ef734529e992be66291e7786640eaa
9ad7d8b0735087d6c9840b8bf3874a59c1360324284a2a193ca5913aae7b6195
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9f58d4658f77f3a59b3b0f05587d385469c39382714ffaaf496d8b126f7c9f58
b723df4db73313a01f5e2f807c069567c1a1942001ba97fd90c8a01aad18ba02
bc51f006228bcd7055417eb4adeec52553940ee227ee1b5af9a57ab8af88c64e
c09b4b12c944728d294c4a636823bf248f556b4b0814944ce888e47b407ceb32
c76252a83237f3df2ac5ad685f280e9a56f77b887f5d24797996b7df576f8dff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f

en.dotaavalike.shop Open in urlscan Pro 2606:4700:3035::ac43:d763 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

98 %HTTPS

63 %IPv6

7 Domains

8 Subdomains

9 IPs

2 Countries

1559 kBTransfer

2543 kBSize

5 Cookies

14 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

en.dotaavalike.shop Open in urlscan Pro
2606:4700:3035::ac43:d763 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

98 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

1559 kB
Transfer

2543 kB
Size

5
Cookies

41 HTTP transactions
1 data transactions