urlscan.io logo urlscan.io
SecurityTrails logo

mhapks.com Open in urlscan Pro
54.39.84.26  Public Scan

Go To Rescan Add Verdict Report
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Submission: On October 25 via manual from BR — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 6 countries across 33 domains to perform 156 HTTP transactions. The main IP is 54.39.84.26, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is mhapks.com.
TLS certificate: Issued by R3 on October 23rd 2023. Valid for: 3 months.
This is the only time mhapks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 54.39.84.26 16276 (OVH)
2 104.18.11.207 13335 (CLOUDFLAR...)
2 142.251.111.95 15169 (GOOGLE)
15 142.251.167.156 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 172.253.63.97 15169 (GOOGLE)
2 104.26.14.75 13335 (CLOUDFLAR...)
3 216.239.38.178 15169 (GOOGLE)
15 172.253.122.156 15169 (GOOGLE)
3 172.253.122.95 15169 (GOOGLE)
1 172.253.63.155 15169 (GOOGLE)
14 172.253.115.139 15169 (GOOGLE)
22 142.251.163.132 15169 (GOOGLE)
1 4 142.251.111.99 15169 (GOOGLE)
7 172.253.62.157 15169 (GOOGLE)
18 34.149.135.28 396982 (GOOGLE-CL...)
6 142.250.31.94 15169 (GOOGLE)
13 104.26.2.190 13335 (CLOUDFLAR...)
1 192.184.69.215 16509 (AMAZON-02)
2 2 54.208.63.53 14618 (AMAZON-AES)
3 23 172.253.115.155 15169 (GOOGLE)
2 2 151.101.130.49 54113 (FASTLY)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 3.222.244.182 14618 (AMAZON-AES)
1 1 52.70.198.229 14618 (AMAZON-AES)
1 1 51.222.239.232 16276 (OVH)
2 4 50.116.194.21 6336 (TURN-US-ASN)
2 2 23.61.60.237 16625 (AKAMAI-AS)
2 2 35.236.220.17 396982 (GOOGLE-CL...)
2 2 35.211.178.172 15169 (GOOGLE)
2 2 185.167.164.49 198622 (ADFORM)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 13.107.42.14 8068 (MICROSOFT...)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 82.145.213.8 39832 (NO-OPERA)
2 3 93.158.134.90 13238 (YANDEX)
156 23
3    54.39.84.26 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ip26.ip-54-39-84.net
mhapks.com
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
2    142.251.111.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f95.1e100.net
ajax.googleapis.com
15    142.251.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f156.1e100.net
pagead2.googlesyndication.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
2    104.26.14.75 (None, )

ASN13335 (CLOUDFLARENET, US)
tdns2.gtranslate.net
3    216.239.38.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
15    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
googleads.g.doubleclick.net
3    172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net
translate.googleapis.com
fonts.googleapis.com
1    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
partner.googleadservices.com
14    172.253.115.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f139.1e100.net
fundingchoicesmessages.google.com
22    142.251.163.132 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f132.1e100.net
tpc.googlesyndication.com
4    142.251.111.99 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f99.1e100.net
www.google.com
7    172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
www.googletagservices.com
18    34.149.135.28 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.135.149.34.bc.googleusercontent.com
g.bidbrain.app
6    142.250.31.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net
www.gstatic.com
13    104.26.2.190 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.rtbrain.app
1    192.184.69.215 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    54.208.63.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-63-53.compute-1.amazonaws.com
pm.w55c.net
23    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
cm.g.doubleclick.net
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    3.222.244.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-244-182.compute-1.amazonaws.com
pr-bh.ybp.yahoo.com
1    52.70.198.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-198-229.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    51.222.239.232 (Canada)

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net
onetag-sys.com
4    50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com
ad.turn.com
r.turn.com
2    23.61.60.237 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-61-60-237.deploy.static.akamaitechnologies.com
px.owneriq.net
2    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
2    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    93.158.134.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
Apex Domain
Subdomains		 Transfer
38 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
307 KB
37 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
399 KB
18 bidbrain.app
g.bidbrain.app — Cisco Umbrella Rank: 44951
312 B
18 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1673
www.google.com — Cisco Umbrella Rank: 11
64 KB
13 rtbrain.app
cdn.rtbrain.app — Cisco Umbrella Rank: 10923
2 MB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
412 KB
6 gstatic.com
www.gstatic.com
31 KB
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 720
translate.googleapis.com — Cisco Umbrella Rank: 1953
fonts.googleapis.com — Cisco Umbrella Rank: 113
64 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
r.turn.com — Cisco Umbrella Rank: 6191
2 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 4716
957 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
3 mhapks.com
mhapks.com
21 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 954
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
1 KB
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 3422
2 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
939 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1562
2 KB
2 gtranslate.net
tdns2.gtranslate.net — Cisco Umbrella Rank: 295846
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
146 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3876
83 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2169
673 B
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 13762
623 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2199
684 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 830
645 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 10521
594 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
517 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
1 KB
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
715 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 11243
556 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1260
464 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
601 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
2 KB
156 33
Domain Requested by
23 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
22 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
18 g.bidbrain.app mhapks.com
googleads.g.doubleclick.net
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
mhapks.com
googleads.g.doubleclick.net
15 pagead2.googlesyndication.com mhapks.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.gstatic.com
www.googletagservices.com
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
13 cdn.rtbrain.app googleads.g.doubleclick.net
7 www.googletagservices.com googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
4 www.google.com 1 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
3 an.yandex.ru 2 redirects
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 mhapks.com mhapks.com
2 c1.adform.net 2 redirects
2 x.bidswitch.net 2 redirects
2 um.simpli.fi 2 redirects
2 px.owneriq.net 2 redirects
2 r.turn.com googleads.g.doubleclick.net
2 ad.turn.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 pm.w55c.net 2 redirects
2 fonts.googleapis.com googleads.g.doubleclick.net
2 tdns2.gtranslate.net mhapks.com
2 www.googletagmanager.com mhapks.com
www.googletagmanager.com
2 ajax.googleapis.com mhapks.com
2 stackpath.bootstrapcdn.com mhapks.com
stackpath.bootstrapcdn.com
1 t.adx.opera.com 1 redirects
1 ius.ctnsnet.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 dsp.adkernel.com 1 redirects
1 onetag-sys.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 translate.googleapis.com mhapks.com
1 cdnjs.cloudflare.com mhapks.com
156 39

This site contains no links.

Subject Issuer Validity Valid
mhapks.com
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.bidbrain.app
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
rtbrain.app
Cloudflare Inc ECC CA-3		 2023-10-19 -
2024-10-18		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh

This page contains 18 frames:

Primary Page: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Frame ID: 7E20ABE9A5217508C077BB22A5E8D724
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20190131/zrt_lookup.html
Frame ID: 8FEB4E3908B6C698FC4BAD836217E3E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7321328006653384&output=html&adk=1812271804&adf=3025194257&lmt=1698290262&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265061732&bpp=6&bdt=228&idt=253&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2696529612783&frm=20&pv=2&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=275
Frame ID: D1EB8124806D6D3BD681D3C771E5FA9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Frame ID: BD1307D5FE16B9B06927D97B9F37B377
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Frame ID: EB97F05E363AC5C5569E4A97D91180E4
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1698290262&rafmt=1&to=qs&pwprc=1947712845&format=392x100&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1149&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=nvkImcYyQR&p=https%3A//mhapks.com&dtd=128
Frame ID: 749C50D437A92C862E3BD89A50D0976C
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Frame ID: 10D432CD6F958B5F7605CD2BEEBBD16E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Frame ID: 968BF23D628DBEE045EB746776E17A86
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Frame ID: 15C1B441334AF3B5E8EEA8993FA91695
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Frame ID: E6DEAE5FCA3B90B700D7CBCB7AC48A07
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4DF6261CD2FC72D14844D5A488D2B31C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B40BADCEAFEA263BF22DD097F09D61EC
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/8a6c58a25e971cfbc194f00dd2aa8ad4.js?tag=client_fast_engine_2019
Frame ID: 1E135FE93CA73111DCA5D6C0B0C4260E
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5B6053FEB921F5F73B2B09D3A5B13789
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 35F974317D98E342DBD3B4C6E03F1C18
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 565A58200F95AF9FC515219AD8D37173
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D3D7D8B27F634CCB91A1050D4AB4438F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jkeNCdo99qjuYe8I46ZORQC9giCrdAWNIccvlek98BY.js
Frame ID: A909746F7533545AED2E092351078E9A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Baixe Meu Alelo 5.0.13 (400084650) Apk para android - mhapks.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

156
Requests

87 %
HTTPS

0 %
IPv6

33
Domains

39
Subdomains

23
IPs

6
Countries

3470 kB
Transfer

6718 kB
Size

48
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIjTDK1ty0AXcgjw9Z5XWL0&google_cver=1&google_push=AXcoOmS4ntn32r0romw9coIuGFt4LTwWzH_wcE4JgBnNLeTGyYbQhO-7bBW0JcZaTA-B02qG8JQx0BZC06EOicuPmgyV0N6jI2y_Ug HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIjTDK1ty0AXcgjw9Z5XWL0&google_cver=1&google_push=AXcoOmS4ntn32r0romw9coIuGFt4LTwWzH_wcE4JgBnNLeTGyYbQhO-7bBW0JcZaTA-B02qG8JQx0BZC06EOicuPmgyV0N6jI2y_Ug HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bGZEMDNvdjUxUVZLalo1&google_gid=CAESEIjTDK1ty0AXcgjw9Z5XWL0&google_cver=1&google_push=AXcoOmS4ntn32r0romw9coIuGFt4LTwWzH_wcE4JgBnNLeTGyYbQhO-7bBW0JcZaTA-B02qG8JQx0BZC06EOicuPmgyV0N6jI2y_Ug
Request Chain 102
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF_pfaOFMiOQL0jURTvXpsY&google_cver=1&google_push=AXcoOmTQ6MzO5porkme3wWtKGx0Efo_xv_oOZTgPF584GVPv2ajO2DM4Ft7PQk1x8Nu9KmtBDFnILHIxq0KLS75p_8DQ20YSRqTBX50 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF_pfaOFMiOQL0jURTvXpsY&google_push=AXcoOmTQ6MzO5porkme3wWtKGx0Efo_xv_oOZTgPF584GVPv2ajO2DM4Ft7PQk1x8Nu9KmtBDFnILHIxq0KLS75p_8DQ20YSRqTBX50
Request Chain 103
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPjzoA0bPCLPjoYp8YMvW2M&google_cver=1&google_push=AXcoOmTKSSVtRjGpatsIwfCy4XaDJ5_d5BD1wu2w8PzCyYCbrBYX324tqfxbmAdSa4--erxao0OXLvVN9QICGvcWbU0Vo_OCpRa-YZk HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=gEb-WM3QQjIYbkpk4mPUuA&google_push=AXcoOmTKSSVtRjGpatsIwfCy4XaDJ5_d5BD1wu2w8PzCyYCbrBYX324tqfxbmAdSa4--erxao0OXLvVN9QICGvcWbU0Vo_OCpRa-YZk
Request Chain 104
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFA_2OmfLbVBY6U79g2iWVM&google_cver=1&google_push=AXcoOmScn33Swwx9P2BGbJ4jtsgFRsnWJQNfxU5j3S4RyqqOPgExNZ5n6L-ADmUHOcwLEg5F95Dl296IoFblQn7iB5kXivmRB44c-UE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmScn33Swwx9P2BGbJ4jtsgFRsnWJQNfxU5j3S4RyqqOPgExNZ5n6L-ADmUHOcwLEg5F95Dl296IoFblQn7iB5kXivmRB44c-UE&google_hm=eS1sYWo0QmJSRTJwRUllWDA4TU8wSnprLk5DVU1wNjh6bX5B
Request Chain 105
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEP3yH0yKyUwLqAHltUacaOs&google_cver=1&google_push=AXcoOmTIJ7lRjg83xNa4gZBdNrm5GHOVmxaywV5qsQZJ49MXhWhgVEjaw9J6vRu2XPI0JWSOnQ6Cw1MR8IhSusfz1n2u59WpjPP05no HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=csJ8Do27XIdWh_hLdSLUoSUT1bI&google_push=AXcoOmTIJ7lRjg83xNa4gZBdNrm5GHOVmxaywV5qsQZJ49MXhWhgVEjaw9J6vRu2XPI0JWSOnQ6Cw1MR8IhSusfz1n2u59WpjPP05no
Request Chain 106
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAIesvcdBk5VkmXlpTuQqMo&google_cver=1&google_push=AXcoOmQM_42PVCA7QISvmINJcBmRD3RhoOH5tZ9skRWeOmyceaMFurFmPfbu2ERjjflti1FJLr6CkvwVdPMivuKKVQINCe-JuMy7joM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi2h8YW5ImnI8zBMdLova4Nh-3MQENPiv4g&google_push=AXcoOmQM_42PVCA7QISvmINJcBmRD3RhoOH5tZ9skRWeOmyceaMFurFmPfbu2ERjjflti1FJLr6CkvwVdPMivuKKVQINCe-JuMy7joM
Request Chain 108
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFq69T6gxO6Q_C0UtrS081M&google_cver=1&google_push=AXcoOmRPXVHQgKgZHuABiKEXIVG6yCaSV4yNwepbw2ywuYNTJhva-FLmqzKxTbt00PMmmqvEIKo9NpbOxd_fMRuBz4rZTeyo_AQIUI44BW_6IsZDBtx-k18Cglj0Rb64ehzzmZ19el59ibPhbLbY_EF-fO6hbg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY3NDM4NzEzMDkyOTQ1NjAzNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ9tVKkCdsQGtChuN3HLA58&google_cver=1
Request Chain 109
  • https://px.owneriq.net/ecmg?google_gid=CAESEKBi-lnhRustmvvkhABiqUE&google_cver=1&google_push=AXcoOmQyWO9Ld63EFD4pOsOjOqwSWNwIemmPoCAPvynBfSPdcEhC9Z7ZWJHUaEHaS_73e7jFxtd6cJ4h3Da1h7twvtc0CKaxj0KuiFYYX8rUUzckRDMfsaIttZKlhQ4ds5bbHslleOwydi-upLV73UbF0gtkVQ HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmQyWO9Ld63EFD4pOsOjOqwSWNwIemmPoCAPvynBfSPdcEhC9Z7ZWJHUaEHaS_73e7jFxtd6cJ4h3Da1h7twvtc0CKaxj0KuiFYYX8rUUzckRDMfsaIttZKlhQ4ds5bbHslleOwydi-upLV73UbF0gtkVQ%26google_cver%3d1%26google_gid%3dCAESEKBi-lnhRustmvvkhABiqUE%26google_hm%3dUTc1MTU1MTQ2MzIxMDQyNjY2NDg%3d&uid=Q7515514632104266648&ref=%2Fecmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmQyWO9Ld63EFD4pOsOjOqwSWNwIemmPoCAPvynBfSPdcEhC9Z7ZWJHUaEHaS_73e7jFxtd6cJ4h3Da1h7twvtc0CKaxj0KuiFYYX8rUUzckRDMfsaIttZKlhQ4ds5bbHslleOwydi-upLV73UbF0gtkVQ&google_cver=1&google_gid=CAESEKBi-lnhRustmvvkhABiqUE&google_hm=UTc1MTU1MTQ2MzIxMDQyNjY2NDg=
Request Chain 110
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENemRXvo8ZMUURuvB6WlZSI&google_cver=1&google_push=AXcoOmRoB2X8FTBFTs_Wqya6HR7HYUisWvApL7ciAA0AePsP8qmQ7o7RrmSvdLXl9DlkQIuF33khB5FBqTchAgpl0P-eoobV7fgnKagfM5pCnqseXxyNjfAPIWe5Poi2FA_L3OCCDT-OPHjhHtgG0Zxpn0IX0A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENemRXvo8ZMUURuvB6WlZSI&google_push=AXcoOmRoB2X8FTBFTs_Wqya6HR7HYUisWvApL7ciAA0AePsP8qmQ7o7RrmSvdLXl9DlkQIuF33khB5FBqTchAgpl0P-eoobV7fgnKagfM5pCnqseXxyNjfAPIWe5Poi2FA_L3OCCDT-OPHjhHtgG0Zxpn0IX0A
Request Chain 111
  • https://um.simpli.fi/gp_match?google_gid=CAESEJURZJu_Mvwu6EN5tX20V_Q&google_cver=1&google_push=AXcoOmSlVTD1UaUKN_cuVhMMDzfV_lPK9547LiZavlJOzLK2tNkK3brDgV6aefXyD7kefUDRyH_8gmLWOLiBNExXnyxh19_3XINZr24-rVNCFBL3lXfhAsSEjaNmhohkOt3qqQQBYDeL4bYhc1jcawOtnacO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4508D7E8A7124DC5ACB4F9D06854D10A&google_push=AXcoOmSlVTD1UaUKN_cuVhMMDzfV_lPK9547LiZavlJOzLK2tNkK3brDgV6aefXyD7kefUDRyH_8gmLWOLiBNExXnyxh19_3XINZr24-rVNCFBL3lXfhAsSEjaNmhohkOt3qqQQBYDeL4bYhc1jcawOtnacO
Request Chain 112
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEk2RT4xP-R0OzI_wX--KLo&google_cver=1&google_push=AXcoOmSZ1B5RHeb6mFfO3mlNnCPz_0YpYrr1dnkMaagAoD36no-QMET3vZVtOfm12TGzCWZdngd2onQCVc94TzHHqH21NsRaXRBaZ1WEtMlMvkVj95rx6rVbmp1cZVhN8rwzpgCWxzpr6PZvuQ_46rKw0qE_yA HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEk2RT4xP-R0OzI_wX--KLo&google_cver=1&google_push=AXcoOmSZ1B5RHeb6mFfO3mlNnCPz_0YpYrr1dnkMaagAoD36no-QMET3vZVtOfm12TGzCWZdngd2onQCVc94TzHHqH21NsRaXRBaZ1WEtMlMvkVj95rx6rVbmp1cZVhN8rwzpgCWxzpr6PZvuQ_46rKw0qE_yA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSZ1B5RHeb6mFfO3mlNnCPz_0YpYrr1dnkMaagAoD36no-QMET3vZVtOfm12TGzCWZdngd2onQCVc94TzHHqH21NsRaXRBaZ1WEtMlMvkVj95rx6rVbmp1cZVhN8rwzpgCWxzpr6PZvuQ_46rKw0qE_yA&google_hm=lxNHo4AbQVqrq12GWHzq9g==
Request Chain 113
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENMNkdNHtm5ab4PCWWnyL2Q&google_cver=1&google_push=AXcoOmQTxPCpf2WiXYn-iegEJBMaXMfa5Pu6YKxQltTcHxggkroOppV8_scSx4AWG0v2GRWacUB0pAOAyBIdFZ_QLFwq05nzEfCf5EtBhH7a9pq4gfaUoxf-J9I1fuBeFEr68yHF434jtApLVVBWooylY-RD HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENMNkdNHtm5ab4PCWWnyL2Q&google_cver=1&google_push=AXcoOmQTxPCpf2WiXYn-iegEJBMaXMfa5Pu6YKxQltTcHxggkroOppV8_scSx4AWG0v2GRWacUB0pAOAyBIdFZ_QLFwq05nzEfCf5EtBhH7a9pq4gfaUoxf-J9I1fuBeFEr68yHF434jtApLVVBWooylY-RD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMDA4Nzc1NjkyMDI5ODE3Ng&google_push=AXcoOmQTxPCpf2WiXYn-iegEJBMaXMfa5Pu6YKxQltTcHxggkroOppV8_scSx4AWG0v2GRWacUB0pAOAyBIdFZ_QLFwq05nzEfCf5EtBhH7a9pq4gfaUoxf-J9I1fuBeFEr68yHF434jtApLVVBWooylY-RD
Request Chain 114
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEI5rFgRxtk_BMOdUn4bZPz4&google_cver=1&google_push=AXcoOmQcwk0cna7t6s0SKnA_wcCY1eo5AQLkwUPCtUqVKp43NLMpmJxiWbCYwqkfmzX6YyXUJMwi9uINLzNEJe6WtMU1sNwKa3zt2P_fVr93ySbFmfihTbqyxOrJzkzOLFptigzLMHcXQ0jdNAd9iiAzsUuG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ4Njc5MjU1NDM0ODA1NDY4OA&google_push=AXcoOmQcwk0cna7t6s0SKnA_wcCY1eo5AQLkwUPCtUqVKp43NLMpmJxiWbCYwqkfmzX6YyXUJMwi9uINLzNEJe6WtMU1sNwKa3zt2P_fVr93ySbFmfihTbqyxOrJzkzOLFptigzLMHcXQ0jdNAd9iiAzsUuG
Request Chain 119
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ9tVKkCdsQGtChuN3HLA58&google_cver=1&google_push=AXcoOmSWpBJIRboZes_WEuCNK-MXtn9d3OesAhgMNU-WeSlFl3Gvj224QlnlMkg5qKgGWwb8PMLxMdU0rqPy6SjGcKxbuX9vtJRtrg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc0NjQ0NDcyNDk2NzM4Mzk3Mw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ9tVKkCdsQGtChuN3HLA58&google_cver=1
Request Chain 120
  • https://um.simpli.fi/gp_match?google_gid=CAESEGWNQ53mrj-Y4HlIlofVkEs&google_cver=1&google_push=AXcoOmQQzYiiCCi8TTIreUZYAjM04vKT6bWVvl5gwqQTaeGVng4JXvDw3r-3kbEDm55T0P0BhYb8TSklWycy2Q1pGv-cPzKYhTL04g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF3F4B1DAD504F4EA19F2B795B839C9B&google_push=AXcoOmQQzYiiCCi8TTIreUZYAjM04vKT6bWVvl5gwqQTaeGVng4JXvDw3r-3kbEDm55T0P0BhYb8TSklWycy2Q1pGv-cPzKYhTL04g
Request Chain 121
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEiszHQxZdNyydnNu5u8XOM&google_cver=1&google_push=AXcoOmRhi6bBPuuuUZSf6vKz3O8xSSV_RCd0HJEKRB-6kCkv4ZlLQZg5DyI0YKBOmqpyk0u7XsQDwM2mADAgWf6E2jOCOwHQyYHi5fM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRhi6bBPuuuUZSf6vKz3O8xSSV_RCd0HJEKRB-6kCkv4ZlLQZg5DyI0YKBOmqpyk0u7XsQDwM2mADAgWf6E2jOCOwHQyYHi5fM
Request Chain 122
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBCDOKF_gA1Gasbjax5gMwI&google_cver=1&google_push=AXcoOmSfizvj0HYQm6OvIzcAVECEGxIKMdBKe3UjJl-gcIExpQ_a8697J6RjJrqJRzg2fClXJzzpdSJ_jLay5b_65NbilwitnL8RKYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=844921025314&us_privacy=1---
Request Chain 123
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESECSUBdbrS35HNumo-Hvvg9c&google_cver=1&google_push=AXcoOmSZM8vBM6dM2H5Jay-2_rs3I_WurLQJBTCx9Np_0_axX4SYE7mGb8UawVM1okxDNdIsSWeZNij4zuxrkDgBm7tt_tYKEUxeToBw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSZM8vBM6dM2H5Jay-2_rs3I_WurLQJBTCx9Np_0_axX4SYE7mGb8UawVM1okxDNdIsSWeZNij4zuxrkDgBm7tt_tYKEUxeToBw&google_hm=XaztNBWhQFGveNZ62cEpobI
Request Chain 124
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRkWdcuqfRhJM1unKQSd7zWpGuZw1c2AN-gYMC4dtN_j_RhC-QdKzokU8D6kSHc5yqu-qNnIsmUCtSHMaBrJIH6xfxjEHNr33t9&google_gid=CAESEFFaPnwAa6mYTsatTaO1OuI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFFaPnwAa6mYTsatTaO1OuI&google_hm=T1BVY2E5Y2VhNWY3NTkzNGIwMTkzZWIzZGNlZmYwMmU5Y2M&google_nid=opera_norway_as&google_push=AXcoOmRkWdcuqfRhJM1unKQSd7zWpGuZw1c2AN-gYMC4dtN_j_RhC-QdKzokU8D6kSHc5yqu-qNnIsmUCtSHMaBrJIH6xfxjEHNr33t9
Request Chain 125
  • https://an.yandex.ru/mapuid/google/CAESEJHDXPiOTUiFJIZ_AxHadC0?ext-param=AXcoOmTNSYaLqogOxZZIjNic1eRImLr6IlHixiwcEro4NqMRDa1rXB5HeP9HrdEMP76HpZ4BYM0PXtZZRwKiALusafMQk3OPglDiPpcA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEJHDXPiOTUiFJIZ_AxHadC0?redir-setuniq=1&ext-param=AXcoOmTNSYaLqogOxZZIjNic1eRImLr6IlHixiwcEro4NqMRDa1rXB5HeP9HrdEMP76HpZ4BYM0PXtZZRwKiALusafMQk3OPglDiPpcA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJHDXPiOTUiFJIZ_AxHadC0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 128
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

156 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mhapks.com/pt/download-meu-alelo-apk-for-android/ 		53 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.39.84.26 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip26.ip-54-39-84.net
Software
Apache /
Resource Hash
1a151cdb068dfe41be6a2d00a13723d590bb8afc6d857c9f23c7bea3a16fcab6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 25 Oct 2023 20:17:40 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate
content-language
pt
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
x-gt-cache-status
BYPASS
x-gt-delivered-by
GTranslate v8.2.4 in 13ms visit https://gtranslate.io
x-gt-server
dvin
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
871
age
11365320
cdn-cachedat
04/12/2023 18:45:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c66fa0d8a22c3e5817e1cdf237a3ca94
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
81bd24fab86536aa-YYZ
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f95.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:46:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
451844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 14:46:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7321328006653384
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
c0c4f4110a856dfa878b7db1b5c45cb7e5a29466be0257915292c1394b168e5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
Origin
https://mhapks.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51185
x-xss-protection
0
server
cafe
etag
14088429601096724160
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 20:17:41 GMT
download-meu-alelo-apk-for-android.png
mhapks.com/wp-content/uploads/2021/06/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mhapks.com/wp-content/uploads/2021/06/download-meu-alelo-apk-for-android.png
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.39.84.26 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip26.ip-54-39-84.net
Software
Apache /
Resource Hash
53868df77ba8f728b3ad0c837237e7a40427bc104247ad1edc0b6612aa4b1e4c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/pt/download-meu-alelo-apk-for-android/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 20:17:41 GMT
Last-Modified
Fri, 11 Jun 2021 11:22:01 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
8507
lazy.png
mhapks.com/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mhapks.com/assets/lazy.png
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.39.84.26 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip26.ip-54-39-84.net
Software
Apache /
Resource Hash
5feb590434f658e1a0b750d61921a310a16c82e6fe5677f4927c06256d380563

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/pt/download-meu-alelo-apk-for-android/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 20:17:41 GMT
Last-Modified
Thu, 28 Sep 2023 08:04:05 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1173
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f95.1e100.net
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 02:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
496389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 02:24:32 GMT
jquery.lazyload.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1852639
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1120
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-d35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9u6AnI5LwuzOJ1BUnXCteYmVIiTdGBeF4jwo%2B8WGTk%2Be3%2FJleDM7h425J6z1s6dd0ujFl5GcEHvO0d%2BGs9oRnemwW868vF6MWLDyU91dik9MORUm1JnGt0Eu9kV5aeNDeBqQ%2B13"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81bd24fadc39543d-YYZ
expires
Mon, 14 Oct 2024 20:17:41 GMT
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-145072184-1
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
7b7928b4846ea76d7f6b517159f0c40043641b034c56a8b6072ce7fb53629332
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68472
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 19:36:28 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 25 Oct 2023 20:17:41 GMT
queue.js
tdns2.gtranslate.net/tdn-bin/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tdns2.gtranslate.net/tdn-bin/queue.js
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b2a6b182fd1868b05814d602de4f700980033059667c6ccf30b86f00e137d41

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DITUdIYSMsjmZcWXkx2HmRW%2FLJBWk%2FfwR6lvY2HaA8VbwoWpW%2BtKybe8%2FWhSCHn0ZbioxrSQalDwiZhVGb9k6EJHFVOaKgqq3UivA6JfQMMnpKjZGLq9o3mOVNvPzhnN0X8uEoiH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
no-cache
cf-ray
81bd24fae8c436be-YYZ
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://mhapks.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1029
cdn-cachedat
06/22/2023 17:42:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a011ad6abc2a094a1184fb06d5bc6bb4
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
81bd24fb48d63870-YYZ
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/ 		222 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8JH9WYGX07&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145072184-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
2ea365076581934166c080c847ed825929c1a88130308dacfb279b7232e0716c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80550
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 25 Oct 2023 20:17:41 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145072184-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 25 Oct 2023 20:16:28 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
73
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 25 Oct 2023 22:16:28 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/ 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7321328006653384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
e08a017113b966ee9ffb901ce0d869b1bdeb9ee2ead1cc467a413ccce9f3fd5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136855
x-xss-protection
0
server
cafe
etag
10328606910980374644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 20:17:41 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231023/r20190131/ Frame 8FEB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231023/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7321328006653384
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
504
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 20:09:17 GMT
etag
4569948109300706969
expires
Wed, 08 Nov 2023 20:09:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
t
translate.googleapis.com/translate_a/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_a/t?anno=3&client=te_lib&format=html&v=1.0&key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw&logld=vTE_20230725&sl=fr&tl=es&tc=1&sr=1&tk=85334.425962
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
8ecb377cdb43ac5cb4a5a5c19b4405da27534b2a5a87348b3b45d89667b376d8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VM91LUKfMkVa1Ddf0wAEug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 25 Oct 2023 20:17:42 GMT
content-security-policy
script-src 'report-sample' 'nonce-VM91LUKfMkVa1Ddf0wAEug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
x-content-type-options
nosniff
content-encoding
gzip
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
167 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8JH9WYGX07&gtm=45je3an0v9114311567&_p=92293526&cid=2013654416.1698265062&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1698265061&sct=1&seg=0&dl=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&dt=Baixe%20Meu%20Alelo%205.0.13%20(400084650)%20Apk%20para%20android%20-%20mhapks.com&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8JH9WYGX07&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mhapks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=92293526&t=pageview&_s=1&dl=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&ul=en-us&de=UTF-8&dt=Baixe%20Meu%20Alelo%205.0.13%20(400084650)%20Apk%20para%20android%20-%20mhapks.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1468541707&gjid=520127801&cid=2013654416.1698265062&tid=UA-145072184-1&_gid=1547321439.1698265062&_r=1&gtm=457e3an0&jsscut=1&z=1428305074
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mhapks.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mhapks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		387 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=mhapks.com&callback=_gfp_s_&client=ca-pub-7321328006653384
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
3a67e48a4cdacc35ff77b867420be6a4a9bfc78557ba60665fc3cb8f7df1a40d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D1EB 		799 KB
112 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7321328006653384&output=html&adk=1812271804&adf=3025194257&lmt=1698290262&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265061732&bpp=6&bdt=228&idt=253&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2696529612783&frm=20&pv=2&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=275
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
0fde4756471ad03b876173ee852beaa83ca8fe64a221439815463c482db672dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
114476
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 20:17:42 GMT
expires
Wed, 25 Oct 2023 20:17:42 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
save
tdns2.gtranslate.net/tdn-bin/ 		7 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tdns2.gtranslate.net/tdn-bin/save
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer
https://mhapks.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 25 Oct 2023 20:17:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8W%2BlfStEOm%2F42PVQxKCJ92tG1VNZXNouD97EY7bqkuHuMQOGBvIqr9lak5uk5t8Bw7hxP691UP1zewccS4OTPLUGg1RwDGodx%2Fp9GiuS7mGJ%2BA5CoSDOpWg3SKrEA8Ogu8ApQq35"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
81bd24fe8abda226-YYZ
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231023&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
8c0fd014243f121a6afbad9fa12a3694f71895f9429746d531a6a720540ba0f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12163
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/ 		159 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
8dfda2b6f448fb32a87ef43ca99b1a5dd019b19e47e72ff8804e044ca9919a49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55359
x-xss-protection
0
server
cafe
etag
6292983050971298846
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 20:17:42 GMT
ca-pub-7321328006653384
fundingchoicesmessages.google.com/i/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7321328006653384?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
caa3b7bdf4bb54428ace67e3b611a89fda54f80b731c8798fc3389c6a728bee7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-LRUEolhI70ki_IVpbK7Z4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:42 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-LRUEolhI70ki_IVpbK7Z4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 20:17:42 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BD13 		163 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
1eea6f9d487b82966f085d4e7f1f2a30ee8098a295d0d1a8fae8e1f8fb000458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
57848
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 20:17:43 GMT
expires
Wed, 25 Oct 2023 20:17:43 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EB97 		158 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
76c587131dd722781edad643c20a50c08bad04f02d24b1aba000b56e9e193b58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
55966
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 20:17:43 GMT
expires
Wed, 25 Oct 2023 20:17:43 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 749C 		162 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1698290262&rafmt=1&to=qs&pwprc=1947712845&format=392x100&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1149&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=nvkImcYyQR&p=https%3A//mhapks.com&dtd=128
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
98001e92f39d325606270a17cabe1faeb8139b4a5c72d21e660c054140a5b445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
57947
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 20:17:43 GMT
expires
Wed, 25 Oct 2023 20:17:43 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/ Frame 10D4 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
60702
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 03:26:00 GMT
etag
4569948109300706969
expires
Wed, 08 Nov 2023 03:26:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/ Frame 968B 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
60702
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 03:26:00 GMT
etag
4569948109300706969
expires
Wed, 08 Nov 2023 03:26:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/ Frame 15C1 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
60702
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 03:26:00 GMT
etag
4569948109300706969
expires
Wed, 08 Nov 2023 03:26:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/ Frame E6DE 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
60702
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 03:26:00 GMT
etag
4569948109300706969
expires
Wed, 08 Nov 2023 03:26:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxVwzxylYreCyxwPQu0AMMXHuo2Z1HsUYcWDqheBCexkr_sdJNO98pq3S1R6JR2yuYhtylFCLM84xWf3sFzVMiKJKLlTy_yBmEZtQXjgZWKEJuHJv4O8Nn6kLTpjQDiRZlvrjxD67Q==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVwzxylYreCyxwPQu0AMMXHuo2Z1HsUYcWDqheBCexkr_sdJNO98pq3S1R6JR2yuYhtylFCLM84xWf3sFzVMiKJKLlTy_yBmEZtQXjgZWKEJuHJv4O8Nn6kLTpjQDiRZlvrjxD67Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4MjY1MDYyLDg1NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9taGFwa3MuY29tL3B0L2Rvd25sb2FkLW1ldS1hbGVsby1hcGstZm9yLWFuZHJvaWQvIixudWxsLFtbOCwicXJiNzBYdXgySHMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.qrb70Xux2Hs.es5.O/am=CAM/d=1/rs=AJlcJMzyD0qPbIC7-E-18OarUGiL666AHw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
40de9ef28899e86ce496fb831efa6ab56c737ab856f253cac9e913088699837c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-OPiLcgLQf1ItpSYDqA40eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:42 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-OPiLcgLQf1ItpSYDqA40eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4DF6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
525428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 18:20:34 GMT
expires
Fri, 18 Oct 2024 18:20:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B40B 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f99.1e100.net
Software
GSE /
Resource Hash
548e3e2bd23f1d64e0152e9998150a0ffbdaa4f40c89e3600799c14a4fa68b2f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4ydG7NOf3PjZY6X1qKbOsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mhapks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4ydG7NOf3PjZY6X1qKbOsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 20:17:42 GMT
expires
Wed, 25 Oct 2023 20:17:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 968B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 968B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 968B 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 20:17:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 15C1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 15C1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 15C1 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 20:17:43 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E6DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CwYmj5nc5ZcCLBNeno9kPrfGS2AzSkbaNbbnQrsqWD8CNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi03MzIxMzI4MDA2NjUzMzg0yAEJqAMByAMCqgTcAU_QmV_PgCDHCA98VCA9HrGObHnegqxAQYPse2uBMwwpHYZ0xvCL2zq3cNhsksuVbjEZEl7bt16EUBlbcx8yuiPvqp0FpjdvsVLA3bc1QwrccascQZ9vq4hT1ykH1zdh6duHpW-HvTfzH3zswjRezfwO3rfKgniGiJwnTVWLG9eZpWa9JXEdj9iNgCHZtUvkl1_dHEcyBUyMasYbVZMbX7umjtR5QFHlPago-We7XUqb3sU7M6yW_-Q356nEolgJdzsvoQkP806GqgN41tDHaLyy6a5i3WNTvzvW7neABq215unOlO6OU6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzMyMTMyODAwNjY1MzM4NBgA&sigh=QlQzDinYp4s&uach_m=[UACH]&cid=CAQSTADICaaNsgxSdMLUuiNdTyIygBp89h7COxKK5Jkt_7CUkuoSDaQ_Tm3yossc37lt3d18720-VImEDNhKyidsR3941izu6tZg1ViPPwoYAQ
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 25 Oct 2023 20:17:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 25 Oct 2023 20:17:43 GMT
rtimp
g.bidbrain.app/ Frame E6DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=8d26b870-7373-11ee-99a2-e2e892e7683a&d=mhapks.com&cr=ext_ng_dow_ghst7&a=imp&p=ZTl35gABBcAFKNPXAAS4rf4rMgtQzRnlqLS3gg&im=P80neUPyfohyRrtsRrTh-yYTKAbEtXH5XWicM44P01RMEVSt_of7IEIqciWeGgnIxVfNIKjeHoDKHaXVxDryJgXW7u6FXnbEiPvZrQhkWOCZvnqiwK3NvGM6fNwaj2EvB-BVDF_8Dw6S_i-4LDYXWIqtRc3U5NO4niyrsvM_10Fk1qe-LpW6aLJBk-hvgWgQ7qGMsDtPdqN9mBgjM33tiIM-qk-Cchokija01h0SogJbOOdaHl0pAk0UnhqD8cjnlvDvxVuBu1EYo4aAAop0-AMvzmHsOzG59FYCcsegdCss57CiMTSyX6tmm8vIsGfAI8zGFtnYfEesF7sb1-zcAPusPXtGyFiZNMwljmKPXZ8
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame E6DE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame E6DE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E6DE 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 20:17:43 GMT
css2
fonts.googleapis.com/ Frame 10D4 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 25 Oct 2023 20:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 18:59:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 Oct 2023 20:17:43 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 10D4 		205 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 16:04:32 GMT
x-content-type-options
nosniff
age
101591
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 23 Oct 2024 16:04:32 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 10D4 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 15:42:06 GMT
x-content-type-options
nosniff
age
16537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 24 Oct 2024 15:42:06 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 10D4 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
1cc933a2cffa5971635779412d5ea0fcd6d3d7950271c6784c5e44c0a76c8beb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:34:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
74615
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6584
x-xss-protection
0
server
cafe
etag
17761768058797188040
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:34:08 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 10D4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:34:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
74615
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8598
x-xss-protection
0
server
cafe
etag
10300645532664441910
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:34:08 GMT
AGSKWxWhqDUH-InTRGN6_3LpbL3MuQrTX4_VphzqM9_pteb7O4YgjozSAVRNZD5-Efps1tMCqBTuPT88kPWlBlhLFJNJOwreQ-eNNKKm2jc3NasZ87hZQl1ZXGKl0_hZBIxaN32dUA51rQ==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWhqDUH-InTRGN6_3LpbL3MuQrTX4_VphzqM9_pteb7O4YgjozSAVRNZD5-Efps1tMCqBTuPT88kPWlBlhLFJNJOwreQ-eNNKKm2jc3NasZ87hZQl1ZXGKl0_hZBIxaN32dUA51rQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4MjY1MDYzLDEyMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZW4iXSwiaHR0cHM6Ly9taGFwa3MuY29tL3B0L2Rvd25sb2FkLW1ldS1hbGVsby1hcGstZm9yLWFuZHJvaWQvIixudWxsLFtbOCwicXJiNzBYdXgySHMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.qrb70Xux2Hs.es5.O/am=CAM/d=1/rs=AJlcJMzyD0qPbIC7-E-18OarUGiL666AHw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
d227d9a30fa30f1209480cdc232ee9aca2e15c4cf8775f63f9436fe411632287
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WB906BjvCx0Y6j5e7bpneQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WB906BjvCx0Y6j5e7bpneQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B40B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231023&jk=356208396000896&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame 4DF6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 13:55:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
22952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 13:55:11 GMT
truncated
/ Frame E6DE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6ad3503065b907351284493ba2379ab66f05e52812f4df80c3e1371cbb8bad8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
error_handler.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 749C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/error_handler.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1698290262&rafmt=1&to=qs&pwprc=1947712845&format=392x100&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1149&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=nvkImcYyQR&p=https%3A//mhapks.com&dtd=128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
b917fb36156c12219b1badab527856ec5101523a7cf88e67b7610702683d78cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 00:33:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
71028
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3475
x-xss-protection
0
server
cafe
etag
18338420715545796318
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:33:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 749C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1698290262&rafmt=1&to=qs&pwprc=1947712845&format=392x100&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1149&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=nvkImcYyQR&p=https%3A//mhapks.com&dtd=128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 749C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1698290262&rafmt=1&to=qs&pwprc=1947712845&format=392x100&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1149&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=nvkImcYyQR&p=https%3A//mhapks.com&dtd=128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 749C 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1698290262&rafmt=1&to=qs&pwprc=1947712845&format=392x100&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1149&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=nvkImcYyQR&p=https%3A//mhapks.com&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 20:17:43 GMT
8a6c58a25e971cfbc194f00dd2aa8ad4.js
www.gstatic.com/mysidia/ Frame 1E13 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8a6c58a25e971cfbc194f00dd2aa8ad4.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 21:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3907
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 00:39:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Jan 2024 21:45:53 GMT
0272e6c6a7a9a189c14cd5da9dca4b07.js
www.gstatic.com/mysidia/ Frame 1E13 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0272e6c6a7a9a189c14cd5da9dca4b07.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
aac38c8cec872021ce9878f71256f0d59ce05098f54629de299634726b4f279f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 19:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8263
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 21:06:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 19:42:46 GMT
css
fonts.googleapis.com/ Frame 1E13 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 25 Oct 2023 20:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 19:01:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 Oct 2023 20:17:43 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1E13 		2 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
55c07926d0961c7899d23978ffa28542.js
www.gstatic.com/mysidia/ Frame 1E13 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/55c07926d0961c7899d23978ffa28542.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 15:42:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2242
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 21:06:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 23 Jan 2024 15:42:09 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 1E13 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1E13 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1E13 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1E13 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 20:17:43 GMT
b043ffb3bb2c6d533211f24c7a1dfd38.js
www.gstatic.com/mysidia/ Frame 1E13 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b043ffb3bb2c6d533211f24c7a1dfd38.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 21:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15030
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 21:06:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Jan 2024 21:46:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame EB97 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame EB97 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
l
www.google.com/ads/measurement/ Frame EB97 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfJtRf809qwZGtIsflCJI1ghpFOX-GsM2GEU-5siDDxM7O7Zb5zAc2qqXA7lrqRP_A9GvgmXOmjAKprf-FIaJZTJICgQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EB97 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 20:17:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame BD13 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame BD13 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
74780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
l
www.google.com/ads/measurement/ Frame BD13 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-zWlHBerSO73CU5jTjX3--WvPfa7_quZYEQ50kzpGzIwESWU1VUdL4gxeAeJBs_aNkoeZA3vw1VmlEXjCEPOohnB8SQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BD13 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 20:17:43 GMT
Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame E6DE 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
361
x-guploader-uploadid
ADPycdu96hHgET-7m7Io5RJDoLXT_DeBNLVsZz9nmsZl4eDeoNph7Znp0Rhz7QZr5TgwGFgmPYQcT547gJsjRa7aAs0CLw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162876
last-modified
Wed, 14 Jun 2023 14:22:11 GMT
server
cloudflare
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Accept-Encoding
x-goog-generation
1686752530970769
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZCr6abRQTYl6tTT10C9V9G%2BcDLp4Gh4udMC9snX1rgrE8m5x%2BnNGwVVWCTf5oYOtU%2BqsswNK0ODMRH7wQNtYyhGmFY3HJuUegVW%2BT%2Bny3O86A4Rgu4ISug6H%2BD7MjPGcg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162876
accept-ranges
bytes
cf-ray
81bd250638ba36d5-YYZ
expires
Wed, 25 Oct 2023 20:46:26 GMT
Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame E6DE 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1692
x-guploader-uploadid
ADPycduZMD-D0bbwiRXFENcgSY2kszotTXWwtjxzTRL-vhc9xMijVkiG5W5dAWEwkcnN_yOflfR9VCSrxi0YcPg7xwBYtRB1knFa
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162464
last-modified
Wed, 14 Jun 2023 14:03:41 GMT
server
cloudflare
etag
"d329cc8b34667f114a95422aaad1b063"
vary
Accept-Encoding
x-goog-generation
1686751421527536
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YomnN%2BormqSfHjaBPSfz5MrAx%2B852jyNDfRdEWjD8TE5TwSSF3dZIFPPSTyGHeIOuDowUMpgXTg7HN7CLJ1XQ%2FCp%2FK0qqXIMV7AqxQOaJJg5kkShApuPMXzCm6ir%2BQbIMw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162464
accept-ranges
bytes
cf-ray
81bd250638bd36d5-YYZ
expires
Wed, 25 Oct 2023 20:48:54 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame EB97 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CXXmX5nc5ZaOnMqqoo9kPsoubqATSkbaNbbnQrsqWD8CNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi03MzIxMzI4MDA2NjUzMzg0yAEJqAMByAMCqgThAU_QvqTALt-__jonAuBiyz2y3cX5VORHJNZMCFLfS0q01odq8vgVIt6PZTP0UpvUuP5qW8uJTzHySikjicODH5QM3AQC3fAD1WStIrVqZPlI8fasKaEbuutAcGh_XpWsBBjr9hzfjMWj3XekatOymILICgkkFDjU5-zV9UKdFv3JiYNtNXpgsY9ckDvFUU9OtY6D4ETz5joXBZ6xc4ZzcRBHTBh5EXLGEe46LxnagxJt5Ei6ZWFyCBgzZslNC4GnTFaMjh34kw_1lQy2hZXMOXgogDyuosNw3RM7DRiBDX5YoYAGrbXm6c6U7o5ToAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MzIxMzI4MDA2NjUzMzg0GAA&sigh=ExC75UpXexg&uach_m=[UACH]&cid=CAQSPADICaaNUBhwiRU05ONFSy-W998fOaiohLABfF_ku8gbuWDijUY4wTGpcV2fG7-hDvHVnunYQk2qSlAtvhgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 25 Oct 2023 20:17:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rtimp
g.bidbrain.app/ Frame EB97 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=8d9daa30-7373-11ee-a449-6a89eadbac73&d=mhapks.com&cr=ext_ng_dow_ghst7&gid=CAESEPFDvvz45JZOUJWc3r9II9U&a=imp&p=ZTl35gAMk6MFKNQqAAbFsgMxrK59wdCd0cPJKA&im=gMH1hX5h_kVCryilX8a9ezYsolMcdAVTJhz687VcvMbwds59pOhOYrwUP7iDpKP5febWACMTcedo8f1oQJvv6ehDh0kZdS-x2O8LuTHxMHzAazb8yoScK9l0aaTQXb7qpuZxoIEeyTOZbs-Xv0ZidRV4Ubqkr7rvYeoqhJfGnKcfUsEe27gSSSiADtk7ZWFruYV6g1PeO9_CnC6zC_4NBEgnxpn_-eJtwFqxKrJkmcypDvv-OGrVFXng3e3CEU5gSzPNvtUF9l7ywr7DFB4lLa5UjNPSRTnnpH6D0lXdtNI1bNQQ1kwuD_jaFBAmTorLCEBDtLNMeFFBY4TeWC7BeGCe6RAJ_i33WZykPjGB5G8OuAQeJ7UI1IvestIhvU_IRHj-NdpUWoKKoEXcLx7vAg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.bidbrain.app/ Frame E6DE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5B60 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
26782
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:51:21 GMT
etag
48472445140208031
expires
Thu, 26 Oct 2023 12:51:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 35F9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1698290262&rafmt=1&to=qs&pwprc=1947712845&format=392x100&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1149&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=nvkImcYyQR&p=https%3A//mhapks.com&dtd=128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
26782
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:51:21 GMT
etag
48472445140208031
expires
Thu, 26 Oct 2023 12:51:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 565A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
26782
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:51:21 GMT
etag
48472445140208031
expires
Thu, 26 Oct 2023 12:51:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame 968B 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
361
x-guploader-uploadid
ADPycdu96hHgET-7m7Io5RJDoLXT_DeBNLVsZz9nmsZl4eDeoNph7Znp0Rhz7QZr5TgwGFgmPYQcT547gJsjRa7aAs0CLw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162876
last-modified
Wed, 14 Jun 2023 14:22:11 GMT
server
cloudflare
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Accept-Encoding
x-goog-generation
1686752530970769
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gv%2FXsGmt1eoC5isHNpNb8GZjHEYPxLWu1xD1LxbbY36HG5ksxuLnZgQXC7FkHRLujLpLughlFvDpO0pUiUkicuyDQ8C46wNGaq%2BqLahlyNRfbcfLS1FlU2YNaoEA4%2FWeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162876
accept-ranges
bytes
cf-ray
81bd2506b9c136d5-YYZ
expires
Wed, 25 Oct 2023 20:46:26 GMT
Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame 968B 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1692
x-guploader-uploadid
ADPycduZMD-D0bbwiRXFENcgSY2kszotTXWwtjxzTRL-vhc9xMijVkiG5W5dAWEwkcnN_yOflfR9VCSrxi0YcPg7xwBYtRB1knFa
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162464
last-modified
Wed, 14 Jun 2023 14:03:41 GMT
server
cloudflare
etag
"d329cc8b34667f114a95422aaad1b063"
vary
Accept-Encoding
x-goog-generation
1686751421527536
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlsN6UKs4B2iSTPgOPHF5jdVUvt5j25JN5CKfuyD8Lc4DKLqkRS8W5CyulwBLkBRwzchdzfBIqLST2nFn4m6i%2BKKiy64vvIOEIFtgi9%2BW%2FG7GGxr%2BpzimoGs1DN4gf7bnA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162464
accept-ranges
bytes
cf-ray
81bd2506b9c336d5-YYZ
expires
Wed, 25 Oct 2023 20:48:54 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D3D7 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1559
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 19:51:44 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rtimp
g.bidbrain.app/ Frame 968B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
truncated
/ Frame 749C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0d4608684019999f1450b7730cd7c6f65f2c3d1de08caa246c0efb1eaa916e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 4DF6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?y8yASA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rtimp
g.bidbrain.app/ Frame E6DE 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame 15C1 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
361
x-guploader-uploadid
ADPycdu96hHgET-7m7Io5RJDoLXT_DeBNLVsZz9nmsZl4eDeoNph7Znp0Rhz7QZr5TgwGFgmPYQcT547gJsjRa7aAs0CLw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162876
last-modified
Wed, 14 Jun 2023 14:22:11 GMT
server
cloudflare
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Accept-Encoding
x-goog-generation
1686752530970769
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljSqYedU8NFmRfPBoRyGWHDj8pvUeNwsaXoGmQrJGOO60KhXdbRXfWB3eQ8O9A76Wi3hQ85stNJyPoYesu5qS24KLljCnoUX5elXN8q4ZTZ4H%2BplZSWIt7m2kdsWne6tIA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162876
accept-ranges
bytes
cf-ray
81bd25071a8536d5-YYZ
expires
Wed, 25 Oct 2023 20:46:26 GMT
Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame 15C1 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1692
x-guploader-uploadid
ADPycduZMD-D0bbwiRXFENcgSY2kszotTXWwtjxzTRL-vhc9xMijVkiG5W5dAWEwkcnN_yOflfR9VCSrxi0YcPg7xwBYtRB1knFa
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162464
last-modified
Wed, 14 Jun 2023 14:03:41 GMT
server
cloudflare
etag
"d329cc8b34667f114a95422aaad1b063"
vary
Accept-Encoding
x-goog-generation
1686751421527536
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0stxZpg090FZxK06SShkTWggXbiLzSqJS4orJiWx265bbhWB7U8r1X7EnUOadLW4ypNIBUTfE8VYaKnPnd%2B%2BV7VpTCAfj27BmcrupvcQ%2Ftd7WicFeZ91g3PKxdg2kjMxUg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162464
accept-ranges
bytes
cf-ray
81bd25071a8836d5-YYZ
expires
Wed, 25 Oct 2023 20:48:54 GMT
rtimp
g.bidbrain.app/ Frame 15C1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.bidbrain.app/ Frame 968B 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.bidbrain.app/ Frame E6DE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E13 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgohCAEqHWxhcmdlLWJhbm5lci1yZGEtbG9nby12YW5pbGxhCgoIAioGc2VydmVyChgIBCoUbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRArIQAAAAAAACZAMAQKDRADIQAAAMzMdHBAMAQKDRANIQAAAAAAAAAAMAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAAAsQDAECg0QECEAAAAAAAAAADAECg0QESEAAAAA0DPzQDAECg0QEiEAAAAAAAAYQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAAAAADhyQDAEEhpDTDJXaWE2Q2tvSURGZGZUS0FVZHJiZ0V5dyIadGV4dC92YW5pbGxhX3RleHRfY2xvc2VfdjIoAw==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/0272e6c6a7a9a189c14cd5da9dca4b07.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtimp
g.bidbrain.app/ Frame 15C1 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.bidbrain.app/ Frame 968B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
truncated
/ Frame EB97 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f01ca5ca388a583e60f5c820aaadbd11dd088f37c64e0676ed8d43880018552

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 5B60 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECEfUu2zvsYu-zbF-Q5QJHk&google_cver=1&google_push=AXcoOmSZGlle2NGOrWW5Y34SWnkBPeZgLrVw65zJrhntgYd5L26vE1LCY6bU2EJnW7vw9nucA54x83MdKQmzTl3LT_adoNWinr9vmxM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.69.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5B60
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIjTDK1ty0AXcgjw9Z5XWL0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIjTDK1ty0AXcgjw9Z5XWL0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bGZEMDNvdjUxUVZLalo1&google_gid=CAESEIjTDK1ty0AXcgjw9Z5XWL0&google_cver=1&google_push=AXcoOmS4ntn32r0romw9coIuGFt4LTwWzH_wcE4JgBnNLeT...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bGZEMDNvdjUxUVZLalo1&google_gid=CAESEIjTDK1ty0AXcgjw9Z5XWL0&google_cver=1&google_push=AXcoOmS4ntn32r0romw9coIuGFt4LTwWzH_wcE4JgBnNLeTGyYbQhO-7bBW0JcZaTA-B02qG8JQx0BZC06EOicuPmgyV0N6jI2y_Ug
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 20:17:42 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0c96e5fd0743cc8f9@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bGZEMDNvdjUxUVZLalo1&google_gid=CAESEIjTDK1ty0AXcgjw9Z5XWL0&google_cver=1&google_push=AXcoOmS4ntn32r0romw9coIuGFt4LTwWzH_wcE4JgBnNLeTGyYbQhO-7bBW0JcZaTA-B02qG8JQx0BZC06EOicuPmgyV0N6jI2y_Ug
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5B60
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF_pfaOFMiOQL0jURTvXpsY&google_push=AXcoOmTQ6MzO5porkme3wWtKGx0Efo_xv_oOZTgPF584GVPv2ajO2DM4Ft...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF_pfaOFMiOQL0jURTvXpsY&google_push=AXcoOmTQ6MzO5porkme3wWtKGx0Efo_xv_oOZTgPF584GVPv2ajO2DM4Ft7PQk1x8Nu9KmtBDFnILHIxq0KLS75p_8DQ20YSRqTBX50
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-yyz4522-YYZ
pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1698265064.729909,VS0,VE21
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF_pfaOFMiOQL0jURTvXpsY&google_push=AXcoOmTQ6MzO5porkme3wWtKGx0Efo_xv_oOZTgPF584GVPv2ajO2DM4Ft7PQk1x8Nu9KmtBDFnILHIxq0KLS75p_8DQ20YSRqTBX50
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 5B60
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPjzoA0bPCLPjoYp8YMvW2M&google_cver=1&google_push=AXcoOmTKSSVtRjGpatsIwfCy4XaDJ5_d5BD1wu2w8PzCyYCbrBYX324tqfxbmAdSa4--erxao0OXLvVN9QICGvcW...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=gEb-WM3QQjIYbkpk4mPUuA&google_push=AXcoOmTKSSVtRjGpatsIwfCy4XaDJ5_d5BD1wu2w8PzCyYCbrBYX324tqfxbmAdSa4--erxao0OXLvVN9QICGvcWbU0Vo_OCpRa-YZk
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=gEb-WM3QQjIYbkpk4mPUuA&google_push=AXcoOmTKSSVtRjGpatsIwfCy4XaDJ5_d5BD1wu2w8PzCyYCbrBYX324tqfxbmAdSa4--erxao0OXLvVN9QICGvcWbU0Vo_OCpRa-YZk
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=gEb-WM3QQjIYbkpk4mPUuA&google_push=AXcoOmTKSSVtRjGpatsIwfCy4XaDJ5_d5BD1wu2w8PzCyYCbrBYX324tqfxbmAdSa4--erxao0OXLvVN9QICGvcWbU0Vo_OCpRa-YZk
x-host
tde-deliveryengine-production-69ffdcd588-x7pd8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5B60
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFA_2OmfLbVBY6U79g2iWVM&google_cver=1&google_push=AXcoOmScn33Swwx9P2BGbJ4jtsgFRsnWJQNfxU5j3S4RyqqOPgExNZ5n6L-ADmUHOcwLEg5F95Dl296IoFblQn7iB5kXivm...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmScn33Swwx9P2BGbJ4jtsgFRsnWJQNfxU5j3S4RyqqOPgExNZ5n6L-ADmUHOcwLEg5F95Dl296IoFblQn7iB5kXivmRB44c-UE&google_hm=eS1sYWo0QmJSRTJwRUl...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmScn33Swwx9P2BGbJ4jtsgFRsnWJQNfxU5j3S4RyqqOPgExNZ5n6L-ADmUHOcwLEg5F95Dl296IoFblQn7iB5kXivmRB44c-UE&google_hm=eS1sYWo0QmJSRTJwRUllWDA4TU8wSnprLk5DVU1wNjh6bX5B
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 25 Oct 2023 20:17:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmScn33Swwx9P2BGbJ4jtsgFRsnWJQNfxU5j3S4RyqqOPgExNZ5n6L-ADmUHOcwLEg5F95Dl296IoFblQn7iB5kXivmRB44c-UE&google_hm=eS1sYWo0QmJSRTJwRUllWDA4TU8wSnprLk5DVU1wNjh6bX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5B60
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEP3yH0yKyUwLqAHltUacaOs&google_cver=1&google_push=AXcoOmTIJ7lRjg83xNa4gZBdNrm5GHOVmxaywV5qsQZJ49MXhWhgVEjaw9J6vRu2XPI0JWSOnQ6Cw1MR8IhSusf...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=csJ8Do27XIdWh_hLdSLUoSUT1bI&google_push=AXcoOmTIJ7lRjg83xNa4gZBdNrm5GHOVmxaywV5qsQZJ49MXhWhgVEjaw9J6vRu2XPI0JWSOnQ6Cw1MR8IhSus...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=csJ8Do27XIdWh_hLdSLUoSUT1bI&google_push=AXcoOmTIJ7lRjg83xNa4gZBdNrm5GHOVmxaywV5qsQZJ49MXhWhgVEjaw9J6vRu2XPI0JWSOnQ6Cw1MR8IhSusfz1n2u59WpjPP05no
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=csJ8Do27XIdWh_hLdSLUoSUT1bI&google_push=AXcoOmTIJ7lRjg83xNa4gZBdNrm5GHOVmxaywV5qsQZJ49MXhWhgVEjaw9J6vRu2XPI0JWSOnQ6Cw1MR8IhSusfz1n2u59WpjPP05no
Date
Wed, 25 Oct 2023 20:17:43 GMT
Connection
keep-alive
Content-Length
245
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 5B60
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAIesvcdBk5VkmXlpTuQqMo&google_cver=1&google_push=AXcoOmQM_42PVCA7QISvmINJcBmRD3RhoOH5tZ9skRWeOmyceaMFurFmPfbu2ERjjflti1FJLr6CkvwVdPMi...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi2h8YW5ImnI8zBMdLova4Nh-3MQENPiv4g&google_push=AXcoOmQM_42PVCA7QISvmINJcBmRD3RhoOH5tZ9skRWeOmyceaMFurFmPfbu2ERjjflti1FJLr6CkvwVdP...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi2h8YW5ImnI8zBMdLova4Nh-3MQENPiv4g&google_push=AXcoOmQM_42PVCA7QISvmINJcBmRD3RhoOH5tZ9skRWeOmyceaMFurFmPfbu2ERjjflti1FJLr6CkvwVdPMivuKKVQINCe-JuMy7joM
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi2h8YW5ImnI8zBMdLova4Nh-3MQENPiv4g&google_push=AXcoOmQM_42PVCA7QISvmINJcBmRD3RhoOH5tZ9skRWeOmyceaMFurFmPfbu2ERjjflti1FJLr6CkvwVdPMivuKKVQINCe-JuMy7joM
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 5B60 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILWkDhQtkXgZ2M5OBMLIP3QbabeQLss8e5Km-hNJMSV9n09QCRFu1Wz8zLwp3ejEbiez0J
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 35F9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFq69T6gxO6Q_C0UtrS081M&google_cver=1&google_push=AXcoOmRPXVHQgKgZHuABiKEXIVG6yCaSV4yNwepbw2ywuYNTJhva-FLmqzKxTbt00PMmmqvEIKo9NpbOxd_fMRuBz4rZTeyo_AQIU...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY3NDM4NzEzMDkyOTQ1NjAzNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ9tVKkCdsQGtChuN3HLA58&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ9tVKkCdsQGtChuN3HLA58&google_cver=1
Protocol
H2
Server
50.116.194.21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
presentation-atl1.turn.com
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ9tVKkCdsQGtChuN3HLA58&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 35F9
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESEKBi-lnhRustmvvkhABiqUE&google_cver=1&google_push=AXcoOmQyWO9Ld63EFD4pOsOjOqwSWNwIemmPoCAPvynBfSPdcEhC9Z7ZWJHUaEHaS_73e7jFxtd6cJ4h3Da1h7twvtc0CKaxj0KuiFYY...
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmQyWO9Ld63EFD4pOsOjOqwSWNwIemmPoCAPvynBfSPdcEhC9Z7ZWJHUaEHaS_73e...
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmQyWO9Ld63EFD4pOsOjOqwSWNwIemmPoCAPvynBfSPdcEhC9Z7ZWJHUaEHaS_73e7jFxtd6cJ4h3Da1h7twvtc0CKaxj0KuiFYYX8rUUzckRDMfsaIt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmQyWO9Ld63EFD4pOsOjOqwSWNwIemmPoCAPvynBfSPdcEhC9Z7ZWJHUaEHaS_73e7jFxtd6cJ4h3Da1h7twvtc0CKaxj0KuiFYYX8rUUzckRDMfsaIttZKlhQ4ds5bbHslleOwydi-upLV73UbF0gtkVQ&google_cver=1&google_gid=CAESEKBi-lnhRustmvvkhABiqUE&google_hm=UTc1MTU1MTQ2MzIxMDQyNjY2NDg=
Protocol
H3
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 25 Oct 2023 20:17:44 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmQyWO9Ld63EFD4pOsOjOqwSWNwIemmPoCAPvynBfSPdcEhC9Z7ZWJHUaEHaS_73e7jFxtd6cJ4h3Da1h7twvtc0CKaxj0KuiFYYX8rUUzckRDMfsaIttZKlhQ4ds5bbHslleOwydi-upLV73UbF0gtkVQ&google_cver=1&google_gid=CAESEKBi-lnhRustmvvkhABiqUE&google_hm=UTc1MTU1MTQ2MzIxMDQyNjY2NDg=
Content-Type
text/html
Cache-Control
max-age=55015
Connection
keep-alive
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame 35F9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENemRXvo8ZMUURuvB6WlZSI&google_push=AXcoOmRoB2X8FTBFTs_Wqya6HR7HYUisWvApL7ciAA0AePsP8qmQ7o7Rrm...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENemRXvo8ZMUURuvB6WlZSI&google_push=AXcoOmRoB2X8FTBFTs_Wqya6HR7HYUisWvApL7ciAA0AePsP8qmQ7o7RrmSvdLXl9DlkQIuF33khB5FBqTchAgpl0P-eoobV7fgnKagfM5pCnqseXxyNjfAPIWe5Poi2FA_L3OCCDT-OPHjhHtgG0Zxpn0IX0A
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-yyz4522-YYZ
pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1698265064.729935,VS0,VE21
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENemRXvo8ZMUURuvB6WlZSI&google_push=AXcoOmRoB2X8FTBFTs_Wqya6HR7HYUisWvApL7ciAA0AePsP8qmQ7o7RrmSvdLXl9DlkQIuF33khB5FBqTchAgpl0P-eoobV7fgnKagfM5pCnqseXxyNjfAPIWe5Poi2FA_L3OCCDT-OPHjhHtgG0Zxpn0IX0A
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 35F9
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJURZJu_Mvwu6EN5tX20V_Q&google_cver=1&google_push=AXcoOmSlVTD1UaUKN_cuVhMMDzfV_lPK9547LiZavlJOzLK2tNkK3brDgV6aefXyD7kefUDRyH_8gmLWOLiBNExXnyxh19_3XINZr2...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4508D7E8A7124DC5ACB4F9D06854D10A&google_push=AXcoOmSlVTD1UaUKN_cuVhMMDzfV_lPK9547LiZavlJOzLK2tNkK3brDgV6aefXyD7kefUDRyH_8gmLWOLiBNEx...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4508D7E8A7124DC5ACB4F9D06854D10A&google_push=AXcoOmSlVTD1UaUKN_cuVhMMDzfV_lPK9547LiZavlJOzLK2tNkK3brDgV6aefXyD7kefUDRyH_8gmLWOLiBNExXnyxh19_3XINZr24-rVNCFBL3lXfhAsSEjaNmhohkOt3qqQQBYDeL4bYhc1jcawOtnacO
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 25 Oct 2023 20:17:43 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4508D7E8A7124DC5ACB4F9D06854D10A&google_push=AXcoOmSlVTD1UaUKN_cuVhMMDzfV_lPK9547LiZavlJOzLK2tNkK3brDgV6aefXyD7kefUDRyH_8gmLWOLiBNExXnyxh19_3XINZr24-rVNCFBL3lXfhAsSEjaNmhohkOt3qqQQBYDeL4bYhc1jcawOtnacO
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 24 Oct 2023 20:17:43 GMT
pixel
cm.g.doubleclick.net/ Frame 35F9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEk2RT4xP-R0OzI_wX--KLo&google_cver=1&google_push=AXcoOmSZ1B5RHeb6mFfO3mlNnCPz_0YpYrr1dnkMaagAoD36no-QMET3vZVtOfm12TGzCWZdngd2onQCVc94TzHHqH21...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEk2RT4xP-R0OzI_wX--KLo&google_cver=1&google_push=AXcoOmSZ1B5RHeb6mFfO3mlNnCPz_0YpYrr1dnkMaagAoD36no-QMET3vZVtOfm12TGzCWZdngd2onQCVc94Tz...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSZ1B5RHeb6mFfO3mlNnCPz_0YpYrr1dnkMaagAoD36no-QMET3vZVtOfm12TGzCWZdngd2onQCVc94TzHHqH21NsRaXRBaZ1WEtMlMvkVj95rx6rVbmp1cZVhN8rwzpg...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSZ1B5RHeb6mFfO3mlNnCPz_0YpYrr1dnkMaagAoD36no-QMET3vZVtOfm12TGzCWZdngd2onQCVc94TzHHqH21NsRaXRBaZ1WEtMlMvkVj95rx6rVbmp1cZVhN8rwzpgCWxzpr6PZvuQ_46rKw0qE_yA&google_hm=lxNHo4AbQVqrq12GWHzq9g==
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSZ1B5RHeb6mFfO3mlNnCPz_0YpYrr1dnkMaagAoD36no-QMET3vZVtOfm12TGzCWZdngd2onQCVc94TzHHqH21NsRaXRBaZ1WEtMlMvkVj95rx6rVbmp1cZVhN8rwzpgCWxzpr6PZvuQ_46rKw0qE_yA&google_hm=lxNHo4AbQVqrq12GWHzq9g==
Date
Wed, 25 Oct 2023 20:17:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 35F9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENMNkdNHtm5ab4PCWWnyL2Q&google_cver=1&google_push=AXcoOmQTxPCpf2WiXYn-iegEJBMaXMfa5Pu6YKxQltTcHxggkroOppV8_scSx4AWG0v2GRWacUB0pAOA...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENMNkdNHtm5ab4PCWWnyL2Q&google_cver=1&google_push=AXcoOmQTxPCpf2WiXYn-iegEJBMaXMfa5Pu6YKxQltTcHxggkroOppV8_scSx4AWG0v2GRWacUB...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMDA4Nzc1NjkyMDI5ODE3Ng&google_push=AXcoOmQTxPCpf2WiXYn-iegEJBMaXMfa5Pu6YKxQltTcHxggkroOppV8_scSx4AWG0v2GRWacUB0pA...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMDA4Nzc1NjkyMDI5ODE3Ng&google_push=AXcoOmQTxPCpf2WiXYn-iegEJBMaXMfa5Pu6YKxQltTcHxggkroOppV8_scSx4AWG0v2GRWacUB0pAOAyBIdFZ_QLFwq05nzEfCf5EtBhH7a9pq4gfaUoxf-J9I1fuBeFEr68yHF434jtApLVVBWooylY-RD
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMDA4Nzc1NjkyMDI5ODE3Ng&google_push=AXcoOmQTxPCpf2WiXYn-iegEJBMaXMfa5Pu6YKxQltTcHxggkroOppV8_scSx4AWG0v2GRWacUB0pAOAyBIdFZ_QLFwq05nzEfCf5EtBhH7a9pq4gfaUoxf-J9I1fuBeFEr68yHF434jtApLVVBWooylY-RD
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 35F9
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEI5rFgRxtk_BMOdUn4bZPz4&google_cver=1&google_push=AXcoOmQcwk0cna7t6s0SKnA_wcCY1eo5AQLkwUPCtUqVKp43NLMpmJxiWbCYwqkfmzX6YyXUJMwi9uINLzNEJe6WtM...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ4Njc5MjU1NDM0ODA1NDY4OA&google_push=AXcoOmQcwk0cna7t6s0SKnA_wcCY1eo5AQLkwUPCtUqVKp43NLMpmJxiWbCYwqkfmzX6YyXUJMwi9uINLzNEJe6WtMU1s...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ4Njc5MjU1NDM0ODA1NDY4OA&google_push=AXcoOmQcwk0cna7t6s0SKnA_wcCY1eo5AQLkwUPCtUqVKp43NLMpmJxiWbCYwqkfmzX6YyXUJMwi9uINLzNEJe6WtMU1sNwKa3zt2P_fVr93ySbFmfihTbqyxOrJzkzOLFptigzLMHcXQ0jdNAd9iiAzsUuG
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ4Njc5MjU1NDM0ODA1NDY4OA&google_push=AXcoOmQcwk0cna7t6s0SKnA_wcCY1eo5AQLkwUPCtUqVKp43NLMpmJxiWbCYwqkfmzX6YyXUJMwi9uINLzNEJe6WtMU1sNwKa3zt2P_fVr93ySbFmfihTbqyxOrJzkzOLFptigzLMHcXQ0jdNAd9iiAzsUuG
Date
Wed, 25 Oct 2023 20:17:43 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 35F9 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kzq0YWHDsPb0ccAP4bhBaSEJIcTBq9ZBS5c6C9MXuHONZJz0ymjxMT-rUax424djIqNBet
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1698290262&rafmt=1&to=qs&pwprc=1947712845&format=392x100&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1149&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=nvkImcYyQR&p=https%3A//mhapks.com&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame 749C 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgJzG5nc5ZYjiM4eN4_UPhYWZ8AHSkbaNbbnQrsqWD8CNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi03MzIxMzI4MDA2NjUzMzg0yAEJqAMByAMCqgThAU_QsKdkjCQkufPepY6iKpiW2UF9KoAsQOBAbKzGVFSdDqXr4AwtoCcxbwkj08M8CG5DjVXbSAppnVlYg8GsKqwV-pLVTcpSJqKyfMT9vixA4BbYVzVdCfP92V6dd_yrw2hhUSRW2pJLo2kHaoTWexhDbMEnqB_DUSWv3sWdS3qffFNOnopH6PwBmTwSKpqcrOX4U6YYWJew4uv-RPXTzv7y8f4KBtAHjjBhesEZio2ImAgTilySDZRO63klvOMZQGFWp5Lq1T724oORjjQj6OS7ryldQX9cRLFRI1ogLUEW0oAGrbXm6c6U7o5ToAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MzIxMzI4MDA2NjUzMzg0GAA&sigh=cdKZJGe-KHI&uach_m=%5BUACH%5D&cid=CAQSPADICaaN4GLIPhwAUVyF9frzLAQWyioRhCqr9wEfGAuwYMVMuRJJ1BfFZo9X2IZijucz6eDBAc0AcGRg2RgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1698290262&rafmt=1&to=qs&pwprc=1947712845&format=392x100&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1149&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=nvkImcYyQR&p=https%3A//mhapks.com&dtd=128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 25 Oct 2023 20:17:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rtimp
g.bidbrain.app/ Frame 749C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.bidbrain.app/rtimp?sid=8da3c46d-7373-11ee-8c06-d6a29cc03122&d=mhapks.com&cr=ext_ng_dow_ghst7&gid=CAESEKq-IkIlQ_OGd2xZTQgyhMA&a=imp&p=ZTl35gAM8QgIuMaHAAZChW4hQ0eyYpNKy0X1BA&im=-U1heqyutXRvywTFkF1mUrNIEUfGi1ntHK4iawZMuf0JKk2R3_0o1MNpOKGwOgApjyfK9pWcDoCV8DPB2H-Ds3qUNz9Si54RSktBP5gVNGhzJv96ZbpyOYreDM5tEoW8Xr9xGGT2b7VGhXpml4INgHyW9t1ssgE5SdMeLdtOtHc1jUYgrerR3685x7bQvs_OYGw7rVfkEm-yBZYOEZNT-jurbVcPIoBgvec0GUGBkBiX9_mc2MMsKHh0QdgZxZOiHAfbTLlb1lJzmzpF8tTyKYGvpbWK3gMqNUDaNiYymuOCFsXPeMFNxDzlg3pbq8Gf74FTohZPZK44IHRtRPrg6ud6jB2B4Z2ijkpAPBiHi4qc8fWDDFex5ZrO91yvSteSEtiGt9DjtwAOXdspKiCMwQ&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
truncated
/ Frame BD13 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27d82929e5b4f9120c1ae8a6d0ad0b9fe3f4fbacd1bdcb8f54443959a778cf35

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 565A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ9tVKkCdsQGtChuN3HLA58&google_cver=1&google_push=AXcoOmSWpBJIRboZes_WEuCNK-MXtn9d3OesAhgMNU-WeSlFl3Gvj224QlnlMkg5qKgGWwb8PMLxMdU0rqPy6SjGcKxbuX9vtJRtrg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc0NjQ0NDcyNDk2NzM4Mzk3Mw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ9tVKkCdsQGtChuN3HLA58&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ9tVKkCdsQGtChuN3HLA58&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H2
Server
50.116.194.21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
presentation-atl1.turn.com
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ9tVKkCdsQGtChuN3HLA58&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 565A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGWNQ53mrj-Y4HlIlofVkEs&google_cver=1&google_push=AXcoOmQQzYiiCCi8TTIreUZYAjM04vKT6bWVvl5gwqQTaeGVng4JXvDw3r-3kbEDm55T0P0BhYb8TSklWycy2Q1pGv-cPzKYhTL04g
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF3F4B1DAD504F4EA19F2B795B839C9B&google_push=AXcoOmQQzYiiCCi8TTIreUZYAjM04vKT6bWVvl5gwqQTaeGVng4JXvDw3r-3kbEDm55T0P0BhYb8TSklWycy2Q1...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF3F4B1DAD504F4EA19F2B795B839C9B&google_push=AXcoOmQQzYiiCCi8TTIreUZYAjM04vKT6bWVvl5gwqQTaeGVng4JXvDw3r-3kbEDm55T0P0BhYb8TSklWycy2Q1pGv-cPzKYhTL04g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 25 Oct 2023 20:17:43 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF3F4B1DAD504F4EA19F2B795B839C9B&google_push=AXcoOmQQzYiiCCi8TTIreUZYAjM04vKT6bWVvl5gwqQTaeGVng4JXvDw3r-3kbEDm55T0P0BhYb8TSklWycy2Q1pGv-cPzKYhTL04g
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 24 Oct 2023 20:17:43 GMT
pixel
cm.g.doubleclick.net/ Frame 565A
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEiszHQxZdNyydnNu5u8XOM&google_cver=1&google_push=AXcoOmRhi6bBPuuuUZSf6vKz3O8xSSV_RCd0HJEKRB-6kCkv4ZlLQZg5DyI0YKBOmqpyk0u7XsQDw...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRhi6bBPuuuUZSf6vKz3O8xSSV_RCd0HJEKRB-6kCkv4ZlLQZg5DyI0YKBOmqpyk0u7XsQDwM2mADAgWf6E2jOCOwHQyYHi5fM
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRhi6bBPuuuUZSf6vKz3O8xSSV_RCd0HJEKRB-6kCkv4ZlLQZg5DyI0YKBOmqpyk0u7XsQDwM2mADAgWf6E2jOCOwHQyYHi5fM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 25 Oct 2023 20:17:43 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 39C8918DFC2440E496E1DBB909637BB1 Ref B: YTO01EDGE0517 Ref C: 2023-10-25T20:17:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRhi6bBPuuuUZSf6vKz3O8xSSV_RCd0HJEKRB-6kCkv4ZlLQZg5DyI0YKBOmqpyk0u7XsQDwM2mADAgWf6E2jOCOwHQyYHi5fM
x-li-proto
http/2
content-length
0
x-li-uuid
AAYIkCXcdsdccu76tqUIPQ==
pixel
cm.g.doubleclick.net/ Frame 565A
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEBCDOKF_gA1Gasbjax5gMwI&google_cver=1&google_push=AXcoOmSfizvj0HYQm6OvIzcAVECEGxIKMdBKe3UjJl-gcIExpQ_a8697J6RjJrqJRzg2fClXJzzpdSJ_jLay5b_65Nbilwitn...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=844921025314&us_privacy=1---
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=844921025314&us_privacy=1---
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=844921025314&us_privacy=1---
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 565A
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESECSUBdbrS35HNumo-Hvvg9c&google_cver=1&google_push=AXcoOmSZM8vBM6dM2H5Jay-2_rs3I_WurLQJBTCx9Np_0_axX4SYE7mGb8UawVM1ok...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSZM8vBM6dM2H5Jay-2_rs3I_WurLQJBTCx9Np_0_axX4SYE7mGb8UawVM1okxDNdIsSWeZNij4zuxrkDgBm7tt_tYKEUxeToBw&google_hm...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSZM8vBM6dM2H5Jay-2_rs3I_WurLQJBTCx9Np_0_axX4SYE7mGb8UawVM1okxDNdIsSWeZNij4zuxrkDgBm7tt_tYKEUxeToBw&google_hm=XaztNBWhQFGveNZ62cEpobI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H2
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSZM8vBM6dM2H5Jay-2_rs3I_WurLQJBTCx9Np_0_axX4SYE7mGb8UawVM1okxDNdIsSWeZNij4zuxrkDgBm7tt_tYKEUxeToBw&google_hm=XaztNBWhQFGveNZ62cEpobI
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 565A
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRkWdcuqfRhJM1unKQSd7zWpGuZw1c2AN-gYMC4dtN_j_RhC-QdKzokU8D6kSHc5yqu-qNnIsmUCtSHMaBrJIH6xfxjEHNr33t9&google_gid=CAESEFFaPnwAa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFFaPnwAa6mYTsatTaO1OuI&google_hm=T1BVY2E5Y2VhNWY3NTkzNGIwMTkzZWIzZGNlZmYwMmU5Y2M&google_nid=opera_norway_as&google_push=AXcoOmRkWdcu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFFaPnwAa6mYTsatTaO1OuI&google_hm=T1BVY2E5Y2VhNWY3NTkzNGIwMTkzZWIzZGNlZmYwMmU5Y2M&google_nid=opera_norway_as&google_push=AXcoOmRkWdcuqfRhJM1unKQSd7zWpGuZw1c2AN-gYMC4dtN_j_RhC-QdKzokU8D6kSHc5yqu-qNnIsmUCtSHMaBrJIH6xfxjEHNr33t9
Protocol
H3
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFFaPnwAa6mYTsatTaO1OuI&google_hm=T1BVY2E5Y2VhNWY3NTkzNGIwMTkzZWIzZGNlZmYwMmU5Y2M&google_nid=opera_norway_as&google_push=AXcoOmRkWdcuqfRhJM1unKQSd7zWpGuZw1c2AN-gYMC4dtN_j_RhC-QdKzokU8D6kSHc5yqu-qNnIsmUCtSHMaBrJIH6xfxjEHNr33t9
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
328
expires
Mon, 01 Jan 1990 00:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame 565A
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEJHDXPiOTUiFJIZ_AxHadC0?ext-param=AXcoOmTNSYaLqogOxZZIjNic1eRImLr6IlHixiwcEro4NqMRDa1rXB5HeP9HrdEMP76HpZ4BYM0PXtZZRwKiALusafMQk3OPglDiPpcA&partner-tag=yandex_...
  • https://an.yandex.ru/mapuid/google/CAESEJHDXPiOTUiFJIZ_AxHadC0?redir-setuniq=1&ext-param=AXcoOmTNSYaLqogOxZZIjNic1eRImLr6IlHixiwcEro4NqMRDa1rXB5HeP9HrdEMP76HpZ4BYM0PXtZZRwKiALusafMQk3OPglDiPpcA&par...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJHDXPiOTUiFJIZ_AxHadC0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 09 Oct 2024 20:17:44 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 565A 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3z97HbYqakk3k5b7q8sLThdMtk0T0ZRo5rvf1jYqnDp7OaD6JpgTZfHNNFJBRCV9MzE9NQaZu
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
rtimp
g.bidbrain.app/ Frame 15C1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: mhapks.com
URL: https://mhapks.com/pt/download-meu-alelo-apk-for-android/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame D3D7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 20:17:43 GMT
expires
Wed, 25 Oct 2023 20:17:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 20:17:43 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
jkeNCdo99qjuYe8I46ZORQC9giCrdAWNIccvlek98BY.js
pagead2.googlesyndication.com/bg/ Frame A909 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jkeNCdo99qjuYe8I46ZORQC9giCrdAWNIccvlek98BY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
8e478d09da3df6a8ee61ef08e3a64e4500bd8220ab74058d21c72f95e93df016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 13:53:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
23048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15023
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 13:53:35 GMT
download-icon_1697445891.svg+xml
cdn.rtbrain.app/ext/ Frame BD13 		469 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.rtbrain.app/ext/download-icon_1697445891.svg+xml
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b2fe0caf115f14d018b7064e8f710521d4c284263a7ae2922feec272961da6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1770
x-guploader-uploadid
ABPtcPo1PdbQjGIyN881JfETOPExtHRn7DxDH5oz9zziNgTfOlg47gVhLbPkOIr7BwJWE6legCU2-hi6T8o0xz0s62npBw
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Mon, 16 Oct 2023 08:44:50 GMT
server
cloudflare
etag
W/"6974aee9af84143b4ac5c739f1707c95"
vary
Accept-Encoding
x-goog-generation
1697445890645515
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=+dJKLA==, md5=aXSu6a+EFDtKxcc58XB8lQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXDpmqYo2%2FPFG4rUOdGafY92Y7Ng55WA6hPZtj0BXqVvgkDd4FYNJCLcW4qbGxlkn%2Bfo%2Fe6EmTN0fPjgSRNNFa3n70iVh6uwN8sOLidUOPsYsY7Ovx6dE9ZCnGmpMQBDqg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
469
cf-ray
81bd2508b9af36a8-YYZ
expires
Wed, 25 Oct 2023 20:48:13 GMT
Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame 749C 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1698290262&rafmt=1&to=qs&pwprc=1947712845&format=392x100&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1149&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=nvkImcYyQR&p=https%3A//mhapks.com&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
361
x-guploader-uploadid
ADPycdu96hHgET-7m7Io5RJDoLXT_DeBNLVsZz9nmsZl4eDeoNph7Znp0Rhz7QZr5TgwGFgmPYQcT547gJsjRa7aAs0CLw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162876
last-modified
Wed, 14 Jun 2023 14:22:11 GMT
server
cloudflare
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Accept-Encoding
x-goog-generation
1686752530970769
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHuo9oTgI83UYd5k5zZUlG9RbVSY01gd4jz8ei%2B%2Br8VIMFU47ve608k56qegs2csNnizwWKRONwtDUovZe%2F2rAsHcgYyjXo4XjcHYg6mFTAVVWBv59%2B0a9sT9KKPaawv9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162876
accept-ranges
bytes
cf-ray
81bd25088e1a36d5-YYZ
expires
Wed, 25 Oct 2023 20:46:26 GMT
Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame 749C 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1698290262&rafmt=1&to=qs&pwprc=1947712845&format=392x100&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1149&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=nvkImcYyQR&p=https%3A//mhapks.com&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1692
x-guploader-uploadid
ADPycduZMD-D0bbwiRXFENcgSY2kszotTXWwtjxzTRL-vhc9xMijVkiG5W5dAWEwkcnN_yOflfR9VCSrxi0YcPg7xwBYtRB1knFa
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162464
last-modified
Wed, 14 Jun 2023 14:03:41 GMT
server
cloudflare
etag
"d329cc8b34667f114a95422aaad1b063"
vary
Accept-Encoding
x-goog-generation
1686751421527536
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yR1OG2bgZE6InXUtzW%2B53aZpU8FHzh9YlxfKT2gFnof0IfPXFaWbguOS8Xjz1ZCGh0gZ7K3Cu0agNQ5TqppoQ054e9Or8gvzsaddbVfnXJrI1OMyInyawrUa3hSgei%2BP1g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162464
accept-ranges
bytes
cf-ray
81bd25088e2136d5-YYZ
expires
Wed, 25 Oct 2023 20:48:54 GMT
rtimp
g.bidbrain.app/ Frame 749C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1698290262&rafmt=1&to=qs&pwprc=1947712845&format=392x100&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1149&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=nvkImcYyQR&p=https%3A//mhapks.com&dtd=128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E13 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgohCAEqHWxhcmdlLWJhbm5lci1yZGEtbG9nby12YW5pbGxhCgoIAioGc2VydmVyChgIBCoUbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRAUIQAAAAAAUvRAMAQKDRAVIQAAAAAAACZAMAQKDRAWIQAAAAAAABBAMAQKDRAYIQAAAJmZaX5AMAQKDRAyIQAAAAAAAAAAMAQKDRAzIQAAAAAAAAAAMAQKDRA0IQAAAAAAAAAAMAQKDRA1IQAAAAAAAAAAMAQKDRA2IQAAAAAAAAAAMAQKDRA3IQAAAAAAAAAAMAQKDRA4IQAAAAAAAAAAMAQKDRA5IQAAAAAAAAAAMAQKDRA6IQAAAAAyM-M_MAQKDRA7IQAAAAAyM-M_MAQKDRA8IQAAAAAyM-M_MAQKDRA9IQAAAAAyM-M_MAQKDRA-IQAAAABmZuY_MAQKDRA_IQAAAABmZuY_MAQKDRBAIQAAAABmZuY_MAQSGkNMMldpYTZDa29JREZkZlRLQVVkcmJnRXl3Ihp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/0272e6c6a7a9a189c14cd5da9dca4b07.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BD13 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CVOc35nc5Zf-9Mcejo9kPudi-wAfSkbaNbbnQrsqWD8CNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi03MzIxMzI4MDA2NjUzMzg0yAEJqAMByAMCqgThAU_QLP4X4A89tWRuA6RclHLAMlD3MDDi0OyLgriaREVjstF_5KcXafNM0jS0fN5NuhtOchAGkp-4bCOS7269Ir3P4Ssxb908IXdiIERZUCp8toO4ETBrmt8VU5NcHMeBOgHonqbTM22rRRGbNeGLYyHtwvVVof06hhPQvbIT1mTf-NVor_DGMOL0jYAavuWJiOUNRhmzrZZQ8ssQSlDbpbRGI_wZy4DkO61AxPB0EQhidoBJ612cq6sG0cO5ImGxgzcFYaI_q_6kwud4JuvZiam_pZQfY0wPG70_3BeA-bnAGIAGrbXm6c6U7o5ToAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MzIxMzI4MDA2NjUzMzg0GAA&sigh=rJma-hZ1HxU&uach_m=[UACH]&cid=CAQSPADICaaNSw2MSgqqxBKnxZo4FSS5M2jbdruRraCBKDxF38ddpZbIOwvPn-WQqRYjyXSvADRoCOi5SJw3hRgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 25 Oct 2023 20:17:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rtimp
g.bidbrain.app/ Frame BD13 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.bidbrain.app/rtimp?sid=8da2b5d3-7373-11ee-8bae-c6e03dc884d9&d=mhapks.com&cr=ext_ng_dow_ghst7&gid=CAESEM0WRLby5z1iJ2lgr0HlLaA&a=imp&p=ZTl35gAMXv8FKNHHAA-sOURT1OU4rvpimQUPiQ&im=JJt9eWH6e1ULE3XGvCF6p-XVFINl9xUia1koirgMdtw96pd9KdQArecduzlHGzIe_vSMjbb-QOI4wOywfn1zmC16YR6iVC_ppvFi2ecR4rU7YtMT671y_T8Zd3Fli7yOvPXL-bkOF6VA0eslTJR-c-0QPSgwKqB-iDo45H2zHsrhS6eK_GJE7kcZc_LXa1WArMsv-6HQXLSDbHYRJiv17HoHepexpqSLL-GqmvLEecuFv_2uSHSPud2V51ePl9_o5iTpWsxCBDmlz1orFKIHQ45uNugNfKqmTqEkTq_lUobbM6NCJbdRAFeVbaWoR-lRMRhoSx3jkjHUeC2jqozrLRIx0pTmygcq5gErc7xFgWJhZv8Y-QDWZGl9p6UNopVJet69by1AitOAmtRIBlYUhA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame EB97 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
361
x-guploader-uploadid
ADPycdu96hHgET-7m7Io5RJDoLXT_DeBNLVsZz9nmsZl4eDeoNph7Znp0Rhz7QZr5TgwGFgmPYQcT547gJsjRa7aAs0CLw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162876
last-modified
Wed, 14 Jun 2023 14:22:11 GMT
server
cloudflare
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Accept-Encoding
x-goog-generation
1686752530970769
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2B7m3Pij8BJS7V%2BS6X11yM4SKm9%2FWPlSinCkpSl4hAEcWwwNAloHwz21VBvo92MHT64LxegkU1bjEY6HdiSesHIuf%2B01WZwtGBsL8lTS83uNOSFUECwpjWWsVSh6nvX4ng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162876
accept-ranges
bytes
cf-ray
81bd25092f3136d5-YYZ
expires
Wed, 25 Oct 2023 20:46:26 GMT
Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame EB97 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1692
x-guploader-uploadid
ADPycduZMD-D0bbwiRXFENcgSY2kszotTXWwtjxzTRL-vhc9xMijVkiG5W5dAWEwkcnN_yOflfR9VCSrxi0YcPg7xwBYtRB1knFa
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162464
last-modified
Wed, 14 Jun 2023 14:03:41 GMT
server
cloudflare
etag
"d329cc8b34667f114a95422aaad1b063"
vary
Accept-Encoding
x-goog-generation
1686751421527536
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZCqMgW%2Fgxyvdo2Z5CdV05MQ5ZJLaEs24fiJpg%2FXqL5%2F7ga6a%2BMlwffTZFQPzJZlqQfE2S4Zh%2FmPbmXh38v%2BqvK3orf2VnNqwgApf93x%2Bdbotw8dbkdr5YbagZM%2BrSSR6w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162464
accept-ranges
bytes
cf-ray
81bd25092f3636d5-YYZ
expires
Wed, 25 Oct 2023 20:48:54 GMT
Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame BD13 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
361
x-guploader-uploadid
ADPycdu96hHgET-7m7Io5RJDoLXT_DeBNLVsZz9nmsZl4eDeoNph7Znp0Rhz7QZr5TgwGFgmPYQcT547gJsjRa7aAs0CLw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162876
last-modified
Wed, 14 Jun 2023 14:22:11 GMT
server
cloudflare
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Accept-Encoding
x-goog-generation
1686752530970769
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPQLxrYFQv0ypFxEUEgMfsMEfIOivCJhWRiARvmM3AG9Ik8Gp%2BcBorpGQKissDlpuAZ9GkLH%2FYkuuG8EsdNJXYbL1YLWtvZ5%2BPxCYSWh0GbdOBz0WqJFlp4RpuOQ%2F%2BWrYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162876
accept-ranges
bytes
cf-ray
81bd25093f4036d5-YYZ
expires
Wed, 25 Oct 2023 20:46:26 GMT
Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame BD13 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1692
x-guploader-uploadid
ADPycduZMD-D0bbwiRXFENcgSY2kszotTXWwtjxzTRL-vhc9xMijVkiG5W5dAWEwkcnN_yOflfR9VCSrxi0YcPg7xwBYtRB1knFa
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162464
last-modified
Wed, 14 Jun 2023 14:03:41 GMT
server
cloudflare
etag
"d329cc8b34667f114a95422aaad1b063"
vary
Accept-Encoding
x-goog-generation
1686751421527536
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzw%2Bd55OJt5QNhhDxVBgRIEufdEpXXzsX9TxDZAnSz9DBy6Ay8uzjOns9khYLmN2cuiFG%2FUnIEOuOF%2FaxLIWY47LhEc2Xy8%2BB1QF4IC7eq2Pm%2FECWnW6CuXJ3SML7VbGgg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162464
accept-ranges
bytes
cf-ray
81bd25093f4536d5-YYZ
expires
Wed, 25 Oct 2023 20:48:54 GMT
rtimp
g.bidbrain.app/ Frame 749C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1698290262&rafmt=1&to=qs&pwprc=1947712845&format=392x100&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1149&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280%2C750x280&nras=4&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=nvkImcYyQR&p=https%3A//mhapks.com&dtd=128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.bidbrain.app/ Frame EB97 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=2577766235&pi=t.aa~a.1217359031~i.29~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=1&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0%2C750x280&nras=3&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1819&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5ilL74u2TS&p=https%3A//mhapks.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.bidbrain.app/ Frame BD13 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:43 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.bidbrain.app/ Frame BD13 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7321328006653384&output=html&h=280&adk=4283914096&adf=4022087924&pi=t.aa~a.1217359031~i.15~rp.1&w=750&fwrn=4&fwrnh=100&lmt=1698290262&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1947712845&ad_type=text_image&format=750x280&url=https%3A%2F%2Fmhapks.com%2Fpt%2Fdownload-meu-alelo-apk-for-android%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698265062653&bpp=3&bdt=1150&idt=-M&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac1568853fa6d6d3-22fc4366aae400b2%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbTr6MdlV7LAtGmD2BwA3tx_jZ5Pw&gpic=UID%3D00000d9c88d95b5f%3AT%3D1698265062%3ART%3D1698265062%3AS%3DALNI_MbNxuFP3J_AxZPP2dlaTzDDDr4mvw&prev_fmts=0x0&nras=2&correlator=2696529612783&frm=20&pv=1&ga_vid=2013654416.1698265062&ga_sid=1698265062&ga_hid=92293526&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805931%2C44806737%2C31078301%2C44806140&oid=2&pvsid=356208396000896&tmod=1430623698&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=HU6jNys3zl&p=https%3A//mhapks.com&dtd=114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:44 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231023&jk=356208396000896&bg=!ysmlyYbNAAaMkNwkrJA7ADQBe5WfOBtmPAMJDJlSG1C3wZA1XYGGV6S_9hPPTbxC6qPomzCILUITi8TXDjwTtxNesdm2AgAAAjBSAAAAAmgBBwoAKpni6DckuRALm7WoDrUg3M_3rVQAfe6Fl5_Ah9jPws1Dd6WsYlIvhRNy7JkCpPJdI2Q8kA50pCZN2J34DhCRG6MIYPVN4D4C9gtmfxQOfAburHDnQ0JUuWZI4Xq0Y5AT6q_oRZrSWsTSwBJwuhdaDJN-YISfGLNQDbVWbsJ21NWR6w2caTE67w1vAGHHuk5bZnRZjCsRSpTN6H1rCJaR3tn4SivO71QgyaH9QPK6esMpi2773-zjg6FT12zknR4KE3ad75tgJLym5uFBq26Bj6LzpZsAO4LJqsL1ILYqLyeZCkiNZREM_2h2pVm27cYnS5nvHljvWO_TkHiqLeay2sgWSea5mXkuPeAdvswaaSsT8jGILY1DEomtgxOvobwj9lV7AMLpMRCOGJeK47ijbbAorkh5HGtF-ymTS6bzcDmyaWjgSv9TMp1aa1BotPgQFwN4Sy4sud9KuLnjDrj0qKmR1u4361G4_B-k0aDy6FwLXROhcIgvMFzI_mvQ4te1ctVAXrh1r9d_96ujNOYslQPNOU6KPE4VvOAJx-drWcFvyuvplqKpIQ4dRwuMQ5FBPiLxTgEOl-hXWZ2fMYeZYaO-syDOQBQvWcuY3ofidDZSoq67PSDkrUt7hjMwrLVUL_kGgeN8KrGafjdM3Fj0dq4H1uRoDMLywcI_qpgJZPKcuf67ks19kfHjyQCRgcAjPDH95adeOtacyhpfNC-SPIiP-yAV10MNAnysnEE9a8QzWuTEJhPZzTpOztmjsXEUsDTsf4VJojUm1kVJPsvWWnhvpLohosOyq9riDrOgkmCIWQWM7hSky2naKp-QE_fUy7GfY6cQPY5ZPzW4zit8BCLvfLR3ro5uIozac4AggtV-Ekn_RYxj1tEpBMXP7Jjujij_tdDjTJFHtehiI7t83Z2b2vaWOEDGypN2emRQhRPhTIVzw4nEiQ9_Kyl4-9DH-jI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=2.4546863928577536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-3mR5HPJQEpdYh_eIRA_7XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:44 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-3mR5HPJQEpdYh_eIRA_7XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.92107571422829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Uu5lAFuOzqi_RGHu9k_I6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-Uu5lAFuOzqi_RGHu9k_I6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUNA1ryetEdZHsSFh9ZSf0ocNcDU1acoNQX6gTQRHzCWcNv594vCNpnBBKkzlJN-Y6954C5g6lqNsQlKg8n5ecv1vXSg9py_OXcuaxYH7Lz4M913i0ekuAMqZ-mmxAD9nokMnUPFw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUNA1ryetEdZHsSFh9ZSf0ocNcDU1acoNQX6gTQRHzCWcNv594vCNpnBBKkzlJN-Y6954C5g6lqNsQlKg8n5ecv1vXSg9py_OXcuaxYH7Lz4M913i0ekuAMqZ-mmxAD9nokMnUPFw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.qrb70Xux2Hs.es5.O/am=CAM/d=1/rs=AJlcJMzyD0qPbIC7-E-18OarUGiL666AHw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-svc7zvjv_b0Pi81MfyhiRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 20:17:44 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-svc7zvjv_b0Pi81MfyhiRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://mhapks.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E6DE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPeZkKyrLQWWi1NnfWWAzzEetMaZ5KnoEiifeQVSuPQiZEdeFUMcbYal5eQ57ny5PW_h_L3s7r03ibuaVYLH-g9THmNiYZwJOD4YeJ&sig=Cg0ArKJSzMhlCQVoQyRDEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=289,837,1000,1000,1000&tos=289,548,163,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698265062836&rpt=483&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 20:17:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advertverticallong.
fundingchoicesmessages.google.com/f/AGSKWxU8Nwjf83vikscRWX-zcXvFa9bC6ThTo2SfKLuRRCrVHETXhqHJP1oeWMBKhZL3c231hXmq7qc7PEDciGs281zYl8JvdFVAehPGhpYYZqZfw-ubZB8rwKlveqCX-wjSV2eZAIpdGro1R_qSM6opSPmcIFbEq... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU8Nwjf83vikscRWX-zcXvFa9bC6ThTo2SfKLuRRCrVHETXhqHJP1oeWMBKhZL3c231hXmq7qc7PEDciGs281zYl8JvdFVAehPGhpYYZqZfw-ubZB8rwKlveqCX-wjSV2eZAIpdGro1R_qSM6opSPmcIFbEqVnSjuDlznUqCVaESoDzPLRXIKE5ce6r/_/adiframetop./rcom-ads.-Banner-Advert-/adtagtc./advertverticallong.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.qrb70Xux2Hs.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxChWG4sycqKEqPGj38KPhaLs2Hew/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
d12c8233357ae3857e33ad23fb797fbfe9def24ca15506e91b9997ff2e74f817
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tutk1qyx2ikgEf2YHNn8xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:44 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tutk1qyx2ikgEf2YHNn8xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.qrb70Xux2Hs.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxChWG4sycqKEqPGj38KPhaLs2Hew/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
cafe /
Resource Hash
6f2baedcd158862b8b005f419813280e093b9fb2e0ba4f4074c9af30db27c928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 19:53:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
1480
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11366
x-xss-protection
0
server
cafe
etag
3715999647879306108
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 20:53:04 GMT
AGSKWxUNA1ryetEdZHsSFh9ZSf0ocNcDU1acoNQX6gTQRHzCWcNv594vCNpnBBKkzlJN-Y6954C5g6lqNsQlKg8n5ecv1vXSg9py_OXcuaxYH7Lz4M913i0ekuAMqZ-mmxAD9nokMnUPFw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUNA1ryetEdZHsSFh9ZSf0ocNcDU1acoNQX6gTQRHzCWcNv594vCNpnBBKkzlJN-Y6954C5g6lqNsQlKg8n5ecv1vXSg9py_OXcuaxYH7Lz4M913i0ekuAMqZ-mmxAD9nokMnUPFw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.qrb70Xux2Hs.es5.O/am=CAM/d=1/rs=AJlcJMzyD0qPbIC7-E-18OarUGiL666AHw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JbO7H_d7OG7GGGJrgUZxHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 20:17:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-JbO7H_d7OG7GGGJrgUZxHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://mhapks.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUNA1ryetEdZHsSFh9ZSf0ocNcDU1acoNQX6gTQRHzCWcNv594vCNpnBBKkzlJN-Y6954C5g6lqNsQlKg8n5ecv1vXSg9py_OXcuaxYH7Lz4M913i0ekuAMqZ-mmxAD9nokMnUPFw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUNA1ryetEdZHsSFh9ZSf0ocNcDU1acoNQX6gTQRHzCWcNv594vCNpnBBKkzlJN-Y6954C5g6lqNsQlKg8n5ecv1vXSg9py_OXcuaxYH7Lz4M913i0ekuAMqZ-mmxAD9nokMnUPFw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.qrb70Xux2Hs.es5.O/am=CAM/d=1/rs=AJlcJMzyD0qPbIC7-E-18OarUGiL666AHw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8zY5fdogrJUo7XyQjcSUug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 20:17:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-8zY5fdogrJUo7XyQjcSUug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://mhapks.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUNA1ryetEdZHsSFh9ZSf0ocNcDU1acoNQX6gTQRHzCWcNv594vCNpnBBKkzlJN-Y6954C5g6lqNsQlKg8n5ecv1vXSg9py_OXcuaxYH7Lz4M913i0ekuAMqZ-mmxAD9nokMnUPFw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUNA1ryetEdZHsSFh9ZSf0ocNcDU1acoNQX6gTQRHzCWcNv594vCNpnBBKkzlJN-Y6954C5g6lqNsQlKg8n5ecv1vXSg9py_OXcuaxYH7Lz4M913i0ekuAMqZ-mmxAD9nokMnUPFw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.qrb70Xux2Hs.es5.O/am=CAM/d=1/rs=AJlcJMzyD0qPbIC7-E-18OarUGiL666AHw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H1eEn-Q8QF3PW02uXvgItw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 20:17:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-H1eEn-Q8QF3PW02uXvgItw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://mhapks.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUNA1ryetEdZHsSFh9ZSf0ocNcDU1acoNQX6gTQRHzCWcNv594vCNpnBBKkzlJN-Y6954C5g6lqNsQlKg8n5ecv1vXSg9py_OXcuaxYH7Lz4M913i0ekuAMqZ-mmxAD9nokMnUPFw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUNA1ryetEdZHsSFh9ZSf0ocNcDU1acoNQX6gTQRHzCWcNv594vCNpnBBKkzlJN-Y6954C5g6lqNsQlKg8n5ecv1vXSg9py_OXcuaxYH7Lz4M913i0ekuAMqZ-mmxAD9nokMnUPFw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.qrb70Xux2Hs.es5.O/am=CAM/d=1/rs=AJlcJMzyD0qPbIC7-E-18OarUGiL666AHw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kuPP5q-GnOwGpEdI2rb8CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 20:17:44 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kuPP5q-GnOwGpEdI2rb8CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://mhapks.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUUVt_vZ_GHPLAQ4DoqIL0CdRTnncxL88-3uTcV5TaG6uTo_RHZ2uDclEvQxnRIqq1Jl7HtHowA_TsZjVa9ddKcuP6885ophagQBRKgmOULmRPY6tBBydpc98DeRhnxPrSclphtYg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUUVt_vZ_GHPLAQ4DoqIL0CdRTnncxL88-3uTcV5TaG6uTo_RHZ2uDclEvQxnRIqq1Jl7HtHowA_TsZjVa9ddKcuP6885ophagQBRKgmOULmRPY6tBBydpc98DeRhnxPrSclphtYg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4MjY1MDY0LDk1OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9taGFwa3MuY29tL3B0L2Rvd25sb2FkLW1ldS1hbGVsby1hcGstZm9yLWFuZHJvaWQvIixudWxsLFtbOCwicXJiNzBYdXgySHMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.qrb70Xux2Hs.es5.O/am=CAM/d=1/rs=AJlcJMzyD0qPbIC7-E-18OarUGiL666AHw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
5c8b4e96d82279df7007812a0cb88ded648e8dc625e87ca30d40816d991b5d06
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-OGZLz6qTzKQHsLNQsMncfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://mhapks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:17:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-OGZLz6qTzKQHsLNQsMncfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWs7Muy2Mv0JzC1JhfW7OzQ6RpEl3gdI1hIPj959QLQ1Bj7asbmOF2v5QpOBZIYqXmxgZyquU5XUxVFN_6kSYbhHFvrW8yxjywg-tqycBx_ftxsEZDvc4dpEq9D3zahNM_n8OSNBw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWs7Muy2Mv0JzC1JhfW7OzQ6RpEl3gdI1hIPj959QLQ1Bj7asbmOF2v5QpOBZIYqXmxgZyquU5XUxVFN_6kSYbhHFvrW8yxjywg-tqycBx_ftxsEZDvc4dpEq9D3zahNM_n8OSNBw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.qrb70Xux2Hs.es5.O/am=CAM/d=1/rs=AJlcJMzyD0qPbIC7-E-18OarUGiL666AHw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j78sLHV5EJY2skKDQwCYHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 20:17:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-j78sLHV5EJY2skKDQwCYHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://mhapks.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUNA1ryetEdZHsSFh9ZSf0ocNcDU1acoNQX6gTQRHzCWcNv594vCNpnBBKkzlJN-Y6954C5g6lqNsQlKg8n5ecv1vXSg9py_OXcuaxYH7Lz4M913i0ekuAMqZ-mmxAD9nokMnUPFw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUNA1ryetEdZHsSFh9ZSf0ocNcDU1acoNQX6gTQRHzCWcNv594vCNpnBBKkzlJN-Y6954C5g6lqNsQlKg8n5ecv1vXSg9py_OXcuaxYH7Lz4M913i0ekuAMqZ-mmxAD9nokMnUPFw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.qrb70Xux2Hs.es5.O/am=CAM/d=1/rs=AJlcJMzyD0qPbIC7-E-18OarUGiL666AHw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MEXM31PRW58IoDUJ4PqlKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mhapks.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 20:17:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MEXM31PRW58IoDUJ4PqlKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://mhapks.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| documentPictureInPicture function| $ function| jQuery function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| __GT string| all string| tk object| gaGlobal object| gaplugins object| gaData function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| GoogleGcLKhOms object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| N2U4OGI3N2ZhZmU5NGFkYWxvYWRlcl9qcw== string| N2U4OGI3N2ZhZmU5NGFkYWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag object| google_image_requests function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| d55b8099-b270-4ea4-b5c8-2cd649605265

48 Cookies

Domain/Path Name / Value
.mhapks.com/ Name: ci_session
Value: ddd3ab0e8867e3c3dda3d6a25f985a066257a29b
.mhapks.com/ Name: _ga_8JH9WYGX07
Value: GS1.1.1698265061.1.0.1698265061.0.0.0
.mhapks.com/ Name: _ga
Value: GA1.2.2013654416.1698265062
.mhapks.com/ Name: _gid
Value: GA1.2.1547321439.1698265062
.mhapks.com/ Name: _gat_gtag_UA_145072184_1
Value: 1
.mhapks.com/ Name: __gads
Value: ID=cf3aef5f009a04c1:T=1698265062:RT=1698265062:S=ALNI_Ma1AzGuzkmCQf-cSvImIICc6o0pCw
.mhapks.com/ Name: __gpi
Value: UID=00000d9c8874ef20:T=1698265062:RT=1698265062:S=ALNI_MYAydLsZnegAIPDVeeomk1u7eKT6A
.bidbrain.app/ Name: uid_cross
Value: 8dac8c58-7373-11ee-a855-e6b6a0ac856b
.doubleclick.net/ Name: IDE
Value: AHWqTUlwVypxL_DL39DqcFg_PXvZOnGqX5qYZYEMsnENcAF4wISVnS4RHFLB6rTjBWM
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZTl35wACJcfK9QAM
.ctnsnet.com/ Name: gid_CAESECSUBdbrS35HNumo-Hvvg9c
Value: 1
.ctnsnet.com/ Name: cid_5daced3415a14051af78d67ad9c129a1
Value: 1
.acuityplatform.com/ Name: auid
Value: 844921025314
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRVoPRguUmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUVaD0YLlI90aGlyZFBhcnR5VXNlcklkWkNBRVNFQkNET0tGX2dBMUdhc2JqYXg1Z013Sfv7hnZlcnNpb27C+w=="
.onetag-sys.com/ Name: OTP
Value: aQ61YjXsnAYsd6BNGz-gEbsYs4YafdCJDlzTZU273ls
.simpli.fi/ Name: suid
Value: CF3F4B1DAD504F4EA19F2B795B839C9B
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBOd3OWUCEJp3OUhklXC-j3YaMgfcK7cFEgEBAQHJOmVDZQAAAAAA_eMAAA&S=AQAAApA1gCefQ3VzUqjNTZE26rg
.turn.com/ Name: uid
Value: 2746444724967383973
.doubleclick.net/ Name: DSID
Value: NO_DATA
.bidswitch.net/ Name: tuuid
Value: 971347a3-801b-415a-abab-5d86587ceaf6
.bidswitch.net/ Name: c
Value: 1698265063
.bidswitch.net/ Name: tuuid_lu
Value: 1698265063
.w55c.net/ Name: wfivefivec
Value: lfD03ov51QVKjZ5
.linkedin.com/ Name: bcookie
Value: "v=2&acadb05a-b964-4f4f-8953-50810db1aed7"
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2685:u=1:x=1:i=1698265063:t=1698351463:v=2:sig=AQHWmtLGfP0rcU_bFlSTix5E-xn25obw"
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A486792554348054688
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-72c27c0e-8dbb-5c87-5687-f84b7522d4a1.aiJrtpj%2FUGIybZpcLYZ%2BHecKuMIM3DOXQIbUxEQghRU
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-72c27c0e-8dbb-5c87-5687-f84b7522d4a1.aiJrtpj%2FUGIybZpcLYZ%2BHecKuMIM3DOXQIbUxEQghRU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AcsJ8Do27XIdWh_hLdSLUoSUT1bI.1FqV9GAp5RBXJUpLI%2Foau%2B5vVaTujHuX7G%2BMn7HT1i0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AcsJ8Do27XIdWh_hLdSLUoSUT1bI.1FqV9GAp5RBXJUpLI%2Foau%2B5vVaTujHuX7G%2BMn7HT1i0
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILM0S64ACFfY2zGHZfISo9hgo7jNASpcXOP03lDXvleYEHwYBCDn7-WpBjABOgSSgrqOQgSnSO35.C8n6K0kcEIfi2U4Av1Kd3z9QlUe1JgZuQWAOVdb3Vdk
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILM0S64ACFfY2zGHZfISo9hgo7jNASpcXOP03lDXvleYEHwYBCDn7-WpBjABOgSSgrqOQgSnSO35.C8n6K0kcEIfi2U4Av1Kd3z9QlUe1JgZuQWAOVdb3Vdk
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%228046FE58-CDD0-4232-186E-4A64E263D4B8%22%7D
.adform.net/ Name: uid
Value: 7510087756920298176
.w55c.net/ Name: matchgoogle
Value: 5
.bidswitch.net/ Name: google_push
Value: AXcoOmSZ1B5RHeb6mFfO3mlNnCPz_0YpYrr1dnkMaagAoD36no-QMET3vZVtOfm12TGzCWZdngd2onQCVc94TzHHqH21NsRaXRBaZ1WEtMlMvkVj95rx6rVbmp1cZVhN8rwzpgCWxzpr6PZvuQ_46rKw0qE_yA
.owneriq.net/ Name: si
Value: Q7515514632104266648P
.owneriq.net/ Name: p2
Value: gguuid
.owneriq.net/ Name: gguuid
Value: 1
.quantserve.com/ Name: d
Value: EBABCQGiKoEA
.quantserve.com/ Name: mc
Value: 653977e7-d898f-f109c-916d6
.bidbrain.app/ Name: sid_cross
Value: 8da2b5d3-7373-11ee-8bae-c6e03dc884d9
.adx.opera.com/ Name: UID
Value: OPUca9cea5f75934b0193eb3dceff02e9cc
.yandex.ru/ Name: yuidss
Value: 1033142761698265064
.yandex.ru/ Name: yandexuid
Value: 1033142761698265064
.mhapks.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-6zW25z2G00GwbZFduXK4hE9roUW9V_Cq6WRwi4RctjgOE9apele5aAiDypOeHxBnDGy2CfNEopdwUiHjhmtBsd5UdlkO1Q3__eg964nu1a-tnC1EC18z79QYZDzmCT_L7H3jBBDVdUJXVsY4g_DptbfG5uw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.travelaudience.com
ajax.googleapis.com
an.yandex.ru
c1.adform.net
cdn.rtbrain.app
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
dsp.adkernel.com
fonts.googleapis.com
fundingchoicesmessages.google.com
g.bidbrain.app
googleads.g.doubleclick.net
ius.ctnsnet.com
mhapks.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
px.owneriq.net
r.turn.com
stackpath.bootstrapcdn.com
sync-tm.everesttech.net
sync.srv.stackadapt.com
t.adx.opera.com
tdns2.gtranslate.net
tpc.googlesyndication.com
translate.googleapis.com
um.simpli.fi
ums.acuityplatform.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.17.24.14
104.18.11.207
104.26.14.75
104.26.2.190
13.107.42.14
142.250.31.94
142.251.111.95
142.251.111.99
142.251.163.132
142.251.167.156
151.101.130.49
172.253.115.139
172.253.115.155
172.253.122.156
172.253.122.95
172.253.62.157
172.253.63.155
172.253.63.97
174.137.133.49
185.167.164.49
192.184.69.215
216.239.38.178
23.61.60.237
3.222.244.182
34.149.135.28
35.186.193.173
35.190.0.66
35.211.178.172
35.236.220.17
50.116.194.21
51.222.239.232
52.70.198.229
54.208.63.53
54.39.84.26
69.90.254.78
82.145.213.8
93.158.134.90
0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fde4756471ad03b876173ee852beaa83ca8fe64a221439815463c482db672dd
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a151cdb068dfe41be6a2d00a13723d590bb8afc6d857c9f23c7bea3a16fcab6
1cc933a2cffa5971635779412d5ea0fcd6d3d7950271c6784c5e44c0a76c8beb
1eea6f9d487b82966f085d4e7f1f2a30ee8098a295d0d1a8fae8e1f8fb000458
27d82929e5b4f9120c1ae8a6d0ad0b9fe3f4fbacd1bdcb8f54443959a778cf35
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea365076581934166c080c847ed825929c1a88130308dacfb279b7232e0716c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a67e48a4cdacc35ff77b867420be6a4a9bfc78557ba60665fc3cb8f7df1a40d
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
40de9ef28899e86ce496fb831efa6ab56c737ab856f253cac9e913088699837c
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b2a6b182fd1868b05814d602de4f700980033059667c6ccf30b86f00e137d41
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
53868df77ba8f728b3ad0c837237e7a40427bc104247ad1edc0b6612aa4b1e4c
548e3e2bd23f1d64e0152e9998150a0ffbdaa4f40c89e3600799c14a4fa68b2f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8b4e96d82279df7007812a0cb88ded648e8dc625e87ca30d40816d991b5d06
5feb590434f658e1a0b750d61921a310a16c82e6fe5677f4927c06256d380563
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f2baedcd158862b8b005f419813280e093b9fb2e0ba4f4074c9af30db27c928
76c587131dd722781edad643c20a50c08bad04f02d24b1aba000b56e9e193b58
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b7928b4846ea76d7f6b517159f0c40043641b034c56a8b6072ce7fb53629332
8c0fd014243f121a6afbad9fa12a3694f71895f9429746d531a6a720540ba0f2
8dfda2b6f448fb32a87ef43ca99b1a5dd019b19e47e72ff8804e044ca9919a49
8e478d09da3df6a8ee61ef08e3a64e4500bd8220ab74058d21c72f95e93df016
8ecb377cdb43ac5cb4a5a5c19b4405da27534b2a5a87348b3b45d89667b376d8
98001e92f39d325606270a17cabe1faeb8139b4a5c72d21e660c054140a5b445
98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
9f01ca5ca388a583e60f5c820aaadbd11dd088f37c64e0676ed8d43880018552
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
aac38c8cec872021ce9878f71256f0d59ce05098f54629de299634726b4f279f
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b0d4608684019999f1450b7730cd7c6f65f2c3d1de08caa246c0efb1eaa916e7
b917fb36156c12219b1badab527856ec5101523a7cf88e67b7610702683d78cf
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
c0c4f4110a856dfa878b7db1b5c45cb7e5a29466be0257915292c1394b168e5a
caa3b7bdf4bb54428ace67e3b611a89fda54f80b731c8798fc3389c6a728bee7
d12c8233357ae3857e33ad23fb797fbfe9def24ca15506e91b9997ff2e74f817
d227d9a30fa30f1209480cdc232ee9aca2e15c4cf8775f63f9436fe411632287
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d6ad3503065b907351284493ba2379ab66f05e52812f4df80c3e1371cbb8bad8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e08a017113b966ee9ffb901ce0d869b1bdeb9ee2ead1cc467a413ccce9f3fd5d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090
e8b2fe0caf115f14d018b7064e8f710521d4c284263a7ae2922feec272961da6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d