urlscan.io logo urlscan.io
SecurityTrails logo

gl.modsforandroid.com Open in urlscan Pro
192.53.122.254  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire#google_vignette
Effective URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Submission Tags: @phish_report
Submission: On November 28 via api from FI — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 75 IPs in 8 countries across 69 domains to perform 323 HTTP transactions. The main IP is 192.53.122.254, located in Toronto, Canada and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is gl.modsforandroid.com.
TLS certificate: Issued by R3 on November 22nd 2023. Valid for: 3 months.
This is the only time gl.modsforandroid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 192.53.122.254 63949 (AKAMAI-LI...)
1 142.251.111.95 15169 (GOOGLE)
4 151.101.193.229 54113 (FASTLY)
1 12 142.251.16.156 15169 (GOOGLE)
1 104.18.30.49 13335 (CLOUDFLAR...)
1 184.28.136.25 16625 (AKAMAI-AS)
19 172.253.63.102 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
7 142.251.16.94 15169 (GOOGLE)
3 7 87.250.251.119 208398 (TELETECH)
1 3.162.125.90 16509 (AMAZON-02)
2 104.22.52.86 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 172.64.152.89 13335 (CLOUDFLAR...)
2 74.119.119.131 19750 (AS-CRITEO)
2 18.160.46.100 16509 (AMAZON-02)
1 99.84.222.71 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 141.95.98.65 16276 (OVH)
1 3.215.27.95 14618 (AMAZON-AES)
5 35.244.159.8 15169 (GOOGLE)
2 74.119.119.139 19750 (AS-CRITEO)
11 18.67.65.75 16509 (AMAZON-02)
3 13.249.42.27 16509 (AMAZON-02)
1 172.67.68.162 13335 (CLOUDFLAR...)
1 74.119.119.129 19750 (AS-CRITEO)
1 18.160.10.20 16509 (AMAZON-02)
1 18.160.1.134 16509 (AMAZON-02)
4 23.218.1.25 16625 (AKAMAI-AS)
1 104.22.52.173 13335 (CLOUDFLAR...)
1 37.157.2.229 198622 (ADFORM)
3 104.22.5.69 13335 (CLOUDFLAR...)
1 9 172.67.23.234 13335 (CLOUDFLAR...)
3 172.253.62.132 15169 (GOOGLE)
1 19 209.54.182.161 16509 (AMAZON-02)
1 159.127.42.146 25751 (VALUECLICK)
4 11 35.71.139.29 16509 (AMAZON-02)
6 7 68.67.160.137 29990 (ASN-APPNEX)
8 8 15.197.193.217 16509 (AMAZON-02)
5 162.248.18.37 62713 (AS-PUBMATIC)
1 2 8.43.72.98 26667 (RUBICONPR...)
5 7 34.111.113.62 396982 (GOOGLE-CL...)
10 19 172.253.63.155 15169 (GOOGLE)
7 8 199.127.204.142 26120 (RHYTHMONE)
1 172.240.155.116 7979 (SERVERS-COM)
1 13.107.42.14 8068 (MICROSOFT...)
1 3 34.202.221.201 14618 (AMAZON-AES)
2 2 35.211.178.172 15169 (GOOGLE)
1 64.38.119.43 18568 (BIDTELLECT)
2 74.119.119.150 19750 (AS-CRITEO)
1 1 35.214.167.128 15169 (GOOGLE)
1 1 50.116.194.21 6336 (TURN-US-ASN)
7 7 54.162.57.130 14618 (AMAZON-AES)
1 51.222.239.230 16276 (OVH)
2 2 35.194.66.159 396982 (GOOGLE-CL...)
1 1 35.208.249.213 15169 (GOOGLE)
4 4 64.74.236.95 19024 (INTERNAP-...)
1 1 64.202.112.31 23352 (SERVERCEN...)
1 1 216.22.16.52 30633 (LEASEWEB-...)
4 4 216.34.207.140 25751 (VALUECLICK)
5 3.233.113.93 14618 (AMAZON-AES)
2 184.31.61.14 16625 (AKAMAI-AS)
1 54.162.226.62 14618 (AMAZON-AES)
3 3 3.225.218.10 14618 (AMAZON-AES)
12 172.253.115.155 15169 (GOOGLE)
25 18.160.10.118 16509 (AMAZON-02)
5 159.89.25.223 14061 (DIGITALOC...)
21 142.250.31.132 15169 (GOOGLE)
7 172.253.122.95 15169 (GOOGLE)
33 172.253.122.132 15169 (GOOGLE)
7 142.250.31.94 15169 (GOOGLE)
2 142.250.31.155 15169 (GOOGLE)
1 104.22.4.69 13335 (CLOUDFLAR...)
4 6 142.251.167.106 15169 (GOOGLE)
2 8.28.7.81 62713 (AS-PUBMATIC)
3 6 172.253.115.149 15169 (GOOGLE)
1 40.76.134.238 8075 (MICROSOFT...)
4 8.28.7.83 62713 (AS-PUBMATIC)
2 8.28.7.84 62713 (AS-PUBMATIC)
2 172.253.62.154 15169 (GOOGLE)
2 2 198.148.27.131 19189 (PULSEPOINT)
1 1 216.22.16.40 30633 (LEASEWEB-...)
2 2 193.122.128.135 31898 (ORACLE-BM...)
2 2 172.64.151.101 13335 (CLOUDFLAR...)
1 2 3.232.123.49 14618 (AMAZON-AES)
1 44.209.50.245 14618 (AMAZON-AES)
1 52.4.32.195 14618 (AMAZON-AES)
1 1 54.161.205.127 14618 (AMAZON-AES)
1 54.175.39.171 14618 (AMAZON-AES)
3 23.22.130.111 14618 (AMAZON-AES)
2 2 100.25.92.92 14618 (AMAZON-AES)
323 75
14    192.53.122.254 (Toronto, Canada)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 192-53-122-254.ip.linodeusercontent.com
gl.modsforandroid.com
1    142.251.111.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f95.1e100.net
ajax.googleapis.com
4    151.101.193.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
12    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
securepubads.g.doubleclick.net
1    104.18.30.49 (None, )

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
1    184.28.136.25 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-136-25.deploy.static.akamaitechnologies.com
is2-ssl.mzstatic.com
19    172.253.63.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f102.1e100.net
fundingchoicesmessages.google.com
www.google-analytics.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    142.251.16.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net
fonts.gstatic.com
7    87.250.251.119 (Russian Federation)

ASN208398 (TELETECH, RS)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
1    3.162.125.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-90.iad61.r.cloudfront.net
connectid.analytics.yahoo.com
2    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
2    74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    18.160.46.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-100.iad55.r.cloudfront.net
tags.crwdcntrl.net
1    99.84.222.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-222-71.iad79.r.cloudfront.net
cdn.prod.uidapi.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    3.215.27.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-27-95.compute-1.amazonaws.com
bcp.crwdcntrl.net
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
u.openx.net
us-u.openx.net
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
11    18.67.65.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-75.iad89.r.cloudfront.net
tagan.adlightning.com
3    13.249.42.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-42-27.iad89.r.cloudfront.net
c.amazon-adsystem.com
1    172.67.68.162 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid-stag.setupad.net
1    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
1    18.160.10.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-20.iad12.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.160.1.134 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-1-134.iad12.r.cloudfront.net
aax.amazon-adsystem.com
4    23.218.1.25 (Mount Prospect, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-1-25.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    104.22.52.173 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    104.22.5.69 (None, )

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
p.ad.gt
9    172.67.23.234 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
ids.ad.gt
3    172.253.62.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f132.1e100.net
bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
19    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    159.127.42.146 (Los Angeles, United States)

ASN25751 (VALUECLICK, US)
PTR: iad09-convex-float1.dotomi.com
proc.ad.cpe.dotomi.com
11    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
7    68.67.160.137 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
8    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
5    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-us-east.rubiconproject.com
7    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
19    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
8    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    172.240.155.116 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    34.202.221.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-221-201.compute-1.amazonaws.com
pr-bh.ybp.yahoo.com
2    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    64.38.119.43 (United States)

ASN18568 (BIDTELLECT, US)
bttrack.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    35.214.167.128 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 128.167.214.35.bc.googleusercontent.com
csync.loopme.me
1    50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com
ad.turn.com
7    54.162.57.130 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-57-130.compute-1.amazonaws.com
match.prod.bidr.io
1    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
2    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
4    64.74.236.95 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    64.202.112.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    216.22.16.52 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
4    216.34.207.140 (United States)

ASN25751 (VALUECLICK, US)
PTR: ric09-nessy-float2.dotomi.com
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
5    3.233.113.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-113-93.compute-1.amazonaws.com
match.sharethrough.com
2    184.31.61.14 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-61-14.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    54.162.226.62 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-226-62.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
3    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
12    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
pagead2.googlesyndication.com
25    18.160.10.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-118.iad12.r.cloudfront.net
setupad-hai-tagan.adlightning.com
5    159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
node.setupad.com
21    142.250.31.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f132.1e100.net
cdn.ampproject.org
7    172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net
fonts.googleapis.com
33    172.253.122.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f132.1e100.net
tpc.googlesyndication.com
7    142.250.31.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net
www.gstatic.com
2    142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
www.googletagservices.com
1    104.22.4.69 (None, )

ASN13335 (CLOUDFLARENET, US)
pixels.ad.gt
6    142.251.167.106 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f106.1e100.net
www.google.com
2    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    172.253.115.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f149.1e100.net
ad.doubleclick.net
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
4    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net
www.googleadservices.com
2    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    216.22.16.40 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
2    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    3.232.123.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-123-49.compute-1.amazonaws.com
thrtle.com
1    44.209.50.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-50-245.compute-1.amazonaws.com
crb.kargo.com
1    52.4.32.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-32-195.compute-1.amazonaws.com
sync.bfmio.com
1    54.161.205.127 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-205-127.compute-1.amazonaws.com
sync.ipredictive.com
1    54.175.39.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-39-171.compute-1.amazonaws.com
rtb.adentifi.com
3    23.22.130.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-130-111.compute-1.amazonaws.com
ads.yieldmo.com
2    100.25.92.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-92-92.compute-1.amazonaws.com
dpm.demdex.net
Apex Domain
Subdomains		 Transfer
48 googlesyndication.com
bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
295 KB
37 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 154
357 KB
36 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2185
setupad-hai-tagan.adlightning.com — Cisco Umbrella Rank: 858784
282 KB
24 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
88 KB
22 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359
www.google.com — Cisco Umbrella Rank: 2
119 KB
21 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
430 KB
15 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 924
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
27 KB
14 gstatic.com
fonts.gstatic.com
www.gstatic.com
247 KB
14 modsforandroid.com
gl.modsforandroid.com
87 KB
13 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
a.ad.gt — Cisco Umbrella Rank: 1844
p.ad.gt — Cisco Umbrella Rank: 2257
ids.ad.gt — Cisco Umbrella Rank: 1474
pixels.ad.gt — Cisco Umbrella Rank: 1963
20 KB
11 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
5 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
3 KB
8 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 364
fonts.googleapis.com — Cisco Umbrella Rank: 31
41 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
7 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
2 KB
7 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 495
ib.adnxs.com — Cisco Umbrella Rank: 246
5 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
u.openx.net — Cisco Umbrella Rank: 659
us-u.openx.net — Cisco Umbrella Rank: 522
2 KB
7 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4351
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
12 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
4 KB
5 setupad.com
node.setupad.com — Cisco Umbrella Rank: 46227
1 KB
5 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
2 KB
5 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2650
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4850
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
2 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8755
3 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
2 KB
4 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5555
ads.yieldmo.com — Cisco Umbrella Rank: 657
3 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
2 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155
106 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
67 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
6 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
22 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
51 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1352
685 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
2 KB
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1617
2 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
2 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
128 KB
2 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6263
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
818 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
1 KB
2 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
44 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4034
70 KB
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1218
285 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
554 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1749
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1180
359 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4024
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 807
837 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
359 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
198 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
434 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
234 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 826
307 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
630 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1426
202 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1267
106 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
10 KB
1 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 41818
794 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
5 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
76 KB
1 mzstatic.com
is2-ssl.mzstatic.com — Cisco Umbrella Rank: 8155
10 KB
1 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 43753
99 KB
0 eu-1-id5-sync.com Failed
lb.eu-1-id5-sync.com Failed
323 69
Domain Requested by
33 tpc.googlesyndication.com gl.modsforandroid.com
bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
tagan.adlightning.com
cdn.ampproject.org
tpc.googlesyndication.com
25 setupad-hai-tagan.adlightning.com tagan.adlightning.com
21 cdn.ampproject.org gl.modsforandroid.com
19 s.amazon-adsystem.com 1 redirects tagan.adlightning.com
s.amazon-adsystem.com
u.openx.net
match.sharethrough.com
ads.pubmatic.com
sync-amz.ads.yieldmo.com
16 fundingchoicesmessages.google.com gl.modsforandroid.com
securepubads.g.doubleclick.net
tagan.adlightning.com
14 cm.g.doubleclick.net 10 redirects gl.modsforandroid.com
eb2.3lift.com
u.openx.net
sync-amz.ads.yieldmo.com
14 gl.modsforandroid.com gl.modsforandroid.com
12 pagead2.googlesyndication.com tagan.adlightning.com
gl.modsforandroid.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
12 securepubads.g.doubleclick.net 1 redirects gl.modsforandroid.com
securepubads.g.doubleclick.net
11 eb2.3lift.com 4 redirects stpd.cloud
eb2.3lift.com
s.amazon-adsystem.com
11 tagan.adlightning.com stpd.cloud
tagan.adlightning.com
bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
8 match.adsrvr.org 8 redirects
7 www.gstatic.com bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
7 fonts.googleapis.com gl.modsforandroid.com
bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 match.prod.bidr.io 7 redirects
7 pixel.tapad.com 5 redirects s.amazon-adsystem.com
sync-amz.ads.yieldmo.com
7 ids.ad.gt 1 redirects gl.modsforandroid.com
7 fonts.gstatic.com gl.modsforandroid.com
fonts.googleapis.com
6 ad.doubleclick.net 3 redirects gl.modsforandroid.com
6 www.google.com 4 redirects gl.modsforandroid.com
tagan.adlightning.com
6 sync.1rx.io 5 redirects gl.modsforandroid.com
5 googleads.g.doubleclick.net bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
gl.modsforandroid.com
5 node.setupad.com stpd.cloud
5 match.sharethrough.com s.amazon-adsystem.com
match.sharethrough.com
5 image2.pubmatic.com gl.modsforandroid.com
s.amazon-adsystem.com
ads.pubmatic.com
5 mc.yandex.com 2 redirects gl.modsforandroid.com
4 simage2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
4 b1sync.zemanta.com 4 redirects
4 secure.adnxs.com 4 redirects
4 secure.cdn.fastclick.net tagan.adlightning.com
secure.cdn.fastclick.net
4 cdn.jsdelivr.net gl.modsforandroid.com
securepubads.g.doubleclick.net
stpd.cloud
3 ads.yieldmo.com sync-amz.ads.yieldmo.com
3 www.google-analytics.com p.ad.gt
www.google-analytics.com
3 us-u.openx.net u.openx.net
s.amazon-adsystem.com
3 ups.analytics.yahoo.com 3 redirects
3 ib.adnxs.com 2 redirects eb2.3lift.com
3 pr-bh.ybp.yahoo.com 1 redirects u.openx.net
s.amazon-adsystem.com
3 bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
3 c.amazon-adsystem.com stpd.cloud
c.amazon-adsystem.com
2 dpm.demdex.net 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 thrtle.com 1 redirects s.amazon-adsystem.com
2 ssum-sec.casalemedia.com 2 redirects
2 sync.technoratimedia.com 2 redirects
2 bh.contextweb.com 2 redirects
2 www.googleadservices.com gl.modsforandroid.com
2 image6.pubmatic.com ads.pubmatic.com
2 www.googletagservices.com bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
2 ads.pubmatic.com s.amazon-adsystem.com
2 amazon-tam-match.dotomi.com 2 redirects
2 um.simpli.fi 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 dis.criteo.com eb2.3lift.com
s.amazon-adsystem.com
2 x.bidswitch.net 2 redirects
2 a.ad.gt tagan.adlightning.com
p.ad.gt
2 id.hadron.ad.gt cdn.hadronid.net
2 gum.criteo.com stpd.cloud
2 id5-sync.com cdn.id5-sync.com
stpd.cloud
2 oajs.openx.net 1 redirects gl.modsforandroid.com
2 tags.crwdcntrl.net securepubads.g.doubleclick.net
tagan.adlightning.com
2 static.criteo.net securepubads.g.doubleclick.net
stpd.cloud
2 cdn.id5-sync.com securepubads.g.doubleclick.net
tagan.adlightning.com
2 mc.yandex.ru 1 redirects gl.modsforandroid.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 rtb.adentifi.com s.amazon-adsystem.com
1 sync.ipredictive.com 1 redirects
1 sync.bfmio.com s.amazon-adsystem.com
1 crb.kargo.com s.amazon-adsystem.com
1 rtb-csync.smartadserver.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 image4.pubmatic.com s.amazon-adsystem.com
1 us01.z.antigena.com s.amazon-adsystem.com
1 pixels.ad.gt tagan.adlightning.com
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 ssbsync-us.smartadserver.com 1 redirects
1 u.openx.net s.amazon-adsystem.com
1 sync.outbrain.com 1 redirects
1 trace.mediago.io 1 redirects
1 onetag-sys.com s.amazon-adsystem.com
1 ad.turn.com 1 redirects
1 csync.loopme.me 1 redirects
1 bttrack.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 sync.colossusssp.com gl.modsforandroid.com
1 token.rubiconproject.com gl.modsforandroid.com
1 p.ad.gt a.ad.gt
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 cm.adform.net gl.modsforandroid.com
1 cdn.hadronid.net gl.modsforandroid.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com tagan.adlightning.com
1 bidder.criteo.com stpd.cloud
1 prebid-stag.setupad.net stpd.cloud
1 google-bidout-d.openx.net oa.openxcdn.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 cdnjs.cloudflare.com gl.modsforandroid.com
1 is2-ssl.mzstatic.com gl.modsforandroid.com
1 stpd.cloud gl.modsforandroid.com
1 ajax.googleapis.com gl.modsforandroid.com
0 lb.eu-1-id5-sync.com Failed stpd.cloud
cdn.id5-sync.com
323 105
Subject Issuer Validity Valid
gl.modsforandroid.com
R3		 2023-11-22 -
2024-02-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
stpd.cloud
E1		 2023-10-18 -
2024-01-16		 3 months crt.sh
itunes.apple.com
Apple Public EV Server RSA CA 2 - G1		 2023-11-09 -
2024-02-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2023-08-15 -
2024-02-08		 6 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2023-07-18 -
2024-06-28		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2023-09-08 -
2024-10-09		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
node.setupad.com
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01		 2022-11-10 -
2023-12-09		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh

This page contains 32 frames:

Primary Page: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Frame ID: 8088F1D9E22D66F5E4951288FF482D3C
Requests: 138 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: FA2C22806D88CE1D2924AF5BF50C2105
Requests: 1 HTTP requests in this frame

Frame: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A67B38D517F7DC45323B432E2363840D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&dcc=t
Frame ID: 5E5C416A17D93564DFA2AD1A3355A7AF
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: FA28F9A83F609F8E2E0291B33EA88F88
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 3A833BCEE3D787471F8114DD9D0556D6
Requests: 8 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: B06728190DC465A4F64E42B15B56B206
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1855738958334292245&gdpr=0&gdpr_consent=
Frame ID: C22B1BCD8F96E48415D9EAF825D066C3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAB-kmpAui9EQNQKwCaAAAAAAA&expiration=1701270785&is_secure=true&gdpr=0
Frame ID: 4FB13D15C04A704C26CF987E04920EBB
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: 5371D0610A52F725D8C2836C9648FB5F
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: 84A7E2D06971D30B3903029CE2283FF4
Requests: 21 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: C6FE183EDD6D49B3C7959D9A51B328B9
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0xRDdBOC5KRTJ1TFJlMGhJbGRTbloxSVUubHUzd2N5Sn5B&gdpr=0
Frame ID: 398DA6AEA8C27C894C08A31421F580DB
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1323980097837956547258
Frame ID: C77E8A40BED6E61CE2FCBE702BD145F0
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Frame ID: 444A75DAB4085F921CE0E048926D2D16
Requests: 15 HTTP requests in this frame

Frame: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA5378332DBF677842DD1B3F6A66D9B9
Requests: 15 HTTP requests in this frame

Frame: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9C5D4411833F6CD8E9B874CD0D7A785E
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Frame ID: EE64713D7DBE8C250A16391CA62B82AF
Requests: 19 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E3063D1D68CB09BE3111F11C566D7F98
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0DC19CC5571E6727E0D0961D006337E7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3360073878299017976/index.html
Frame ID: E8947C85AD12C161E8F35F6153C1FE7A
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Frame ID: 2C68E7B425466C4A5927B5548EDD33E0
Requests: 16 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Frame ID: DD5348BB47A8E28E3D7AB4965CB0A4DB
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&redir=true&gdpr=0&gdpr_consent=
Frame ID: AD87114483DDE9F69F4B4148ED026755
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC60BC04E-54F2-45D0-9778-B22E55AE9DD3
Frame ID: 0B1701040A5B482864B9ABFB6178229E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 658FEDECA8E994323FD90F2973E51835
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 4CC976EFBB127AE86457F06F599335C4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2804893853207294712&gdpr=0&gdpr_consent=
Frame ID: 17B81776B26CCAF373E96E0DBF90825F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEg5U7KzAcAABOEN2pYqA&gdpr=0&gdpr_consent=
Frame ID: E294BC822C8A61AAB74509557E142B4F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC60BC04E-54F2-45D0-9778-B22E55AE9DD3
Frame ID: DF19BADBBD2DC573BD90C406B3106355
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A05DCC8CB4081BB30E293C78D6A3DDB0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3884CA0F1E60182E59492C05D1ADF13D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download Temu APK - 2023

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/material(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

323
Requests

84 %
HTTPS

0 %
IPv6

69
Domains

105
Subdomains

75
IPs

8
Countries

2725 kB
Transfer

7797 kB
Size

108
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&rid=esp&cc=1
Request Chain 49
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10201.Tah9kVRp2Ew6gnUtYUcxQaziK6YYv7vpdo3XpUu3OVJFiH_ZVa0vOM2lvIqa8NuG.s1A325YRcanOQnps8HoN5IeSr5k%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10201.yrbdEjsbWhq_9nQksVmvKRhGs517moYkaxC6P9lzC6ecDM-klkqyAuIVnrC2gwwHOmB_4gEXcfcIWhMpzX9hvf_vSSHmRLPf-uibW8JW9jaTsXy52qiCxIcdFB9R5qXrfk1UAToHSqDJcD5BVXh93r6tLEB-FLhU-D1BfI_03uhu6XjqlzFS2ntY8D8HgYm4Gmw4sGKCPfxxRGeca-MBaL20Tt7yiK_BbC-EwrjIojc%2C.kmLKVQGz63jsz9Clc1EbB2xRWxI%2C
Request Chain 75
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&dcc=t
Request Chain 77
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Request Chain 78
  • https://mc.yandex.com/watch/47987153?wmode=7&page-url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A320%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A182810121945%3Ahid%3A720797106%3Az%3A-480%3Ai%3A20231128071304%3Aet%3A1701184384%3Ac%3A1%3Arn%3A263838121%3Arqn%3A1%3Au%3A1701184384914406958%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C36%2C41%2C1%2C%2C0%2C%2C224%2C5%2C%2C%2C%2C317%3Aco%3A0%3Acpf%3A1%3Ans%3A1701184383088%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701184385%3At%3ADownload%20Temu%20APK%20-%202023&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/47987153/1?wmode=7&page-url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A320%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A182810121945%3Ahid%3A720797106%3Az%3A-480%3Ai%3A20231128071304%3Aet%3A1701184384%3Ac%3A1%3Arn%3A263838121%3Arqn%3A1%3Au%3A1701184384914406958%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C36%2C41%2C1%2C%2C0%2C%2C224%2C5%2C%2C%2C%2C317%3Aco%3A0%3Acpf%3A1%3Ans%3A1701184383088%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701184385%3At%3ADownload%20Temu%20APK%20-%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Request Chain 81
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001701184385-W9QITQVP-TH09&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001701184385-W9QITQVP-TH09%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001701184385-W9QITQVP-TH09&adnxs_id=2804893853207294712&gdpr=0
Request Chain 82
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001701184385-W9QITQVP-TH09&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001701184385-W9QITQVP-TH09&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=751df1b2-159f-4fdf-b434-ea90b27fbc1b&id=AU1D-0100-001701184385-W9QITQVP-TH09
Request Chain 85
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001701184385-W9QITQVP-TH09&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001701184385-W9QITQVP-TH09%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001701184385-W9QITQVP-TH09&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001701184385-W9QITQVP-TH09%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e32df9e5-0a81-43ff-b07a-52c5f710a580%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001701184385-W9QITQVP-TH09%252526tapad_id%25253De32df9e5-0a81-43ff-b07a-52c5f710a580%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=751df1b2-159f-4fdf-b434-ea90b27fbc1b&ttd_puid=e32df9e5-0a81-43ff-b07a-52c5f710a580%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001701184385-W9QITQVP-TH09%2526tapad_id%253De32df9e5-0a81-43ff-b07a-52c5f710a580%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001701184385-W9QITQVP-TH09&tapad_id=e32df9e5-0a81-43ff-b07a-52c5f710a580
Request Chain 86
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001701184385-W9QITQVP-TH09 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001701184385-W9QITQVP-TH09&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001701184385-W9QITQVP-TH09&google_gid=CAESENuvrbLgMtaQpSAZflYWZnk&google_cver=1&google_ula=450542624,0
Request Chain 87
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001701184385-W9QITQVP-TH09 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMTE4NDM4NS1XOVFJVFFWUC1USDA5
Request Chain 92
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=751df1b2-159f-4fdf-b434-ea90b27fbc1b&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 93
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTMyMzk4MDA5NzgzNzk1NjU0NzI1OA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 94
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENkBgoCCPME4ezhLlHAi4b4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 95
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTMyMzk4MDA5NzgzNzk1NjU0NzI1OA%3D%3D
Request Chain 97
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1323980097837956547258?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1bUE5xE2oQzHgckM6THt81u5rcfpj31.FjxPIcTyA--~A&dongle=0883
Request Chain 98
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1323980097837956547258&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1323980097837956547258&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=triplelift
Request Chain 100
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2804893853207294712&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 103
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0 HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=2dee24cc-0a3d-41bd-a605-6c3406cc2e0b&gdpr=0
Request Chain 104
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1701184385100 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8790024210 HTTP 302
  • https://sync.1rx.io/usersync/turn/2506387012964920555?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5127db62-b4b2-4611-b0db-0573559fb579-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-5127db62-b4b2-4611-b0db-0573559fb579-005 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-5127db62-b4b2-4611-b0db-0573559fb579-005
Request Chain 105
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAEg5U7KzAcAABOEN2pYqA&ex=beeswax.com
Request Chain 107
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=EC59EC2935FD48828B88371B01732490&ex=simpli.fi&status=ok
Request Chain 108
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=1b7de7e824d70101294i8900lpih9die
Request Chain 109
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0&s=2 HTTP 302
  • https://sync.outbrain.com/sync-external?uid=5edrGJD_vo6C4DQRsQkg&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPJVMVSHER2KIRPXM3ZWIM2EIUKSONIWWZZGM5SHA4R5GA&gdpr=0 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPJVMVSHER2KIRPXM3ZWIM2EIUKSONIWWZZGM5SHA4R5GA%26p%3Dcriteo%26obUid%3DjUGgYH1An0OTDSGflrXW9quoqOYsZDrkOYmUtptp3RxC6hYOC-twGvKjecnns4UG%26gdpr%3D0%26gdpr_consent%3D$CONSNT_STRING%26us_privacy%3D$CCPA%26initiator%3Ds2s%26uid%3D%40%40CRITEO_USERID%40%40%0A
Request Chain 111
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1855738958334292245&gdpr=0&gdpr_consent=
Request Chain 112
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7edbd5f309050591&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAB-kmpAui9EQNQKwCaAAAAAAA&expiration=1701270785&is_secure=true&gdpr=0
Request Chain 116
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0xRDdBOC5KRTJ1TFJlMGhJbGRTbloxSVUubHUzd2N5Sn5B&gdpr=0
Request Chain 117
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1323980097837956547258
Request Chain 121
  • https://match.adsrvr.org/track/cmf/openx?oxid=3029f31f-3e9a-7212-c3ad-6b0ddb6e7db7&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=751df1b2-159f-4fdf-b434-ea90b27fbc1b&ttd_puid=3029f31f-3e9a-7212-c3ad-6b0ddb6e7db7&gdpr=0&gdpr_consent=
Request Chain 123
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFHHgkwdA9WrncEuoE_B0s&google_cver=1
Request Chain 163
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=751df1b2-159f-4fdf-b434-ea90b27fbc1b&gdpr=0&gdpr_consent=
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZmYxZmQ0NmUtYTliNS00YjhlLTk1YzUtODNkYWQxZmVjNDRm HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 165
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2804893853207294712
Request Chain 166
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=&s=2 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=GhXaMnNUl0F3KgDtyy_b&gdpr=0
Request Chain 231
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 251
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 264
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359102098;dc_trk_aid=550125031;dc_trk_cid=186427139;ord=537606571;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&cbvp=2 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359102098;dc_pre=CKqK-tn95oIDFU8NaAgdKKMKmg;dc_trk_aid=550125031;dc_trk_cid=186427139;ord=537606571;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&cbvp=2
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xgvATlTyRdCXeLIuVa6d0w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 272
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C60BC04E-54F2-45D0-9778-B22E55AE9DD3 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De32df9e5-0a81-43ff-b07a-52c5f710a580%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2804893853207294712&pt=e32df9e5-0a81-43ff-b07a-52c5f710a580%2C%2C
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzYwQkMwNEUtNTRGMi00NUQwLTk3NzgtQjIyRTU1QUU5REQz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEAT7Qs6x48TKRZroh3CvXg&google_cver=1
Request Chain 277
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E3B931972A0E4668B2E412497DE90CFB
Request Chain 278
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=751df1b2-159f-4fdf-b434-ea90b27fbc1b&gdpr=0&gdpr_consent=
Request Chain 279
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SlaB4rdE2uVmCyZMH9UxA9nTfYrHbhg-~A&gdpr=0
Request Chain 281
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 283
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CefbJgANmZarXOs-HqMwP_Pmi4ATtrbSydIKLtu-0EZ621KiXDhABII3kvSlg_aCZgegDoAHqnYeJA8gBCeACAKgDAcgDSKoE2AJP0M7BvMpLS1vhsNlHuJQxK8MhyLI9-fHhTHqQjG3VGVmzCpo7KI9kogtmmqeRDP2Kc2_cWszbc7S3Q1-ByBwvvxAM2Om8hq66hKGkgLky44tp4baXO9tXQayemQCCFufPmEbMjitepRmK0iP4lEBuJrlMrCMM2r2gSMVJc0Y95_H4L5vO090B4vjNU77EgOzBVHT_yOiatsCa0lgtXMf1LRYH-bOHTOBRd-dq65d5rmWJaPpUAigWkggVJtSS_pxS_vAvlM47E06_DT4-3B3PZBDqDFBIRKy62bsyzivUpnDbSm9fVVicHNcII5N6uazk4oIyonxR_BrmRPY6BSDRlpnGTB6dnrmQHkOQAWSMyLxmPb0d_5jsMc-zvOP3GYCO2gGJ2ip5yqrNnGgvM8w7SaSMgHyL4a73QEnFcoELZTWT9Io-b3q3Tf-nWnGt2EFngVJDq7vEzsAE-KzA54sE4AQBiAXmnfCSQ5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf-4fh2qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQrMAw0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTU2MjQ1ODY3OTA1NjI5MDmaCXZodHRwczovL3d3dy5zaGlwbWVudHNmcmVlLmNvbS9zbGFuZGVyL3NoaXBwaW5nLzE_bD1zZmxhbmQ0JnNpZD1zZmF3X0NBX1NtYXJ0XzE1JndlYnNpdGU9Z2wubW9kc2ZvcmFuZHJvaWQuY29tJm89c2hjYm9mgAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQsPOVv_DCqMAnEgIBA-INEwj_tNTX_eaCAxXPA4oDHfy8CEzYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzk3MDI3NzUzNTUyODYxMxiV4h8&sigh=SDQffSgF8iQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNM3WswWNMihuls6JrTi611oQk_CgWVkFyS97SGxC8tjMrJZocTtVVAMbYo3S7W5xTCGFCWVnAjYQajCh-cwdVdpaI-d_ai6SNjPYYAQ&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4a47edf64050670d0000000000000000%22,%222%22:%220x210cb3d4c7644d340000000000000000%22,%223%22:%220xa763bf990c53f4570000000000000000%22,%224%22:%220x4eb45960a7b22ec50000000000000000%22,%225%22:%220x2b15ce2c7b9c2e450000000000000000%22},%22debug_key%22:%222633892305966048817%22,%22debug_reporting%22:true,%22destination%22:%22https://shipmentsfree.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22824299242%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213243427262915032305%22}&andc=true
Request Chain 287
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 290
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359101750;dc_trk_aid=550009035;dc_trk_cid=186427139;ord=4015263490;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&cbvp=2 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359101750;dc_pre=CIK-iNr95oIDFeIZaAgdnQ4O4A;dc_trk_aid=550009035;dc_trk_cid=186427139;ord=4015263490;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&cbvp=2
Request Chain 293
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359101750;dc_trk_aid=550009035;dc_trk_cid=186427139;ord=2102173742;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&cbvp=2 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359101750;dc_pre=CPLQjtr95oIDFfIbaAgd8zkAtw;dc_trk_aid=550009035;dc_trk_cid=186427139;ord=2102173742;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&cbvp=2
Request Chain 301
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2804893853207294712&gdpr=0&gdpr_consent=
Request Chain 302
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFZzVVN0t6QWNBQUJPRU4ycFlxQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEg5U7KzAcAABOEN2pYqA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEg5U7KzAcAABOEN2pYqA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEg5U7KzAcAABOEN2pYqA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1855738958334292245&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAEg5U7KzAcAABOEN2pYqA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D1855738958334292245%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3DCE18C4E1829D41A285822FE7C8C42357%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fmatch.prod.bidr.io%252Fcookie-sync%253Fgdpr%253D0%2526gdpr%253D0%2526userid%253D1855738958334292245%2526gdpr%253D0%2526gdpr_consent%253D%2526bee_sync_partners%253Dpm%2526bee_sync_current_partner%253Dsyn%2526bee_sync_initiator%253Dadx%2526bee_sync_hop_count%253D4%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3DCE18C4E1829D41A285822FE7C8C42357%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fmatch.prod.bidr.io%252Fcookie-sync%253Fgdpr%253D0%2526gdpr%253D0%2526userid%253D1855738958334292245%2526gdpr%253D0%2526gdpr_consent%253D%2526bee_sync_partners%253Dpm%2526bee_sync_current_partner%253Dsyn%2526bee_sync_initiator%253Dadx%2526bee_sync_hop_count%253D4%26uid%3D&s=191740&C=1 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&nuid=CE18C4E1829D41A285822FE7C8C42357&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D1855738958334292245%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&uid=ZWYDiGxMiqTtrUoP1gDLuQAA%261364 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=1855738958334292245&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEg5U7KzAcAABOEN2pYqA&gdpr=0&gdpr_consent=
Request Chain 304
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&vxii_pid=12&vxii_pid1=10067&vxii_rcid=f94fd300-150f-4a93-b66d-53ae534924ad
Request Chain 309
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6f45ba9d0258041d&is_secure=true&networkId=17100&version=1&nuid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB-kmpAui-CwNR_VXpAAAAAAA&expiration=1701270792&nuid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 310
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c6dd1cea-b790-417a-88f6-49500e86c0f5&gdpr=0&gdpr_consent=
Request Chain 313
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LPIH9CJV-1S-4EAX
Request Chain 314
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=bpPBDMKgqDGP&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Request Chain 316
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1044240098 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/751df1b2-159f-4fdf-b434-ea90b27fbc1b HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5127db62-b4b2-4611-b0db-0573559fb579-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-5127db62-b4b2-4611-b0db-0573559fb579-005 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-5127db62-b4b2-4611-b0db-0573559fb579-005
Request Chain 317
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3FAkOUUEEkUntnUqey4b HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=e32df9e5-0a81-43ff-b07a-52c5f710a580&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3De32df9e5-0a81-43ff-b07a-52c5f710a580%252C%252C HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=e32df9e5-0a81-43ff-b07a-52c5f710a580&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3De32df9e5-0a81-43ff-b07a-52c5f710a580%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=88429566416353562420466934988573243224&pt=e32df9e5-0a81-43ff-b07a-52c5f710a580%2C%2C

323 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request temu-shop-like-a-billionaire
gl.modsforandroid.com/en/app/1641486558/ 		61 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-53-122-254.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash
7a0461f9b9eb2a31aee19957ca35ffb910e9f6db97637ea0a9b94697d23b4324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Nov 2023 15:13:03 GMT
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
jquery.fancybox.css
gl.modsforandroid.com/public/fancybox/source/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gl.modsforandroid.com/public/fancybox/source/jquery.fancybox.css?v=2.1.5
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-53-122-254.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 15:13:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 22 Dec 2022 12:36:29 GMT
Server
nginx/1.14.2
ETag
W/"63a44f4d-131f"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=31104000
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires
Fri, 22 Nov 2024 15:13:03 GMT
font-awesome-app.min.css
gl.modsforandroid.com/public/material/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gl.modsforandroid.com/public/material/css/font-awesome-app.min.css
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-53-122-254.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash
3d13a779e1e3252005d139450747164e94e7b4814f7b63cb9694c6bc0d38b861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 15:13:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 22 Dec 2022 12:36:29 GMT
Server
nginx/1.14.2
ETag
W/"63a44f4d-15b5"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=31104000
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires
Fri, 22 Nov 2024 15:13:03 GMT
style.css
gl.modsforandroid.com/public/material/css/ 		228 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gl.modsforandroid.com/public/material/css/style.css
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-53-122-254.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash
bcf4acc65924082a4cc2548efbbdd4ae705017a3882a6b00ec0b91dd0f74550b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 15:13:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 22 Dec 2022 12:36:29 GMT
Server
nginx/1.14.2
ETag
W/"63a44f4d-38e14"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=31104000
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires
Fri, 22 Nov 2024 15:13:03 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f95.1e100.net
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 05:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 05:17:43 GMT
interscroller.js
cdn.jsdelivr.net/npm/addon-interscroller@1.0.5/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/addon-interscroller@1.0.5/dist/interscroller.js
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6aa8e9f89442ed5ac58d1dda0f543105216ce2b668c3acf728036c0028eeec77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 28 Nov 2023 15:13:03 GMT
x-content-type-options
nosniff
content-encoding
br
age
2373294
x-jsd-version
1.0.5
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1544
x-served-by
cache-fra-eddf8230137-FRA, cache-yyz4564-YYZ
x-jsd-version-type
version
etag
W/"fe8-LUEJRLHSSuoxybGiadUKfZRWZBs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
in-view.min.js
cdn.jsdelivr.net/npm/in-view@0.6.1/dist/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/in-view@0.6.1/dist/in-view.min.js
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 28 Nov 2023 15:13:03 GMT
x-content-type-options
nosniff
content-encoding
br
age
22299197
x-jsd-version
0.6.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2213
x-served-by
cache-fra-eddf8230030-FRA, cache-yyz4564-YYZ
x-jsd-version-type
version
etag
W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
7de4625b02b51e38a98e3c31cbcfde04cdf11d203ce8932d67109440fc1543ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30336
x-xss-protection
0
server
cafe
etag
501 / 19689 / 31079695 / config-hash: 10646977810303196335
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 15:13:03 GMT
3293
stpd.cloud/saas/ 		357 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/saas/3293
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28dd8e78831ecfac5f553cf7673c1215419913ab662aefcd27f6b77c68d7a54f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
s-maxage=300
cf-ray
82d38d7c2e6c39d7-YYZ
stpdhash
true
200x200bb.jpg
is2-ssl.mzstatic.com/image/thumb/Purple112/v4/61/fc/e1/61fce1d9-1b5f-c150-27e0-504bdd42234b/AppIcon-1x_U007emarketing-0-7-0-0-P3-85-220.png/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is2-ssl.mzstatic.com/image/thumb/Purple112/v4/61/fc/e1/61fce1d9-1b5f-c150-27e0-504bdd42234b/AppIcon-1x_U007emarketing-0-7-0-0-P3-85-220.png/200x200bb.jpg
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.25 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-25.deploy.static.akamaitechnologies.com
Software
4.0.0 /
Resource Hash
dd3997b4575c043588f5080499bb622e9f0d395bf9ea885bc2c9eda8a6fd60df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-apple-jingle-correlation-key
2DYZOMJF3MFIXSSJH6W75LYUQE
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 28 Nov 2023 15:13:03 GMT
x-b3-traceid
6db01e9344808f08
x-daiquiri-instance
daiquiri:13624002:mr85p00it-hyhk03094901:7987:23RELEASE188:daiquiri-amp-processing-shared-int-001-mr, daiquiri:11338003:mr47p00it-qujn05120301:7987:23RELEASE188:daiquiri-amp-all-l7shared-int-001-mr
cdnuuid
65ce61ef-3b14-4dae-adc0-21c9bfbfa200-2412180536
x-cache
TCP_MISS from a23-32-16-75.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-b3-parentspanid
c816114cdf19ef1c
b3
d0f1973125db0a8bca493fadfeaf1481-7881a125492440ad
content-length
8891
apple-tk
false
server
4.0.0
apple-seq
0.0
last-modified
Tue, 07 Nov 2023 23:25:54 GMT
x-cache-remote
TCP_MISS from a104-96-220-62.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
etag
"MSwxLjcyLjYtMjNMLFZlcnNpb24gMTMuNS4yIChCdWlsZCAyMkc5MSksMTY5OTM5OTU1NDYyNSxpc0J1aWxkVmVyc2lvbk5vdFNldCxiYmE3ZjVkMSxub0VmZmVjdA=="
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
d0f19731-25db-0a8b-ca49-3fadfeaf1481
x-b3-spanid
7881a125492440ad
cache-control
no-transform, max-age=14511166
timing-allow-origin
*
loading.svg
gl.modsforandroid.com/public/images/ 		696 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gl.modsforandroid.com/public/images/loading.svg
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-53-122-254.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash
1844de70f8a19e1bb882b6f7a1161affa42ebe90640ab3415b44819251de0843
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 15:13:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 22 Dec 2022 12:36:29 GMT
Server
nginx/1.14.2
ETag
"63a44f4d-2b8"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=31104000
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
696
Expires
Fri, 22 Nov 2024 15:13:03 GMT
bigstar-rating.js
gl.modsforandroid.com/public/js/ 		550 B
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gl.modsforandroid.com/public/js/bigstar-rating.js
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-53-122-254.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash
0828ff138959647667235067a0290defa35f9000217b30ce6a5b21c1cfc61ef3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 15:13:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 22 Dec 2022 12:36:29 GMT
Server
nginx/1.14.2
ETag
W/"63a44f4d-226"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=31104000
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires
Fri, 22 Nov 2024 15:13:03 GMT
star-rating.js
gl.modsforandroid.com/public/js/ 		602 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gl.modsforandroid.com/public/js/star-rating.js
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-53-122-254.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash
e2651c08f7fa61aa39c3ffea1803795a9da8e14f04f9a53abe127af4eaeceef9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 15:13:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 22 Dec 2022 12:36:29 GMT
Server
nginx/1.14.2
ETag
W/"63a44f4d-25a"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=31104000
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires
Fri, 22 Nov 2024 15:13:03 GMT
jquery.mousewheel-3.0.6.pack.js
gl.modsforandroid.com/public/fancybox/lib/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gl.modsforandroid.com/public/fancybox/lib/jquery.mousewheel-3.0.6.pack.js
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-53-122-254.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 15:13:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 22 Dec 2022 12:36:29 GMT
Server
nginx/1.14.2
ETag
W/"63a44f4d-568"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=31104000
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires
Fri, 22 Nov 2024 15:13:03 GMT
jquery.fancybox.pack.js
gl.modsforandroid.com/public/fancybox/source/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gl.modsforandroid.com/public/fancybox/source/jquery.fancybox.pack.js?v=2.1.5
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-53-122-254.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 15:13:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 22 Dec 2022 12:36:29 GMT
Server
nginx/1.14.2
ETag
W/"63a44f4d-5a5f"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=31104000
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires
Fri, 22 Nov 2024 15:13:03 GMT
imglazyload.js
gl.modsforandroid.com/public/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gl.modsforandroid.com/public/js/imglazyload.js
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-53-122-254.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash
d6ef3fd5623ae5008fa3c70b222291c40e4dcfa493ea5d4ce2b066e0788b1edc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 15:13:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 22 Dec 2022 12:36:29 GMT
Server
nginx/1.14.2
ETag
W/"63a44f4d-867"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=31104000
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires
Fri, 22 Nov 2024 15:13:03 GMT
bootstrap.min.js
gl.modsforandroid.com/public/material/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gl.modsforandroid.com/public/material/js/bootstrap.min.js
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-53-122-254.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 15:13:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 22 Dec 2022 12:36:29 GMT
Server
nginx/1.14.2
ETag
W/"63a44f4d-9004"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=31104000
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires
Fri, 22 Nov 2024 15:13:03 GMT
ripples.min.js
gl.modsforandroid.com/public/material/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gl.modsforandroid.com/public/material/js/ripples.min.js
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-53-122-254.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash
4d8fc43bffbe520fcff9f4818daaa59adba984204ac253fb4ce9d2f921a737c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 15:13:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 22 Dec 2022 12:36:29 GMT
Server
nginx/1.14.2
ETag
W/"63a44f4d-af9"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=31104000
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires
Fri, 22 Nov 2024 15:13:03 GMT
material.min.js
gl.modsforandroid.com/public/material/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gl.modsforandroid.com/public/material/js/material.min.js
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-53-122-254.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash
8a2770268fb74d2f9c0463b4b836e2764c553e1ad4e914ae2bc1c31a9230ab78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 15:13:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 22 Dec 2022 12:36:29 GMT
Server
nginx/1.14.2
ETag
W/"63a44f4d-152e"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=31104000
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires
Fri, 22 Nov 2024 15:13:03 GMT
jquery.dropdown.js
gl.modsforandroid.com/public/material/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gl.modsforandroid.com/public/material/js/jquery.dropdown.js
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.53.122.254 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
192-53-122-254.ip.linodeusercontent.com
Software
nginx/1.14.2 /
Resource Hash
86f7523fd3bff5a6464ace1e296b6e5c864b4a444d833b4decd992da40f658cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 15:13:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 22 Dec 2022 12:36:29 GMT
Server
nginx/1.14.2
ETag
W/"63a44f4d-3056"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=31104000
Permissions-Policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Expires
Fri, 22 Nov 2024 15:13:03 GMT
AGSKWxU1e4IVFQDjlr400RZXIpdeMVnELRzxk5pphErcvpa-1j6qilBN02V9GKxtJRzTNcd2tMfxoBjzkKdZja4gCNY=
fundingchoicesmessages.google.com/f/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU1e4IVFQDjlr400RZXIpdeMVnELRzxk5pphErcvpa-1j6qilBN02V9GKxtJRzTNcd2tMfxoBjzkKdZja4gCNY=
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
633bca05c44befc246a6b19a1e88a63cb46ba27be40801d28415d8f3a959919a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_8Rsvv7P9n086j9M1Q7KTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_8Rsvv7P9n086j9M1Q7KTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/public/material/css/font-awesome-app.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://gl.modsforandroid.com/
Origin
https://gl.modsforandroid.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:03 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15527
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6XHl12WiLVDREf1TStsCwxU8dE1%2Fz2%2BZ52Cmc%2Foccn6714hf7YlDAfu2ORKCoYSZP0YWhrHkLdduIb7YHvPL5OkPaCVRkoO3e3v8Xg4MYFrE48%2FyfrvFZ6e%2BxlainXgpVCRdnbZ"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82d38d7c385e36c2-YYZ
expires
Sun, 17 Nov 2024 15:13:03 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v41/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v41/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
978f46f059f8b7580f0ace9c2a00175c926cb91b1bb69d1b39d7fd3a9e8582ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gl.modsforandroid.com/
Origin
https://gl.modsforandroid.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 04:00:17 GMT
x-content-type-options
nosniff
age
385966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55208
x-xss-protection
0
last-modified
Thu, 16 Aug 2018 20:54:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 04:00:17 GMT
tag.js
mc.yandex.ru/metrika/ 		200 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
c3d606568f389989dd02561ca2b0d20d29eeb477ed633a690a518879748f487a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 24 Nov 2023 08:37:03 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"656060af-113c3"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70595
expires
Tue, 28 Nov 2023 16:13:03 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:12:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
3608
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137994
x-xss-protection
0
server
cafe
etag
6213585212225905441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 27 Nov 2024 14:12:55 GMT
AGSKWxUnNI6wjBT_AVy2930A3VhKYunmeJASo9qkDmS4cuX0-7XeXe118wkOuXoAUFF2k-sNCrEUZyWmQAI0p-yPT3lA9305cjwa0boCOeNPQd7I5zgkB8JKf0yhjTCmwatk6JEjhV4ibQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUnNI6wjBT_AVy2930A3VhKYunmeJASo9qkDmS4cuX0-7XeXe118wkOuXoAUFF2k-sNCrEUZyWmQAI0p-yPT3lA9305cjwa0boCOeNPQd7I5zgkB8JKf0yhjTCmwatk6JEjhV4ibQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMxd0NKCczu8sV-iyoTNuKNlsKtSdw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xEBZtmWy9dCQIEP8AfeIIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 15:13:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-xEBZtmWy9dCQIEP8AfeIIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://gl.modsforandroid.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUPX6pGqcPAJaSWC1jsmdbXMUrEph3SftPtXP5Nd87j9YWR2LLbzZNCKopbV-1HzgtbmlCoCq3QwOSb5owikDnTau3KyMALWaWnak3rCkvaqpNw9IotXiDnTiA008aLyZ1ZZvc0ZA==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUPX6pGqcPAJaSWC1jsmdbXMUrEph3SftPtXP5Nd87j9YWR2LLbzZNCKopbV-1HzgtbmlCoCq3QwOSb5owikDnTau3KyMALWaWnak3rCkvaqpNw9IotXiDnTiA008aLyZ1ZZvc0ZA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxMTg0MzgzLDU2MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nbC5tb2RzZm9yYW5kcm9pZC5jb20vZW4vYXBwLzE2NDE0ODY1NTgvdGVtdS1zaG9wLWxpa2UtYS1iaWxsaW9uYWlyZSIsbnVsbCxbWzgsIk50czVMdllJb2JrIl0sWzksImVuLVVTIl0sWzcsIjE1Il0sWzExLCJbW10sW10sW11dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMxd0NKCczu8sV-iyoTNuKNlsKtSdw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
2914e819eb164f610f08c4508b29f98bb5cdc4ca4c6916aad9e03e224571d750
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ijva82bcYzo-b1rPQLBAdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ijva82bcYzo-b1rPQLBAdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
147246189
fundingchoicesmessages.google.com/i/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/147246189?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
ce8f0fb95df3621397a6873332651103b96dd71088c41ca1cc6d897df5442c24
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IS9dt7wKM5U-Se3PC0QBog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-IS9dt7wKM5U-Se3PC0QBog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-90.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:45:30 GMT
via
1.1 cfbbd45bc29ebb0e8475ffa26dff7618.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
IAD61-P3
age
1654
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
fEuayei5OJ5UCo5gm9CFYQPxAJeOGVPGxTTs25CqHzCVzx0xuP8JFQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 28 Nov 2023 15:13:03 GMT
x-content-type-options
nosniff
content-encoding
br
age
24371
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4564-YYZ
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
PR50ADE8HB8JRZ62
age
1371
etag
W/"d12fc51ceb66081fc72dabad6e4e0ded"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82d38d7eac5b39d5-YYZ
x-amz-id-2
kBDcNzleVXDaIBMr+5QVcosgBHv66tHjNXZqNYXOb2xnEYDc1//fyNgfoaRG3kXKcXh/CIto4aU=
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:27:24 GMT
content-encoding
gzip
age
1266339
x-guploader-uploadid
ABPtcPp3Mw5I092m2-IQIqQksBXmd2sDyExkVG7t5iIAVPd7ZPyAxS03p3sKk-aZizc7hqBjxncyfIEGruYopfh0QbDD11YYKgf6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 12 Nov 2024 23:27:24 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:03 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
450794
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
82d38d7eacbb39e4-YYZ
expires
Fri, 01 Dec 2023 15:13:03 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:13:03 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 19:10:55 GMT
content-encoding
gzip
via
1.1 9ac471895811a7ff78c729bcc099e068.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
age
72129
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
vO9Ekklr2PaeZBxUt10ejbnNrmjmbOFmC26GOqkyAUf57xSpJAbHUA==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.222.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-222-71.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Tue, 28 Nov 2023 12:11:10 GMT
Via
1.1 f8558580f66929e19ed69bba2e85da74.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD79-C1
Age
10914
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
k6_-W53WWqgtYeYOBR-TxFiQsGVOcmuTBS9Fl72LUCVMv-E2MkQnaw==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:03 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
bbc4370425e81e2e7768957171ae5dc3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&rid=esp&cc=1
85 B
195 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&rid=esp&cc=1
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
ad16f2f68023c2158c052d32d5b9558570236f3079faa0895a09c9b19f36cc70

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:03 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-gOOD/T3IVXvqCkzhUkzmSTWwBbg"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gl.modsforandroid.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 28 Nov 2023 15:13:03 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://gl.modsforandroid.com
location
/esp?url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
increment
id5-sync.com/api/esp/ 		0
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gl.modsforandroid.com
date
Tue, 28 Nov 2023 15:13:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
map
bcp.crwdcntrl.net/6/ 		156 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.27.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-27-95.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
452967d6778dbfa89dc0360fe3021a9ecb86f5a08affc6375671a590d87c0760

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:03 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://gl.modsforandroid.com
cache-control
no-cache
x-server
10.40.3.199
access-control-allow-credentials
true
content-length
156
expires
0
pd
google-bidout-d.openx.net/w/1.0/ Frame FA2C 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gl.modsforandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 28 Nov 2023 15:13:03 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgl.modsforandroid.com%2F&domain=gl.modsforandroid.com&cw=1&pbt=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gl.modsforandroid.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://gl.modsforandroid.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 28 Nov 2023 15:13:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
209784
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
op.js
tagan.adlightning.com/setupad-hai/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad-hai/op.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
259512e688bddaf6af7bfa1505e61258cffce118064087ae5bdba212fb992f29

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:36:23 GMT
content-encoding
gzip
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
x-amz-version-id
dbYlvP.Mm7FYBZto6OGnVvpt6Do4GDQG
x-amz-cf-pop
IAD89-P1
age
2202
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6969
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 28 Nov 2023 14:22:37 GMT
server
AmazonS3
etag
"666969082a8c13fb3bf8a6c5cbc31690"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
XWv3tPkpscQPxCBKFgvVhWt7iWUeMPtcw6MoR6tibCWpKVHJ_IFkug==
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:54:02 GMT
content-encoding
gzip
via
1.1 a4cae74c829bc214e4183c38164a2c0a.cloudfront.net (CloudFront), 1.1 841dfa6074cf4b3b0718988f088a4ac2.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:44 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, IAD89-C1
age
1143
x-amz-server-side-encryption
AES256
etag
W/"08899ab5b5f986f64974630ad47b39a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Fai1L-UyYN9lICaWNwWiTsaPkUGeTIZvY6dDFntIi4qYALQg9Nd8mg==
prebid
id5-sync.com/api/config/ 		135 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gl.modsforandroid.com
date
Tue, 28 Nov 2023 15:13:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
json
gum.criteo.com/sid/ 		354 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgl.modsforandroid.com%2F&domain=gl.modsforandroid.com&cw=1&pbt=1&lsw=1&gdpr=0
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
20827f3919adfa45d4fdea53ad8be9205c46378ae28db51cb87d111cbcfa87b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gl.modsforandroid.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1315257
expires
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231128
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de49d6fcb8fd60805ec73f3a148055e721e7dbadc5eefcd014c0fe13bcc80599
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 28 Nov 2023 15:13:04 GMT
x-content-type-options
nosniff
content-encoding
br
age
40329
x-jsd-version
1.0.1887
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
853
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4546-YYZ
x-jsd-version-type
version
etag
W/"63d-mkGBdjY1SP2rzPtjrQ4K5O972gM"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cookie_sync
prebid-stag.setupad.net/ 		579 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
184e7803648009592cfe4e896371ed60808e61a58c880066a90ea34d73c9fbd2

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qDGJGEAjEiglleAofugz8wGN7U2WCVT1KF9lUFdQt9T3sFDolL4F55RUIKI2r%2Ft66XkPsPMRXy3cPu9MKjT3zLAPLp3AQyZuugwz4%2FCz5oHg5M8%2BMOzweNO7wasZK4X%2BKaAipamHYbg"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gl.modsforandroid.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
82d38d81cd2f36c7-YYZ
expires
0
auction
prebid-stag.setupad.net/openrtb2/ 		0
0
cdb
bidder.criteo.com/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=40440976151&lsavail=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gl.modsforandroid.com
date
Tue, 28 Nov 2023 15:13:04 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10201.Tah9kVRp2Ew6gnUtYUcxQaziK6YYv7vpdo3XpUu3OVJFiH_ZVa0vOM2lvIqa8NuG.s1A325YRcanOQnps8HoN5IeSr5k%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10201.yrbdEjsbWhq_9nQksVmvKRhGs517moYkaxC6P9lzC6ecDM-klkqyAuIVnrC2gwwHOmB_4gEXcfcIWhMpzX9hvf_vSSHmRLPf-uibW8JW9jaTsXy52qiCxIcdFB9R5qXrfk1UAToHSq...
43 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10201.yrbdEjsbWhq_9nQksVmvKRhGs517moYkaxC6P9lzC6ecDM-klkqyAuIVnrC2gwwHOmB_4gEXcfcIWhMpzX9hvf_vSSHmRLPf-uibW8JW9jaTsXy52qiCxIcdFB9R5qXrfk1UAToHSqDJcD5BVXh93r6tLEB-FLhU-D1BfI_03uhu6XjqlzFS2ntY8D8HgYm4Gmw4sGKCPfxxRGeca-MBaL20Tt7yiK_BbC-EwrjIojc%2C.kmLKVQGz63jsz9Clc1EbB2xRWxI%2C
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10201.yrbdEjsbWhq_9nQksVmvKRhGs517moYkaxC6P9lzC6ecDM-klkqyAuIVnrC2gwwHOmB_4gEXcfcIWhMpzX9hvf_vSSHmRLPf-uibW8JW9jaTsXy52qiCxIcdFB9R5qXrfk1UAToHSqDJcD5BVXh93r6tLEB-FLhU-D1BfI_03uhu6XjqlzFS2ntY8D8HgYm4Gmw4sGKCPfxxRGeca-MBaL20Tt7yiK_BbC-EwrjIojc%2C.kmLKVQGz63jsz9Clc1EbB2xRWxI%2C
date
Tue, 28 Nov 2023 15:13:04 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 24 Nov 2023 08:37:03 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"656060af-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 28 Nov 2023 16:13:04 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		0
0
b-935e2f1-d3df8881.js
tagan.adlightning.com/setupad-hai/ 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 12:19:01 GMT
content-encoding
gzip
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
x-amz-version-id
ewraV.NlWrAuI1ITNHYKI6qCHBKA8Mbc
x-amz-cf-pop
IAD89-P1
age
1220044
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27316
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:26:13 GMT
server
AmazonS3
etag
"64ca92e55d25ac355c394baedd21198b"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
nCQJIJ0L5p1XJOBdpFmHQBTSGZWCZ7Uk1NUYSLtvezRzQ1jOCiGEmg==
bl-cf1706d-4ba06a6c.js
tagan.adlightning.com/setupad-hai/ 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad-hai/bl-cf1706d-4ba06a6c.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
879844f1add4207049e29b19fd91d4999303a54a9cdfc3dd741fc48cac374452

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:36:24 GMT
content-encoding
gzip
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
x-amz-version-id
1ir3pL_PxzBZCnH42CqRMMd6lUQ_Wo6N
x-amz-cf-pop
IAD89-P1
age
2201
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25050
x-amz-meta-git_commit
cf1706d
last-modified
Tue, 28 Nov 2023 14:22:21 GMT
server
AmazonS3
etag
"b30c1a1595c3d55f72cecf25a3960475"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
R9ii_1h8coRbKn9fy8jcEMYqodV-QMNBaB2gGiEtJcmcehsUYwOFgQ==
d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
config.aps.amazon-adsystem.com/configs/ 		537 B
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-20.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
6b7154e71ef7544e0491a78da0ceb7181b670c7d259b90805620b7d76b513d06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:35:33 GMT
via
1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
age
2251
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
4a-8nfKiZG7LgZNgaCqLoDrc-rZDxNxZ2pkXhCX74ew0W_EU2xgthQ==
config
c.amazon-adsystem.com/cdn/prod/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgl.modsforandroid.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
Server /
Resource Hash
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:36:33 GMT
via
1.1 841dfa6074cf4b3b0718988f088a4ac2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C1
age
16591
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gl.modsforandroid.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3623
x-amz-cf-id
Fz1aTx7a_KsaqJq68y7w0S8-YTGQRkXV7r0dDnevnzkuuOb305o9dw==
bid
aax.amazon-adsystem.com/e/dtb/ 		216 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&pid=3q0tzvW4heLUK&cb=0&ws=1600x1200&v=23.1108.2350&t=400&slots=%5B%7B%22sd%22%3A%22modsforandroid.com_980x300_responsive_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x300%22%2C%22750x100%22%2C%22750x150%22%2C%22750x200%22%2C%22750x300%22%2C%22800x250%22%2C%22930x180%22%2C%22950x90%22%2C%22970x90%22%2C%22970x210%22%2C%22970x250%22%2C%22980x120%22%2C%22980x150%22%2C%22980x200%22%2C%22980x240%22%2C%22980x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22384346533%2Fmodsforandroid.com_980x300_desktop_1%22%7D%2C%7B%22sd%22%3A%22modsforandroid.com_300x250_responsive_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22384346533%2Fmodsforandroid.com_300x250_desktop_2%22%7D%2C%7B%22sd%22%3A%22modsforandroid.com_728x90_responsive_4%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F147246189%2C22384346533%2Fmodsforandroid.com_728x90_desktop_4%22%7D%2C%7B%22sd%22%3A%22modsforandroid.com_1000x100_anchor_responsive%22%2C%22s%22%3A%5B%221000x100%22%2C%22970x90%22%2C%22728x90%22%2C%22990x90%22%2C%22970x50%22%2C%22960x90%22%2C%22950x90%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F147246189%2C22384346533%2Fmodsforandroid.com_1000x100_anchor_desktop%22%7D%2C%7B%22sd%22%3A%22modsforandroid_com_300x250_double_banner_responsive_1_left%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22384346533%2Fmodsforandroid.com_300x250_double_banner_desktop_1_left%22%7D%2C%7B%22sd%22%3A%22modsforandroid_com_300x250_double_banner_desktop_1_right%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22384346533%2Fmodsforandroid.com_300x250_double_banner_desktop_1_right%22%7D%2C%7B%22sd%22%3A%22modsforandroid.com_980x250_interscroller_responsive%22%2C%22s%22%3A%5B%22980x250%22%2C%22970x250%22%2C%22728x250%22%2C%22980x240%22%2C%22980x200%22%2C%22970x200%22%2C%22970x210%22%2C%22980x120%22%2C%22980x90%22%2C%22970x90%22%2C%22950x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F147246189%2C22384346533%2Fmodsforandroid.com_980x250_interscroller_desktop%22%7D%5D&schain=1.0%2C1!setupad.com%2C407%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.1.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-1-134.iad12.r.cloudfront.net
Software
Server /
Resource Hash
5aaec1a613cf2bbe21ceed5996b16ef37a600a65680e34d0a3de13c09456513d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P3
x-amz-rid
SKM3W6HBT3A7P5Q1R4MQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://gl.modsforandroid.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
216
x-amz-cf-id
MuoKGeGIbSy06chikgXlL3ROaDwrOCX1aVzQwYRNX9G7IXdVM_PSZg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 85fc1201a1918facbeb30836e7391660.cloudfront.net (CloudFront)
date
Tue, 28 Nov 2023 04:40:33 GMT
x-amz-cf-pop
IAD89-C1
age
37952
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Rw1MPfb48oUhp-xN7RcOpfTUpiHKz3Zrzhvc4tpRIVZpM2TXWny75w==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.1.25 Mount Prospect, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-1-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 28 Nov 2023 15:28:04 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-100.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 20:22:17 GMT
via
1.1 9ac471895811a7ff78c729bcc099e068.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
age
67848
x-amz-server-side-encryption
AES256
etag
"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
39537
x-amz-cf-id
Adnf_Ne3lLXiTY7rPE4BtTaGhAACrnWb-b5TSeO1nazJ4aJyWb7NDw==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&ref=&_it=amazon&partner_id=533
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
374
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82d38d83adc23704-YYZ
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
BY0EW7B914BNK6G3
age
17
x-amz-server-side-encryption
AES256
x-amz-id-2
MkIcnkN940afzM0nNHGSqcqtpnwhN1lRZCCerwNft5h1lTWhRvHS+DHnoec0XusU18UIq7yOMQ3eZQmc1lXmxQ==
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
etag
W/"53159e4ae3ffbda2ff6c0204350035be"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82d38d836d5439d5-YYZ
expires
Tue, 28 Nov 2023 16:13:04 GMT
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.1.25 Mount Prospect, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-1-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Tue, 28 Nov 2023 15:28:04 GMT
cookie
cm.adform.net/ 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
server
nginx
content-length
43
content-type
image/gif
hadron.json
id.hadron.ad.gt/v1/ 		110 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=gl.modsforandroid.com&url=https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&ref=&_it=amazon&partner_id=533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
756c4fe6f9911423dbc4b241b2c9fd5c40d1d5310e7c82abecb95e102c59b07c

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
82d38d84aead39c3-YYZ
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=gl.modsforandroid.com&url=https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gl.modsforandroid.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
82d38d845e3c39c3-YYZ
content-length
0
content-type
application/json
date
Tue, 28 Nov 2023 15:13:04 GMT
debug
OPTIONS block
expires
Wed, 27 Nov 2024 15:13:04 GMT
server
cloudflare
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:13:04 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=3.7418247140735827
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-b3VShvhBnK7s6ExwlyD_2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-b3VShvhBnK7s6ExwlyD_2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.892385388119755
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-J8dr_KB7u8af-s2Snjyccw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-J8dr_KB7u8af-s2Snjyccw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.1.25 Mount Prospect, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-1-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Tue, 28 Nov 2023 15:28:04 GMT
533
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/533?_it=amazon
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21550d798d78297c17767601bf03c13e13c88001332d3dbe0f343aabc6543bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 15:11:56 GMT
server
cloudflare
age
68
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
82d38d8548c036ad-YYZ
ads
securepubads.g.doubleclick.net/gampad/ 		688 KB
148 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=761501723253472&correlator=3706868839814993&eid=31079695%2C44808652%2C44780990%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=147246189%3A22384346533%2Cmodsforandroid.com_980x300_desktop_1%2Cmodsforandroid.com_300x250_desktop_2%2Cmodsforandroid.com_728x90_desktop_4%2Cmodsforandroid.com_1000x100_anchor_desktop%2Cmodsforandroid.com_980x250_interscroller_desktop%2Cmodsforandroid.com_interstitial%2Cmodsforandroid.com_300x250_double_banner_desktop_1_left%2Cmodsforandroid.com_300x250_double_banner_desktop_1_right&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=728x90%7C980x300%7C750x100%7C750x150%7C750x200%7C750x300%7C800x250%7C930x180%7C950x90%7C970x90%7C970x210%7C970x250%7C980x120%7C980x150%7C980x200%7C980x240%7C980x250%2C300x250%7C250x250%2C728x90%7C468x60%2C1000x100%7C970x90%7C728x90%7C990x90%7C970x50%7C960x90%7C950x90%7C980x90%2C980x250%7C970x250%7C728x250%7C980x240%7C980x200%7C970x200%7C970x210%7C980x120%7C980x90%7C970x90%7C950x90%7C728x90%2C1x1%2C300x250%7C250x250%2C300x250%7C250x250&ifi=1&sfv=1-0-40&ists=4&fas=0%2C0%2C0%2C0%2C0%2C8%2C0%2C0&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701184384805&lmt=1701184384&adxs=436%2C-9%2C265%2C-9%2C265%2C-9%2C486%2C799&adys=360%2C-9%2C2585%2C-9%2C1409%2C-9%2C609%2C609&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C1%7C-1%7C2%7C-1%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&vis=1&psz=15x36%7C0x-1%7C1055x0%7C0x-1%7C1055x0%7C0x-1%7C300x0%7C310x0&msz=1600x0%7C0x-1%7C1055x0%7C0x-1%7C1055x0%7C0x-1%7C300x0%7C300x0&fws=0%2C2%2C4%2C2%2C4%2C2%2C4%2C4&ohw=0%2C0%2C1085%2C0%2C1055%2C0%2C1085%2C1085&ga_vid=1335805097.1701184385&ga_sid=1701184385&ga_hid=548983438&ga_fc=false&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiA2PazwTFIABIbCgwzM2Fjcm9zcy5jb20Y89X2s8ExSABSAghkEhkKCnB1YmNpZC5vcmcYitb2s8ExSABSAghqEhgKCXlhaG9vLmNvbRj71vazwTFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20Y89X2s8ExSABSAghkEhcKCHJ0YmhvdXNlGJTX9rPBMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lORFJZVFZKd1kyUlVaVmRhWlRaUWJIWXdiRTlUWnowOUluMD0YsNf2s8ExSAASGQoKdWlkYXBpLmNvbRjz1fazwTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN3Z9rPBMUgAUgIIag..&dlt=1701184383183&idt=412&prev_scp=amznbid%3D1%26amznp%3D1%7Camznbid%3D1%26amznp%3D1%7Camznbid%3D1%26amznp%3D1%7Camznbid%3D1%26amznp%3D1%7Camznbid%3D1%26amznp%3D1%7C%7Camznbid%3D1%26amznp%3D1%7Camznbid%3D1%26amznp%3D1&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&adks=2966010154%2C1467229237%2C1304502761%2C1822152215%2C110439033%2C3249769096%2C423995951%2C2302600680&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
16157006c912d2a3911dde19b2778799cafb3e30cf976353dbd6413c5e99ceb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151004
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gl.modsforandroid.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A67B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gl.modsforandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 15:13:04 GMT
expires
Wed, 27 Nov 2024 15:13:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl_page_level_ads.js?cb=31079695
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
c33f40ab939ca2d48b1aae408ad1a69c0d758f0d8cccf8fab6d78ec5a8524f54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 03:22:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
42648
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13749
x-xss-protection
0
server
cafe
etag
15176684494565588641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 27 Nov 2024 03:22:16 GMT
AGSKWxUnNI6wjBT_AVy2930A3VhKYunmeJASo9qkDmS4cuX0-7XeXe118wkOuXoAUFF2k-sNCrEUZyWmQAI0p-yPT3lA9305cjwa0boCOeNPQd7I5zgkB8JKf0yhjTCmwatk6JEjhV4ibQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUnNI6wjBT_AVy2930A3VhKYunmeJASo9qkDmS4cuX0-7XeXe118wkOuXoAUFF2k-sNCrEUZyWmQAI0p-yPT3lA9305cjwa0boCOeNPQd7I5zgkB8JKf0yhjTCmwatk6JEjhV4ibQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMxd0NKCczu8sV-iyoTNuKNlsKtSdw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QGdbn8Hfl3dy7oa1B52k9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-QGdbn8Hfl3dy7oa1B52k9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gl.modsforandroid.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 5E5C
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&dcc=t
386 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&dcc=t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c95854c0186798febbe2964481c8237ba90e782784c5039ad3af9fc128cd788b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://gl.modsforandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
386
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 28 Nov 2023 15:13:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0G7X52RZ5K74YS91NM6C

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 28 Nov 2023 15:13:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
AJ0EPFEWE1SMH1QSDH3G
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.127.42.146 Los Angeles, United States, ASN25751 (VALUECLICK, US),
Reverse DNS
iad09-convex-float1.dotomi.com
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://gl.modsforandroid.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Tue, 28 Nov 2023 15:43:04 GMT
sync
eb2.3lift.com/ Frame FA28
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%...
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
ed8944fef483f12fd4053722824ca9e05856a250d6c6d6869f5a547096a2c71a

Request headers

Referer
https://gl.modsforandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 15:13:05 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 28 Nov 2023 15:13:04 GMT
location
/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
1
mc.yandex.com/watch/47987153/
Redirect Chain
  • https://mc.yandex.com/watch/47987153?wmode=7&page-url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&charset=utf-8&uah=chm%0A%3F0&brows...
  • https://mc.yandex.com/watch/47987153/1?wmode=7&page-url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&charset=utf-8&uah=chm%0A%3F0&bro...
439 B
621 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/47987153/1?wmode=7&page-url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A320%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A182810121945%3Ahid%3A720797106%3Az%3A-480%3Ai%3A20231128071304%3Aet%3A1701184384%3Ac%3A1%3Arn%3A263838121%3Arqn%3A1%3Au%3A1701184384914406958%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C36%2C41%2C1%2C%2C0%2C%2C224%2C5%2C%2C%2C%2C317%3Aco%3A0%3Acpf%3A1%3Ans%3A1701184383088%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701184385%3At%3ADownload%20Temu%20APK%20-%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
2094652ea4eab8436cd0c53b3b5513ccddffc5ccc301e9e6eb3c998a0903aa3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 28-Nov-2023 15:13:05 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gl.modsforandroid.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
439
x-xss-protection
1; mode=block
expires
Tue, 28-Nov-2023 15:13:05 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:04 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 28-Nov-2023 15:13:04 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/47987153/1?wmode=7&page-url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A320%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A182810121945%3Ahid%3A720797106%3Az%3A-480%3Ai%3A20231128071304%3Aet%3A1701184384%3Ac%3A1%3Arn%3A263838121%3Arqn%3A1%3Au%3A1701184384914406958%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C36%2C41%2C1%2C%2C0%2C%2C224%2C5%2C%2C%2C%2C317%3Aco%3A0%3Acpf%3A1%3Ans%3A1701184383088%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701184385%3At%3ADownload%20Temu%20APK%20-%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://gl.modsforandroid.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 28-Nov-2023 15:13:04 GMT
533
p.ad.gt/api/v1/p/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/533
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/533?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeaaf718f8ca1e38f84bd43ffee1ae099ae5b39616a9e2a4eebccc24e19fe572

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 15:09:51 GMT
server
cloudflare
age
194
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82d38d8c182c39e1-YYZ
halo_match
ids.ad.gt/api/v1/ 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001701184385-W9QITQVP-TH09&halo_id=060cdiaeajgdaaf8di8gl89f97j6j97eflcikuemewqkeeo4ku4q046o62w0w62mo
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:05 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82d38d86fe0636fb-YYZ
content-length
43
content-type
image/gif
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001701184385-W9QITQVP-TH09&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001701184385-W9QITQVP-TH09%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001701184385-W9QITQVP-TH09&adnxs_id=2804893853207294712&gdpr=0
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001701184385-W9QITQVP-TH09&adnxs_id=2804893853207294712&gdpr=0
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:05 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82d38d86fe0436fb-YYZ
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:05 GMT
an-x-request-uuid
9872dfe4-b9fe-4bef-8395-80d49a683dc8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001701184385-W9QITQVP-TH09&adnxs_id=2804893853207294712&gdpr=0
x-proxy-origin
86.48.15.68; 86.48.15.68; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001701184385-W9QITQVP-TH09&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001701184385-W9QITQVP-TH09&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=751df1b2-159f-4fdf-b434-ea90b27fbc1b&id=AU1D-0100-001701184385-W9QITQVP-TH09
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=751df1b2-159f-4fdf-b434-ea90b27fbc1b&id=AU1D-0100-001701184385-W9QITQVP-TH09
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:05 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82d38d86fe0736fb-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=751df1b2-159f-4fdf-b434-ea90b27fbc1b&id=AU1D-0100-001701184385-W9QITQVP-TH09
date
Tue, 28 Nov 2023 15:13:05 GMT
server
Kestrel
content-length
259
UCookieSetPug
image2.pubmatic.com/AdServer/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001701184385-W9QITQVP-TH09
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 15:13:04 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
token
token.rubiconproject.com/ 		0
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001701184385-W9QITQVP-TH09&gdpr=0
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001701184385-W9QITQVP-TH09&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001701184385...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001701184385-W9QITQVP-TH09&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001701...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e32df9e5-0a81-43ff-b07a-52c5f710a580%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=751df1b2-159f-4fdf-b434-ea90b27fbc1b&ttd_puid=e32df9e5-0a81-43ff-b07a-52c5f710a580%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001701184385-W9QITQVP-TH09&tapad_id=e32df9e5-0a81-43ff-b07a-52c5f710a580
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001701184385-W9QITQVP-TH09&tapad_id=e32df9e5-0a81-43ff-b07a-52c5f710a580
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:05 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82d38d876ebe36fb-YYZ
content-length
43
content-type
image/gif

Redirect headers

date
Tue, 28 Nov 2023 15:13:05 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001701184385-W9QITQVP-TH09&tapad_id=e32df9e5-0a81-43ff-b07a-52c5f710a580
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001701184385-W9QITQVP-TH09
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001701184385-W9QITQVP-TH09&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001701184385-W9QITQVP-TH09&google_gid=CAESENuvrbLgMtaQpSAZflYWZnk&google_cver=1&google_ula=450542624,0
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001701184385-W9QITQVP-TH09&google_gid=CAESENuvrbLgMtaQpSAZflYWZnk&google_cver=1&google_ula=450542624,0
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:05 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82d38d86fe0836fb-YYZ
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001701184385-W9QITQVP-TH09&google_gid=CAESENuvrbLgMtaQpSAZflYWZnk&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001701184385-W9QITQVP-TH09
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMTE4NDM4NS1XOVFJVFFWUC1USDA5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMTE4NDM4NS1XOVFJVFFWUC1USDA5
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMTE4NDM4NS1XOVFJVFFWUC1USDA5
date
Tue, 28 Nov 2023 15:13:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82d38d86fe0236fb-YYZ
content-type
text/html; charset=utf-8
0
sync.1rx.io/usersync/audigent/ 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001701184385-W9QITQVP-TH09%26unruly_id%3D%5BRX_UUID%5D
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 15:13:05 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
ebfa23da174faa55634171c5e49d0152.gif
sync.colossusssp.com/ 		0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001701184385-W9QITQVP-TH09&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001701184385-W9QITQVP-TH09
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.155.116 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 15:13:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
Content-Type
text/plain
ip_match
ids.ad.gt/api/v1/ 		0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001701184385-W9QITQVP-TH09
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82d38d879f3036fb-YYZ
content-type
text/html; charset=utf-8
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.1.25 Mount Prospect, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-1-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Tue, 28 Nov 2023 15:28:04 GMT
xuid
eb2.3lift.com/ Frame FA28
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=751df1b2-159f-4fdf-b434-ea90b27fbc1b&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=751df1b2-159f-4fdf-b434-ea90b27fbc1b&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Nov 2023 15:13:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=751df1b2-159f-4fdf-b434-ea90b27fbc1b&dongle=0cfd&gdpr=0&gdpr_consent=
date
Tue, 28 Nov 2023 15:13:05 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame FA28
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTMyMzk4MDA5NzgzNzk1NjU0NzI1OA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame FA28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENkBgoCCPME4ezhLlHAi4b4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENkBgoCCPME4ezhLlHAi4b4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Nov 2023 15:13:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENkBgoCCPME4ezhLlHAi4b4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FA28
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTMyMzk4MDA5NzgzNzk1NjU0NzI1OA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTMyMzk4MDA5NzgzNzk1NjU0NzI1OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTMyMzk4MDA5NzgzNzk1NjU0NzI1OA%3D%3D
date
Tue, 28 Nov 2023 15:13:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame FA28 		0
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1323980097837956547258&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:04 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: BB4D18C0F3F749EB90395A11A7ED83EE Ref B: YTO01EDGE0807 Ref C: 2023-11-28T15:13:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLN9r5DbRD0Di5b3q3KA==
xuid
eb2.3lift.com/ Frame FA28
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1323980097837956547258?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1bUE5xE2oQzHgckM6THt81u5rcfpj31.FjxPIcTyA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1bUE5xE2oQzHgckM6THt81u5rcfpj31.FjxPIcTyA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Nov 2023 15:13:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 28 Nov 2023 15:13:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1bUE5xE2oQzHgckM6THt81u5rcfpj31.FjxPIcTyA--~A&dongle=0883
content-length
0
cookiesyncredir
bttrack.com/pixel/ Frame FA28
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1323980097837956547258&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1323980097837956547258&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=triplelift
35 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=triplelift
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
64.38.119.43 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-servername
track007-sjc
pragma
no-cache
date
Tue, 28 Nov 2023 15:12:46 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1

Redirect headers

Location
//bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=triplelift
Date
Tue, 28 Nov 2023 15:13:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame FA28 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:04 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
324632
expires
Tue, 28 Nov 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame FA28
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2804893853207294712&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2804893853207294712&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Nov 2023 15:13:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:05 GMT
an-x-request-uuid
f0c5189e-143a-431c-a346-cb813339a7ad
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=2804893853207294712&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
86.48.15.68; 86.48.15.68; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame FA28 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=1323980097837956547258
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:05 GMT
an-x-request-uuid
453229ca-3d5d-4701-b294-663e8b1f2503
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
86.48.15.68; 86.48.15.68; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 3A83 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9fabb04bc6053a78538621f0c95edf9eed38d9914ff5d3c68b4cb3227ed96aaf
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3491
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 28 Nov 2023 15:13:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SQWAJEHMYN5H5V441V92
ecm3
s.amazon-adsystem.com/ Frame 3A83
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=2dee24cc-0a3d-41bd-a605-6c3406cc2e0b&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=2dee24cc-0a3d-41bd-a605-6c3406cc2e0b&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 15:13:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PQ3QYHZTEV1D5SCSAH24
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=2dee24cc-0a3d-41bd-a605-6c3406cc2e0b&gdpr=0
date
Tue, 28 Nov 2023 15:13:05 GMT
server
_
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 3A83
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1701184385100
  • https://ad.turn.com/r/cs?pid=45&rndcb=8790024210
  • https://sync.1rx.io/usersync/turn/2506387012964920555?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-5127db62-b4b2-4611-b0db-0573559fb579-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-5127db62-b4b2-4611-b0db-0573...
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-5127db62-b4b2-4611-b0db-0573559fb579-005
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-5127db62-b4b2-4611-b0db-0573559fb579-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 15:13:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PT4PSNXF4QKW285SZS5H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-5127db62-b4b2-4611-b0db-0573559fb579-005
Date
Tue, 28 Nov 2023 15:13:05 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX5127db62b4b24611b0db0573559fb579005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
ecm3
s.amazon-adsystem.com/ Frame 3A83
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&gdpr=0&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AAEg5U7KzAcAABOEN2pYqA&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAEg5U7KzAcAABOEN2pYqA&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 15:13:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5WJ8NR57SMFPAMS5CM24
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAEg5U7KzAcAABOEN2pYqA&ex=beeswax.com
Date
Tue, 28 Nov 2023 15:13:08 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/match/ Frame 3A83 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 3A83
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=EC59EC2935FD48828B88371B01732490&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=EC59EC2935FD48828B88371B01732490&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 15:13:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7EE3H4JDNNB6BNAFPZFH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 28 Nov 2023 15:13:09 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=EC59EC2935FD48828B88371B01732490&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 27 Nov 2023 15:13:09 GMT
ecm3
s.amazon-adsystem.com/ Frame 3A83
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=1b7de7e824d70101294i8900lpih9die
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=1b7de7e824d70101294i8900lpih9die
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 15:13:07 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M003P2BP41Y160HS3WE6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 28 Nov 2023 15:13:06 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=1b7de7e824d70101294i8900lpih9die
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usersync.aspx
dis.criteo.com/dis/ Frame 3A83
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0&s=2
  • https://sync.outbrain.com/sync-external?uid=5edrGJD_vo6C4DQRsQkg&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63...
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%25...
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPJVMVSHER2KIRPXM3ZWIM2EIUKSONIWWZZGM5SHA4R5GA%26p%3Dcriteo%26obUid%3DjUGgYH1An0OTDSGflrXW9quoqOYsZDrkOYmUtptp3RxC6hYOC-twGvKjecnns4UG%26gdpr%3D0%26gdpr_consent%3D$CONSNT_STRING%26us_privacy%3D$CCPA%26initiator%3Ds2s%26uid%3D%40%40CRITEO_USERID%40%40%0A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:08 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
240771
expires
Tue, 28 Nov 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPJVMVSHER2KIRPXM3ZWIM2EIUKSONIWWZZGM5SHA4R5GA%26p%3Dcriteo%26obUid%3DjUGgYH1An0OTDSGflrXW9quoqOYsZDrkOYmUtptp3RxC6hYOC-twGvKjecnns4UG%26gdpr%3D0%26gdpr_consent%3D$CONSNT_STRING%26us_privacy%3D$CCPA%26initiator%3Ds2s%26uid%3D%40%40CRITEO_USERID%40%40%0A
Date
Tue, 28 Nov 2023 15:13:09 GMT
X-TraceId
48cfac274dd5f07789c747c7cadea410
Content-Length
0
cm
u.openx.net/w/1.0/ Frame B067 		700 B
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9a42ab0f0f5f0eb12e84cde79bc62ca2070f3d385b4e3eaa3452bc4095ba2e25

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
402
content-type
text/html
date
Tue, 28 Nov 2023 15:13:05 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame C22B
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1855738958334292245&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1855738958334292245&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Nov 2023 15:13:08 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NTR38T3XCJ5CTFVK38XN

Redirect headers

content-length
0
date
Tue, 28 Nov 2023 15:13:07 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1855738958334292245&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 4FB1
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7edbd5f309050591&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&...
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAB-kmpAui9EQNQKwCaAAAAAAA&expiration=1701270785&is_secure=true&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAB-kmpAui9EQNQKwCaAAAAAAA&expiration=1701270785&is_secure=true&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Nov 2023 15:13:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
J8RA9Z9303ZYV3CTAGF3

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Tue, 28 Nov 2023 15:13:05 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAB-kmpAui9EQNQKwCaAAAAAAA&expiration=1701270785&is_secure=true&gdpr=0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
/
match.sharethrough.com/jwumXNuB/v1/ Frame 5371 		673 B
859 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.113.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-113-93.compute-1.amazonaws.com
Software
/
Resource Hash
0f1a0ad12205a0cd6724635e9ee5ce1bbb2fdc9553f04aa1fcaab28dfa5d4475

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
673
date
Tue, 28 Nov 2023 15:13:06 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 84A7 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.61.14 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-61-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48215
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 28 Nov 2023 15:13:08 GMT
expires
Wed, 29 Nov 2023 04:36:43 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame C6FE 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.226.62 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-226-62.compute-1.amazonaws.com
Software
/
Resource Hash
5a6e3810a016fc6175c4bbbf8693aee9c0b515fad1396ac4cde8403aa7e687fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 28 Nov 2023 15:13:12 GMT
pragma
no-cache
vary
accept-encoding
ecm3
s.amazon-adsystem.com/ Frame 398D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0xRDdBOC5KRTJ1TFJlMGhJbGRTbloxSVUubHUzd2N5Sn5B&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0xRDdBOC5KRTJ1TFJlMGhJbGRTbloxSVUubHUzd2N5Sn5B&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Nov 2023 15:13:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
R4K8499181CQHGQRGPC9

Redirect headers

age
0
content-length
0
date
Tue, 28 Nov 2023 15:13:09 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0xRDdBOC5KRTJ1TFJlMGhJbGRTbloxSVUubHUzd2N5Sn5B&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.87
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame C77E
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1323980097837956547258
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1323980097837956547258
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Nov 2023 15:13:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
XGYSEGARNJRYP355Y4RF

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 28 Nov 2023 15:13:05 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1323980097837956547258
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ecm3
s.amazon-adsystem.com/ Frame B067 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=68ff8f62-2230-c9e8-03a3-e99ab35db657&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 15:13:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
20FCEQFRQRMFC2GK51D3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
a4ee955b-ae36-e05b-f27a-7df82439b0fe
pr-bh.ybp.yahoo.com/sync/openx/ Frame B067 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/a4ee955b-ae36-e05b-f27a-7df82439b0fe?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.221.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-221-201.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame B067 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=68ff8f62-2230-c9e8-03a3-e99ab35db657
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 15:13:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W0XKZG9Q9BVT4N3S045N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B067
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=3029f31f-3e9a-7212-c3ad-6b0ddb6e7db7&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=751df1b2-159f-4fdf-b434-ea90b27fbc1b&ttd_puid=3029f31f-3e9a-7212-c3ad-6b0ddb6e7db7&gdpr=0&gdpr_consent=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=751df1b2-159f-4fdf-b434-ea90b27fbc1b&ttd_puid=3029f31f-3e9a-7212-c3ad-6b0ddb6e7db7&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=751df1b2-159f-4fdf-b434-ea90b27fbc1b&ttd_puid=3029f31f-3e9a-7212-c3ad-6b0ddb6e7db7&gdpr=0&gdpr_consent=
date
Tue, 28 Nov 2023 15:13:05 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame B067 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWM0NjIwZDUtZjdlZC0yY2I2LWQ2NGQtMzFiNDExOGNiM2Q3
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B067
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFHHgkwdA9WrncEuoE_B0s&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFHHgkwdA9WrncEuoE_B0s&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFHHgkwdA9WrncEuoE_B0s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
admarker.
fundingchoicesmessages.google.com/f/AGSKWxWMrwWxA0Uarc4QAmjtp4bDeHGDm5oM1yaN3fQSprBtSqyd-Lnei3qxljkS8HF3eV4HRQTn8UgXrdZybNLL4gG0G_TdDS-xYGz02pcoUPgy1d62DgqNZg1ix03UfxOneXlz2HmyFrGVCv0vTNv8z5fvO1FvC... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWMrwWxA0Uarc4QAmjtp4bDeHGDm5oM1yaN3fQSprBtSqyd-Lnei3qxljkS8HF3eV4HRQTn8UgXrdZybNLL4gG0G_TdDS-xYGz02pcoUPgy1d62DgqNZg1ix03UfxOneXlz2HmyFrGVCv0vTNv8z5fvO1FvC8TgvzHZ7RCLWPOLYXDaRTkpLQ6xbwIf/_/PageBottomAD._sidebarad__420x80./dyn_banner./admarker.
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
58dc4bee0e72ec8f293e0e0b314a04c73ea7ae4b5d6335eacbe45a7b0fed758e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-988GcHfZweQqI8zxWlW5rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-988GcHfZweQqI8zxWlW5rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:20:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
3129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 15:20:56 GMT
AGSKWxUnNI6wjBT_AVy2930A3VhKYunmeJASo9qkDmS4cuX0-7XeXe118wkOuXoAUFF2k-sNCrEUZyWmQAI0p-yPT3lA9305cjwa0boCOeNPQd7I5zgkB8JKf0yhjTCmwatk6JEjhV4ibQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUnNI6wjBT_AVy2930A3VhKYunmeJASo9qkDmS4cuX0-7XeXe118wkOuXoAUFF2k-sNCrEUZyWmQAI0p-yPT3lA9305cjwa0boCOeNPQd7I5zgkB8JKf0yhjTCmwatk6JEjhV4ibQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMxd0NKCczu8sV-iyoTNuKNlsKtSdw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K2ZSM3IN2v3XAZ7i1y5rTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 15:13:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-K2ZSM3IN2v3XAZ7i1y5rTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://gl.modsforandroid.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUnNI6wjBT_AVy2930A3VhKYunmeJASo9qkDmS4cuX0-7XeXe118wkOuXoAUFF2k-sNCrEUZyWmQAI0p-yPT3lA9305cjwa0boCOeNPQd7I5zgkB8JKf0yhjTCmwatk6JEjhV4ibQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUnNI6wjBT_AVy2930A3VhKYunmeJASo9qkDmS4cuX0-7XeXe118wkOuXoAUFF2k-sNCrEUZyWmQAI0p-yPT3lA9305cjwa0boCOeNPQd7I5zgkB8JKf0yhjTCmwatk6JEjhV4ibQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMxd0NKCczu8sV-iyoTNuKNlsKtSdw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rEftbTzz5TIe54GohbIAdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 15:13:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-rEftbTzz5TIe54GohbIAdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://gl.modsforandroid.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		0
0
tag
setupad-hai-tagan.adlightning.com/ 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=eyJzaXRlSWQiOiJzZXR1cGFkLWhhaSIsInVybCI6Imh0dHBzOi8vZ2wubW9kc2ZvcmFuZHJvaWQuY29tL2VuL2FwcC8xNjQxNDg2NTU4L3RlbXUtc2hvcC1saWtlLWEtYmlsbGlvbmFpcmUjZ29vZ2xlX3ZpZ25ldHRlIiwiYWRVbml0IjoiLzE0NzI0NjE4OSwyMjM4NDM0NjUzMy9tb2RzZm9yYW5kcm9pZC5jb21fOTgweDMwMF9kZXNrdG9wXzFfMCIsImFkU2VydmVyRGV0YWlscyI6eyJhZHZlcnRpc2VySWQiOiI0NjY3NDczODA1IiwiY2FtcGFpZ25JZCI6IjMyNTEyMTAzMjYiLCJjcmVhdGl2ZUlkIjoiMTM4NDQ3Nzg5MjI4IiwibGluZWl0ZW1JZCI6IjYzODkwMTUyMjUiLCJhZFNlcnZlciI6ImRmcCJ9LCJ3aWR0aCI6OTgwLCJoZWlnaHQiOjMwMCwid3YiOiIxLjAuMCs5MzVlMmYxIiwiYnYiOiJibC1jZjE3MDZkLTRiYTA2YTZjO2ItOTM1ZTJmMS1kM2RmODg4MSIsIm1ldGEiOnsiYmxvY2tlZEluZm8iOnsicmVmcmVzaGVkQ291bnQiOjEsImJsb2NrZWRDb3VudCI6MSwiaGVhdnlBZEJsb2NrZWRDb3VudCI6MCwiaGVhdnlBZFJlZnJlc2hlZENvdW50IjowfSwiYWRSZXNvdXJjZXMiOnsiYWRJZnJhbWVzIjpbImh0dHBzOi8vcy5hbWF6b24tYWRzeXN0ZW0uY29tL2l1Mz9jbTNwcGQ9MSZkPWR0Yi1wdWImY3NpZj10JmdkcHI9MCZkbD1uLUxvb3BNZV9yeF9uLUJlZXN3YXhfb3gtZGI1X3NtcnRfY252X24tc2hhcmV0aHJvdWdoX24tb25ldGFnX3BtLWRiNV9uLXNpbXBsaS5maV95bV9uLXZtZ19uLWJhaWR1XzNsaWZ0X24tT3V0YnJhaW4iXSwiYWRJbWFnZXMiOlsiPGltZyBzcmM9XCJodHRwczovL2lzMi1zc2wubXpzdGF0aWMuY29tL2ltYWdlL3RodW1iL1B1cnBsZTExMi92NC82MS9mYy9lMS82MWZjZTFkOS0xYjVmLWMxNTAtMjdlMC01MDRiZGQ0MjIzNGIvQXBwSWNvbi0xeF9VMDA3ZW1hcmtldGluZy0wLTctMC0wLVAzLTg1LTIyMC5wbmcvMjAweDIwMGJiLmpwZ1wiIGFsdD1cIlRlbXU6IFRlYW0gVXAsIFByaWNlIERvd24gYXBrXCIgc3R5bGU9XCJwYWRkaW5nOiA1cHg7YmFja2dyb3VuZDogI2Y3ZjdmNztib3JkZXItcmFkaXVzOiAxMHB4O1wiIGhlaWdodD1cIjEwMHB4XCIgd2lkdGg9XCIxMDBweFwiPiIsIjxpbWcgZGF0YS1zcmM9XCJodHRwczovL2lzMS1zc2wubXpzdGF0aWMuY29tL2ltYWdlL3RodW1iL1B1cnBsZTExNC92NC9lZC80Ni9hZi9lZDQ2YWY3MC0wZGE3LTU0OWItZjFhZS1hODcyZTk2Zjc4YWMvc291cmNlLzE1MHgxNTBiYi5qcGdcIiBzcmM9XCJodHRwczovL2dsLm1vZHNmb3JhbmRyb2lkLmNvbS9wdWJsaWMvaW1hZ2VzL2xvYWRpbmcuc3ZnXCIgYWx0PVwiQW1hem9uIFNob3BwaW5nXCIgc3R5bGU9XCJwYWRkaW5nOiA1cHg7YmFja2dyb3VuZDogI2Y3ZjdmNztib3JkZXItcmFkaXVzOiAxMHB4O1wiIGhlaWdodD1cIjEwMHB4XCIgd2lkdGg9XCIxMDBweFwiPiIsIjxpbWcgZGF0YS1zcmM9XCJodHRwczovL2lzMS1zc2wubXpzdGF0aWMuY29tL2ltYWdlL3RodW1iL1B1cnBsZTExNC92NC85ZC9jNy84MC85ZGM3ODBlZC0wNDliLTAxOWEtMWNjZS01ZjllYTI0ZTc0NDMvc291cmNlLzE1MHgxNTBiYi5qcGdcIiBzcmM9XCJodHRwczovL2dsLm1vZHNmb3JhbmRyb2lkLmNvbS9wdWJsaWMvaW1hZ2VzL2xvYWRpbmcuc3ZnXCIgYWx0PVwiZUJheVwiIHN0eWxlPVwicGFkZGluZzogNXB4O2JhY2tncm91bmQ6ICNmN2Y3Zjc7Ym9yZGVyLXJhZGl1czogMTBweDtcIiBoZWlnaHQ9XCIxMDBweFwiIHdpZHRoPVwiMTAwcHhcIj4iLCI8aW1nIGRhdGEtc3JjPVwiaHR0cHM6Ly9pczItc3NsLm16c3RhdGljLmNvbS9pbWFnZS90aHVtYi9QdXJwbGUxMjQvdjQvMDIvZWEvNDIvMDJlYTQyMTMtMzU3ZC05MzRhLTk0MzEtOTdkZDA1MTE0MjNlL3NvdXJjZS8xNTB4MTUwYmIuanBnXCIgc3JjPVwiaHR0cHM6Ly9nbC5tb2RzZm9yYW5kcm9pZC5jb20vcHVibGljL2ltYWdlcy9sb2FkaW5nLnN2Z1wiIGFsdD1cIlRhcmdldFwiIHN0eWxlPVwicGFkZGluZzogNXB4O2JhY2tncm91bmQ6ICNmN2Y3Zjc7Ym9yZGVyLXJhZGl1czogMTBweDtcIiBoZWlnaHQ9XCIxMDBweFwiIHdpZHRoPVwiMTAwcHhcIj4iLCI8aW1nIGRhdGEtc3JjPVwiaHR0cHM6Ly9pczUtc3NsLm16c3RhdGljLmNvbS9pbWFnZS90aHVtYi9QdXJwbGUxMTQvdjQvOTQvZTAvMzEvOTRlMDMxMjYtNjAwOC03ZjkwLWVhZDktZmI5MGM3NjE4YTFlL3NvdXJjZS8xNTB4MTUwYmIuanBnXCIgc3JjPVwiaHR0cHM6Ly9nbC5tb2RzZm9yYW5kcm9pZC5jb20vcHVibGljL2ltYWdlcy9sb2FkaW5nLnN2Z1wiIGFsdD1cIldpc2ggLSBTaG9wcGluZyBNYWRlIEZ1blwiIHN0eWxlPVwicGFkZGluZzogNXB4O2JhY2tncm91bmQ6ICNmN2Y3Zjc7Ym9yZGVyLXJhZGl1czogMTBweDtcIiBoZWlnaHQ9XCIxMDBweFwiIHdpZHRoPVwiMTAwcHhcIj4iLCI8aW1nIGRhdGEtc3JjPVwiaHR0cHM6Ly9pczQtc3NsLm16c3RhdGljLmNvbS9pbWFnZS90aHVtYi9QdXJwbGUxMTQvdjQvMTgvMmYvOTgvMTgyZjk4NDYtMDA2Ny00YTFhLWFmNGQtMGM1ZDliYjdlMDcxL3NvdXJjZS8xNTB4MTUwYmIuanBnXCIgc3JjPVwiaHR0cHM6Ly9nbC5tb2RzZm9yYW5kcm9pZC5jb20vcHVibGljL2ltYWdlcy9sb2FkaW5nLnN2Z1wiIGFsdD1cIldhbG1hcnQgLSBzaG9wcGluZyAmYW1wOyBncm9jZXJ5XCIgc3R5bGU9XCJwYWRkaW5nOiA1cHg7YmFja2dyb3VuZDogI2Y3ZjdmNztib3JkZXItcmFkaXVzOiAxMHB4O1wiIGhlaWdodD1cIjEwMHB4XCIgd2lkdGg9XCIxMDBweFwiPiIsIjxpbWcgZGF0YS1zcmM9XCJodHRwczovL2lzMS1zc2wubXpzdGF0aWMuY29tL2ltYWdlL3RodW1iL1B1cnBsZTEyNC92NC82MS81MS82Mi82MTUxNjJjYS1mZjAzLWFlZWUtZGEwNS0zMmY2MWVkZmQ1Nzgvc291cmNlLzE1MHgxNTBiYi5qcGdcIiBzcmM9XCJodHRwczovL2dsLm1vZHNmb3JhbmRyb2lkLmNvbS9wdWJsaWMvaW1hZ2VzL2xvYWRpbmcuc3ZnXCIgYWx0PVwiR3JvdXBvblwiIHN0eWxlPVwicGFkZGluZzogNXB4O2JhY2tncm91bmQ6ICNmN2Y3Zjc7Ym9yZGVyLXJhZGl1czogMTBweDtcIiBoZWlnaHQ9XCIxMDBweFwiIHdpZHRoPVwiMTAwcHhcIj4iLCI8aW1nIGRhdGEtc3JjPVwiaHR0cHM6Ly9pczItc3NsLm16c3RhdGljLmNvbS9pbWFnZS90aHVtYi9QdXJwbGUxMTQvdjQvZDgvNDUvMmYvZDg0NTJmMmMtMGY3ZC1jM2Q0LTY1ZTUtNjI2OTAzZTlkMjBlL3NvdXJjZS8xNTB4MTUwYmIuanBnXCIgc3JjPVwiaHR0cHM6Ly9nbC5tb2RzZm9yYW5kcm9pZC5jb20vcHVibGljL2ltYWdlcy9sb2FkaW5nLnN2Z1wiIGFsdD1cIk9mZmVyVXAgLSBCdXkuIFNlbGwuIFNpbXBsZS5cIiBzdHlsZT1cInBhZGRpbmc6IDVweDtiYWNrZ3JvdW5kOiAjZjdmN2Y3O2JvcmRlci1yYWRpdXM6IDEwcHg7XCIgaGVpZ2h0PVwiMTAwcHhcIiB3aWR0aD1cIjEwMHB4XCI%2BIiwiPGltZyBkYXRhLXNyYz1cImh0dHBzOi8vaXM0LXNzbC5tenN0YXRpYy5jb20vaW1hZ2UvdGh1bWIvUHVycGxlMTE0L3Y0LzcxL2JlLzBlLzcxYmUwZWVhLTg0NDQtYjYwNy04ZDYzLTZhNjdjYmEwYTllNi9zb3VyY2UvMTUweDE1MGJiLmpwZ1wiIHNyYz1cImh0dHBzOi8vZ2wubW9kc2ZvcmFuZHJvaWQuY29tL3B1YmxpYy9pbWFnZXMvbG9hZGluZy5zdmdcIiBhbHQ9XCJQb3NobWFyazogQnV5ICZhbXA7IFNlbGwgRmFzaGlvblwiIHN0eWxlPVwicGFkZGluZzogNXB4O2JhY2tncm91bmQ6ICNmN2Y3Zjc7Ym9yZGVyLXJhZGl1czogMTBweDtcIiBoZWlnaHQ9XCIxMDBweFwiIHdpZHRoPVwiMTAwcHhcIj4iLCI8aW1nIGRhdGEtc3JjPVwiaHR0cHM6Ly9pczEtc3NsLm16c3RhdGljLmNvbS9pbWFnZS90aHVtYi9QdXJwbGUxMjQvdjQvMzcvNjMvNzEvMzc2MzcxZGEtOTdhMS03YjI5LTkzZWMtNGRmMzMzZGIxNzhkL3NvdXJjZS8xNTB4MTUwYmIuanBnXCIgc3JjPVwiaHR0cHM6Ly9nbC5tb2RzZm9yYW5kcm9pZC5jb20vcHVibGljL2ltYWdlcy9sb2FkaW5nLnN2Z1wiIGFsdD1cImxldGdvOiBTZWxsICZhbXA7IEJ1eSBVc2VkIFN0dWZmXCIgc3R5bGU9XCJwYWRkaW5nOiA1cHg7YmFja2dyb3VuZDogI2Y3ZjdmNztib3JkZXItcmFkaXVzOiAxMHB4O1wiIGhlaWdodD1cIjEwMHB4XCIgd2lkdGg9XCIxMDBweFwiPiIsIjxpbWcgZGF0YS1zcmM9XCJodHRwczovL2lzMi1zc2wubXpzdGF0aWMuY29tL2ltYWdlL3RodW1iL1B1cnBsZTExNC92NC8wZC82Yi9mMy8wZDZiZjM1ZS01OTRmLTU4ZmUtOGZhNy1hODBlYWY4ZDBlZDYvc291cmNlLzE1MHgxNTBiYi5qcGdcIiBzcmM9XCJodHRwczovL2dsLm1vZHNmb3JhbmRyb2lkLmNvbS9wdWJsaWMvaW1hZ2VzL2xvYWRpbmcuc3ZnXCIgYWx0PVwiYWRpZGFzIENPTkZJUk1FRFwiIHN0eWxlPVwicGFkZGluZzogNXB4O2JhY2tncm91bmQ6ICNmN2Y3Zjc7Ym9yZGVyLXJhZGl1czogMTBweDtcIiBoZWlnaHQ9XCIxMDBweFwiIHdpZHRoPVwiMTAwcHhcIj4iXX19LCJ0YWdNYXJrdXAiOiI8aWZyYW1lIGlkPVwiZ29vZ2xlX2Fkc19pZnJhbWVfLzE0NzI0NjE4OSwyMjM4NDM0NjUzMy9tb2RzZm9yYW5kcm9pZC5jb21fOTgweDMwMF9kZXNrdG9wXzFfMFwiIG5hbWU9XCJnb29nbGVfYWRzX2lmcmFtZV8vMTQ3MjQ2MTg5LDIyMzg0MzQ2NTMzL21vZHNmb3JhbmRyb2lkLmNvbV85ODB4MzAwX2Rlc2t0b3BfMV8wXCIgdGl0bGU9XCIzcmQgcGFydHkgYWQgY29udGVudFwiIHdpZHRoPVwiOTcwXCIgaGVpZ2h0PVwiMjUwXCIgc2Nyb2xsaW5nPVwibm9cIiBtYXJnaW53aWR0aD1cIjBcIiBtYXJnaW5oZWlnaHQ9XCIwXCIgZnJhbWVib3JkZXI9XCIwXCIgcm9sZT1cInJlZ2lvblwiIGFyaWEtbGFiZWw9XCJBZHZlcnRpc2VtZW50XCIgdGFiaW5kZXg9XCIwXCIgc2FuZGJveD1cImFsbG93LWZvcm1zIGFsbG93LXBvcHVwcyBhbGxvdy1wb3B1cHMtdG8tZXNjYXBlLXNhbmRib3ggYWxsb3ctcG9pbnRlci1sb2NrIGFsbG93LXNhbWUtb3JpZ2luIGFsbG93LXNjcmlwdHMgYWxsb3ctdG9wLW5hdmlnYXRpb24tYnktdXNlci1hY3RpdmF0aW9uXCIgc3R5bGU9XCJib3JkZXI6IDBweDsgdmVydGljYWwtYWxpZ246IGJvdHRvbTtcIiBkYXRhLWxvYWQtY29tcGxldGU9XCJ0cnVlXCI%2BPC9pZnJhbWU%2BPCEtLSBJRlJBTUUgSU5ORVIgQ09OVEVOVCAtLT4iLCJibGFja2xpc3REYXRhIjp7ImFjdGlvbiI6MTAsImFjdGlvbkRldGFpbHMiOiJkaWdhbmV4YS5jb20iLCJyZXBvcnRSYXRpbyI6MSwicmVwb3J0TWFya3VwIjp0cnVlLCJpdGVtcyI6W3siaG9zdG5hbWUiOiJkaWdhbmV4YS5jb20iLCJ0b2tlbiI6IiIsImFjdGlvbiI6MTB9XSwibWFya3VwIjoiPGhlYWQ%2BPC9oZWFkPjxib2R5IG1hcmdpbndpZHRoPVwiMFwiIG1hcmdpbmhlaWdodD1cIjBcIj48L2JvZHk%2BPCFkb2N0eXBlIGh0bWw%2BPGh0bWwgYW1wNGFkcyBjbGFzcz1pLWFtcGh0bWwtaW5hYm94IGktYW1waHRtbC1sYXlvdXQ%2BPGhlYWQ%2BPG1ldGEgbmFtZT1cInJlZmVycmVyXCIgY29udGVudD1cIm9yaWdpblwiPjxtZXRhIGh0dHAtZXF1aXY9Q29udGVudC1TZWN1cml0eS1Qb2xpY3kgY29udGVudD1cInNjcmlwdC1zcmMgaHR0cHM6Ly9jZG4uYW1wcHJvamVjdC5vcmcvO29iamVjdC1zcmMgJ25vbmUnO2NoaWxkLXNyYyBibG9iOjtmcmFtZS1zcmMgJ25vbmUnXCI%2BPG1ldGEgY2hhcnNldD11dGYtOD48bWV0YSBjb250ZW50PVwid2lkdGg9ZGV2aWNlLXdpZHRoLG1pbmltdW0tc2NhbGU9MSxpbml0aWFsLXNjYWxlPTFcIiBuYW1lPXZpZXdwb3J0PjxzdHlsZSBhbXAtcnVudGltZSBpLWFtcGh0bWwtdmVyc2lvbj0wMTIzMTAzMDE0NTYwMDA%2BaHRtbHtvdmVyZmxvdy14OmhpZGRlbiFpbXBvcnRhbnR9aHRtbC5pLWFtcGh0bWwtZmlle2hlaWdodDoxMDAlIWltcG9ydGFudDt3aWR0aDoxMDAlIWltcG9ydGFudH1odG1sOm5vdChbYW1wNGFkc10pLGh0bWw6bm90KFthbXA0YWRzXSkgYm9keXtoZWlnaHQ6YXV0byFpbXBvcnRhbnR9aHRtbDpub3QoW2FtcDRhZHNdKSBib2R5e21hcmdpbjowIWltcG9ydGFudH1ib2R5ey13ZWJraXQtdGV4dC1zaXplLWFkanVzdDoxMDAlOy1tb3otdGV4dC1zaXplLWFkanVzdDoxMDAlOy1t&i=1-12&t=adltag_lpih9czz_W9obowm8wS&r=539d526d4c7c66f8610298b3ad7676f&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24009
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
9aohdRLTv3lMR5Q-sC6kDhqeT8R3LddFLkKTUrqsp2MhX-1poL8Auw==
tag
setupad-hai-tagan.adlightning.com/ 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=cy10ZXh0LXNpemUtYWRqdXN0OjEwMCU7dGV4dC1zaXplLWFkanVzdDoxMDAlfWh0bWwuaS1hbXBodG1sLXNpbmdsZWRvYy5pLWFtcGh0bWwtZW1iZWRkZWR7LW1zLXRvdWNoLWFjdGlvbjpwYW4teSBwaW5jaC16b29tO3RvdWNoLWFjdGlvbjpwYW4teSBwaW5jaC16b29tfWh0bWwuaS1hbXBodG1sLWZpZT5ib2R5LGh0bWwuaS1hbXBodG1sLXNpbmdsZWRvYz5ib2R5e292ZXJmbG93OnZpc2libGUhaW1wb3J0YW50fWh0bWwuaS1hbXBodG1sLWZpZTpub3QoLmktYW1waHRtbC1pbmFib3gpPmJvZHksaHRtbC5pLWFtcGh0bWwtc2luZ2xlZG9jOm5vdCguaS1hbXBodG1sLWluYWJveCk%2BYm9keXtwb3NpdGlvbjpyZWxhdGl2ZSFpbXBvcnRhbnR9aHRtbC5pLWFtcGh0bWwtaW9zLWVtYmVkLWxlZ2FjeT5ib2R5e292ZXJmbG93LXg6aGlkZGVuIWltcG9ydGFudDtvdmVyZmxvdy15OmF1dG8haW1wb3J0YW50O3Bvc2l0aW9uOmFic29sdXRlIWltcG9ydGFudH1odG1sLmktYW1waHRtbC1pb3MtZW1iZWR7b3ZlcmZsb3cteTphdXRvIWltcG9ydGFudDtwb3NpdGlvbjpzdGF0aWN9I2ktYW1waHRtbC13cmFwcGVye292ZXJmbG93LXg6aGlkZGVuIWltcG9ydGFudDtvdmVyZmxvdy15OmF1dG8haW1wb3J0YW50O3Bvc2l0aW9uOmFic29sdXRlIWltcG9ydGFudDt0b3A6MCFpbXBvcnRhbnQ7bGVmdDowIWltcG9ydGFudDtyaWdodDowIWltcG9ydGFudDtib3R0b206MCFpbXBvcnRhbnQ7bWFyZ2luOjAhaW1wb3J0YW50O2Rpc3BsYXk6YmxvY2shaW1wb3J0YW50fWh0bWwuaS1hbXBodG1sLWlvcy1lbWJlZC5pLWFtcGh0bWwtaW9zLW92ZXJzY3JvbGwsaHRtbC5pLWFtcGh0bWwtaW9zLWVtYmVkLmktYW1waHRtbC1pb3Mtb3ZlcnNjcm9sbD4jaS1hbXBodG1sLXdyYXBwZXJ7LXdlYmtpdC1vdmVyZmxvdy1zY3JvbGxpbmc6dG91Y2ghaW1wb3J0YW50fSNpLWFtcGh0bWwtd3JhcHBlcj5ib2R5e3Bvc2l0aW9uOnJlbGF0aXZlIWltcG9ydGFudDtib3JkZXItdG9wOjFweCBzb2xpZCB0cmFuc3BhcmVudCFpbXBvcnRhbnR9I2ktYW1waHRtbC13cmFwcGVyK2JvZHl7dmlzaWJpbGl0eTp2aXNpYmxlfSNpLWFtcGh0bWwtd3JhcHBlcitib2R5IC5pLWFtcGh0bWwtbGlnaHRib3gtZWxlbWVudCwjaS1hbXBodG1sLXdyYXBwZXIrYm9keVtpLWFtcGh0bWwtbGlnaHRib3hde3Zpc2liaWxpdHk6aGlkZGVufSNpLWFtcGh0bWwtd3JhcHBlcitib2R5W2ktYW1waHRtbC1saWdodGJveF0gLmktYW1waHRtbC1saWdodGJveC1lbGVtZW50e3Zpc2liaWxpdHk6dmlzaWJsZX0jaS1hbXBodG1sLXdyYXBwZXIuaS1hbXBodG1sLXNjcm9sbC1kaXNhYmxlZCwuaS1hbXBodG1sLXNjcm9sbC1kaXNhYmxlZHtvdmVyZmxvdy14OmhpZGRlbiFpbXBvcnRhbnQ7b3ZlcmZsb3cteTpoaWRkZW4haW1wb3J0YW50fWFtcC1pbnN0YWdyYW17cGFkZGluZzo1NHB4IDBweCAwcHghaW1wb3J0YW50O2JhY2tncm91bmQtY29sb3I6I2ZmZn1hbXAtaWZyYW1lIGlmcmFtZXtib3gtc2l6aW5nOmJvcmRlci1ib3ghaW1wb3J0YW50fVthbXAtYWNjZXNzXVthbXAtYWNjZXNzLWhpZGVde2Rpc3BsYXk6bm9uZX1bc3Vic2NyaXB0aW9ucy1kaWFsb2ddLGJvZHk6bm90KC5pLWFtcGh0bWwtc3Vicy1yZWFkeSkgW3N1YnNjcmlwdGlvbnMtYWN0aW9uXSxib2R5Om5vdCguaS1hbXBodG1sLXN1YnMtcmVhZHkpIFtzdWJzY3JpcHRpb25zLXNlY3Rpb25de2Rpc3BsYXk6bm9uZSFpbXBvcnRhbnR9YW1wLWV4cGVyaW1lbnQsYW1wLWxpdmUtbGlzdD5bdXBkYXRlXXtkaXNwbGF5Om5vbmV9YW1wLWxpc3RbcmVzaXphYmxlLWNoaWxkcmVuXT4uaS1hbXBodG1sLWxvYWRpbmctY29udGFpbmVyLmFtcC1oaWRkZW57ZGlzcGxheTpub25lIWltcG9ydGFudH1hbXAtbGlzdCBbZmV0Y2gtZXJyb3JdLGFtcC1saXN0W2xvYWQtbW9yZV0gW2xvYWQtbW9yZS1idXR0b25dLGFtcC1saXN0W2xvYWQtbW9yZV0gW2xvYWQtbW9yZS1lbmRdLGFtcC1saXN0W2xvYWQtbW9yZV0gW2xvYWQtbW9yZS1mYWlsZWRdLGFtcC1saXN0W2xvYWQtbW9yZV0gW2xvYWQtbW9yZS1sb2FkaW5nXXtkaXNwbGF5Om5vbmV9YW1wLWxpc3RbZGlmZmFibGVdIGRpdltyb2xlPWxpc3Rde2Rpc3BsYXk6YmxvY2t9YW1wLXN0b3J5LXBhZ2UsYW1wLXN0b3J5W3N0YW5kYWxvbmVde21pbi1oZWlnaHQ6MXB4IWltcG9ydGFudDtkaXNwbGF5OmJsb2NrIWltcG9ydGFudDtoZWlnaHQ6MTAwJSFpbXBvcnRhbnQ7bWFyZ2luOjAhaW1wb3J0YW50O3BhZGRpbmc6MCFpbXBvcnRhbnQ7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDt3aWR0aDoxMDAlIWltcG9ydGFudH1hbXAtc3Rvcnlbc3RhbmRhbG9uZV17YmFja2dyb3VuZC1jb2xvcjojMDAwIWltcG9ydGFudDtwb3NpdGlvbjpyZWxhdGl2ZSFpbXBvcnRhbnR9YW1wLXN0b3J5LXBhZ2V7YmFja2dyb3VuZC1jb2xvcjojNzU3NTc1fWFtcC1zdG9yeSAuYW1wLWFjdGl2ZT5kaXYsYW1wLXN0b3J5IC5pLWFtcGh0bWwtbG9hZGVyLWJhY2tncm91bmR7ZGlzcGxheTpub25lIWltcG9ydGFudH1hbXAtc3RvcnktcGFnZTpub3QoOmZpcnN0LW9mLXR5cGUpOm5vdChbZGlzdGFuY2VdKTpub3QoW2FjdGl2ZV0pe3RyYW5zZm9ybTp0cmFuc2xhdGVZKDEwMDB2aCkhaW1wb3J0YW50fWFtcC1hdXRvY29tcGxldGV7cG9zaXRpb246cmVsYXRpdmUhaW1wb3J0YW50O2Rpc3BsYXk6aW5saW5lLWJsb2NrIWltcG9ydGFudH1hbXAtYXV0b2NvbXBsZXRlPmlucHV0LGFtcC1hdXRvY29tcGxldGU%2BdGV4dGFyZWF7cGFkZGluZzowLjVyZW07Ym9yZGVyOjFweCBzb2xpZCByZ2JhKDAsMCwwLDAuMzMpfS5pLWFtcGh0bWwtYXV0b2NvbXBsZXRlLXJlc3VsdHMsYW1wLWF1dG9jb21wbGV0ZT5pbnB1dCxhbXAtYXV0b2NvbXBsZXRlPnRleHRhcmVhe2ZvbnQtc2l6ZToxcmVtO2xpbmUtaGVpZ2h0OjEuNXJlbX1bYW1wLWZ4Xj1mbHktaW5de3Zpc2liaWxpdHk6aGlkZGVufWFtcC1zY3JpcHRbbm9kb21dLGFtcC1zY3JpcHRbc2FuZGJveGVkXXtwb3NpdGlvbjpmaXhlZCFpbXBvcnRhbnQ7dG9wOjAhaW1wb3J0YW50O3dpZHRoOjFweCFpbXBvcnRhbnQ7aGVpZ2h0OjFweCFpbXBvcnRhbnQ7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDt2aXNpYmlsaXR5OmhpZGRlbn1cbi8qIyBzb3VyY2VVUkw9L2Nzcy9hbXBkb2MuY3NzKi9baGlkZGVuXXtkaXNwbGF5Om5vbmUhaW1wb3J0YW50fS5pLWFtcGh0bWwtZWxlbWVudHtkaXNwbGF5OmlubGluZS1ibG9ja30uaS1hbXBodG1sLWJsdXJyeS1wbGFjZWhvbGRlcnt0cmFuc2l0aW9uOm9wYWNpdHkgMC4zcyBjdWJpYy1iZXppZXIoMC4wLDAuMCwwLjIsMSkhaW1wb3J0YW50O3BvaW50ZXItZXZlbnRzOm5vbmV9W2xheW91dD1ub2Rpc3BsYXldOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpe2Rpc3BsYXk6bm9uZSFpbXBvcnRhbnR9LmktYW1waHRtbC1sYXlvdXQtZml4ZWQsW2xheW91dD1maXhlZF1bd2lkdGhdW2hlaWdodF06bm90KC5pLWFtcGh0bWwtbGF5b3V0LWZpeGVkKXtkaXNwbGF5OmlubGluZS1ibG9jaztwb3NpdGlvbjpyZWxhdGl2ZX0uaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlLFtsYXlvdXQ9cmVzcG9uc2l2ZV1bd2lkdGhdW2hlaWdodF06bm90KC5pLWFtcGh0bWwtbGF5b3V0LXJlc3BvbnNpdmUpLFt3aWR0aF1baGVpZ2h0XVtoZWlnaHRzXTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlKSxbd2lkdGhdW2hlaWdodF1bc2l6ZXNdOm5vdChpbWcpOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtbGF5b3V0LXJlc3BvbnNpdmUpe2Rpc3BsYXk6YmxvY2s7cG9zaXRpb246cmVsYXRpdmV9LmktYW1waHRtbC1sYXlvdXQtaW50cmluc2ljLFtsYXlvdXQ9aW50cmluc2ljXVt3aWR0aF1baGVpZ2h0XTpub3QoLmktYW1waHRtbC1sYXlvdXQtaW50cmluc2ljKXtkaXNwbGF5OmlubGluZS1ibG9jaztwb3NpdGlvbjpyZWxhdGl2ZTttYXgtd2lkdGg6MTAwJX0uaS1hbXBodG1sLWxheW91dC1pbnRyaW5zaWMgLmktYW1waHRtbC1zaXplcnttYXgtd2lkdGg6MTAwJX0uaS1hbXBodG1sLWludHJpbnNpYy1zaXplcnttYXgtd2lkdGg6MTAwJTtkaXNwbGF5OmJsb2NrIWltcG9ydGFudH0uaS1hbXBodG1sLWxheW91dC1jb250YWluZXIsLmktYW1waHRtbC1sYXlvdXQtZml4ZWQtaGVpZ2h0LFtsYXlvdXQ9Y29udGFpbmVyXSxbbGF5b3V0PWZpeGVkLWhlaWdodF1baGVpZ2h0XTpub3QoLmktYW1waHRtbC1sYXlvdXQtZml4ZWQtaGVpZ2h0KXtkaXNwbGF5OmJsb2NrO3Bvc2l0aW9uOnJlbGF0aXZlfS5pLWFtcGh0bWwtbGF5b3V0LWZpbGwsLmktYW1waHRtbC1sYXlvdXQtZmlsbC5pLWFtcGh0bWwtbm90YnVpbHQsW2xheW91dD1maWxsXTpub3QoLmktYW1waHRtbC1sYXlvdXQtZmlsbCksYm9keSBub3NjcmlwdD4qe2Rpc3BsYXk6YmxvY2s7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDtwb3NpdGlvbjphYnNvbHV0ZTt0b3A6MDtsZWZ0OjA7Ym90dG9tOjA7cmlnaHQ6MH1ib2R5IG5vc2NyaXB0Pip7cG9zaXRpb246YWJzb2x1dGUhaW1wb3J0YW50O3dpZHRoOjEwMCU7aGVpZ2h0OjEwMCU7ei1pbmRleDoyfWJvZHkgbm9zY3JpcHR7ZGlzcGxheTppbmxpbmUhaW1wb3J0YW50fS5pLWFtcGh0bWwtbGF5b3V0LWZsZXgtaXRlbSxbbGF5b3V0PWZsZXgtaXRlbV06bm90KC5pLWFtcGh0bWwtbGF5b3V0LWZsZXgtaXRlbSl7ZGlzcGxheTpibG9jaztwb3NpdGlvbjpyZWxhdGl2ZTstbXMtZmxleDoxIDEgYXV0bztmbGV4OjEgMSBhdXRvfS5pLWFtcGh0bWwtbGF5b3V0LWZsdWlke3Bvc2l0aW9uOnJlbGF0aXZlfS5pLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZHtvdmVyZmxvdzpoaWRkZW4haW1wb3J0YW50fS5pLWFtcGh0bWwtbGF5b3V0LWF3YWl0aW5nLXNpemV7cG9zaXRpb246YWJzb2x1dGUhaW1wb3J0YW50O3RvcDphdXRvIWltcG9ydGFudDtib3R0b206YXV0byFpbXBvcnRhbnR9aS1hbXBodG1sLXNpemVye2Rpc3BsYXk6YmxvY2shaW1wb3J0YW50fUBzdXBwb3J0cyAoYXNwZWN0LXJhdGlvOjEvMSl7aS1hbXBodG1sLXNpemVyLmktYW1waHRtbC1kaXNhYmxlLWFye2Rpc3BsYXk6bm9uZSFpbXBvcnRhbnR9fS5pLWFtcGh0bWwtYmx1cnJ5LXBsYWNlaG9sZGVyLC5pLWFtcGh0bWwtZmlsbC1jb250ZW50e2Rpc3BsYXk6YmxvY2s7aGVpZ2h0OjA7bWF4LWhlaWdodDoxMDAlO21heC13aWR0aDoxMDAlO21pbi1oZWlnaHQ6MTAwJTttaW4td2lkdGg6MTAwJTt3aWR0aDowO21hcmdpbjphdXRvfS5pLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZCAuaS1hbXBodG1sLWZpbGwtY29udGVudHtwb3NpdGlvbjphYnNvbHV0ZTt0b3A6MDtsZWZ0OjA7Ym90dG9tOjA7cmlnaHQ6MH0uaS1hbXBodG1sLXJlcGxhY2VkLWNvbnRlbnQsLmktYW1waHRtbC1zY3JlZW4tcmVhZGVye3BhZGRpbmc6MCFpbXBvcnRhbnQ7Ym9yZGVyOm5vbmUhaW1wb3J0YW50fS5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcntwb3NpdGlvbjpmaXhlZCFpbXBvcnRhbnQ7dG9wOjBweCFpbXBvcnRhbnQ7bGVmdDowcHghaW1wb3J0YW50O3dpZHRoOjRweCFpbXBvcnRhbnQ7aGVpZ2h0OjRweCFpbXBvcnRhbnQ7b3BhY2l0eTowIWltcG9ydGFudDtvdmVyZmxvdzpoaWRkZW4haW1wb3J0YW50O21hcmdpbjowIWltcG9ydGFudDtkaXNwbGF5OmJsb2NrIWltcG9ydGFudDt2aXNpYmlsaXR5OnZpc2libGUhaW1wb3J0YW50fS5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcn4uaS1hbXBodG1sLXNjcmVlbi1yZWFkZXJ7bGVmdDo4cHghaW1wb3J0YW50fS5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcn4uaS1hbXBodG1sLXNjcmVlbi1yZWFkZXJ%2BLmktYW1waHRtbC1zY3JlZW4tcmVhZGVye2xlZnQ6MTJweCFpbXBvcnRhbnR9LmktYW1waHRtbC1zY3JlZW4tcmVhZGVyfi5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcn4uaS1hbXBodG1sLXNjcmVlbi1yZWFkZXJ%2BLmktYW1waHRtbC1zY3JlZW4tcmVhZGVye2xlZnQ6MTZweCFpbXBvcnRhbnR9LmktYW1waHRtbC11bnJlc29sdmVke3Bvc2l0aW9uOnJlbGF0aXZlO292ZXJmbG93OmhpZGRlbiFpbXBvcnRhbnR9LmktYW1waHRt&i=2-12&t=adltag_lpih9czz_W9obowm8wS&r=539d526d4c7c66f8610298b3ad7676f&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24009
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
shgAh2uATCKRIyd0Pn97vDjhVOY0btEqatHdRyZWMgQpuEAK6jtzHg==
tag
setupad-hai-tagan.adlightning.com/ 		0
419 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=bC1zZWxlY3QtZGlzYWJsZWR7LXdlYmtpdC11c2VyLXNlbGVjdDpub25lIWltcG9ydGFudDstbXMtdXNlci1zZWxlY3Q6bm9uZSFpbXBvcnRhbnQ7dXNlci1zZWxlY3Q6bm9uZSFpbXBvcnRhbnR9LmktYW1waHRtbC1ub3RidWlsdCxbbGF5b3V0XTpub3QoLmktYW1waHRtbC1lbGVtZW50KSxbd2lkdGhdW2hlaWdodF1baGVpZ2h0c106bm90KFtsYXlvdXRdKTpub3QoLmktYW1waHRtbC1lbGVtZW50KSxbd2lkdGhdW2hlaWdodF1bc2l6ZXNdOm5vdChpbWcpOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCl7cG9zaXRpb246cmVsYXRpdmU7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDtjb2xvcjp0cmFuc3BhcmVudCFpbXBvcnRhbnR9LmktYW1waHRtbC1ub3RidWlsdDpub3QoLmktYW1waHRtbC1sYXlvdXQtY29udGFpbmVyKT4qLFtsYXlvdXRdOm5vdChbbGF5b3V0PWNvbnRhaW5lcl0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpPiosW3dpZHRoXVtoZWlnaHRdW2hlaWdodHNdOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCk%2BKixbd2lkdGhdW2hlaWdodF1bc2l6ZXNdOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCk%2BKntkaXNwbGF5Om5vbmV9YW1wLWltZzpub3QoLmktYW1waHRtbC1lbGVtZW50KVtpLWFtcGh0bWwtc3NyXT5pbWcuaS1hbXBodG1sLWZpbGwtY29udGVudHtkaXNwbGF5OmJsb2NrfS5pLWFtcGh0bWwtbm90YnVpbHQ6bm90KC5pLWFtcGh0bWwtbGF5b3V0LWNvbnRhaW5lciksW2xheW91dF06bm90KFtsYXlvdXQ9Y29udGFpbmVyXSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCksW3dpZHRoXVtoZWlnaHRdW2hlaWdodHNdOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCksW3dpZHRoXVtoZWlnaHRdW3NpemVzXTpub3QoaW1nKTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpe2NvbG9yOnRyYW5zcGFyZW50IWltcG9ydGFudDtsaW5lLWhlaWdodDowIWltcG9ydGFudH0uaS1hbXBodG1sLWdob3N0e3Zpc2liaWxpdHk6aGlkZGVuIWltcG9ydGFudH0uaS1hbXBodG1sLWVsZW1lbnQ%2BW3BsYWNlaG9sZGVyXSxbbGF5b3V0XTpub3QoLmktYW1waHRtbC1lbGVtZW50KT5bcGxhY2Vob2xkZXJdLFt3aWR0aF1baGVpZ2h0XVtoZWlnaHRzXTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpPltwbGFjZWhvbGRlcl0sW3dpZHRoXVtoZWlnaHRdW3NpemVzXTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpPltwbGFjZWhvbGRlcl17ZGlzcGxheTpibG9jaztsaW5lLWhlaWdodDpub3JtYWx9LmktYW1waHRtbC1lbGVtZW50PltwbGFjZWhvbGRlcl0uYW1wLWhpZGRlbiwuaS1hbXBodG1sLWVsZW1lbnQ%2BW3BsYWNlaG9sZGVyXS5oaWRkZW57dmlzaWJpbGl0eTpoaWRkZW59LmktYW1waHRtbC1lbGVtZW50Om5vdCguYW1wLW5vdHN1cHBvcnRlZCk%2BW2ZhbGxiYWNrXSwuaS1hbXBodG1sLWxheW91dC1jb250YWluZXI%2BW3BsYWNlaG9sZGVyXS5hbXAtaGlkZGVuLC5pLWFtcGh0bWwtbGF5b3V0LWNvbnRhaW5lcj5bcGxhY2Vob2xkZXJdLmhpZGRlbntkaXNwbGF5Om5vbmV9LmktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkPltmYWxsYmFja10sLmktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkPltwbGFjZWhvbGRlcl17cG9zaXRpb246YWJzb2x1dGUhaW1wb3J0YW50O3RvcDowIWltcG9ydGFudDtsZWZ0OjAhaW1wb3J0YW50O3JpZ2h0OjAhaW1wb3J0YW50O2JvdHRvbTowIWltcG9ydGFudDt6LWluZGV4OjF9YW1wLWltZ1tpLWFtcGh0bWwtc3NyXTpub3QoLmktYW1waHRtbC1lbGVtZW50KT5bcGxhY2Vob2xkZXJde3otaW5kZXg6YXV0b30uaS1hbXBodG1sLW5vdGJ1aWx0PltwbGFjZWhvbGRlcl17ZGlzcGxheTpibG9jayFpbXBvcnRhbnR9LmktYW1waHRtbC1oaWRkZW4tYnktbWVkaWEtcXVlcnl7ZGlzcGxheTpub25lIWltcG9ydGFudH0uaS1hbXBodG1sLWVsZW1lbnQtZXJyb3J7YmFja2dyb3VuZDpyZWQhaW1wb3J0YW50O2NvbG9yOiNmZmYhaW1wb3J0YW50O3Bvc2l0aW9uOnJlbGF0aXZlIWltcG9ydGFudH0uaS1hbXBodG1sLWVsZW1lbnQtZXJyb3I6YmVmb3Jle2NvbnRlbnQ6YXR0cihlcnJvci1tZXNzYWdlKX1pLWFtcC1zY3JvbGwtY29udGFpbmVyLGktYW1waHRtbC1zY3JvbGwtY29udGFpbmVye3Bvc2l0aW9uOmFic29sdXRlO3RvcDowO2xlZnQ6MDtyaWdodDowO2JvdHRvbTowO2Rpc3BsYXk6YmxvY2t9aS1hbXAtc2Nyb2xsLWNvbnRhaW5lci5hbXAtYWN0aXZlLGktYW1waHRtbC1zY3JvbGwtY29udGFpbmVyLmFtcC1hY3RpdmV7b3ZlcmZsb3c6YXV0bzstd2Via2l0LW92ZXJmbG93LXNjcm9sbGluZzp0b3VjaH0uaS1hbXBodG1sLWxvYWRpbmctY29udGFpbmVye2Rpc3BsYXk6YmxvY2shaW1wb3J0YW50O3BvaW50ZXItZXZlbnRzOm5vbmU7ei1pbmRleDoxfS5pLWFtcGh0bWwtbm90YnVpbHQ%2BLmktYW1waHRtbC1sb2FkaW5nLWNvbnRhaW5lcntkaXNwbGF5OmJsb2NrIWltcG9ydGFudH0uaS1hbXBodG1sLWxvYWRpbmctY29udGFpbmVyLmFtcC1oaWRkZW57dmlzaWJpbGl0eTpoaWRkZW59LmktYW1waHRtbC1lbGVtZW50PltvdmVyZmxvd117Y3Vyc29yOnBvaW50ZXI7cG9zaXRpb246cmVsYXRpdmU7ei1pbmRleDoyO3Zpc2liaWxpdHk6aGlkZGVuO2Rpc3BsYXk6aW5pdGlhbDtsaW5lLWhlaWdodDpub3JtYWx9LmktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkPltvdmVyZmxvd117cG9zaXRpb246YWJzb2x1dGV9LmktYW1waHRtbC1lbGVtZW50PltvdmVyZmxvd10uYW1wLXZpc2libGV7dmlzaWJpbGl0eTp2aXNpYmxlfXRlbXBsYXRle2Rpc3BsYXk6bm9uZSFpbXBvcnRhbnR9LmFtcC1ib3JkZXItYm94LC5hbXAtYm9yZGVyLWJveCAqLC5hbXAtYm9yZGVyLWJveCA6YWZ0ZXIsLmFtcC1ib3JkZXItYm94IDpiZWZvcmV7Ym94LXNpemluZzpib3JkZXItYm94fWFtcC1waXhlbHtkaXNwbGF5Om5vbmUhaW1wb3J0YW50fWFtcC1hbmFseXRpY3MsYW1wLWF1dG8tYWRzLGFtcC1zdG9yeS1hdXRvLWFkc3twb3NpdGlvbjpmaXhlZCFpbXBvcnRhbnQ7dG9wOjAhaW1wb3J0YW50O3dpZHRoOjFweCFpbXBvcnRhbnQ7aGVpZ2h0OjFweCFpbXBvcnRhbnQ7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDt2aXNpYmlsaXR5OmhpZGRlbn1hbXAtc3Rvcnl7dmlzaWJpbGl0eTpoaWRkZW4haW1wb3J0YW50fWh0bWwuaS1hbXBodG1sLWZpZT5hbXAtYW5hbHl0aWNze3Bvc2l0aW9uOmluaXRpYWwhaW1wb3J0YW50fVt2aXNpYmxlLXdoZW4taW52YWxpZF06bm90KC52aXNpYmxlKSxmb3JtIFtzdWJtaXQtZXJyb3JdLGZvcm0gW3N1Ym1pdC1zdWNjZXNzXSxmb3JtIFtzdWJtaXR0aW5nXXtkaXNwbGF5Om5vbmV9YW1wLWFjY29yZGlvbntkaXNwbGF5OmJsb2NrIWltcG9ydGFudH1AbWVkaWEgKG1pbi13aWR0aDoxcHgpezp3aGVyZShhbXAtYWNjb3JkaW9uPnNlY3Rpb24pPjpmaXJzdC1jaGlsZHttYXJnaW46MDtiYWNrZ3JvdW5kLWNvbG9yOiNlZmVmZWY7cGFkZGluZy1yaWdodDoyMHB4O2JvcmRlcjoxcHggc29saWQgI2RmZGZkZn06d2hlcmUoYW1wLWFjY29yZGlvbj5zZWN0aW9uKT46bGFzdC1jaGlsZHttYXJnaW46MH19YW1wLWFjY29yZGlvbj5zZWN0aW9ue2Zsb2F0Om5vbmUhaW1wb3J0YW50fWFtcC1hY2NvcmRpb24%2Bc2VjdGlvbj4qe2Zsb2F0Om5vbmUhaW1wb3J0YW50O2Rpc3BsYXk6YmxvY2shaW1wb3J0YW50O292ZXJmbG93OmhpZGRlbiFpbXBvcnRhbnQ7cG9zaXRpb246cmVsYXRpdmUhaW1wb3J0YW50fWFtcC1hY2NvcmRpb24sYW1wLWFjY29yZGlvbj5zZWN0aW9ue21hcmdpbjowfWFtcC1hY2NvcmRpb246bm90KC5pLWFtcGh0bWwtYnVpbHQpPnNlY3Rpb24%2BOmxhc3QtY2hpbGR7ZGlzcGxheTpub25lIWltcG9ydGFudH1hbXAtYWNjb3JkaW9uOm5vdCguaS1hbXBodG1sLWJ1aWx0KT5zZWN0aW9uW2V4cGFuZGVkXT46bGFzdC1jaGlsZHtkaXNwbGF5OmJsb2NrIWltcG9ydGFudH1cbi8qIyBzb3VyY2VVUkw9L2Nzcy9hbXBzaGFyZWQuY3NzKi9odG1sLmktYW1waHRtbC1pbmFib3h7d2lkdGg6MTAwJSFpbXBvcnRhbnQ7aGVpZ2h0OjEwMCUhaW1wb3J0YW50fWh0bWwuaS1hbXBodG1sLWluYWJveD5ib2R5e3Bvc2l0aW9uOmluaXRpYWwhaW1wb3J0YW50fTwvc3R5bGU%2BPG1ldGEgY29udGVudD1cInZlbmRvcj1kb3VibGVjbGljayx0eXBlPWltcHJlc3Npb24taWQsdmFsdWU9Q01pRjJ0Zjk1b0lERmM4RGlnTWRfTHdJVEFcIiBuYW1lPWFtcDRhZHMtaWQ%2BPG1ldGEgY29udGVudD1cIkF2aDVOeTBYRUZDeVE3K29OaWVYc2tVcnFZOGVkVXpMNS9YcndLbEdqQVJRSFc0VEZSSytqVmQ1SG5ESXBZMjBuNU9MSGZnVTRrdTd4NDhOM3VoRy9BMEFBQUJ4ZXlKdmNtbG5hVzRpT2lKb2RIUndjem92TDJSdmRXSnNaV05zYVdOckxtNWxkRG8wTkRNaUxDSm1aV0YwZFhKbElqb2lVSEpwZG1GamVWTmhibVJpYjNoQlpITkJVRWx6SWl3aVpYaHdhWEo1SWpveE5qazFNVFkzT1RrNUxDSnBjMU4xWW1SdmJXRnBiaUk2ZEhKMVpYMD1cIiBodHRwLWVxdWl2PW9yaWdpbi10cmlhbD48bWV0YSBjb250ZW50PVwiQWtGSXRKbW82YkY5VG5DeWV4N2s4cktYS0tKQkZFcmxyVnZjSGkrREp1TlFDSWRjbEJNamNmRzFieG9EL0hlQ0pOcnFkZnM4YjN0R1NWUFJFUlUyaWdzQUFBQjNleUp2Y21sbmFXNGlPaUpvZEhSd2N6b3ZMMmR2YjJkc1pYTjVibVJwWTJGMGFXOXVMbU52YlRvME5ETWlMQ0ptWldGMGRYSmxJam9pVUhKcGRtRmplVk5oYm1SaWIzaEJaSE5CVUVseklpd2laWGh3YVhKNUlqb3hOamsxTVRZM09UazVMQ0pwYzFOMVltUnZiV0ZwYmlJNmRISjFaWDA9XCIgaHR0cC1lcXVpdj1vcmlnaW4tdHJpYWw%2BPGxpbmsgYXM9c2NyaXB0IGhyZWY9aHR0cHM6Ly9jZG4uYW1wcHJvamVjdC5vcmcvcnR2LzAxMjMxMDMwMTQ1NjAwMC9hbXA0YWRzLXYwLm1qcyByZWw9cHJlbG9hZD48c2NyaXB0IGFzeW5jIHNyYz1odHRwczovL2Nkbi5hbXBwcm9qZWN0Lm9yZy9ydHYvMDEyMzEwMzAxNDU2MDAwL2FtcDRhZHMtdjAubWpzPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmMgY3VzdG9tLWVsZW1lbnQ9YW1wLWFkLWV4aXQgc3JjPWh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnL3J0di8wMTIzMTAzMDE0NTYwMDAvdjAvYW1wLWFkLWV4aXQtMC4xLm1qcz48L3NjcmlwdD48c2NyaXB0IGFzeW5jIGN1c3RvbS1lbGVtZW50PWFtcC1hbmFseXRpY3Mgc3JjPWh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnL3J0di8wMTIzMTAzMDE0NTYwMDAvdjAvYW1wLWFuYWx5dGljcy0wLjEubWpzPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmMgY3VzdG9tLWVsZW1lbnQ9YW1wLWZpdC10ZXh0IHNyYz1odHRwczovL2Nkbi5hbXBwcm9qZWN0Lm9yZy9ydHYvMDEyMzEwMzAxNDU2MDAwL3YwL2FtcC1maXQtdGV4dC0wLjEubWpzPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmMgY3VzdG9tLWVsZW1lbnQ9YW1wLWZvcm0gc3JjPWh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnL3J0di8wMTIzMTAzMDE0NTYwMDAvdjAvYW1wLWZvcm0tMC4xLm1qcz48L3NjcmlwdD48c2NyaXB0IGFzeW5jIGN1c3RvbS1lbGVtZW50PWFtcC1nd2QtYW5pbWF0aW9uIGRhdGEtc291cmNlPWh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnL3YwL2FtcC1nd2QtYW5pbWF0aW9uLTAuMS5qcyBzcmM9aHR0cHM6Ly9jZG4uYW1wcHJvamVjdC5vcmcvcnR2LzAxMjMxMDMwMTQ1NjAwMC92MC9hbXAtZ3dkLWFuaW1hdGlvbi0wLjEubWpzPjwvc2NyaXB0PjxzdHlsZSBhbXAtY3VzdG9tPi5hYmdjIHtwb3NpdGlvbjphYnNvbHV0ZTt6LWluZGV4OjIxNDc0ODM2NDY7cmlnaHQ6MDt0b3A6MDt9LmFiZ2MgYW1wLWltZywgLmFiZ2MgaW1nIHtkaXNwbGF5OmJsb2NrO30uYWJncyB7cG9zaXRpb246YWJzb2x1dGU7LXdlYmtpdC10cmFuc2Zvcm06dHJhbnNsYXRlWCg5MnB4KTt0cmFuc2Zvcm06dHJhbnNsYXRlWCg5MnB4KTtyaWdodDoxN3B4O3RvcDoxcHg7fS5hYmdjcCB7cG9zaXRpb246YWJzb2x1dGU7cmlnaHQ6MDt0b3A6MDt3&i=3-12&t=adltag_lpih9czz_W9obowm8wS&r=539d526d4c7c66f8610298b3ad7676f&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24009
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
OkUrAj6WCEhSOkwPO0RIw2nP_IS9twYP4K2uV3dxTZ4J_do1G6sRKw==
tag
setupad-hai-tagan.adlightning.com/ 		0
420 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=aWR0aDozMnB4O2hlaWdodDoxNXB4O3BhZGRpbmctbGVmdDoxMHB4O3BhZGRpbmctYm90dG9tOjEwcHg7fS5hYmdiIHtwb3NpdGlvbjpyZWxhdGl2ZTttYXJnaW4tcmlnaHQ6MTdweDt0b3A6MXB4O30uYWJnYzpob3ZlciAuYWJncyB7LXdlYmtpdC10cmFuc2Zvcm06bm9uZTt0cmFuc2Zvcm06bm9uZTt9LmNiYntkaXNwbGF5OmJsb2NrO3Bvc2l0aW9uOmFic29sdXRlO3JpZ2h0OjFweDt0b3A6MXB4O2N1cnNvcjpwb2ludGVyO2hlaWdodDoxNXB4O3dpZHRoOjE1cHg7ei1pbmRleDo5MDIwO3BhZGRpbmctbGVmdDoxNnB4O31AbWVkaWEgKG1heC13aWR0aDozNzVweCkgYW5kIChtaW4taGVpZ2h0OjEwMHB4KXsuYnRue2Rpc3BsYXk6YmxvY2s7d2lkdGg6OTAlO21heC13aWR0aDoyNDBweDttYXJnaW4tbGVmdDphdXRvO21hcmdpbi1yaWdodDphdXRvfX0jc3B2MSBhbXAtZml0LXRleHQ%2BZGl2ey13ZWJraXQtanVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnQ7anVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnR9LmptLnNoICNzcHYxIGFtcC1maXQtdGV4dD5kaXZ7LXdlYmtpdC1qdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyO2p1c3RpZnktY29udGVudDpjZW50ZXJ9Lmp0IC5wbiBhbXAtZml0LXRleHQ%2BZGl2ey13ZWJraXQtanVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnQ7anVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnR9I3NidG46aG92ZXIsI3NidG46YWN0aXZle2JhY2tncm91bmQtY29sb3I6I2Y1ZjVmNX0jcmJ0bjpob3ZlciwjcmJ0bjphY3RpdmV7YmFja2dyb3VuZC1jb2xvcjojMzI3NWU1fSNtdGF7bGVmdDowO30jbXRhIGlucHV0W3R5cGU9XCJyYWRpb1wiXXtkaXNwbGF5Om5vbmV9I210YSAucG57cmlnaHQ6LTk3MHB4O3RvcDotMjUwcHg7d2lkdGg6OTcwcHg7aGVpZ2h0OjI1MHB4O30uc2ggI3NwdjJ7LXdlYmtpdC1mbGV4LWRpcmVjdGlvbjpyb3c7ZmxleC1kaXJlY3Rpb246cm93Oy13ZWJraXQtanVzdGlmeS1jb250ZW50OmNlbnRlcjtqdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyfS5zaC5zciAjc3B2Mnstd2Via2l0LWp1c3RpZnktY29udGVudDpmbGV4LXN0YXJ0O2p1c3RpZnktY29udGVudDpmbGV4LXN0YXJ0fS5qdC5zdiAjc3B2Mnstd2Via2l0LWp1c3RpZnktY29udGVudDpmbGV4LXN0YXJ0O2p1c3RpZnktY29udGVudDpmbGV4LXN0YXJ0Oy13ZWJraXQtYWxpZ24taXRlbXM6Y2VudGVyO2FsaWduLWl0ZW1zOmNlbnRlcn0jc3B2MiAqey1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveH0jc3ByMTpjaGVja2VkIH4gI2NiYiwjc3ByMjpjaGVja2VkIH4gI2NiYiwjc3ByMzpjaGVja2VkIH4gI2NiYntkaXNwbGF5Om5vbmV9LmFtcC1hbmltYXRlICNzcHY0e29wYWNpdHk6MDt0cmFuc2l0aW9uOm9wYWNpdHkgLjVzIGxpbmVhciAyLjVzfS5hbXAtYW5pbWF0ZSAgI3NwdjMgYW1wLWZpdC10ZXh0e29wYWNpdHk6MTt0cmFuc2l0aW9uOm9wYWNpdHkgLjVzIGxpbmVhciAyc30jc3ByMzpjaGVja2VkIH4gI3NwdjMgYW1wLWZpdC10ZXh0e29wYWNpdHk6MH0jc3ByMzpjaGVja2VkIH4gI3NwdjR7b3BhY2l0eToxfSNzcHIxOmNoZWNrZWQgfiAjc3B2MSwjc3ByMjpjaGVja2VkIH4gI3NwdjIsI3NwcjM6Y2hlY2tlZCB%2BICNzcHYzLCNzcHIzOmNoZWNrZWQgfiAjc3B2NHtyaWdodDowcHg7dG9wOjBweH1bZGlyPVwicnRsXCJdIC5jbG9zZXt0cmFuc2Zvcm06c2NhbGVYKC0xKX0uY3Qgc3Zne2JvcmRlcjowO21hcmdpbjowIDAgLS40NWVtIDA7ZGlzcGxheTppbmxpbmUtYmxvY2s7aGVpZ2h0OjEuMzhlbTtvcGFjaXR5Oi40fSN0aXt3aWR0aDo5NzBweH0jYnRuc3t3aWR0aDo5NzBweH0uZmx7d2lkdGg6OTcwcHg7aGVpZ2h0OjI1MHB4O30jc3ByNDpjaGVja2VkIH4gI2NiYiwjc3ByNTpjaGVja2VkIH4gI2NiYntkaXNwbGF5Om5vbmV9I3NwcjU6Y2hlY2tlZCB%2BICNzcHY1e3JpZ2h0OjBweDt0b3A6MHB4fSNhYnRuOmhvdmVyLCNhYnRuOmFjdGl2ZXtiYWNrZ3JvdW5kLWNvbG9yOiMzMjc1ZTV9I210YSAuZmwgPiBkaXZ7anVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnR9LnB0IC5waDpiZWZvcmV7cG9zaXRpb246YWJzb2x1dGU7Y29udGVudDpcIlwiO2hlaWdodDoyMHB4O3dpZHRoOjIwcHg7bGVmdDotNHB4O2JvdHRvbTotM3B4O21hcmdpbi1sZWZ0OjRweDtiYWNrZ3JvdW5kLWNvbG9yOiNmZmY7LXdlYmtpdC10cmFuc2l0aW9uOnRyYW5zZm9ybSAuNHM7dHJhbnNpdGlvbjp0cmFuc2Zvcm0gLjRzO2JveC1zaGFkb3c6MCAxcHggMnB4IDAgcmdiYSg2MCw2NCw2NywuMyksIDAgMXB4IDNweCAxcHggcmdiYSg2MCw2NCw2NywuMTUpO2JvcmRlci1yYWRpdXM6NTAlfS5wdCBpbnB1dDpjaGVja2VkICsgLnBoe2JhY2tncm91bmQtY29sb3I6cmdiYSg2NiwxMzMsMjQ0LC41KX0ucHQgaW5wdXQ6Zm9jdXMgKyAucGh7Ym94LXNoYWRvdzowIDAgMXB4ICM0Mjg1ZjR9LnB0IGlucHV0OmNoZWNrZWQgKyAucGg6YmVmb3Jley13ZWJraXQtdHJhbnNmb3JtOnRyYW5zbGF0ZVgoMTZweCk7LW1zLXRyYW5zZm9ybTp0cmFuc2xhdGVYKDE2cHgpO3RyYW5zZm9ybTp0cmFuc2xhdGVYKDE2cHgpO3RyYW5zaXRpb246dHJhbnNmb3JtIC40cztiYWNrZ3JvdW5kLWNvbG9yOiMxYTczZTh9LnNie2hlaWdodDo1MHB4fS5zb3t3aWR0aDo5NnB4O2hlaWdodDo1MHB4O30uc286aG92ZXIsLnNvOmFjdGl2ZXtiYWNrZ3JvdW5kLWNvbG9yOiNmNWY1ZjV9QG1lZGlhIChtaW4taGVpZ2h0OjU0cHgpey5zaC5zcyAuc28sLnN2IC5zb3tib3gtc2hhZG93OjBweCAwcHggMnB4IHJnYmEoMCwwLDAsLjEyKSwgMHB4IDFweCAzcHggcmdiYSgwLDAsMCwuMjYpO2JvcmRlcjpub25lfX0uc2ggLnNve21hcmdpbi1sZWZ0Oi0xcHg7Ym94LXNoYWRvdzpub25lfS5zaCAuc286Zmlyc3QtY2hpbGR7bWFyZ2luLWxlZnQ6MH0uc2guc3MgLnNve21hcmdpbi1sZWZ0OjhweH0uc2guc3MgLnNvOmZpcnN0LWNoaWxke21hcmdpbi1sZWZ0OjB9LnNoLmp0IC5zYnttYXJnaW4tdG9wOjhweH0uc3YgLnNvLC5zaC5zcyAuc297Ym9yZGVyLXJhZGl1czoycHh9I2dvb2dsZV91cGxvYWRlZF9hNGF7cG9zaXRpb246YWJzb2x1dGU7bGVmdDowO3RvcDowO3otaW5kZXg6MjE0NzQ4MzYzNn0jZ29vZ2xlX3VwbG9hZGVkX2E0YXt3aWR0aDogMTAwJTsgaGVpZ2h0OiAxMDAlfSAjeC1hNGEtZm9ybWVyLWJvZHl7bWFyZ2luOiAwOyBkaXNwbGF5OiBibG9jazsgcG9zaXRpb246IHJlbGF0aXZlOyBwYWRkaW5nOiAwOyB0cmFuc2Zvcm06IHRyYW5zbGF0ZVooMCk7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGVaKDApOyAtbW96LXRyYW5zZm9ybTogdHJhbnNsYXRlWigwKX0gI2dvb2dsZV91cGxvYWRlZF9hNGEge2Rpc3BsYXk6IGJsb2NrOyBwb3NpdGlvbjogcmVsYXRpdmU7IG1hcmdpbjogMDsgcGFkZGluZzogMDsgdHJhbnNmb3JtOiB0cmFuc2xhdGVaKDApOyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlWigwKTsgLW1vei10cmFuc2Zvcm06IHRyYW5zbGF0ZVooMCl9XG4jYTRhLWJhbm5lcndpc2Uge3Bvc2l0aW9uOiBhYnNvbHV0ZTsgb3ZlcmZsb3c6IGhpZGRlbjsgYm9yZGVyOiAwOyBjdXJzb3I6IHBvaW50ZXI7IHRyYW5zZm9ybTogbWF0cml4M2QoMSwgMCwgMCwgMCwgMCwgMSwgMCwgMCwgMCwgMCwgMSwgMCwgMCwgMCwgMCwgMSk7IC13ZWJraXQtdHJhbnNmb3JtOiBtYXRyaXgzZCgxLCAwLCAwLCAwLCAwLCAxLCAwLCAwLCAwLCAwLCAxLCAwLCAwLCAwLCAwLCAxKTsgY3Vyc29yOiBwb2ludGVyOyBvdmVyZmxvdzogaGlkZGVuOyB3aWR0aDogOTcwcHg7IGhlaWdodDogMjUwcHg7IGJhY2tncm91bmQ6ICNmNGY0ZjR9XG4jYTRhLWJhbm5lcndpc2UsICNhNGEtYmFubmVyd2lzZSAqLCAjYTRhLWJhbm5lcndpc2UgKjpiZWZvcmUsICNhNGEtYmFubmVyd2lzZSAqOmFmdGVyIHtib3gtc2l6aW5nOiBib3JkZXItYm94OyBvdXRsaW5lOiAwOyAtbXMtdGV4dC1zaXplLWFkanVzdDogbm9uZTsgLW1vei10ZXh0LXNpemUtYWRqdXN0OiBub25lOyAtd2Via2l0LXRleHQtc2l6ZS1hZGp1c3Q6IG5vbmV9XG4jYTRhLWJhbm5lcndpc2UgLmE0YS1ib3JkZXIge3Bvc2l0aW9uOiBhYnNvbHV0ZTsgei1pbmRleDogOTk5OX1cbiNhNGEtYmFubmVyd2lzZSAuYTRhLWJvcmRlci5hNGEtYm9yZGVyLXRvcCB7dG9wOiAwOyBsZWZ0OiAwOyB3aWR0aDogMTAwJX1cbiNhNGEtYmFubmVyd2lzZSAuYTRhLWJvcmRlci5hNGEtYm9yZGVyLWxlZnQge3RvcDogMDsgbGVmdDogMDsgaGVpZ2h0OiAxMDAlfVxuI2E0YS1iYW5uZXJ3aXNlIC5hNGEtYm9yZGVyLmE0YS1ib3JkZXItYm90dG9tIHtsZWZ0OiAwOyBib3R0b206IDA7IHdpZHRoOiAxMDAlfVxuI2E0YS1iYW5uZXJ3aXNlIC5hNGEtYm9yZGVyLmE0YS1ib3JkZXItcmlnaHQge3RvcDogMDsgcmlnaHQ6IDA7IGhlaWdodDogMTAwJX1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1kb2N1bWVudC1ib2R5IHttYXJnaW46IDB9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50IHtwb3NpdGlvbjogYWJzb2x1dGU7IGRpc3BsYXk6IGJsb2NrOyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDAsIDAsIDApOyBvdmVyZmxvdzogaGlkZGVuOyBvcGFjaXR5OiAwOyBmb250LXNpemU6IDA7IGxpbmUtaGVpZ2h0OiAwfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudDpiZWZvcmUge2NvbnRlbnQ6IFwiXCI7IGRpc3BsYXk6IGlubGluZS1ibG9jazsgaGVpZ2h0OiAxMDAlOyBtYXJnaW4tbGVmdDogMDsgZm9udC1zaXplOiAwfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC5hNGEtZnJvbS10b3A6YmVmb3JlIHt2ZXJ0aWNhbC1hbGlnbjogdG9wfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC5hNGEtZnJvbS10b3AgLmE0YS1iLWVsZW1lbnQtdGV4dCB7dmVydGljYWwtYWxpZ246IHRvcH1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQuYTRhLWZyb20tbWlkZGxlOmJlZm9yZSB7dmVydGljYWwtYWxpZ246IG1pZGRsZX1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQuYTRhLWZyb20tbWlkZGxlIC5hNGEtYi1lbGVtZW50LXRleHQge3ZlcnRpY2FsLWFsaWduOiBtaWRkbGV9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50LmE0YS1mcm9tLWJvdHRvbTpiZWZvcmUge3ZlcnRpY2FsLWFsaWduOiBib3R0b219XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50LmE0YS1mcm9tLWJvdHRvbSAuYTRhLWItZWxlbWVudC10ZXh0IHt2ZXJ0aWNhbC1hbGlnbjogYm90dG9tfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC5hNGEtZnJvbS1sZWZ0IHt0ZXh0LWFsaWduOiBsZWZ0fVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC5hNGEtZnJvbS1jZW50ZXIge3RleHQtYWxpZ246IGNlbnRlcn1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQuYTRhLWZyb20tcmlnaHQge3RleHQtYWxpZ246IHJpZ2h0fVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC5hNGEtb25lLWxpbmUgLmE0YS1iLWVsZW1lbnQtdGFibGUge3RhYmxlLWxheW91dDogZml4ZWR9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50LmE0YS1vbmUtbGluZSAuYTRhLWItZWxlbWVudC1jZWxsIHt3aGl0ZS1zcGFjZTogbm93cmFwOyBvdmVyZmxvdzogaGlkZGVuOyB0ZXh0LW92ZXJmbG93OiBlbGxpcHNpc31cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQuYTRhLW9uZS1saW5lIGJyIHtkaXNwbGF5OiBub25lfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC10ZXh0IHtwb3NpdGlvbjogcmVsYXRpdmU7&i=4-12&t=adltag_lpih9czz_W9obowm8wS&r=539d526d4c7c66f8610298b3ad7676f&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 08:32:58 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24009
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
LmKWKVp7hvAWX0VjFoErmPkZChDeedI5WfIaZFcZyfQQGv8NxY22Bg==
tag
setupad-hai-tagan.adlightning.com/ 		0
419 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=IGRpc3BsYXk6IGlubGluZS1ibG9jazsgb3V0bGluZTogMDsgYm9yZGVyLXN0eWxlOiBzb2xpZH1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQtYnV0dG9uIHtvdmVyZmxvdzogdmlzaWJsZX1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQtdGFibGUge2Rpc3BsYXk6IHRhYmxlfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC1jZWxsIHtkaXNwbGF5OiB0YWJsZS1jZWxsOyB2ZXJ0aWNhbC1hbGlnbjogYm90dG9tOyB0ZXh0LXJlbmRlcmluZzogb3B0aW1pemVMZWdpYmlsaXR5OyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoMCwgMCwgMCk7IC13ZWJraXQtZm9udC1zbW9vdGhpbmc6IGFudGlhbGlhc2VkOyAtbW96LW9zeC1mb250LXNtb290aGluZzogZ3JheXNjYWxlOyB3b3JkLXdyYXA6IGJyZWFrLXdvcmQ7IHdoaXRlLXNwYWNlOiBwcmUtd3JhcDsgb3V0bGluZTogMH1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQtaW1hZ2Uge3Bvc2l0aW9uOiBhYnNvbHV0ZTsgYmFja2dyb3VuZC1zaXplOiAxMDAlIDEwMCU7IGJhY2tncm91bmQtcmVwZWF0OiBuby1yZXBlYXQ7IGJhY2tncm91bmQtcG9zaXRpb246IGNlbnRlciBjZW50ZXJ9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50IHN2ZyB7cG9zaXRpb246IGFic29sdXRlOyB0b3A6IDA7IGxlZnQ6IDA7IHdpZHRoOiAxMDAlOyBoZWlnaHQ6IDEwMCU7IHotaW5kZXg6IDF9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50LmE0YS1zaGFwZS1tdWx0aXBseSB7bWl4LWJsZW5kLW1vZGU6IG11bHRpcGx5OyAtbXMtZmlsdGVyOiBcInByb2dpZDpEWEltYWdlVHJhbnNmb3JtLk1pY3Jvc29mdC5BbHBoYVxcKE9wYWNpdHk9ODBcXClcIn1cbkBtZWRpYSBzY3JlZW4gYW5kICgtbXMtaGlnaC1jb250cmFzdDogYWN0aXZlKSwgKC1tcy1oaWdoLWNvbnRyYXN0OiBub25lKSB7IFtpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQuYTRhLXNoYXBlLW11bHRpcGx5IHtvcGFjaXR5OiAwLjh9IH1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQgYW1wLWltZyB7cG9zaXRpb246IGFic29sdXRlOyB0b3A6IDA7IGxlZnQ6IDB9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50IGFtcC1pbWcuYTRhLWNvdmVyIGltZyB7b2JqZWN0LWZpdDogY292ZXJ9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1kYXJrLWdyYWRpZW50OmFmdGVyIHtjb250ZW50OiBcIlwiOyBwb3NpdGlvbjogYWJzb2x1dGU7IHRvcDogMDsgbGVmdDogMDsgcmlnaHQ6IDA7IGJvdHRvbTogMDsgYmFja2dyb3VuZDogLXdlYmtpdC1saW5lYXItZ3JhZGllbnQodG9wLCByZ2JhKDAsIDAsIDAsIDApIDAlLCByZ2JhKDAsIDAsIDAsIDAuMikgMTAwJSk7IGJhY2tncm91bmQ6IGxpbmVhci1ncmFkaWVudCh0byBib3R0b20sIHJnYmEoMCwgMCwgMCwgMCkgMCUsIHJnYmEoMCwgMCwgMCwgMC4yKSAxMDAlKTsgYm9yZGVyLXJhZGl1czogaW5oZXJpdH1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWxpZ2h0LWdyYWRpZW50OmFmdGVyIHtjb250ZW50OiBcIlwiOyBwb3NpdGlvbjogYWJzb2x1dGU7IHRvcDogMDsgbGVmdDogMDsgcmlnaHQ6IDA7IGJvdHRvbTogMDsgYmFja2dyb3VuZDogLXdlYmtpdC1saW5lYXItZ3JhZGllbnQodG9wLCByZ2JhKDI1NSwgMjU1LCAyNTUsIDApIDAlLCByZ2JhKDI1NSwgMjU1LCAyNTUsIDAuNSkgMTAwJSk7IGJhY2tncm91bmQ6IGxpbmVhci1ncmFkaWVudCh0byBib3R0b20sIHJnYmEoMjU1LCAyNTUsIDI1NSwgMCkgMCUsIHJnYmEoMjU1LCAyNTUsIDI1NSwgMC41KSAxMDAlKTsgYm9yZGVyLXJhZGl1czogaW5oZXJpdH1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWRhcmstYnVsbGV0OmFmdGVyIHtjb250ZW50OiBcIlwiOyBwb3NpdGlvbjogYWJzb2x1dGU7IHRvcDogMDsgbGVmdDogMDsgcmlnaHQ6IDA7IGJvdHRvbTogMDsgYmFja2dyb3VuZDogLXdlYmtpdC1saW5lYXItZ3JhZGllbnQodG9wLCByZ2JhKDAsIDAsIDAsIDApIDAlLCByZ2JhKDAsIDAsIDAsIDApIDUwJSwgcmdiYSgwLCAwLCAwLCAwLjA5KSA1MCUsIHJnYmEoMCwgMCwgMCwgMC4wOSkgMTAwJSk7IGJhY2tncm91bmQ6IGxpbmVhci1ncmFkaWVudCh0byBib3R0b20sIHJnYmEoMCwgMCwgMCwgMCkgMCUsIHJnYmEoMCwgMCwgMCwgMCkgNTAlLCByZ2JhKDAsIDAsIDAsIDAuMDkpIDUwJSwgcmdiYSgwLCAwLCAwLCAwLjA5KSAxMDAlKTsgYm9yZGVyLXJhZGl1czogaW5oZXJpdH1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWxpZ2h0LWJ1bGxldDphZnRlciB7Y29udGVudDogXCJcIjsgcG9zaXRpb246IGFic29sdXRlOyB0b3A6IDA7IGxlZnQ6IDA7IHJpZ2h0OiAwOyBib3R0b206IDA7IGJhY2tncm91bmQ6IC13ZWJraXQtbGluZWFyLWdyYWRpZW50KHRvcCwgcmdiYSgyNTUsIDI1NSwgMjU1LCAwKSAwJSwgcmdiYSgyNTUsIDI1NSwgMjU1LCAwKSA1MCUsIHJnYmEoMjU1LCAyNTUsIDI1NSwgMC4xMikgNTAlLCByZ2JhKDI1NSwgMjU1LCAyNTUsIDAuMTIpIDEwMCUpOyBiYWNrZ3JvdW5kOiBsaW5lYXItZ3JhZGllbnQodG8gYm90dG9tLCByZ2JhKDI1NSwgMjU1LCAyNTUsIDApIDAlLCByZ2JhKDI1NSwgMjU1LCAyNTUsIDApIDUwJSwgcmdiYSgyNTUsIDI1NSwgMjU1LCAwLjEyKSA1MCUsIHJnYmEoMjU1LCAyNTUsIDI1NSwgMC4xMikgMTAwJSk7IGJvcmRlci1yYWRpdXM6IGluaGVyaXR9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYndfeGwyNmhiZm5wIHthbmltYXRpb246IGJ3XzVzZzRyYTlveCAzLjZzIGxpbmVhciAwcyA4IG5vcm1hbCBmb3J3YXJkc31cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1id19tOHhnaW93OXEge2FuaW1hdGlvbjogYndfa292NGdleGRqIDMuNnMgbGluZWFyIDBzIDggbm9ybWFsIGZvcndhcmRzfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWJ3X3Q2b2RrdGZ0aSB7YW5pbWF0aW9uOiBid19rOHVtb21zbjQgMy42cyBsaW5lYXIgMHMgOCBub3JtYWwgZm9yd2FyZHN9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYndfenEzZm00aWE3IHthbmltYXRpb246IGJ3X2EzcDhtejRmeiAzLjZzIGxpbmVhciAwcyA4IG5vcm1hbCBmb3J3YXJkc31cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1id194b2U3Z2c3Y3gge2FuaW1hdGlvbjogYndfOWYzcTJuMmxjIDMuNnMgbGluZWFyIDBzIDggbm9ybWFsIGZvcndhcmRzfVxuI2E0YS1lMCB7d2lkdGg6IDMyOHB4OyBoZWlnaHQ6IDE0OXB4OyB6LWluZGV4OiAyfVxuI2E0YS1lMSB7d2lkdGg6IDIxMXB4OyBoZWlnaHQ6IDg5cHg7IHotaW5kZXg6IDN9XG4jYTRhLWUyIHt3aWR0aDogMjk0cHg7IGhlaWdodDogMTY5cHg7IHotaW5kZXg6IDQ7IGJvcmRlcjogMH1cbiNhNGEtZTMge3dpZHRoOiAxMTRweDsgaGVpZ2h0OiAzM3B4OyB6LWluZGV4OiA0OyBib3JkZXI6IDB9XG4jYTRhLWU0IHt3aWR0aDogMjk0cHg7IGhlaWdodDogMTY5cHg7IHotaW5kZXg6IDV9PC9zdHlsZT48bGluayBjcm9zc29yaWdpbj1hbm9ueW1vdXMgaHJlZj1cImh0dHBzOi8vZm9udHMuZ29vZ2xlYXBpcy5jb20vY3NzP2ZhbWlseT1Ob3RvK1NhbnM6MTAwLDEwMGksMjAwLDIwMGksMzAwLDMwMGksNDAwLDQwMGksNTAwLDUwMGksNjAwLDYwMGksNzAwLDcwMGksODAwLDgwMGksOTAwLDkwMGlcIiByZWw9c3R5bGVzaGVldCB0eXBlPXRleHQvY3NzPjxzdHlsZSBhbXA0YWRzLWJvaWxlcnBsYXRlPmJvZHl7dmlzaWJpbGl0eTpoaWRkZW59PC9zdHlsZT48L2hlYWQ%2BPGJvZHk%2BPGRpdiBhcmlhLWhpZGRlbj10cnVlIGNsYXNzPVwiYWJnYyBhYmdmIHBlblwiIGRpcj1sdHIgaWQ9YWJnYz48ZGl2IGNsYXNzPVwiYWJnY3AgcGVhXCIgaWQ9YWJnY3A%2BPGRpdiBjbGFzcz1hYmdzIGlkPWFiZ3M%2BPGEgY2xhc3M9YWJnbCBocmVmPVwiaHR0cHM6Ly9hZHNzZXR0aW5ncy5nb29nbGUuY29tL3doeXRoaXNhZD9zb3VyY2U9ZGlzcGxheSZhbXA7cmVhc29ucz1BV3lqYkI3YmJlZllpR1NmdWctMU9jWlFtYkFaVnlOOHBlVWpNczloYmtwdzYxZU9JaUFaVEo1d3ZBS3liNXl6Z05MSnRKMnJma2lrdWl1TkhiZE1HRlRpMGJIVmV6SHBMdXNfNzFMYlJzVDA0cFIwWVFxd3BraVdGVU9yM19jZDF6ZWs0ZlZfRnU1R3ZUc3Q1UmFLREJ1akw5NDNMbm5MYVVPOFJqLWtCOTNiU2pidnMzSG4tX0c3Z1FFbGZlanhNOFVBdzNnelRzc1BTT1lFV1g1NjNVakhHclgxQnJ2cy1wMkc3M21fX0MzSGVxbzNpSGVWdjQ5VG5LVlFRX2xLOTJ4SGdQMkkxanZZMGtGWWhoY3NDclU1bUxIQ1NQenpQMDVjQ2hWd1ZyTTVKc1gyWUJ4Nm5TTXlYWE15NDBiTXdGc2h5SjAwdnZDaWxvUUJlbjc3a3ZIUVdsSGR0TVFSNThoemtmbXdWbzlDanZpeFpaR3B1VEY3NThEYzBoVGVxMklYU0s3dV9KMzlfX01VX0kzQy1RT2hIM2RGUU5DN0kwbnV4eEpab09IVVNqRVJqLXR0VUttVEFJVjVpWDVlQmJwODFXT3hiZXdNX1MtaXFZNng1Y0x4enY1U0ZsbEhYLTdjQndDVEpBVExJcDJlLVhoSmNmZkktYy1wSUNBYW5UTUNCaDl1U1FDUFNBLVFrQmFaUUNicnMzak41ZHpBLW1NdlBoalRNOW9mWWZ5bTZ2bGVGVnktZlV6bnQwVVZQTmFLQ1ZuVi1LaC1KY2FWdGRVVHpGdGsxcWtDdmN2MmV0TVFQTHFNNXlqemVPZkl3U1VqY0ZNS0s5RnBZb0FaZ2x5eHNGT051bEJZNGpyTTdlS2UyRWoyNnJzblJlcHFtb0tLRlFYR2NXU3h3ejNLdVFjZmhUZDVUckJYQnBMMHJ0eHdLUS1EOGRIbVYzTTRpQXowQkR0aXlkSkZ5SUV0UWRhbTlLanZEZjM0LTUtcDdLdnhTeGpBNkpNQ3RhSDIwblpsT0l3TEF0cmVaMTdVcmU2WEpfZ19wcXFZanlLZE1YRkZrOWt2MVpjTVN5MDJDNU1Pd3BDMFpQdHg4MDlZNG5hY3huTXJGWG5yYW0wZXpsWm9Mc0VLbnJGb3FXMlo5R1hCNUdQNGFnZUtiZ20zRE15aS05YjdLLTQyNkEwUXcyWUdnRGdjMkpKWklXaTNyWTN5Q1ZzQ3VMZHRhWTZyc2d6V3V5WG1wb0h3OEtKQUlMSV81Q205Z2toRndLQzc1V2k3cDlmRTFUMUFyMjVlOXVJeFhSVDJWeVR1Vy1IQzQ0OG9aWjlXTWtnYzFIckJaQXliNm9vS0hmVkIyM0lmcmwtYXV3N3BrUG1YbUJrSXVmSkdIOUVHSW9UcVZObXZQOF9leU9kX3gzMEtBRTVTSnZud2JzSFdYM0lKQ2U4UVdVNFVXT1ZrbDc0Nnl4dzl2Q01rSjdXMWJRVWVPdEc3czAyMW5Cc2tQeEdJc0tKODBnX2Jja3RlemQyZnE1VHZOVWwwa3hpd2p5QzFpTGprU0FpNkpneWQ2Nzkwa3ZkczFQQUVTcXdnM3dVSW15X2VCa0RMNGxSZ2pfSHBCMWJQRjg2UngyQU1xOTRiM3ljOU04ZFd6Ny1rbkhobm9WMkYxUWprNHJEYXRrMll2RGpPVUdwMG53SkRJTF9EaHhDdUxxWktMXzFmNklCQzRhdXdFd2Q0YVZpdXI1NFgwV2ROZmRFa2xOUVRYdEVNUkdhejBrR2FpcVFvaDNZcFRweTg3M1pIdG1Tbk1fcHJucE9kTDVyb1hyblMxZU8zaFNNMXBFZ3RzTDA5UzJGNW1IbUVLUTlYUlZVeUx0Z1pzSHI3ckFjZVdFQzFWZ2tXMUtQUFRSYTBnSEppb0ROTFVqUEM0MkFoNkNiT0VPWnc4VWVxVnotaVowR0pZbkdRYkRCZVNNSVRGcWZJYzNia0QzaXBYREkxdjduV25QTEc4YlRmOWs3dWQ0blR0TXR5TjlvbmUzTFlyVHUtQnJ5OHVSWngwdGxvYlR0Nk5iTkM1emlmYnVjY0pic2FVZlJPeko3Q3BXdlVub2xDclJpaDVXcGR0RmUtbEhSU0ZQYV8xSjdMNHR4ZXNhMldpSDJ3aXhDdV9OSGMyYnVjdWstNzBtME9qbmthejl6d3BnOTFlY3lHVmI3RVlQNFJVYmVOVkRvUlVrN3FfcXJxZGFuZDB5V2pDamZCdHdUMkdUT2JkN0VacXd1SUVmRWxNWk10cVdvUWFvYmtTblFPa3l4dmRLbWZ6MXNTa2FGRXBfcXVaZjVKS0NydnVwX0tKR1pHUVphTkJKSkpBeXo0dGNTYVBKVzdfNnpBYThXcGVpU0s5MDNUWEc0U3RBWEd0SWxFRFFkdnF5MGhTYUE1U3FWSGROcVZHRG90NlpF&i=5-12&t=adltag_lpih9czz_W9obowm8wS&r=539d526d4c7c66f8610298b3ad7676f&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24009
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
bhUnadGZYq5mByE3kOSb9fELwWydM5rvfbNvbl3XKKBq8F12N9Zhmg==
tag
setupad-hai-tagan.adlightning.com/ 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=aGxpUWo2YWZmMXJaMGpQN3NBVnhKc2g2cWszc2J2RTk3OWQwb3p5RzRGYXBuQ3p4cUM4QnN1OUlhcl9Nb29ZamFPOVVadjRzbGQ1TjFObkdoMzVoTW9PTUZBU1R1TUNDSjZsdGxiTXBzaVM1RDZqeXJMRDBxbFFMMXVLVmdTc0p0U1FDZ1BuaHhkUkJMMElZNXlYdzA4cEw1Y2FpOHc5V3g5UWJlQ3JBRUo4LU9Ya3V3OVNmLUxfNmk1MzI3SS1ucHBZdGhwZ3ViQS05Vmh4dU84RzdmZUJmNGxpUlotRGxHYzVwMjNPdW12MUx6Z0hwOVk3U1NXcFdrODVjdVpORG5GR0xQY3NKcGJTT3pjdFlnNjJucWRKZjF1bEFDd2JRNVZ1Y3dfLWJGc0RaV3ZmTk96cDNEZi1UY1Viel9YV2lZNWtDb3NITnhyMFYwbGtJYTlxUzlcIiBpZD1hYmdsIHRhcmdldD1fYmxhbms%2BPGFtcC1pbWcgY2xhc3M9XCJpLWFtcGh0bWwtbGF5b3V0LWZpeGVkIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkXCIgaGVpZ2h0PTE1IGktYW1waHRtbC1sYXlvdXQ9Zml4ZWQgaS1hbXBodG1sLXNzciBzcmM9aHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9pbWFnZXMvYWRjaG9pY2VzL2VuLnBuZyBzdHlsZT13aWR0aDo3NXB4O2hlaWdodDoxNXB4OyB3aWR0aD03NT48aW1nIGNsYXNzPVwiaS1hbXBodG1sLWZpbGwtY29udGVudCBpLWFtcGh0bWwtcmVwbGFjZWQtY29udGVudFwiIGRlY29kaW5nPWFzeW5jIHNyYz1odHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2ltYWdlcy9hZGNob2ljZXMvZW4ucG5nPjwvYW1wLWltZz48L2E%2BPC9kaXY%2BPGRpdiBjbGFzcz1hYmdiIGlkPWFiZ2I%2BPGEgaHJlZj1cImh0dHBzOi8vYWRzc2V0dGluZ3MuZ29vZ2xlLmNvbS93aHl0aGlzYWQ%2Fc291cmNlPWRpc3BsYXkmYW1wO3JlYXNvbnM9QVd5amJCN2JiZWZZaUdTZnVnLTFPY1pRbWJBWlZ5TjhwZVVqTXM5aGJrcHc2MWVPSWlBWlRKNXd2QUt5YjV5emdOTEp0SjJyZmtpa3VpdU5IYmRNR0ZUaTBiSFZlekhwTHVzXzcxTGJSc1QwNHBSMFlRcXdwa2lXRlVPcjNfY2QxemVrNGZWX0Z1NUd2VHN0NVJhS0RCdWpMOTQzTG5uTGFVTzhSai1rQjkzYlNqYnZzM0huLV9HN2dRRWxmZWp4TThVQXczZ3pUc3NQU09ZRVdYNTYzVWpIR3JYMUJydnMtcDJHNzNtX19DM0hlcW8zaUhlVnY0OVRuS1ZRUV9sSzkyeEhnUDJJMWp2WTBrRlloaGNzQ3JVNW1MSENTUHp6UDA1Y0NoVndWck01SnNYMllCeDZuU015WFhNeTQwYk13RnNoeUowMHZ2Q2lsb1FCZW43N2t2SFFXbEhkdE1RUjU4aHprZm13Vm85Q2p2aXhaWkdwdVRGNzU4RGMwaFRlcTJJWFNLN3VfSjM5X19NVV9JM0MtUU9oSDNkRlFOQzdJMG51eHhKWm9PSFVTakVSai10dFVLbVRBSVY1aVg1ZUJicDgxV094YmV3TV9TLWlxWTZ4NWNMeHp2NVNGbGxIWC03Y0J3Q1RKQVRMSXAyZS1YaEpjZmZJLWMtcElDQWFuVE1DQmg5dVNRQ1BTQS1Ra0JhWlFDYnJzM2pONWR6QS1tTXZQaGpUTTlvZllmeW02dmxlRlZ5LWZVem50MFVWUE5hS0NWblYtS2gtSmNhVnRkVVR6RnRrMXFrQ3ZjdjJldE1RUExxTTV5anplT2ZJd1NVamNGTUtLOUZwWW9BWmdseXhzRk9OdWxCWTRqck03ZUtlMkVqMjZyc25SZXBxbW9LS0ZRWEdjV1N4d3ozS3VRY2ZoVGQ1VHJCWEJwTDBydHh3S1EtRDhkSG1WM000aUF6MEJEdGl5ZEpGeUlFdFFkYW05S2p2RGYzNC01LXA3S3Z4U3hqQTZKTUN0YUgyMG5abE9Jd0xBdHJlWjE3VXJlNlhKX2dfcHFxWWp5S2RNWEZGazlrdjFaY01TeTAyQzVNT3dwQzBaUHR4ODA5WTRuYWN4bk1yRlhucmFtMGV6bFpvTHNFS25yRm9xVzJaOUdYQjVHUDRhZ2VLYmdtM0RNeWktOWI3Sy00MjZBMFF3MllHZ0RnYzJKSlpJV2kzclkzeUNWc0N1TGR0YVk2cnNneld1eVhtcG9IdzhLSkFJTElfNUNtOWdraEZ3S0M3NVdpN3A5ZkUxVDFBcjI1ZTl1SXhYUlQyVnlUdVctSEM0NDhvWlo5V01rZ2MxSHJCWkF5YjZvb0tIZlZCMjNJZnJsLWF1dzdwa1BtWG1Ca0l1ZkpHSDlFR0lvVHFWTm12UDhfZXlPZF94MzBLQUU1U0p2bndic0hXWDNJSkNlOFFXVTRVV09Wa2w3NDZ5eHc5dkNNa0o3VzFiUVVlT3RHN3MwMjFuQnNrUHhHSXNLSjgwZ19iY2t0ZXpkMmZxNVR2TlVsMGt4aXdqeUMxaUxqa1NBaTZKZ3lkNjc5MGt2ZHMxUEFFU3F3ZzN3VUlteV9lQmtETDRsUmdqX0hwQjFiUEY4NlJ4MkFNcTk0YjN5YzlNOGRXejcta25IaG5vVjJGMVFqazRyRGF0azJZdkRqT1VHcDBud0pESUxfRGh4Q3VMcVpLTF8xZjZJQkM0YXV3RXdkNGFWaXVyNTRYMFdkTmZkRWtsTlFUWHRFTVJHYXowa0dhaXFRb2gzWXBUcHk4NzNaSHRtU25NX3BybnBPZEw1cm9Ycm5TMWVPM2hTTTFwRWd0c0wwOVMyRjVtSG1FS1E5WFJWVXlMdGdac0hyN3JBY2VXRUMxVmdrVzFLUFBUUmEwZ0hKaW9ETkxValBDNDJBaDZDYk9FT1p3OFVlcVZ6LWlaMEdKWW5HUWJEQmVTTUlURnFmSWMzYmtEM2lwWERJMXY3blduUExHOGJUZjlrN3VkNG5UdE10eU45b25lM0xZclR1LUJyeTh1Ulp4MHRsb2JUdDZOYk5DNXppZmJ1Y2NKYnNhVWZST3pKN0NwV3ZVbm9sQ3JSaWg1V3BkdEZlLWxIUlNGUGFfMUo3TDR0eGVzYTJXaUgyd2l4Q3VfTkhjMmJ1Y3VrLTcwbTBPam5rYXo5endwZzkxZWN5R1ZiN0VZUDRSVWJlTlZEb1JVazdxX3FycWRhbmQweVdqQ2pmQnR3VDJHVE9iZDdFWnF3dUlFZkVsTVpNdHFXb1Fhb2JrU25RT2t5eHZkS21mejFzU2thRkVwX3F1WmY1SktDcnZ1cF9LSkdaR1FaYU5CSkpKQXl6NHRjU2FQSlc3XzZ6QWE4V3BlaVNLOTAzVFhHNFN0QVhHdElsRURRZHZxeTBoU2FBNVNxVkhkTnFWR0RvdDZaRWhsaVFqNmFmZjFyWjBqUDdzQVZ4SnNoNnFrM3NidkU5NzlkMG96eUc0RmFwbkN6eHFDOEJzdTlJYXJfTW9vWWphTzlVWnY0c2xkNU4xTm5HaDM1aE1vT01GQVNUdU1DQ0o2bHRsYk1wc2lTNUQ2anlyTEQwcWxRTDF1S1ZnU3NKdFNRQ2dQbmh4ZFJCTDBJWTV5WHcwOHBMNWNhaTh3OVd4OVFiZUNyQUVKOC1PWGt1dzlTZi1MXzZpNTMyN0ktbnBwWXRocGd1YkEtOVZoeHVPOEc3ZmVCZjRsaVJaLURsR2M1cDIzT3VtdjFMemdIcDlZN1NTV3BXazg1Y3VaTkRuRkdMUGNzSnBiU096Y3RZZzYybnFkSmYxdWxBQ3diUTVWdWN3Xy1iRnNEWld2Zk5PenAzRGYtVGNVYnpfWFdpWTVrQ29zSE54cjBWMGxrSWE5cVM5XCIgdGFyZ2V0PV9ibGFuaz48YW1wLWltZyBjbGFzcz1cImktYW1waHRtbC1sYXlvdXQtZml4ZWQgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWRcIiBoZWlnaHQ9MTUgaS1hbXBodG1sLWxheW91dD1maXhlZCBpLWFtcGh0bWwtc3NyIHNyYz1odHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2ltYWdlcy9hZGNob2ljZXMvaWNvbi5wbmcgc3R5bGU9d2lkdGg6MTVweDtoZWlnaHQ6MTVweDsgd2lkdGg9MTU%2BPGltZyBjbGFzcz1cImktYW1waHRtbC1maWxsLWNvbnRlbnQgaS1hbXBodG1sLXJlcGxhY2VkLWNvbnRlbnRcIiBkZWNvZGluZz1hc3luYyBzcmM9aHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9pbWFnZXMvYWRjaG9pY2VzL2ljb24ucG5nPjwvYW1wLWltZz48L2E%2BPC9kaXY%2BPC9kaXY%2BPGFtcC1hbmFseXRpY3MgY2xhc3M9XCJpLWFtcGh0bWwtbGF5b3V0LWZpeGVkIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkXCIgaS1hbXBodG1sLWxheW91dD1maXhlZCBzdHlsZT13aWR0aDoxcHg7aGVpZ2h0OjFweDsgdHJpZ2dlcj1pbW1lZGlhdGU%2BPHNjcmlwdCB0eXBlPWFwcGxpY2F0aW9uL2pzb24%2Be1wicmVxdWVzdHNcIjoge1wicmVwb3J0Tm9MYWJlbEluc3RhbmNlXCI6IFwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2ludGVyYWN0aW9uLz9haT1DM3YyU2dBTm1aY2pGT3MtSHFNd1BfUG1pNEFUNWdNYWJkSUQxcExhcEVxWGVpNlNTRGhBQklQMnY3aWRnX2FDWmdlZ0RvQUd2bGYtYktzZ0JDYWtDMU1LanN2SmVzajdnQWdDb0F3SElBd2lxQk1RQ1Q5RDNablNnLXlJYmEtZDdLRnh6Zm5vN2NQd0g3Tk5sUHp0MHhzM0I2c2lGcThyYlN2dzI5c1doMjlEVTROX0tJUnEzSTc0czN4SmlJN055QmJfd3dkS3RTSUtuRzZkRllhVVhGTG14YXZmMW1tampoWWEzVmxQaVRXbVAtWGtZZ3hKeE9JU2VUU3czak1kY3dRVG9fT0JybXgxS1owRWNXWlEta29BZHlCSXlGSWR4SUhhcDVxc0stLWdIaXU1TkFUNVVLZWVXM3ktVjk5aS1iTkFrZlJST05tbXZna2VIU1Vxbm5MeDhOUTYzWlJYRTlxZHlPUDUyZnNxRFBGVUpGVWR2WWM4WFF5ZG1abmlBUVpxZy1JdEVpYmpDUXdQUUt1dGtZelNPYkVGZWZtaEppQ1laS09kWXZ5dkMtanRqUkd1TlA1S0ZHQThhanAweDhBa0h6OGJQcVNsaVpPSGx6Nk1RVWE0U3Buajc5RlJWT3pCdXFNRXlBVWpuLWJwc3BRVWp2OU5kZ0J5dTFWMjkyX1pEeHVwMmtsZzdoUEhsSHBMeHpZTjFJcEdNUUNiWndBUzQ5SWVneFFUZ0JBR0lCZkRwMUt0Tm9BWXVnQWV2emNfN0JLZ0gyYmF4QXFnSGpzNGJxQWVUMkJ1b0ItNldzUUtvQl82ZXNRS29COVhKRzZnSHByNGJxQWVhQnFnSDg5RWJxQWVXMkJ1b0I2cWJzUUtvQjRPdHNRS29CXy1lc1FLb0I5LWZzUUtvQjhxcHNRS29CLXVsc1FMWUJ3RFNDQlFJZ0dFUUFSZ2RNZ0tLQWpvQ2dFQkl2ZjNCT3JFSkF5d2dRRmhoY19LQUNnR1lDd0hJQ3dHQURBR2lEQmdxRmdvVTVMU3hBdTYxc1FLMXVMRUM1TFN4QXU2MXNRTGFEQkFLQ2hDQTJZS0UyWjM5elJFU0FnRURxZzBDUTBISURRSGlEUk1JLTdUVTFfM21nZ01WendPS0F4Mzh2QWhNMkJNTTBCVUJtQllCLUJZQmdCY0Imc2lnaD1iZXFMUmRrV0dyUSZjaWQ9Q0FRU1R3RElDYWFOTTNXc3dXTk1paHVsczZKclRpNjExb1FrX0NnV1ZrRnlTOTdTR3hDOHRqTXJKWm9jVHRWVkFNYllvM1M3VzV4VENHRkNXVm5BallRYWpDaC1jd2RWZHBhSS1kX2FpNlNOalBZJmNpZD1DQVFTVHdESUNhYU5NM1dzd1dOTWlodWxzNkpyVGk2MTFvUWtfQ2dXVmtGeVM5N1NHeEM4dGpNckpab2NUdFZWQU1iWW8zUzdXNXhUQ0dGQ1dWbkFqWVFhakNoLWN3ZFZkcGFJLWRfYWk2U05qUFkmbGFiZWw9JHtsYWJlbH1cIixcInJlcG9ydExhYmVsSW5zdGFuY2VcIjogXCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvaW50ZXJhY3Rpb24vP2FpPUMzdjJTZ0FObVpjakZPcy1IcU13UF9QbWk0QVQ1Z01hYmRJRDFwTGFwRXFYZWk2U1NEaEFCSVAydjdpZGdfYUNaZ2VnRG9BR3ZsZi1iS3NnQkNha0MxTUtqc3ZKZXNqN2dBZ0NvQXdISUF3aXFCTVFDVDlEM1puU2cteUliYS1kN0tGeHpmbm83Y1B3SDdOTmxQenQweHMzQjZzaUZxOHJiU3Z3MjlzV2gyOURVNE5fS0lScTNJNzRzM3hKaUk3TnlCYl93d2RLdFNJS25HNmRGWWFVWEZMbXhhdmYxbW1qamhZYTNWbFBpVFdtUC1Ya1lneEp4T0lTZVRTdzNqTWRjd1FUb19PQnJteDFLWjBFY1daUS1rb0FkeUJJeUZJZHhJSGFwNXFzSy0tZ0hpdTVOQVQ1VUtlZVczeS1WOTlpLWJOQWtmUlJPTm1tdmdrZUhTVXFubkx4OE5RNjNaUlhFOXFkeU9QNTJmc3FEUEZVSkZVZHZZYzhYUXlkbVpuaUFRWnFnLUl0RWliakNRd1BRS3V0a1l6U09iRUZlZm1oSmlDWVpLT2RZdnl2Qy1qdGpSR3VOUDVLRkdBOGFqcDB4OEFrSHo4YlBxU2xpWk9IbHo2TVFVYTRTcG5qNzlGUlZPekJ1cU1FeUFVam4tYnBzcFFVanY5TmRnQnl1MVYyOTJfWkR4dXAya2xnN2hQSGxIcEx4ellOMUlwR01RQ2Jad0FTNDlJZWd4UVRnQkFHSUJmRHAxS3ROb0FZdWdBZXZ6Y183QktnSDJiYXhBcWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29CNE90c1FLb0JfLWVzUUtvQjktZnNRS29COHFwc1FLb0ItdWxzUUxZQndEU0NCUUlnR0VRQVJnZE1nS0tBam9DZ0VCSXZmM0JPckVKQXl3Z1FGaGhjX0tBQ2dHWUN3SElDd0dBREFHaURCZ3FGZ29VNUxTeEF1NjFzUUsxdUxFQzVMU3hBdTYxc1FMYURCQUtDaENBMllLRTJaMzl6UkVTQWdFRHFnMENRMEhJRFFIaURSTUktN1RVMV8zbWdnTVZ6d09LQXgzOHZBaE0yQk1NMEJVQm1CWUItQllCZ0JjQiZzaWdoPWJlcUxSZGtXR3JRJmNpZD1DQVFTVHdESUNhYU5NM1dzd1dOTWlodWxzNkpyVGk2MTFvUWtfQ2dXVmtGeVM5N1NHeEM4dGpNckpab2NUdFZWQU1iWW8zUzdXNXhUQ0dGQ1dWbkFqWVFhakNoLWN3ZFZkcG&i=6-12&t=adltag_lpih9czz_W9obowm8wS&r=539d526d4c7c66f8610298b3ad7676f&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24009
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
olHoPHNcUM0FIEjE6sGtZFvF4-hJ8XkkPo0fElDAJ_pWraWN4nYpRg==
tag
setupad-hai-tagan.adlightning.com/ 		0
419 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=FJLWRfYWk2U05qUFkmY2lkPUNBUVNUd0RJQ2FhTk0zV3N3V05NaWh1bHM2SnJUaTYxMW9Ra19DZ1dWa0Z5Uzk3U0d4Qzh0ak1ySlpvY1R0VlZBTWJZbzNTN1c1eFRDR0ZDV1ZuQWpZUWFqQ2gtY3dkVmRwYUktZF9haTZTTmpQWSZsYWJlbD0ke2xhYmVsfSZsYWJlbF9pbnN0YW5jZT0ke2xhYmVsSW5zdGFuY2V9JmNidD1jbkJFaHNTUFl6WUlnUFdrdHFrU0VQRHAxS3ROR1B5MTZLd0ZJZ3hrYVdkaGJtVjRZUzVqYjIweUNBZ0ZFeGlRemkwVVFoZGpZUzF3ZFdJdE16azNNREkzTnpVek5UVXlPRFl4TTBnU1dDNWdvd053QVhvRkNBUVNBUWNcIn0sXCJ0cmFuc3BvcnRcIjoge1wiYmVhY29uXCI6IGZhbHNlLFwieGhycG9zdFwiOiBmYWxzZSxcImltYWdlXCI6IHRydWV9LFwidHJpZ2dlcnNcIjoge1widHJhY2tNdXRlXCI6IHtcIm9uXCI6IFwiY2xpY2tcIixcInNlbGVjdG9yXCI6IFwibGFiZWxbZm9yPSdzcHIxJ11cIixcInJlcXVlc3RcIjogXCJyZXBvcnROb0xhYmVsSW5zdGFuY2VcIn0sXCJ0cmFja1JlcG9ydEFkXCI6IHtcIm9uXCI6IFwiY2xpY2tcIixcInNlbGVjdG9yXCI6IFwibGFiZWxbZm9yPSdzcHIyJ11cIixcInJlcXVlc3RcIjogXCJyZXBvcnRMYWJlbEluc3RhbmNlXCJ9LFwidHJhY2tTdXJ2ZXlSZXNwb25zZVwiOiB7XCJvblwiOiBcImNsaWNrXCIsXCJzZWxlY3RvclwiOiBcImxhYmVsW2Zvcj0nc3ByMyddXCIsXCJyZXF1ZXN0XCI6IFwicmVwb3J0TGFiZWxJbnN0YW5jZVwifSxcInRyYWNrV2h5VGhpc0FkXCI6IHtcIm9uXCI6IFwiY2xpY2tcIixcInNlbGVjdG9yXCI6IFwiI3NidG5cIixcInJlcXVlc3RcIjogXCJyZXBvcnRMYWJlbEluc3RhbmNlXCJ9LFwicGVyc29uYWxpemF0aW9uT2ZmXCI6IHtcIm9uXCI6IFwiY2xpY2tcIixcInNlbGVjdG9yXCI6IFwiI3BlcnNvbmFsaXplLWNoZWNrYm94OmNoZWNrZWRcIixcInBhcmVudFBvc3RNZXNzYWdlXCI6IFwie1xcXCJnb29nTXNnVHlwZVxcXCI6XFxcImdwaS11b29cXFwiLFxcXCJ1c2VyT3B0T3V0XFxcIjp0cnVlfVxcblwifSxcInBlcnNvbmFsaXphdGlvbk9uXCI6IHtcIm9uXCI6IFwiY2xpY2tcIixcInNlbGVjdG9yXCI6IFwiI3BlcnNvbmFsaXplLWNoZWNrYm94Om5vdCg6Y2hlY2tlZClcIixcInBhcmVudFBvc3RNZXNzYWdlXCI6IFwie1xcXCJnb29nTXNnVHlwZVxcXCI6XFxcImdwaS11b29cXFwiLFxcXCJ1c2VyT3B0T3V0XFxcIjpmYWxzZX1cXG5cIn19fTwvc2NyaXB0PjwvYW1wLWFuYWx5dGljcz48Zm9ybSBhY3Rpb249Ly9nLmNvIGNsYXNzPVwic2ggc3MganQgYW1wLWFuaW1hdGUgYWJnZiBwZW5cIiBpZD1tdGEgc3R5bGU9cG9zaXRpb246YWJzb2x1dGU7dG9wOjA7Zm9udC1mYW1pbHk6QXJpYWwsc2Fucy1zZXJpZjtmb250LXNpemU6MTJweDtmb250LXdlaWdodDo0MDA7bGluZS1oZWlnaHQ6MWVtIHRhcmdldD1fYmxhbms%2BPGlucHV0IGlkPXNwcjAgbmFtZT1hIHR5cGU9cmFkaW8%2BPGlucHV0IGlkPXNwcjEgbmFtZT1hIHR5cGU9cmFkaW8%2BPGlucHV0IGlkPXNwcjIgbmFtZT1hIHR5cGU9cmFkaW8%2BPGlucHV0IGlkPXNwcjMgbmFtZT1hIHR5cGU9cmFkaW8%2BPGlucHV0IGlkPXNwcjUgbmFtZT1hIHR5cGU9cmFkaW8%2BPGxhYmVsIGNsYXNzPVwiY2JiIHBlYVwiIGRhdGEtdmFycy1sYWJlbD11c2VyX2ZlZWRiYWNrX21lbnVfaW50ZXJhY3Rpb24gZm9yPXNwcjEgaWQ9Y2JiPjxzdmcgc3R5bGU9d2lkdGg6MTVweDtoZWlnaHQ6MTVweDt2ZXJ0aWNhbC1hbGlnbjp0b3AgeG1sbnM9Ly93d3cudzMub3JnLzIwMDAvc3ZnPjxwYXRoIGQ9TTAsMGwxNSwwbDAsMTVsLTE1LDBaIGZpbGw9I2NkY2NjYz48L3BhdGg%2BPHBhdGggZD1NMy4yNSwzLjI1bDguNSw4LjVNMTEuNzUsMy4yNWwtOC41LDguNSBzdHJva2U9IzAwYWVjZCBzdHJva2Utd2lkdGg9MS4yNT48L3BhdGg%2BPC9zdmc%2BPC9sYWJlbD48ZGl2IGNsYXNzPVwicG4gYWJnZlwiIGlkPXNwdjEgc3R5bGU9cG9zaXRpb246YWJzb2x1dGU7LW1vei1ib3gtc2l6aW5nOmJvcmRlci1ib3g7LXdlYmtpdC1ib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym94LXNpemluZzpib3JkZXItYm94O2JhY2tncm91bmQtY29sb3I6I2ZhZmFmYTt0ZXh0LWFsaWduOmNlbnRlcj48YW1wLWZpdC10ZXh0IGNsYXNzPVwiZmwgaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkXCIgaGVpZ2h0PTI1MCBpLWFtcGh0bWwtbGF5b3V0PXJlc3BvbnNpdmUgbGF5b3V0PXJlc3BvbnNpdmUgbWF4LWZvbnQtc2l6ZT0yMCBtaW4tZm9udC1zaXplPTggd2lkdGg9OTcwPjxpLWFtcGh0bWwtc2l6ZXIgc2xvdD1pLWFtcGh0bWwtc3ZjIHN0eWxlPWRpc3BsYXk6YmxvY2s7cGFkZGluZy10b3A6MjUuNzczMiU7PjwvaS1hbXBodG1sLXNpemVyPjxkaXYgY2xhc3M9Y2xvc2UgaWQ9bWVudS1kaXNtaXNzIHN0eWxlPXBvc2l0aW9uOmFic29sdXRlO3RvcDoycHg7Y29sb3I6IzAwMDtmb250LXNpemU6MTVweDtsaW5lLWhlaWdodDoxNXB4O29wYWNpdHk6LjU7aGVpZ2h0OjE1cHg7d2lkdGg6MTVweDt1c2VyLXNlbGVjdDpub25lO2N1cnNvcjpwb2ludGVyPjxsYWJlbCBmb3I9c3ByMD48c3ZnIHZpZXdib3g9XCIwIDAgMjQgMjRcIj48cGF0aCBjbGFzcz1uYXRpdmUtYXJyb3cgZD1cIk0yMCAxMUg3LjgzbDUuNTktNS41OUwxMiA0bC04IDggOCA4IDEuNDEtMS40MUw3LjgzIDEzSDIwdi0yelwiPjwvcGF0aD48L3N2Zz48L2xhYmVsPjwvZGl2PjxkaXYgaWQ9dGk%2BPHNwYW4gY2xhc3M9Y3Qgc3R5bGU9ZGlzcGxheTppbmxpbmUtYmxvY2s7bGluZS1oZWlnaHQ6MS4yOGVtO2NvbG9yOnJnYmEoMCwwLDAsLjQpO3RleHQtYWxpZ246Y2VudGVyO3BhZGRpbmc6LjNlbT5BZCBzZXJ2ZWQgYnkgPHN2ZyBmaWxsPSMwMDAwMDAgdmlld2JveD1cIjAgMCA2MCAyNFwiIHhtbG5zPWh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnPjxwYXRoIGQ9XCJNNy41IDE2LjI5Yy00LjA3IDAtNy40OS0zLjMxLTcuNDktNy4zOFMzLjQzIDEuNTMgNy41IDEuNTNjMi4yNSAwIDMuODUuODggNS4wNiAyLjAzbC0xLjQyIDEuNDJjLS44Ny0uODEtMi4wNC0xLjQ0LTMuNjQtMS40NC0yLjk3IDAtNS4yOSAyLjQtNS4yOSA1LjM3czIuMzIgNS4zNyA1LjI5IDUuMzdjMS45MyAwIDMuMDMtLjc3IDMuNzMtMS40OC41OC0uNTguOTUtMS40IDEuMS0yLjU0SDcuNVY4LjI0aDYuNzljLjA3LjM2LjExLjc5LjExIDEuMjYgMCAxLjUxLS40MSAzLjM5LTEuNzUgNC43Mi0xLjMgMS4zNS0yLjk1IDIuMDctNS4xNSAyLjA3em0xNy43NS00Ljc2YzAgMi43NC0yLjEzIDQuNzUtNC43NSA0Ljc1cy00Ljc1LTIuMDItNC43NS00Ljc1YzAtMi43NSAyLjEzLTQuNzUgNC43NS00Ljc1czQuNzUgMiA0Ljc1IDQuNzV6bS0yLjA4IDBjMC0xLjcxLTEuMjQtMi44OC0yLjY3LTIuODhzLTIuNjcgMS4xNy0yLjY3IDIuODhjMCAxLjY5IDEuMjQgMi44OCAyLjY3IDIuODhzMi42Ny0xLjE4IDIuNjctMi44OHptMTMuMDggMGMwIDIuNzQtMi4xMyA0Ljc1LTQuNzUgNC43NXMtNC43NS0yLjAyLTQuNzUtNC43NWMwLTIuNzUgMi4xMy00Ljc1IDQuNzUtNC43NXM0Ljc1IDIgNC43NSA0Ljc1em0tMi4wOCAwYzAtMS43MS0xLjI0LTIuODgtMi42Ny0yLjg4cy0yLjY3IDEuMTctMi42NyAyLjg4YzAgMS42OSAxLjI0IDIuODggMi42NyAyLjg4czIuNjctMS4xOCAyLjY3LTIuODh6bTEyLjU4LTQuNDZ2OC41M2MwIDMuNTEtMi4wNyA0Ljk1LTQuNTIgNC45NS0yLjMgMC0zLjY5LTEuNTUtNC4yMS0yLjgxbDEuODItLjc2Yy4zMi43NyAxLjEyIDEuNjkgMi4zOSAxLjY5IDEuNTcgMCAyLjU0LS45NyAyLjU0LTIuNzl2LS42OGgtLjA3Yy0uNDcuNTgtMS4zNyAxLjA4LTIuNSAxLjA4LTIuMzggMC00LjU2LTIuMDctNC41Ni00Ljc0IDAtMi42OCAyLjE4LTQuNzcgNC41Ni00Ljc3IDEuMTMgMCAyLjAzLjUgMi41IDEuMDZoLjA3di0uNzZoMS45OHptLTEuODQgNC40OGMwLTEuNjctMS4xMi0yLjktMi41NC0yLjktMS40NCAwLTIuNjUgMS4yMi0yLjY1IDIuOSAwIDEuNjYgMS4yMSAyLjg2IDIuNjUgMi44NiAxLjQzLjAxIDIuNTQtMS4yIDIuNTQtMi44NnptNS44OS05LjUyVjE2aC0yLjA5VjIuMDNoMi4wOXptOC40OSAxMS4wN2wxLjYyIDEuMDhjLS41Mi43Ny0xLjc4IDIuMTEtMy45NiAyLjExLTIuNyAwLTQuNzItMi4wOS00LjcyLTQuNzUgMC0yLjgzIDIuMDMtNC43NSA0LjQ4LTQuNzUgMi40NyAwIDMuNjcgMS45NiA0LjA3IDMuMDJsLjIyLjU0LTYuMzYgMi42M2MuNDkuOTUgMS4yNCAxLjQ0IDIuMyAxLjQ0IDEuMDcgMCAxLjgxLS41MyAyLjM1LTEuMzJ6bS00Ljk5LTEuNzFsNC4yNS0xLjc2Yy0uMjMtLjU5LS45NC0xLjAxLTEuNzYtMS4wMS0xLjA2IDAtMi41NC45My0yLjQ5IDIuNzd6XCI%2BPC9wYXRoPjxwYXRoIGQ9XCJNMCAwaDYydjI0SDB6XCIgZmlsbD1ub25lPjwvcGF0aD48L3N2Zz48L3NwYW4%2BPC9kaXY%2BPGRpdiBpZD1idG5zPjxsYWJlbCBmb3I9c3ByNT48YSBjbGFzcz1idG4gaWQ9YWJ0biBzdHlsZT1cImJhY2tncm91bmQtY29sb3I6IzQyODVmNTtjb2xvcjojZmZmO2Rpc3BsYXk6aW5saW5lLWJsb2NrO2JvcmRlci1yYWRpdXM6MnB4Oy1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtib3gtc2hhZG93OjBweCAwcHggMnB4IHJnYmEoMCwwLDAsLjEyKSwwcHggMXB4IDNweCByZ2JhKDAsMCwwLC4yNik7Y3Vyc29yOnBvaW50ZXI7Zm9udC1zaXplOi43ZW07bWFyZ2luOjAgMXB4IC40ZW0gMXB4XCI%2BPHNwYW4gc3R5bGU9XCJkaXNwbGF5OmlubGluZS1ibG9jaztwYWRkaW5nOi41ZW0gLjZlbTtsaW5lLWhlaWdodDoxZW1cIj5BZCBvcHRpb25zPC9zcGFuPjwvYT48L2xhYmVsPjxsYWJlbCBkYXRhLXZhcnMtbGFiZWw9dXNlcl9mZWVkYmFja19tZW51X29wdGlvbiBkYXRhLXZhcnMtbGFiZWwtaW5zdGFuY2U9MSBmb3I9c3ByMj48YSBjbGFzcz1idG4gaWQ9cmJ0biBzdHlsZT1cImRpc3BsYXk6aW5saW5lLWJsb2NrO2JvcmRlci1yYWRpdXM6MnB4Oy1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtib3gtc2hhZG93OjBweCAwcHggMnB4IHJnYmEoMCwwLDAsLjEyKSwwcHggMXB4IDNweCByZ2JhKDAsMCwwLC4yNik7Y3Vyc29yOnBvaW50ZXI7Zm9udC1zaXplOi43ZW07bWFyZ2luOjAgMXB4IC40ZW0gMXB4O2JhY2tncm91bmQtY29sb3I6IzQyODVmNTtjb2xvcjp3aGl0ZVwiPjxzcGFuIHN0eWxlPVwiZGlzcGxheTppbmxpbmUtYmxvY2s7cGFkZGluZzouNWVtIC42ZW07bGluZS1oZWlnaHQ6MWVtXCI%2BU2VuZCBmZWVkYmFjazwvc3Bhbj48L2E%2BPC9sYWJlbD48bGFiZWw%2BPGEgY2xhc3M9YnRuIGRhdGEtdmFycy1sYWJlbD1jbG9zZWJ1dHRvbl93aHl0aGlzYWRfY2xpY2sgZGF0YS12YXJzLWxhYmVsLWluc3RhbmNlPTEgaHJlZj1cImh0dHBzOi8vYWRzc2V0dGluZ3MuZ29vZ2xlLmNvbS93aHl0aGlzYWQ%2Fc291cmNlPWRpc3BsYXkmYW1wO3JlYXNvbnM9QVd5amJCN2JiZWZZaUdTZnVnLTFPY1pRbWJBWlZ5TjhwZVVqTXM5aGJrcHc2MWVPSWlBWlRKNXd2QUt5YjV5emdOTEp0SjJyZmtpa3VpdU5IYmRNR0ZUaTBiSFZlekhwTHVzXzcxTGJSc1QwNHBSMFlRcXdwa2lXRlVPcjNfY2QxemVrNGZWX0Z1NUd2VHN0NVJhS0RCdWpMOTQzTG5uTGFVTzhSai1rQjkzYlNqYnZzM0huLV9HN2dRRWxmZWp4TThVQXczZ3pUc3NQU09ZRVdYNTYzVWpIR3JYMUJydnMtcDJHNzNtX19DM0hlcW8zaUhlVnY0OVRuS1ZRUV9sSzkyeEhnUDJJMWp2WTBrRlloaGNzQ3JVNW1MSENTUHp6UDA1Y0NoVndWck01SnNYMllCeDZuU015WFhNeTQwYk13RnNoeUowMHZ2Q2lsb1FCZW43N2t2SFFXbEhkdE1RUjU4aHprZm13Vm85Q2p2aXhaWkdwdVRGNzU4RGMwaFRlcTJJWFNLN3VfSjM5X19NVV9JM0MtUU9oSDNkRlFOQzdJMG51eHhKWm9PSFVTakVSai10dFVLbVRBSVY1aVg1ZUJicDgxV094YmV3TV9TLWlxWTZ4NWNMeHp2NVNGbGxIWC03Y0J3Q1&i=7-12&t=adltag_lpih9czz_W9obowm8wS&r=539d526d4c7c66f8610298b3ad7676f&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24009
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
s3T5BN9siO3NoyUG0ZoZXVWMFGlrCqqlAwMg6kjWX0B_liCwtR1UNQ==
tag
setupad-hai-tagan.adlightning.com/ 		0
417 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=RKQVRMSXAyZS1YaEpjZmZJLWMtcElDQWFuVE1DQmg5dVNRQ1BTQS1Ra0JhWlFDYnJzM2pONWR6QS1tTXZQaGpUTTlvZllmeW02dmxlRlZ5LWZVem50MFVWUE5hS0NWblYtS2gtSmNhVnRkVVR6RnRrMXFrQ3ZjdjJldE1RUExxTTV5anplT2ZJd1NVamNGTUtLOUZwWW9BWmdseXhzRk9OdWxCWTRqck03ZUtlMkVqMjZyc25SZXBxbW9LS0ZRWEdjV1N4d3ozS3VRY2ZoVGQ1VHJCWEJwTDBydHh3S1EtRDhkSG1WM000aUF6MEJEdGl5ZEpGeUlFdFFkYW05S2p2RGYzNC01LXA3S3Z4U3hqQTZKTUN0YUgyMG5abE9Jd0xBdHJlWjE3VXJlNlhKX2dfcHFxWWp5S2RNWEZGazlrdjFaY01TeTAyQzVNT3dwQzBaUHR4ODA5WTRuYWN4bk1yRlhucmFtMGV6bFpvTHNFS25yRm9xVzJaOUdYQjVHUDRhZ2VLYmdtM0RNeWktOWI3Sy00MjZBMFF3MllHZ0RnYzJKSlpJV2kzclkzeUNWc0N1TGR0YVk2cnNneld1eVhtcG9IdzhLSkFJTElfNUNtOWdraEZ3S0M3NVdpN3A5ZkUxVDFBcjI1ZTl1SXhYUlQyVnlUdVctSEM0NDhvWlo5V01rZ2MxSHJCWkF5YjZvb0tIZlZCMjNJZnJsLWF1dzdwa1BtWG1Ca0l1ZkpHSDlFR0lvVHFWTm12UDhfZXlPZF94MzBLQUU1U0p2bndic0hXWDNJSkNlOFFXVTRVV09Wa2w3NDZ5eHc5dkNNa0o3VzFiUVVlT3RHN3MwMjFuQnNrUHhHSXNLSjgwZ19iY2t0ZXpkMmZxNVR2TlVsMGt4aXdqeUMxaUxqa1NBaTZKZ3lkNjc5MGt2ZHMxUEFFU3F3ZzN3VUlteV9lQmtETDRsUmdqX0hwQjFiUEY4NlJ4MkFNcTk0YjN5YzlNOGRXejcta25IaG5vVjJGMVFqazRyRGF0azJZdkRqT1VHcDBud0pESUxfRGh4Q3VMcVpLTF8xZjZJQkM0YXV3RXdkNGFWaXVyNTRYMFdkTmZkRWtsTlFUWHRFTVJHYXowa0dhaXFRb2gzWXBUcHk4NzNaSHRtU25NX3BybnBPZEw1cm9Ycm5TMWVPM2hTTTFwRWd0c0wwOVMyRjVtSG1FS1E5WFJWVXlMdGdac0hyN3JBY2VXRUMxVmdrVzFLUFBUUmEwZ0hKaW9ETkxValBDNDJBaDZDYk9FT1p3OFVlcVZ6LWlaMEdKWW5HUWJEQmVTTUlURnFmSWMzYmtEM2lwWERJMXY3blduUExHOGJUZjlrN3VkNG5UdE10eU45b25lM0xZclR1LUJyeTh1Ulp4MHRsb2JUdDZOYk5DNXppZmJ1Y2NKYnNhVWZST3pKN0NwV3ZVbm9sQ3JSaWg1V3BkdEZlLWxIUlNGUGFfMUo3TDR0eGVzYTJXaUgyd2l4Q3VfTkhjMmJ1Y3VrLTcwbTBPam5rYXo5endwZzkxZWN5R1ZiN0VZUDRSVWJlTlZEb1JVazdxX3FycWRhbmQweVdqQ2pmQnR3VDJHVE9iZDdFWnF3dUlFZkVsTVpNdHFXb1Fhb2JrU25RT2t5eHZkS21mejFzU2thRkVwX3F1WmY1SktDcnZ1cF9LSkdaR1FaYU5CSkpKQXl6NHRjU2FQSlc3XzZ6QWE4V3BlaVNLOTAzVFhHNFN0QVhHdElsRURRZHZxeTBoU2FBNVNxVkhkTnFWR0RvdDZaRWhsaVFqNmFmZjFyWjBqUDdzQVZ4SnNoNnFrM3NidkU5NzlkMG96eUc0RmFwbkN6eHFDOEJzdTlJYXJfTW9vWWphTzlVWnY0c2xkNU4xTm5HaDM1aE1vT01GQVNUdU1DQ0o2bHRsYk1wc2lTNUQ2anlyTEQwcWxRTDF1S1ZnU3NKdFNRQ2dQbmh4ZFJCTDBJWTV5WHcwOHBMNWNhaTh3OVd4OVFiZUNyQUVKOC1PWGt1dzlTZi1MXzZpNTMyN0ktbnBwWXRocGd1YkEtOVZoeHVPOEc3ZmVCZjRsaVJaLURsR2M1cDIzT3VtdjFMemdIcDlZN1NTV3BXazg1Y3VaTkRuRkdMUGNzSnBiU096Y3RZZzYybnFkSmYxdWxBQ3diUTVWdWN3Xy1iRnNEWld2Zk5PenAzRGYtVGNVYnpfWFdpWTVrQ29zSE54cjBWMGxrSWE5cVM5XCIgaWQ9c2J0biBzdHlsZT1cImJhY2tncm91bmQtY29sb3I6I2ZmZjtjb2xvcjojOWU5ZWE2O3RleHQtZGVjb3JhdGlvbjpub25lO2Rpc3BsYXk6aW5saW5lLWJsb2NrO2JvcmRlci1yYWRpdXM6MnB4Oy1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtib3gtc2hhZG93OjBweCAwcHggMnB4IHJnYmEoMCwwLDAsLjEyKSwwcHggMXB4IDNweCByZ2JhKDAsMCwwLC4yNik7Y3Vyc29yOnBvaW50ZXI7Zm9udC1zaXplOi43ZW07bWFyZ2luOjAgMXB4IC40ZW0gMXB4XCIgdGFyZ2V0PV9ibGFuaz48c3BhbiBzdHlsZT1cImRpc3BsYXk6aW5saW5lLWJsb2NrO3BhZGRpbmc6LjVlbSAuNmVtO2xpbmUtaGVpZ2h0OjFlbVwiPldoeSB0aGlzIGFkP8KgPHN2ZyBmaWxsPSMwMDAwMDAgaWQ9c2kgc3R5bGU9cG9zaXRpb246cmVsYXRpdmU7ZGlzcGxheTppbmxpbmUtYmxvY2s7bWFyZ2luLWJvdHRvbTotLjE1ZW07aGVpZ2h0OjFlbTt3aWR0aDoxZW07b3BhY2l0eTouNCB2aWV3Ym94PVwiMCAwIDE2IDE2XCIgeG1sbnM9Ly93d3cudzMub3JnLzIwMDAvc3ZnPjxjaXJjbGUgY3g9NiBjeT02IHI9MC42Nz48L2NpcmNsZT48cGF0aCBkPU00LjIsMTEuM1EzLjMsMTEuOCwzLjMsMTAuNzVMMy4zLDQuMVEzLjMsMy4xLDQuMywzLjVMMTAuNCw3LjBRMTIuMCw3LjUsMTAuNCw4LjBMNi42NSwxMC4wTDYuNjUsNy43NWEwLjY1LDAuNjUsMCwxLDAsLTEuMywwTDUuMzUsMTAuNzVhMC45LDAuOSwwLDAsMCwxLjMsMC44TDEyLjcsOC4yUTEzLjcsNy41LDEyLjcsNi43TDMuMywxLjZRMi4yLDEuMywxLjgsMi41TDEuOCwxMi41UTIuMiwxMy45LDMuMywxMy4zTDQuOCwxMi41QTAuMywwLjMsMCwxLDAsNC4yLDExLjNaPjwvcGF0aD48L3N2Zz48L3NwYW4%2BPC9hPjwvbGFiZWw%2BPC9kaXY%2BPC9hbXAtZml0LXRleHQ%2BPC9kaXY%2BPGRpdiBjbGFzcz1cInBuIGFiZ2ZcIiBpZD1zcHYyIHN0eWxlPWRpc3BsYXk6LXdlYmtpdC1mbGV4O2Rpc3BsYXk6ZmxleDstd2Via2l0LWp1c3RpZnktY29udGVudDpjZW50ZXI7anVzdGlmeS1jb250ZW50OmNlbnRlcjstd2Via2l0LWZsZXgtd3JhcDpub3dyYXA7ZmxleC13cmFwOm5vd3JhcDtvdmVyZmxvdzpoaWRkZW47YmFja2dyb3VuZC1jb2xvcjojZmFmYWZhO2ZvbnQtc2l6ZTowO3Bvc2l0aW9uOmFic29sdXRlOy1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtiYWNrZ3JvdW5kLWNvbG9yOiNmYWZhZmE7dGV4dC1hbGlnbjpjZW50ZXI%2BPGxhYmVsIGNsYXNzPVwic2Igc29cIiBkYXRhLXZhcnMtbGFiZWw9bXV0ZV9zdXJ2ZXlfb3B0aW9uIGRhdGEtdmFycy1sYWJlbC1pbnN0YW5jZT04IGZvcj1zcHIzIHN0eWxlPVwicG9zaXRpb246cmVsYXRpdmU7ei1pbmRleDo5MTEwO292ZXJmbG93OmhpZGRlbjtkaXNwbGF5OmlubGluZS1ibG9jaztwYWRkaW5nOjFweCA1cHg7YmFja2dyb3VuZC1jb2xvcjojRkZGO2N1cnNvcjpwb2ludGVyO2ZsZXgtc2hyaW5rOjBcIj48ZGl2IHN0eWxlPWRpc3BsYXk6LXdlYmtpdC1mbGV4O2Rpc3BsYXk6ZmxleDstd2Via2l0LWFsaWduLWl0ZW1zOmNlbnRlcjthbGlnbi1pdGVtczpjZW50ZXI7LXdlYmtpdC1qdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyO2p1c3RpZnktY29udGVudDpjZW50ZXI7d2lkdGg6MTAwJTtoZWlnaHQ6MTAwJT48c3BhbiBzdHlsZT1jb2xvcjojNDI4NWY0O2ZvbnQtZmFtaWx5OkFyaWFsLHNhbnMtc2VyaWY7dGV4dC1hbGlnbjpjZW50ZXI7Zm9udC1zaXplOjEycHg7bGluZS1oZWlnaHQ6MTRweDt3aGl0ZS1zcGFjZTpub3JtYWw%2BQWQgd2FzIGluYXBwcm9wcmlhdGU8L3NwYW4%2BPC9kaXY%2BPC9sYWJlbD48bGFiZWwgY2xhc3M9XCJzYiBzb1wiIGRhdGEtdmFycy1sYWJlbD1tdXRlX3N1cnZleV9vcHRpb24gZGF0YS12YXJzLWxhYmVsLWluc3RhbmNlPTIgZm9yPXNwcjMgc3R5bGU9XCJwb3NpdGlvbjpyZWxhdGl2ZTt6LWluZGV4OjkxMTA7b3ZlcmZsb3c6aGlkZGVuO2Rpc3BsYXk6aW5saW5lLWJsb2NrO3BhZGRpbmc6MXB4IDVweDtiYWNrZ3JvdW5kLWNvbG9yOiNGRkY7Y3Vyc29yOnBvaW50ZXI7ZmxleC1zaHJpbms6MFwiPjxkaXYgc3R5bGU9ZGlzcGxheTotd2Via2l0LWZsZXg7ZGlzcGxheTpmbGV4Oy13ZWJraXQtYWxpZ24taXRlbXM6Y2VudGVyO2FsaWduLWl0ZW1zOmNlbnRlcjstd2Via2l0LWp1c3RpZnktY29udGVudDpjZW50ZXI7anVzdGlmeS1jb250ZW50OmNlbnRlcjt3aWR0aDoxMDAlO2hlaWdodDoxMDAlPjxzcGFuIHN0eWxlPWNvbG9yOiM0Mjg1ZjQ7Zm9udC1mYW1pbHk6QXJpYWwsc2Fucy1zZXJpZjt0ZXh0LWFsaWduOmNlbnRlcjtmb250LXNpemU6MTJweDtsaW5lLWhlaWdodDoxNHB4O3doaXRlLXNwYWNlOm5vcm1hbD5TZWVuIHRoaXMgYWQgbXVsdGlwbGUgdGltZXM8L3NwYW4%2BPC9kaXY%2BPC9sYWJlbD48bGFiZWwgY2xhc3M9XCJzYiBzb1wiIGRhdGEtdmFycy1sYWJlbD1tdXRlX3N1cnZleV9vcHRpb24gZGF0YS12YXJzLWxhYmVsLWluc3RhbmNlPTMgZm9yPXNwcjMgc3R5bGU9XCJwb3NpdGlvbjpyZWxhdGl2ZTt6LWluZGV4OjkxMTA7b3ZlcmZsb3c6aGlkZGVuO2Rpc3BsYXk6aW5saW5lLWJsb2NrO3BhZGRpbmc6MXB4IDVweDtiYWNrZ3JvdW5kLWNvbG9yOiNGRkY7Y3Vyc29yOnBvaW50ZXI7ZmxleC1zaHJpbms6MFwiPjxkaXYgc3R5bGU9ZGlzcGxheTotd2Via2l0LWZsZXg7ZGlzcGxheTpmbGV4Oy13ZWJraXQtYWxpZ24taXRlbXM6Y2VudGVyO2FsaWduLWl0ZW1zOmNlbnRlcjstd2Via2l0LWp1c3RpZnktY29udGVudDpjZW50ZXI7anVzdGlmeS1jb250ZW50OmNlbnRlcjt3aWR0aDoxMDAlO2hlaWdodDoxMDAlPjxzcGFuIHN0eWxlPWNvbG9yOiM0Mjg1ZjQ7Zm9udC1mYW1pbHk6QXJpYWwsc2Fucy1zZXJpZjt0ZXh0LWFsaWduOmNlbnRlcjtmb250LXNpemU6MTJweDtsaW5lLWhlaWdodDoxNHB4O3doaXRlLXNwYWNlOm5vcm1hbD5BZCBjb3ZlcmVkIGNvbnRlbnQ8L3NwYW4%2BPC9kaXY%2BPC9sYWJlbD48bGFiZWwgY2xhc3M9XCJzYiBzb1wiIGRhdGEtdmFycy1sYWJlbD1tdXRlX3N1cnZleV9vcHRpb24gZGF0YS12YXJzLWxhYmVsLWluc3RhbmNlPTcgZm9yPXNwcjMgc3R5bGU9XCJwb3NpdGlvbjpyZWxhdGl2ZTt6LWluZGV4OjkxMTA7b3ZlcmZsb3c6aGlkZGVuO2Rpc3BsYXk6aW5saW5lLWJsb2NrO3BhZGRpbmc6MXB4IDVweDtiYWNrZ3JvdW5kLWNvbG9yOiNGRkY7Y3Vyc29yOnBvaW50ZXI7ZmxleC1zaHJpbms6MFwiPjxkaXYgc3R5bGU9ZGlzcGxheTotd2Via2l0LWZsZXg7ZGlzcGxheTpmbGV4Oy13ZWJraXQtYWxpZ24taXRlbXM6Y2VudGVyO2FsaWduLWl0ZW1zOmNlbnRlcjstd2Via2l0LWp1c3RpZnktY29udGVudDpjZW50ZXI7anVzdGlmeS1jb250ZW50OmNlbnRlcjt3aWR0aDoxMDAlO2hlaWdodDoxMDAlPjxzcGFuIHN0eWxlPWNvbG9yOiM0Mjg1ZjQ7Zm9udC1mYW1pbHk6QXJpYWwsc2Fucy1zZXJpZjt0ZXh0LWFsaWduOmNlbnRlcjtmb250LXNpemU6MTJweDtsaW5lLWhlaWdodDoxNHB4O3doaXRlLXNwYWNlOm5vcm1hbD5Ob3QgaW50ZXJlc3RlZCBpbiB0aGlzIGFkPC9zcGFuPjwvZGl2PjwvbGFiZWw%2BPC9kaXY%2BPGRpdiBjbGFzcz1cInBuIGFiZ2ZcIiBpZD1zcHYzIHN0eWxlPXBvc2l0aW9uOmFic29sdXRlOy1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtiYWNrZ3JvdW5kLWNvbG9yOiNmYWZhZmE7dGV4dC1hbGlnbjpjZW50ZXI7b3BhY2l0eToxPjxhbXAtZml0LXRleHQgY2xhc3M9XCJmbCBpLWFtcGh0bWwtbGF5b3V0LXJlc3BvbnNpdmUgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWRcIiBoZWlnaHQ9MjUwIGktYW1waHRtbC1sYXlvdXQ9cmVzcG9uc2l2ZSBsYXlvdXQ9cmVzcG9uc2l2ZSBtYXgtZm9udC1zaXplPTE3IG1pbi1mb250LXNpemU9OCB3aWR0aD05NzA%2BPGktYW1waHRtbC1zaXplciBzbG90PWktYW1waHRtbC1zdmMgc3R5bGU9ZGlzcGxheTpibG9jaztwYWRkaW5nLXRvcDoyNS43NzMyJTs%2BPC9pLWFtcGh0bWwtc2l6ZXI%2BPHNwYW4gaWQ9cGN0IHN0eWxlPVwiZGlzcGxheTpibG9jaztmb250LXdlaWdodDpib2xkO3BhZGRpbmc6MWVtIC4zZW1cIj5UaGFua3MuIEZlZWRiYWNrIGltcHJvdmVzIEdvb2dsZSBhZHM8L3NwYW4%2BPC9hbXAtZml0LXRleHQ%2BPC9kaXY%2BPGRpdiBjbGFzcz1cInBuIGFiZ2ZcIiBpZD1zcHY0IHN0eWxlPXBvc2l0aW9uOmFic29sdXRlOy1tb3otYm94&i=8-12&t=adltag_lpih9czz_W9obowm8wS&r=539d526d4c7c66f8610298b3ad7676f&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24009
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
nSClbF4h2SWyuccQl_ewNi3qTKff9M9i13-bDLwuyoEI9Pkx-OuJ-A==
tag
setupad-hai-tagan.adlightning.com/ 		0
417 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtiYWNrZ3JvdW5kLWNvbG9yOiNmYWZhZmE7dGV4dC1hbGlnbjpjZW50ZXI%2BPGFtcC1maXQtdGV4dCBjbGFzcz1cImZsIGktYW1waHRtbC1sYXlvdXQtcmVzcG9uc2l2ZSBpLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZFwiIGhlaWdodD0yNTAgaS1hbXBodG1sLWxheW91dD1yZXNwb25zaXZlIGxheW91dD1yZXNwb25zaXZlIG1heC1mb250LXNpemU9MjAgbWluLWZvbnQtc2l6ZT04IHdpZHRoPTk3MD48aS1hbXBodG1sLXNpemVyIHNsb3Q9aS1hbXBodG1sLXN2YyBzdHlsZT1kaXNwbGF5OmJsb2NrO3BhZGRpbmctdG9wOjI1Ljc3MzIlOz48L2ktYW1waHRtbC1zaXplcj48c3BhbiBjbGFzcz1cImN0IGZjdFwiIHN0eWxlPWRpc3BsYXk6aW5saW5lLWJsb2NrO2xpbmUtaGVpZ2h0OjEuMjhlbTtjb2xvcjpyZ2JhKDAsMCwwLC40KTt0ZXh0LWFsaWduOmNlbnRlcjtwYWRkaW5nOjFlbT5BZCBjbG9zZWQgYnkgPHN2ZyBmaWxsPSMwMDAwMDAgdmlld2JveD1cIjAgMCA2MCAyNFwiIHhtbG5zPWh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnPjxwYXRoIGQ9XCJNNy41IDE2LjI5Yy00LjA3IDAtNy40OS0zLjMxLTcuNDktNy4zOFMzLjQzIDEuNTMgNy41IDEuNTNjMi4yNSAwIDMuODUuODggNS4wNiAyLjAzbC0xLjQyIDEuNDJjLS44Ny0uODEtMi4wNC0xLjQ0LTMuNjQtMS40NC0yLjk3IDAtNS4yOSAyLjQtNS4yOSA1LjM3czIuMzIgNS4zNyA1LjI5IDUuMzdjMS45MyAwIDMuMDMtLjc3IDMuNzMtMS40OC41OC0uNTguOTUtMS40IDEuMS0yLjU0SDcuNVY4LjI0aDYuNzljLjA3LjM2LjExLjc5LjExIDEuMjYgMCAxLjUxLS40MSAzLjM5LTEuNzUgNC43Mi0xLjMgMS4zNS0yLjk1IDIuMDctNS4xNSAyLjA3em0xNy43NS00Ljc2YzAgMi43NC0yLjEzIDQuNzUtNC43NSA0Ljc1cy00Ljc1LTIuMDItNC43NS00Ljc1YzAtMi43NSAyLjEzLTQuNzUgNC43NS00Ljc1czQuNzUgMiA0Ljc1IDQuNzV6bS0yLjA4IDBjMC0xLjcxLTEuMjQtMi44OC0yLjY3LTIuODhzLTIuNjcgMS4xNy0yLjY3IDIuODhjMCAxLjY5IDEuMjQgMi44OCAyLjY3IDIuODhzMi42Ny0xLjE4IDIuNjctMi44OHptMTMuMDggMGMwIDIuNzQtMi4xMyA0Ljc1LTQuNzUgNC43NXMtNC43NS0yLjAyLTQuNzUtNC43NWMwLTIuNzUgMi4xMy00Ljc1IDQuNzUtNC43NXM0Ljc1IDIgNC43NSA0Ljc1em0tMi4wOCAwYzAtMS43MS0xLjI0LTIuODgtMi42Ny0yLjg4cy0yLjY3IDEuMTctMi42NyAyLjg4YzAgMS42OSAxLjI0IDIuODggMi42NyAyLjg4czIuNjctMS4xOCAyLjY3LTIuODh6bTEyLjU4LTQuNDZ2OC41M2MwIDMuNTEtMi4wNyA0Ljk1LTQuNTIgNC45NS0yLjMgMC0zLjY5LTEuNTUtNC4yMS0yLjgxbDEuODItLjc2Yy4zMi43NyAxLjEyIDEuNjkgMi4zOSAxLjY5IDEuNTcgMCAyLjU0LS45NyAyLjU0LTIuNzl2LS42OGgtLjA3Yy0uNDcuNTgtMS4zNyAxLjA4LTIuNSAxLjA4LTIuMzggMC00LjU2LTIuMDctNC41Ni00Ljc0IDAtMi42OCAyLjE4LTQuNzcgNC41Ni00Ljc3IDEuMTMgMCAyLjAzLjUgMi41IDEuMDZoLjA3di0uNzZoMS45OHptLTEuODQgNC40OGMwLTEuNjctMS4xMi0yLjktMi41NC0yLjktMS40NCAwLTIuNjUgMS4yMi0yLjY1IDIuOSAwIDEuNjYgMS4yMSAyLjg2IDIuNjUgMi44NiAxLjQzLjAxIDIuNTQtMS4yIDIuNTQtMi44NnptNS44OS05LjUyVjE2aC0yLjA5VjIuMDNoMi4wOXptOC40OSAxMS4wN2wxLjYyIDEuMDhjLS41Mi43Ny0xLjc4IDIuMTEtMy45NiAyLjExLTIuNyAwLTQuNzItMi4wOS00LjcyLTQuNzUgMC0yLjgzIDIuMDMtNC43NSA0LjQ4LTQuNzUgMi40NyAwIDMuNjcgMS45NiA0LjA3IDMuMDJsLjIyLjU0LTYuMzYgMi42M2MuNDkuOTUgMS4yNCAxLjQ0IDIuMyAxLjQ0IDEuMDcgMCAxLjgxLS41MyAyLjM1LTEuMzJ6bS00Ljk5LTEuNzFsNC4yNS0xLjc2Yy0uMjMtLjU5LS45NC0xLjAxLTEuNzYtMS4wMS0xLjA2IDAtMi41NC45My0yLjQ5IDIuNzd6XCI%2BPC9wYXRoPjxwYXRoIGQ9XCJNMCAwaDYydjI0SDB6XCIgZmlsbD1ub25lPjwvcGF0aD48L3N2Zz48L3NwYW4%2BPC9hbXAtZml0LXRleHQ%2BPC9kaXY%2BPGlucHV0IGlkPXBhaWQwIG5hbWU9YSB0eXBlPXJhZGlvPjxpbnB1dCBpZD1wYWlkMSBuYW1lPWEgdHlwZT1yYWRpbz48ZGl2IGNsYXNzPVwicG4gYWJnZlwiIGlkPXNwdjUgc3R5bGU9cG9zaXRpb246YWJzb2x1dGU7LW1vei1ib3gtc2l6aW5nOmJvcmRlci1ib3g7LXdlYmtpdC1ib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym94LXNpemluZzpib3JkZXItYm94O2JhY2tncm91bmQtY29sb3I6I2ZhZmFmYTt0ZXh0LWFsaWduOmNlbnRlcj48YW1wLWZpdC10ZXh0IGNsYXNzPVwiZmwgaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkXCIgaGVpZ2h0PTI1MCBpLWFtcGh0bWwtbGF5b3V0PXJlc3BvbnNpdmUgbGF5b3V0PXJlc3BvbnNpdmUgbWF4LWZvbnQtc2l6ZT0yMCBtaW4tZm9udC1zaXplPTggd2lkdGg9OTcwPjxpLWFtcGh0bWwtc2l6ZXIgc2xvdD1pLWFtcGh0bWwtc3ZjIHN0eWxlPWRpc3BsYXk6YmxvY2s7cGFkZGluZy10b3A6MjUuNzczMiU7PjwvaS1hbXBodG1sLXNpemVyPjxkaXYgY2xhc3M9Y2xvc2UgaWQ9b2Qgc3R5bGU9cG9zaXRpb246YWJzb2x1dGU7dG9wOjJweDtjb2xvcjojMDAwO2ZvbnQtc2l6ZToxNXB4O2xpbmUtaGVpZ2h0OjE1cHg7b3BhY2l0eTouNTtoZWlnaHQ6MTVweDt3aWR0aDoxNXB4O3VzZXItc2VsZWN0Om5vbmU7Y3Vyc29yOnBvaW50ZXI%2BPGxhYmVsIGZvcj1zcHIxPjxzdmcgdmlld2JveD1cIjAgMCAyNCAyNFwiPjxwYXRoIGNsYXNzPW5hdGl2ZS1hcnJvdyBkPVwiTTIwIDExSDcuODNsNS41OS01LjU5TDEyIDRsLTggOCA4IDggMS40MS0xLjQxTDcuODMgMTNIMjB2LTJ6XCI%2BPC9wYXRoPjwvc3ZnPjwvbGFiZWw%2BPC9kaXY%2BPGRpdiBjbGFzcz1hb2Mgc3R5bGU9bWFyZ2luLXRvcDoyMHB4PjxsYWJlbD48ZGl2IGNsYXNzPVwicGQgcGFuZWwtcm93IHBhbmVsLWJ1dHRvbnNcIj5QZXJzb25hbGl6ZSBhZHMgb24gdGhpcyBzaXRlPGxhYmVsIGNsYXNzPVwicHQgcHRrXCIgc3R5bGU9cG9zaXRpb246cmVsYXRpdmU7ZGlzcGxheTppbmxpbmUtYmxvY2s7d2lkdGg6MzZweDtoZWlnaHQ6MTRweDt0b3A6MXB4O21hcmdpbi1sZWZ0OjZweD48aW5wdXQgY2hlY2tlZCBjbGFzcz1wY2Igc3R5bGU9b3BhY2l0eTowO3dpZHRoOjA7aGVpZ2h0OjAgdHlwZT1jaGVja2JveD48c3BhbiBjbGFzcz1waCBzdHlsZT1wb3NpdGlvbjphYnNvbHV0ZTtjdXJzb3I6cG9pbnRlcjtpbnNldDowO2JhY2tncm91bmQtY29sb3I6I2RhZGNlMDstd2Via2l0LXRyYW5zaXRpb246LjRzO3RyYW5zaXRpb246LjRzO2JvcmRlci1yYWRpdXM6N3B4Pjwvc3Bhbj48L2xhYmVsPjwvZGl2PjwvbGFiZWw%2BPGxhYmVsPjxhIGNsYXNzPWJ0biBocmVmPWh0dHBzOi8vc3VwcG9ydC5nb29nbGUuY29tL2Fkcy9hbnN3ZXIvMTA5MjMzNDggaWQ9bG1iIHN0eWxlPVwiZGlzcGxheTppbmxpbmUtYmxvY2s7Ym9yZGVyLXJhZGl1czoycHg7LW1vei1ib3gtc2l6aW5nOmJvcmRlci1ib3g7LXdlYmtpdC1ib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym94LXNpemluZzpib3JkZXItYm94O2JveC1zaGFkb3c6MHB4IDBweCAycHggcmdiYSgwLDAsMCwuMTIpLDBweCAxcHggM3B4IHJnYmEoMCwwLDAsLjI2KTtjdXJzb3I6cG9pbnRlcjtmb250LXNpemU6LjdlbTttYXJnaW46MCAxcHggLjRlbSAxcHhcIiB0YXJnZXQ9X2JsYW5rPjxzcGFuIHN0eWxlPVwiZGlzcGxheTppbmxpbmUtYmxvY2s7cGFkZGluZzouNWVtIC42ZW07bGluZS1oZWlnaHQ6MWVtXCI%2BTGVhcm4gbW9yZcKgPHN2ZyBjbGFzcz13aW5kb3ctaWNvbiBzdHlsZT1oZWlnaHQ6MTRweDt3aWR0aDoxNHB4O29wYWNpdHk6LjQgdmlld2JveD1cIjAgLTIgMjQgMjRcIiB4bWxucz0vL3d3dy53My5vcmcvMjAwMC9zdmc%2BPHBhdGggZD1cIk0wIDBoMjR2MjRIMFYwelwiIGZpbGw9bm9uZT48L3BhdGg%2BPHBhdGggZD1cIk0xOSAxOUg1VjVoN1YzSDVjLTEuMTEgMC0yIC45LTIgMnYxNGMwIDEuMS44OSAyIDIgMmgxNGMxLjEgMCAyLS45IDItMnYtN2gtMnY3ek0xNCAzdjJoMy41OWwtOS44MyA5LjgzIDEuNDEgMS40MUwxOSA2LjQxVjEwaDJWM2gtN3pcIj48L3BhdGg%2BPC9zdmc%2BPC9zcGFuPjwvYT48L2xhYmVsPjwvZGl2PjwvYW1wLWZpdC10ZXh0PjwvZGl2PjwvZm9ybT48L2Rpdj48ZGl2IHN0eWxlPVwiYm90dG9tOjA7cmlnaHQ6MDt3aWR0aDo5NzBweDtoZWlnaHQ6MjUwcHg7YmFja2dyb3VuZDppbml0aWFsO3Bvc2l0aW9uOmFic29sdXRlO21heC13aWR0aDoxMDAlO21heC1oZWlnaHQ6MTAwJTtwb2ludGVyLWV2ZW50czpub25lO2ltYWdlLXJlbmRlcmluZzpwaXhlbGF0ZWQ7ei1pbmRleDoyMTQ3NDgzNjQ3O2JhY2tncm91bmQtaW1hZ2U6dXJsKCYjMzk7ZGF0YTppbWFnZS9wbmc7YmFzZTY0LGlWQk9SdzBLR2dvQUFBQU5TVWhFVWdBQUFDc0FBQUFXQkFNQUFBQ3JsM2lBQUFBQUJsQk1WRVVBQUFEK0FjaVdtWnpXQUFBQUFuUlNUbE1BQXBpZHJCUUFBQUIrU1VSQlZCalRiWkdMRFlBd0NBVmhBL2FmMXNEN1FCT3JKcEFlOUxBUi95dXhKcnBaelc1RlZZZktzb2xvc0Y5bnc5V2hrZTErZ2pjZHJqbTllWGFxTTAxMkZWbDdoOVQ1ckRFN2w1UkdZVEZNZ01PTDh5R2NRdmRPd2ZsNm1INjlOenh6UVJ1ejdsOFFsUmJoSHd6cDkyZWF0M08wVlNPWmM1YzdZVmQ4WG5BRnZteGpoY2dBQUFBQVNVVk9SSzVDWUlJPSYjMzk7KTtcIj48L2Rpdj48YW1wLWFuYWx5dGljcyBjbGFzcz1cImktYW1waHRtbC1sYXlvdXQtZml4ZWQgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWRcIiBpLWFtcGh0bWwtbGF5b3V0PWZpeGVkIHN0eWxlPXdpZHRoOjFweDtoZWlnaHQ6MXB4OyB0cmlnZ2VyPWltbWVkaWF0ZT48c2NyaXB0IHR5cGU9YXBwbGljYXRpb24vanNvbj57XCJ0cmFuc3BvcnRcIjoge1wiYmVhY29uXCI6IGZhbHNlLCBcInhocnBvc3RcIjogZmFsc2V9LFwicmVxdWVzdHNcIjoge1widmlzaWJpbGl0eTFcIjogXCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3Bjcy9hY3RpdmV2aWV3P3hhaT1BS0FPanNzWUoyZDRRcnVuQ01HV21hYS15TWRvakZPMnpWYm5vNHpONjRmSGE2QzJ2MkR5MFN4UDFxRDBNU3YxWWxpV1pPWjFQX0hDdExYQUF1ZTd1dDZxVU4yYmlxMkRzZDRHTW5iTW92dHl6bVFBalpNMndXUmJlZ0hGbVBKTWFhTmU5QmMxdWdaMnRCc2tDQSZzYWk9QU1mbC1ZUTRJQjctemVKemVfTFgyUldEcGpTZF9RbEJLenFfVlZHTnJWZlE3NzhVUUNjM0F5Y0RmTXd1THNQRTF5RmNLdVlObWM2eVpUMzRpVXJNMWVid3VUZmxBRnk3dDc4MkNLMUlza2F5WldfSVJTTFFEdmFfMGtlU0F2WXJ2QWhxOFVmc2JFdi16Sm10azFuZjdDVWwtUSZzaWc9Q2cwQXJLSlN6QVRseURfVjV6WW5FQUUmY2lkPUNBUVNUd0RJQ2FhTk0zV3N3V05NaWh1bHM2SnJUaTYxMW9Ra19DZ1dWa0Z5Uzk3U0d4Qzh0ak1ySlpvY1R0VlZBTWJZbzNTN1c1eFRDR0ZDV1ZuQWpZUWFqQ2gtY3dkVmRwYUktZF9haTZTTmpQWVlBUSZpZD1hbXBpbSZvPSR7ZWxlbWVudFh9LCR7ZWxlbWVudFl9JmQ9JHtlbGVtZW50V2lkdGh9LCR7ZWxlbWVudEhlaWdodH0mc3M9JHtzY3JlZW5XaWR0aH0sJHtzY3JlZW5IZWlnaHR9JmJzPSR7dmlld3BvcnRXaWR0aH0sJHt2aWV3cG9ydEhlaWdodH0mbWN2dD0ke21heENvbnRpbnVvdXNWaXNpYmxlVGltZX0mbXRvcz0wLDAsMCwke21heENvbnRpbnVvdXNWaXNpYmxlVGltZX0sJHttYXhDb250aW51b3VzVmlzaWJsZVRpbWV9JnRvcz0wLDAsMCwke3RvdGFsVmlzaWJsZVRpbWV9LDAmdGZzPSR7Zmlyc3RTZWVuVGltZX0mdGxzPSR7bGFzdFNlZW5UaW1lfSZnPSR7bWluVmlzaWJsZVBlcmNlbnRhZ2V9Jmg9JHttYXhWaXNpYmxlUGVyY2VudGFnZX0mdHQ9JHt0b3RhbFRpbWV9JnI9diZhdm1zPWFtcGEmdWFwPSR7dWFjaChwbGF0Zm9ybSl9JnVhcHY9JHt1YWNoKHBsYXRmb3&i=9-12&t=adltag_lpih9czz_W9obowm8wS&r=539d526d4c7c66f8610298b3ad7676f&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24009
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
PCTj7rxhU72CksTp_V3Y6oQCS4QV6RDQopeceUanaGAqd1B_hjY4tA==
tag
setupad-hai-tagan.adlightning.com/ 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=JtVmVyc2lvbil9JnVhYT0ke3VhY2goYXJjaGl0ZWN0dXJlKX0mdWFtPSR7dWFjaChtb2RlbCl9JnVhZnY9JHt1YWNoKHVhRnVsbFZlcnNpb24pfSZ1YWI9JHt1YWNoKGJpdG5lc3MpfSZ1YWZ2bD0ke3VhY2goZnVsbFZlcnNpb25MaXN0KX0mdWF3PSR7dWFjaCh3b3c2NCl9JmFkaz0wXCJ9LFwidHJpZ2dlcnNcIjoge1wiY29udGludW91c1Zpc2libGVcIjoge1wib25cIjogXCJ2aXNpYmxlXCIsXCJyZXF1ZXN0XCI6IFtcInZpc2liaWxpdHkxXCJdLFwicGFyZW50UG9zdE1lc3NhZ2VcIjogXCJpbXByZXNzaW9uLXZpZXdhYmxlXCIsXCJ2aXNpYmlsaXR5U3BlY1wiOiB7XCJzZWxlY3RvclwiOiBcIjpyb290XCIsXCJ2aXNpYmxlUGVyY2VudGFnZU1pblwiOiAzMCxcImNvbnRpbnVvdXNUaW1lTWluXCI6IDEwMDB9fSxcInZpc2liaWxpdHlDaGFuZ2VkXCI6IHtcIm9uXCI6IFwidmlzaWJsZVwiLFwicGFyZW50UG9zdE1lc3NhZ2VcIjogXCJ2aXNpYmlsaXR5LWNoYW5nZWQtJHtpbnRlcnNlY3Rpb25SYXRpb31cIixcInZpc2liaWxpdHlTcGVjXCI6IHtcInJlcGVhdFwiOiB0cnVlLFwic2VsZWN0b3JcIjogXCI6cm9vdFwiLFwidmlzaWJsZVBlcmNlbnRhZ2VUaHJlc2hvbGRzXCI6IFtbMCwwXSxbMCw1XSxbNSwxMF0sWzEwLDE1XSxbMTUsMjBdLFsyMCwyNV0sWzI1LDMwXSxbMzAsMzVdLFszNSw0MF0sWzQwLDQ1XSxbNDUsNTBdLFs1MCw1NV0sWzU1LDYwXSxbNjAsNjVdLFs2NSw3MF0sWzcwLDc1XSxbNzUsODBdLFs4MCw4NV0sWzg1LDkwXSxbOTAsOTVdLFs5NSwxMDBdLFsxMDAsMTAwXV19fSxcImluaUxvYWRcIjoge1wib25cIjogXCJpbmktbG9hZFwiLFwicGFyZW50UG9zdE1lc3NhZ2VcIjogXCJ7XFxcImNcXFwiOlxcXCJzZmNoYW5uZWwxXFxcIixcXFwicFxcXCI6XFxcIntcXFxcXFxcInVpZFxcXFxcXFwiOlxcXFxcXFwiMVxcXFxcXFwiLFxcXFxcXFwid2lkdGhcXFxcXFxcIjoke3Njcm9sbFdpZHRofSxcXFxcXFxcImhlaWdodFxcXFxcXFwiOiR7c2Nyb2xsSGVpZ2h0fX1cXFwiLFxcXCJzXFxcIjpcXFwiY3JlYXRpdmVfZ2VvbWV0cnlfdXBkYXRlXFxcIn1cXG5cIn19fTwvc2NyaXB0PjwvYW1wLWFuYWx5dGljcz48YW1wLWFuYWx5dGljcyBjbGFzcz1cImktYW1waHRtbC1sYXlvdXQtZml4ZWQgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWRcIiBpLWFtcGh0bWwtbGF5b3V0PWZpeGVkIHN0eWxlPXdpZHRoOjFweDtoZWlnaHQ6MXB4OyB0cmlnZ2VyPWltbWVkaWF0ZT48c2NyaXB0IHR5cGU9YXBwbGljYXRpb24vanNvbj57XCJ0cmFuc3BvcnRcIjoge1wiYmVhY29uXCI6IHRydWUsIFwieGhycG9zdFwiOiBmYWxzZX0sXCJyZXF1ZXN0c1wiOiB7XCJhbXBlb3MxXCI6IFwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wY3MvYWN0aXZldmlldz94YWk9QUtBT2pzc1lKMmQ0UXJ1bkNNR1dtYWEteU1kb2pGTzJ6VmJubzR6TjY0ZkhhNkMydjJEeTBTeFAxcUQwTVN2MVlsaVdaT1oxUF9IQ3RMWEFBdWU3dXQ2cVVOMmJpcTJEc2Q0R01uYk1vdnR5em1RQWpaTTJ3V1JiZWdIRm1QSk1hYU5lOUJjMXVnWjJ0QnNrQ0Emc2FpPUFNZmwtWVE0SUI3LXplSnplX0xYMlJXRHBqU2RfUWxCS3pxX1ZWR05yVmZRNzc4VVFDYzNBeWNEZk13dUxzUEUxeUZjS3VZTm1jNnlaVDM0aVVyTTFlYnd1VGZsQUZ5N3Q3ODJDSzFJc2theVpXX0lSU0xRRHZhXzBrZVNBdllydkFocThVZnNiRXYtekptdGsxbmY3Q1VsLVEmc2lnPUNnMEFyS0pTekFUbHlEX1Y1elluRUFFJmNpZD1DQVFTVHdESUNhYU5NM1dzd1dOTWlodWxzNkpyVGk2MTFvUWtfQ2dXVmtGeVM5N1NHeEM4dGpNckpab2NUdFZWQU1iWW8zUzdXNXhUQ0dGQ1dWbkFqWVFhakNoLWN3ZFZkcGFJLWRfYWk2U05qUFlZQVEmaWQ9YW1wZW9zJm89JHtlbGVtZW50WH0sJHtlbGVtZW50WX0mZD0ke2VsZW1lbnRXaWR0aH0sJHtlbGVtZW50SGVpZ2h0fSZzcz0ke3NjcmVlbldpZHRofSwke3NjcmVlbkhlaWdodH0mYnM9JHt2aWV3cG9ydFdpZHRofSwke3ZpZXdwb3J0SGVpZ2h0fSZtY3Z0PSR7bWF4Q29udGludW91c1Zpc2libGVUaW1lfSZtdG9zPTAsMCwwLCR7bWF4Q29udGludW91c1Zpc2libGVUaW1lfSwke21heENvbnRpbnVvdXNWaXNpYmxlVGltZX0mdG9zPTAsMCwwLCR7dG90YWxWaXNpYmxlVGltZX0sMCZ0ZnM9JHtmaXJzdFNlZW5UaW1lfSZ0bHM9JHtsYXN0U2VlblRpbWV9Jmc9JHttaW5WaXNpYmxlUGVyY2VudGFnZX0maD0ke21heFZpc2libGVQZXJjZW50YWdlfSZwdD0ke3BhZ2VMb2FkVGltZX0mdHQ9JHt0b3RhbFRpbWV9JnJwdD0ke25hdlRpbWluZyhuYXZpZ2F0aW9uU3RhcnQsbG9hZEV2ZW50U3RhcnQpfSZyc3Q9JHtuYXZUaW1pbmcobmF2aWdhdGlvblN0YXJ0KX0mcj1kZSZpc2Q9JHtpbml0aWFsU2Nyb2xsRGVwdGh9Jm1zZD0ke21heFNjcm9sbERlcHRofSZhdm1zPWFtcGFcIn0sXCJ0cmlnZ2Vyc1wiOiB7XCJlbmRPZlNlc3Npb25cIjoge1wib25cIjogXCJ2aXNpYmxlXCIsXCJyZXF1ZXN0XCI6W1wiYW1wZW9zMVwiXSxcInZpc2liaWxpdHlTcGVjXCI6IHtcInJlcG9ydFdoZW5cIjogXCJkb2N1bWVudEV4aXRcIixcInNlbGVjdG9yXCI6IFwiOnJvb3RcIixcInZpc2libGVQZXJjZW50YWdlTWluXCI6IDMwfX19fTwvc2NyaXB0PjwvYW1wLWFuYWx5dGljcz48YW1wLWFuYWx5dGljcyBjbGFzcz1cImktYW1waHRtbC1sYXlvdXQtZml4ZWQgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWRcIiBpLWFtcGh0bWwtbGF5b3V0PWZpeGVkIHN0eWxlPXdpZHRoOjFweDtoZWlnaHQ6MXB4OyB0cmlnZ2VyPWltbWVkaWF0ZT48c2NyaXB0IHR5cGU9YXBwbGljYXRpb24vanNvbj57XCJyZXF1ZXN0c1wiOiB7XCJwYWdldmlld1wiOiBcImh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc%2FYWk9Q3p6WnJnQU5tWmNqRk9zLUhxTXdQX1BtaTRBVDVnTWFiZElEMXBMYXBFcVhlaTZTU0RoQUJJUDJ2N2lkZ19hQ1pnZWdEb0FHdmxmLWJLc2dCQ2FrQzFNS2pzdkplc2o3Z0FnQ29Bd0hJQXdpcUJNRUNUOUQzWm5TZy15SWJhLWQ3S0Z4emZubzdjUHdIN05ObFB6dDB4czNCNnNpRnE4cmJTdncyOXNXaDI5RFU0Tl9LSVJxM0k3NHMzeEppSTdOeUJiX3d3ZEt0U0lLbkc2ZEZZYVVYRkxteGF2ZjFtbWpqaFlhM1ZsUGlUV21QLVhrWWd4SnhPSVNlVFN3M2pNZGN3UVRvX09Ccm14MUtaMEVjV1pRLWtvQWR5Qkl5RklkeElIYXA1cXNLLS1nSGl1NU5BVDVVS2VlVzN5LVY5OWktYk5Ba2ZSUk9ObW12Z2tlSFNVcW5uTHg4TlE2M1pSWEU5cWR5T1A1MmZzcURQRlVKRlVkdlljOFhReWRtWm5pQVFacWctSXRFaWJqQ1F3UFFLdXRrWXpTT2JFRmVmbWhKaUNZWktPZFl2eXZDLWp0alJHdU5QNUtGR0E4YWpwMHg4QWtIejhiUHFTbGlaT0hsejZNUVVhNFNwbmo3OUZSVk96QnVxTUV5QVFybDJDaXFXOGRWUnhGV1c4amJEYUhaX196cnpNUnVLNkwzOFNrVDByemQxVWV1LU9kMHdBUzQ5SWVneFFUZ0JBR0lCZkRwMUt0TmtnVUVDQVFZQVpJRkJBZ0ZHQVNnQmk2QUI2X056X3NFcUFmWnRyRUNxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSDFja2JxQWVtdmh2WUJ3RHlCd1VRXzdldUJOSUlGQWlBWVJBQkdCMHlBb29DT2dLQVFFaTlfY0U2bWdsRGFIUjBjSE02THk5a2FXZGhibVY0WVM1amIyMHZRMEV2TmpNMk1UazJNVFlfZEhKaFkydHBaRDAyT1RrME9ETTNORGttWTJsa1BUazRNQzAwT0RBdE56UXpNNEFLQWNnTEFhSU1HQ29XQ2hUa3RMRUM3cld4QXJXNHNRTGt0TEVDN3JXeEF0b01FQW9LRUlEWmdvVFpuZjNORVJJQ0FRUGlEUk1JLTdUVTFfM21nZ01WendPS0F4Mzh2QWhNMkJNTTBCVUJtQllCZ0JjQnNoY2VDaHdJQUJJVWNIVmlMVE01TnpBeU56YzFNelUxTWpnMk1UTVlsZUlmJnNpZ2g9Z19XM2V2YmRwQmcmdWFjaF9tPSU1QlVBQ0glNUQmYXNlPTImbmlzPUFUVFJJQlVUSU9OX1JFUE9SVElOR19TVEFUVVMmY2lkPUNBUVNUd0RJQ2FhTk0zV3N3V05NaWh1bHM2SnJUaTYxMW9Ra19DZ1dWa0Z5Uzk3U0d4Qzh0ak1ySlpvY1R0VlZBTWJZbzNTN1c1eFRDR0ZDV1ZuQWpZUWFqQ2gtY3dkVmRwYUktZF9haTZTTmpQWVlBUSZ0ZW1wbGF0ZV9pZD00MTkmY2J2cD0yXCJ9LFwidHJpZ2dlcnNcIjoge1wiZGVmYXVsdFBhZ2V2aWV3XCI6IHtcIm9uXCI6IFwiaW5pLWxvYWRcIixcInJlcXVlc3RcIjogXCJwYWdldmlld1wifX0sXCJ0cmFuc3BvcnRcIjoge1wiYXR0cmlidXRpb25zcmNcIjogXCJcIixcImJlYWNvblwiOiBmYWxzZSxcInhocnBvc3RcIjogZmFsc2UsXCJpbWFnZVwiOiB0cnVlfX08L3NjcmlwdD48L2FtcC1hbmFseXRpY3M%2BPGFtcC1hZC1leGl0IGNsYXNzPWktYW1waHRtbC1sYXlvdXQtY29udGFpbmVyIGktYW1waHRtbC1sYXlvdXQ9Y29udGFpbmVyIGlkPWV4aXQtYXBpPjxzY3JpcHQgdHlwZT1hcHBsaWNhdGlvbi9qc29uPntcImZpbHRlcnNcIjp7fSxcIm9wdGlvbnNcIjp7XCJzdGFydFRpbWluZ0V2ZW50XCI6XCJuYXZpZ2F0aW9uU3RhcnRcIn0sXCJ0YXJnZXRzXCI6e1wicmVkaXJlY3RVcmxcIjp7XCJiZWhhdmlvcnNcIjp7XCJicm93c2VyQWRDb252ZXJzaW9uXCI6e1wiYXR0cmlidXRpb25zcmNcIjpcIlwiLFwiYXR0cmlidXRpb25kZXN0aW5hdGlvblwiOlwiXCIsXCJhdHRyaWJ1dGlvbmV4cGlyeVwiOlwiXCIsXCJhdHRyaWJ1dGlvbnJlcG9ydHRvXCI6XCJcIixcImF0dHJpYnV0aW9uc291cmNlZXZlbnRpZFwiOlwiXCJ9LFwiY2xpY2tUYXJnZXRcIjpcIlwifSxcImZpbHRlcnNcIjpbXSxcImZpbmFsVXJsXCI6XCJodHRwczovL2FkY2xpY2suZy5kb3VibGVjbGljay5uZXQvYWNsaz9zYT1sXFx1MDAyNmFpPUMzdjJTZ0FObVpjakZPcy1IcU13UF9QbWk0QVQ1Z01hYmRJRDFwTGFwRXFYZWk2U1NEaEFCSVAydjdpZGdfYUNaZ2VnRG9BR3ZsZi1iS3NnQkNha0MxTUtqc3ZKZXNqN2dBZ0NvQXdISUF3aXFCTVFDVDlEM1puU2cteUliYS1kN0tGeHpmbm83Y1B3SDdOTmxQenQweHMzQjZzaUZxOHJiU3Z3MjlzV2gyOURVNE5fS0lScTNJNzRzM3hKaUk3TnlCYl93d2RLdFNJS25HNmRGWWFVWEZMbXhhdmYxbW1qamhZYTNWbFBpVFdtUC1Ya1lneEp4T0lTZVRTdzNqTWRjd1FUb19PQnJteDFLWjBFY1daUS1rb0FkeUJJeUZJZHhJSGFwNXFzSy0tZ0hpdTVOQVQ1VUtlZVczeS1WOTlpLWJOQWtmUlJPTm1tdmdrZUhTVXFubkx4OE5RNjNaUlhFOXFkeU9QNTJmc3FEUEZVSkZVZHZZYzhYUXlkbVpuaUFRWnFnLUl0RWliakNRd1BRS3V0a1l6U09iRUZlZm1oSmlDWVpLT2RZdnl2Qy1qdGpSR3VOUDVLRkdBOGFqcDB4OEFrSHo4YlBxU2xpWk9IbHo2TVFVYTRTcG5qNzlGUlZPekJ1cU1FeUFVam4tYnBzcFFVanY5TmRnQnl1MVYyOTJfWkR4dXAya2xnN2hQSGxIcEx4ellOMUlwR01RQ2Jad0FTNDlJZWd4UVRnQkFHSUJmRHAxS3ROb0FZdWdBZXZ6Y183QktnSDJiYXhBcWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29CNE90c1FLb0JfLWVzUUtvQjktZnNRS29COHFwc1FLb0ItdWxzUUxZQndEU0NCUUlnR0VRQVJnZE1nS0tBam9DZ0VCSXZmM0JPckVKQXl3Z1FGaGhjX0tBQ2dHWUN3SElDd0dBREFHaURCZ3FGZ29VNUxTeEF1NjFzUUsxdUxFQzVMU3hBdTYxc1FMYURCQUtDaENBMllLRTJaMzl6UkVTQWdFRHFnMENRMEhJRFFIaURSTUktN1RVMV8zbWdnTVZ6d09LQXgzOHZBaE0yQk1NMEJVQm1CWUItQllCZ0JjQlxcdTAwMjZhZT0xXFx1MDAyNmFzZT0yXFx1MDAyNmdjbGlkPUVBSWFJUW9iQ2hNSXlJWGExXzNtZ2dNVnp3T0tBeDM4dkFoTUVBRVlBU0FBRWdLWENmRF9Cd0VcXHUwMDI2bnVtPTFcXHUwMDI2Y2lkPUNBUVNUd0RJQ2FhTk0zV3N3V05NaWh1bHM2SnJUaTYxMW9Ra19DZ1dWa0Z5Uzk3U0d4Qzh0ak1ySlpvY1R0VlZBTWJZbzNTN1c1eFRDR0ZDV1ZuQWpZUWFqQ2gtY3dkVmRwYUktZF9haTZTTmpQWVlBUVxcdTAwMjZzaWc9QU9ENjRfMEJxcTBmbVNVbzJ2STVST1J1bkk2Tmk1NEdEd1xcdTAwMjZjbGllbnQ9Y2EtcHViLTM5NzAyNzc1MzU1Mjg2MTNcXHUwMDI2cmY9NlxcdTAwMjZueD1DTElDS19YXF&i=10-12&t=adltag_lpih9czz_W9obowm8wS&r=539d526d4c7c66f8610298b3ad7676f&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 15:13:06 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24009
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
QuN2CXmMVRbv4AEcFndNG86VHhLdAAhwnpMr6ViDztm4zDl_uLnT8g==
tag
setupad-hai-tagan.adlightning.com/ 		0
417 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=x1MDAyNm55PUNMSUNLX1lcXHUwMDI2dWFwPVVBQ0gocGxhdGZvcm0pXFx1MDAyNnVhcHY9VUFDSChwbGF0Zm9ybVZlcnNpb24pXFx1MDAyNnVhYT1VQUNIKGFyY2hpdGVjdHVyZSlcXHUwMDI2dWFtPVVBQ0gobW9kZWwpXFx1MDAyNnVhZnY9VUFDSCh1YUZ1bGxWZXJzaW9uKVxcdTAwMjZ1YWI9VUFDSChiaXRuZXNzKVxcdTAwMjZ1YXc9VUFDSCh3b3c2NClcXHUwMDI2dWFmdmw9VUFDSChmdWxsVmVyc2lvbkxpc3QpXFx1MDAyNm5pcz1BVFRSSUJVVElPTl9SRVBPUlRJTkdfU1RBVFVTXFx1MDAyNmFkdXJsPWh0dHBzOi8vZGlnYW5leGEuY29tL0NBLzYzNjE5NjE2JTNGdHJhY2tpZCUzRDY5OTQ4Mzc0OSUyNmNpZCUzRDk4MC00ODAtNzQzMyUyNnBsYWNlbWVudCUzRGdsLm1vZHNmb3JhbmRyb2lkLmNvbSUyNnRhcmdldCUzRHNlZ21lbnRfYmVfYV85MDE5NTY2NjkzMjkwOTE0MDQyJTI2Y2FtcGFpZ25pZCUzRDIwNzYxMDk3NDU2JTI2Z2NsaWQlM0RFQUlhSVFvYkNoTUl5SVhhMV8zbWdnTVZ6d09LQXgzOHZBaE1FQUVZQVNBQUVnS1hDZkRfQndFXCIsXCJ0cmFja2luZ1VybHNcIjpbXSxcInZhcnNcIjp7fX19fTwvc2NyaXB0PjwvYW1wLWFkLWV4aXQ%2BPGRpdiBpZD1nb29nbGVfdXBsb2FkZWRfYTRhPjxkaXYgY2xhc3M9YTRhLWRvY3VtZW50LWJvZHkgaWQ9eC1hNGEtZm9ybWVyLWJvZHkgb249XCJ0YXA6ZXhpdC1hcGkuZXhpdCh0YXJnZXQ9cmVkaXJlY3RVcmwpXCIgcm9sZT1saW5rIHN0eWxlIHRhYmluZGV4PTA%2BICA8ZGl2IGlkPWE0YS1iYW5uZXJ3aXNlPjxkaXYgY2xhc3M9XCJhNGEtYm9yZGVyIGE0YS1ib3JkZXItdG9wXCIgc3R5bGU9XCJoZWlnaHQ6IDFweDsgYmFja2dyb3VuZC1jb2xvcjogI2Q0ZDRkNFwiPjwvZGl2PiA8ZGl2IGNsYXNzPVwiYTRhLWJvcmRlciBhNGEtYm9yZGVyLWxlZnRcIiBzdHlsZT1cIndpZHRoOiAxcHg7IGJhY2tncm91bmQtY29sb3I6ICNkNGQ0ZDRcIj48L2Rpdj4gPGRpdiBjbGFzcz1cImE0YS1ib3JkZXIgYTRhLWJvcmRlci1ib3R0b21cIiBzdHlsZT1cImhlaWdodDogMXB4OyBiYWNrZ3JvdW5kLWNvbG9yOiAjZDRkNGQ0XCI%2BPC9kaXY%2BIDxkaXYgY2xhc3M9XCJhNGEtYm9yZGVyIGE0YS1ib3JkZXItcmlnaHRcIiBzdHlsZT1cIndpZHRoOiAxcHg7IGJhY2tncm91bmQtY29sb3I6ICNkNGQ0ZDRcIj48L2Rpdj48ZGl2IGNsYXNzPVwiYTRhLWItZWxlbWVudCBhNGEtYndfeGwyNmhiZm5wIGE0YS1iLWVsZW1lbnQtYW1wXCIgaWQ9YTRhLWUwIHN0eWxlPVwid2lkdGg6IDMyOHB4OyBoZWlnaHQ6IDE0OXB4OyB6LWluZGV4OiAyOyBvdmVyZmxvdzogdmlzaWJsZVwiPjxkaXYgY2xhc3M9YTRhLWItZWxlbWVudC10ZXh0IHN0eWxlPVwib3BhY2l0eTogMTsgei1pbmRleDogMjsgYm9yZGVyLXN0eWxlOiBzb2xpZDsgYm9yZGVyLXdpZHRoOiAwcHg7IGJvcmRlci1yYWRpdXM6IDBweDsgYm9yZGVyLWNvbG9yOiB0cmFuc3BhcmVudDsgcGFkZGluZzogMHB4OyBmb250LWZhbWlseTogJiMzNDtOb3RvIFNhbnMmIzM0OzsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXNpemU6IDE5cHg7IGNvbG9yOiAjODQ4NTg3OyB0ZXh0LWFsaWduOiBsZWZ0OyBqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgZm9udC13ZWlnaHQ6IDQwMDsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgbGluZS1oZWlnaHQ6IDIuMTsgbGV0dGVyLXNwYWNpbmc6IDBweDsgYmFja2dyb3VuZC1jb2xvcjogdHJhbnNwYXJlbnQ7IGJhY2tncm91bmQtc2l6ZTogY29udGFpbjsgdGV4dC1zaGFkb3c6IG5vbmU7IHdpZHRoOiAxMDAlOyBoZWlnaHQ6IDEwMCVcIj48ZGl2IGNsYXNzPWE0YS1iLWVsZW1lbnQtdGFibGUgc3R5bGU9XCJ3aWR0aDogMTAwJTsgaGVpZ2h0OiAxMDAlXCI%2BPGRpdiBjbGFzcz1hNGEtYi1lbGVtZW50LWNlbGwgc3R5bGU9XCJ2ZXJ0aWNhbC1hbGlnbjogbWlkZGxlXCI%2BMS4gQ2xpY2sgb24gJiMzNDtTdGFydCBIZXJlJiMzNDs8YnI%2BMi4gQWN0aXZhdGUgeW91ciBhY2NvdW50PGJyPjMuIEFjY2VzcyB5b3VyIGNvbnRlbnQ8L2Rpdj48L2Rpdj48L2Rpdj48L2Rpdj48ZGl2IGNsYXNzPVwiYTRhLWItZWxlbWVudCBhNGEtYndfbTh4Z2lvdzlxIGE0YS1iLWVsZW1lbnQtYW1wXCIgaWQ9YTRhLWUxIHN0eWxlPVwid2lkdGg6IDIxMXB4OyBoZWlnaHQ6IDg5cHg7IHotaW5kZXg6IDM7IG92ZXJmbG93OiB2aXNpYmxlXCI%2BPGRpdiBjbGFzcz1hNGEtYi1lbGVtZW50LXRleHQgc3R5bGU9XCJvcGFjaXR5OiAxOyB6LWluZGV4OiAzOyBib3JkZXItc3R5bGU6IHNvbGlkOyBib3JkZXItd2lkdGg6IDBweDsgYm9yZGVyLXJhZGl1czogMHB4OyBib3JkZXItY29sb3I6IHRyYW5zcGFyZW50OyBwYWRkaW5nOiAwcHg7IHRleHQtc2hhZG93OiBub25lOyBiYWNrZ3JvdW5kLXNpemU6IGNvbnRhaW47IGJhY2tncm91bmQtY29sb3I6IHRyYW5zcGFyZW50OyBsZXR0ZXItc3BhY2luZzogMHB4OyBsaW5lLWhlaWdodDogMS42OyB3aGl0ZS1zcGFjZTogbm9ybWFsOyBmb250LXdlaWdodDogNDAwOyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjsgdGV4dC1hbGlnbjogcmlnaHQ7IGNvbG9yOiAjYWRhZGFkOyBmb250LXNpemU6IDE5cHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC1mYW1pbHk6ICYjMzQ7Tm90byBTYW5zJiMzNDs7IHdpZHRoOiAxMDAlOyBoZWlnaHQ6IDEwMCVcIj48ZGl2IGNsYXNzPWE0YS1iLWVsZW1lbnQtdGFibGUgc3R5bGU9XCJ3aWR0aDogMTAwJTsgaGVpZ2h0OiAxMDAlXCI%2BPGRpdiBjbGFzcz1hNGEtYi1lbGVtZW50LWNlbGwgc3R5bGU9XCJ2ZXJ0aWNhbC1hbGlnbjogbWlkZGxlXCI%2BTW92aWVzLMKgTXVzaWMsPGJyPkdhbWVzLMKgQXVkaW9ib29rczwvZGl2PjwvZGl2PjwvZGl2PjwvZGl2PjxkaXYgY2xhc3M9XCJhNGEtYi1lbGVtZW50IGE0YS1id190Nm9ka3RmdGlcIiBpZD1hNGEtZTI%2BPGRpdiBjbGFzcz1hNGEtYi1lbGVtZW50LWltYWdlIHN0eWxlPVwidG9wOiAwcHg7IGxlZnQ6IDBweDsgd2lkdGg6IDI5NHB4OyBoZWlnaHQ6IDE2OXB4XCI%2BPGFtcC1pbWcgaGVpZ2h0PTE2OXB4IGktYW1waHRtbC1zc3IgbGF5b3V0PWludHJpbnNpYyBzcmM9aHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3NhZGJ1bmRsZS85NzYzNjcwODg1ODYzMDMxNjI1LzY1MTU4MDI3YjAyMzlkMDAxMWViNTRiYi5wbmcgc3R5bGU9XCJ3aWR0aDogMjk0cHg7IGhlaWdodDogMTY5cHhcIiB3aWR0aD0yOTRweD48aW1nIGNsYXNzPVwiaS1hbXBodG1sLWZpbGwtY29udGVudCBpLWFtcGh0bWwtcmVwbGFjZWQtY29udGVudFwiIGRlY29kaW5nPWFzeW5jIHNyYz1odHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vc2FkYnVuZGxlLzk3NjM2NzA4ODU4NjMwMzE2MjUvNjUxNTgwMjdiMDIzOWQwMDExZWI1NGJiLnBuZz48L2FtcC1pbWc%2BPC9kaXY%2BPC9kaXY%2BPGRpdiBjbGFzcz1cImE0YS1iLWVsZW1lbnQgYTRhLWJ3X3pxM2ZtNGlhN1wiIGlkPWE0YS1lMz48ZGl2IGNsYXNzPWE0YS1iLWVsZW1lbnQtaW1hZ2Ugc3R5bGU9XCJ0b3A6IDBweDsgbGVmdDogMHB4OyB3aWR0aDogMTE0cHg7IGhlaWdodDogMzJweFwiPjxhbXAtaW1nIGhlaWdodD0zMnB4IGktYW1waHRtbC1zc3IgbGF5b3V0PWludHJpbnNpYyBzcmM9aHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3NhZGJ1bmRsZS85NzYzNjcwODg1ODYzMDMxNjI1LzY1MTU4MDI3YjAyMzlkMDAxMWViNTRiYy5wbmcgc3R5bGU9XCJ3aWR0aDogMTE0cHg7IGhlaWdodDogMzJweFwiIHdpZHRoPTExNHB4PjxpbWcgY2xhc3M9XCJpLWFtcGh0bWwtZmlsbC1jb250ZW50IGktYW1waHRtbC1yZXBsYWNlZC1jb250ZW50XCIgZGVjb2Rpbmc9YXN5bmMgc3JjPWh0dHBzOi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9zYWRidW5kbGUvOTc2MzY3MDg4NTg2MzAzMTYyNS82NTE1ODAyN2IwMjM5ZDAwMTFlYjU0YmMucG5nPjwvYW1wLWltZz48L2Rpdj48L2Rpdj48ZGl2IGNsYXNzPVwiYTRhLWItZWxlbWVudCBhNGEtYndfeG9lN2dnN2N4IGE0YS1iLWVsZW1lbnQtYW1wXCIgaWQ9YTRhLWU0IHN0eWxlPVwid2lkdGg6IDI5NHB4OyBoZWlnaHQ6IDE2OXB4OyB6LWluZGV4OiA1OyBvdmVyZmxvdzogdmlzaWJsZVwiPjxkaXYgY2xhc3M9YTRhLWItZWxlbWVudC10ZXh0IHN0eWxlPVwib3BhY2l0eTogMTsgei1pbmRleDogNTsgYm9yZGVyLXN0eWxlOiBzb2xpZDsgYm9yZGVyLXdpZHRoOiAwcHg7IGJvcmRlci1yYWRpdXM6IDBweDsgYm9yZGVyLWNvbG9yOiB0cmFuc3BhcmVudDsgcGFkZGluZzogMHB4OyBmb250LWZhbWlseTogJiMzNDtOb3RvIFNhbnMmIzM0OzsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXNpemU6IDQ4cHg7IGNvbG9yOiAjZmZmZmZmOyB0ZXh0LWFsaWduOiBjZW50ZXI7IGp1c3RpZnktY29udGVudDogY2VudGVyOyB0ZXh0LWRlY29yYXRpb246IG5vbmU7IHRleHQtdHJhbnNmb3JtOiBjYXBpdGFsaXplOyBmb250LXdlaWdodDogNzAwOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyBsaW5lLWhlaWdodDogMS4yOyBsZXR0ZXItc3BhY2luZzogMHB4OyBiYWNrZ3JvdW5kLWNvbG9yOiB0cmFuc3BhcmVudDsgYmFja2dyb3VuZC1zaXplOiBjb250YWluOyB0ZXh0LXNoYWRvdzogbm9uZTsgd2lkdGg6IDEwMCU7IGhlaWdodDogMTAwJVwiPjxkaXYgY2xhc3M9YTRhLWItZWxlbWVudC10YWJsZSBzdHlsZT1cIndpZHRoOiAxMDAlOyBoZWlnaHQ6IDEwMCVcIj48ZGl2IGNsYXNzPWE0YS1iLWVsZW1lbnQtY2VsbCBzdHlsZT1cInZlcnRpY2FsLWFsaWduOiBtaWRkbGVcIj5TdGFydCBIZXJlPC9kaXY%2BPC9kaXY%2BPC9kaXY%2BPC9kaXY%2BPC9kaXY%2BPGFtcC1nd2QtYW5pbWF0aW9uIGNsYXNzPWktYW1waHRtbC1sYXlvdXQtbm9kaXNwbGF5IGhpZGRlbj1oaWRkZW4gaS1hbXBodG1sLWxheW91dD1ub2Rpc3BsYXkgbGF5b3V0PW5vZGlzcGxheSB0aW1lbGluZS1ldmVudC1wcmVmaXg9dGxfPjwvYW1wLWd3ZC1hbmltYXRpb24%2BPC9kaXY%2BPC9kaXY%2BPHN0eWxlIGFtcC1rZXlmcmFtZXM%2BQGtleWZyYW1lcyBid181c2c0cmE5b3ggeyAwJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoMzg2cHgsIDUxcHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgYW5pbWF0aW9uLXRpbWluZy1mdW5jdGlvbjogbGluZWFyOyB9IDAlIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCgzODZweCwgNTFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyB9IDAuMDAwMDElIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCgzODZweCwgNTFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAxOyBhbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMTAwJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoMzg2cHgsIDUxcHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMTsgfX1cbkAtd2Via2l0LWtleWZyYW1lcyBid181c2c0cmE5b3ggeyAwJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCgzODZweCwgNTFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyAtd2Via2l0LWFuaW1hdGlvbi10aW1pbmctZnVuY3Rpb246IGxpbmVhcjsgfSAwJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCgzODZweCwgNTFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyB9IDAuMDAwMDElIHsgLXdlYmtpdC10cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDM4NnB4LCA1MXB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDE7IC13ZWJraXQtYW5pbWF0aW9uLXRpbWluZy1mdW5jdGlvbjogbGluZWFyOyB9IDEwMCUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoMzg2cHgsIDUxcHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2&i=11-12&t=adltag_lpih9czz_W9obowm8wS&r=539d526d4c7c66f8610298b3ad7676f&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24009
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
ii0ihYh5iFwb27c7pAUZ8YFnF7IEdyyqQIAO4hffItZnRra24LQwFA==
tag
setupad-hai-tagan.adlightning.com/ 		0
417 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=l0eTogMTsgfX1cbkBrZXlmcmFtZXMgYndfa292NGdleGRqIHsgMCUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDc0NHB4LCAxMDVweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyBhbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMCUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDc0NHB4LCAxMDVweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyB9IDAuMDAwMDElIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg3NDRweCwgMTA1cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMTsgYW5pbWF0aW9uLXRpbWluZy1mdW5jdGlvbjogbGluZWFyOyB9IDEwMCUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDc0NHB4LCAxMDVweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAxOyB9fVxuQC13ZWJraXQta2V5ZnJhbWVzIGJ3X2tvdjRnZXhkaiB7IDAlIHsgLXdlYmtpdC10cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDc0NHB4LCAxMDVweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyAtd2Via2l0LWFuaW1hdGlvbi10aW1pbmctZnVuY3Rpb246IGxpbmVhcjsgfSAwJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg3NDRweCwgMTA1cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgfSAwLjAwMDAxJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg3NDRweCwgMTA1cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMTsgLXdlYmtpdC1hbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMTAwJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg3NDRweCwgMTA1cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMTsgfX1cbkBrZXlmcmFtZXMgYndfazh1bW9tc240IHsgMCUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDQ3cHgsIDQxcHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgYW5pbWF0aW9uLXRpbWluZy1mdW5jdGlvbjogbGluZWFyOyB9IDAlIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg0N3B4LCA0MXB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDA7IH0gMC4wMDAwMSUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDQ3cHgsIDQxcHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMTsgYW5pbWF0aW9uLXRpbWluZy1mdW5jdGlvbjogbGluZWFyOyB9IDEwMCUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDQ3cHgsIDQxcHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMTsgfX1cbkAtd2Via2l0LWtleWZyYW1lcyBid19rOHVtb21zbjQgeyAwJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg0N3B4LCA0MXB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDA7IC13ZWJraXQtYW5pbWF0aW9uLXRpbWluZy1mdW5jdGlvbjogbGluZWFyOyB9IDAlIHsgLXdlYmtpdC10cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDQ3cHgsIDQxcHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgfSAwLjAwMDAxJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg0N3B4LCA0MXB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDE7IC13ZWJraXQtYW5pbWF0aW9uLXRpbWluZy1mdW5jdGlvbjogbGluZWFyOyB9IDEwMCUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNDdweCwgNDFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAxOyB9fVxuQGtleWZyYW1lcyBid19hM3A4bXo0ZnogeyAwJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoODQxcHgsIDcycHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgYW5pbWF0aW9uLXRpbWluZy1mdW5jdGlvbjogbGluZWFyOyB9IDAlIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg4NDFweCwgNzJweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyB9IDAuMDAwMDElIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg4NDFweCwgNzJweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwLjM7IGFuaW1hdGlvbi10aW1pbmctZnVuY3Rpb246IGxpbmVhcjsgfSAxMDAlIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg4NDFweCwgNzJweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwLjM7IH19XG5ALXdlYmtpdC1rZXlmcmFtZXMgYndfYTNwOG16NGZ6IHsgMCUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoODQxcHgsIDcycHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgLXdlYmtpdC1hbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMCUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoODQxcHgsIDcycHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgfSAwLjAwMDAxJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg4NDFweCwgNzJweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwLjM7IC13ZWJraXQtYW5pbWF0aW9uLXRpbWluZy1mdW5jdGlvbjogbGluZWFyOyB9IDEwMCUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoODQxcHgsIDcycHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMC4zOyB9fVxuQGtleWZyYW1lcyBid185ZjNxMm4ybGMgeyAwJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNDdweCwgNDFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyBhbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMCUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDQ3cHgsIDQxcHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgfSAwLjAwMDAxJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNDdweCwgNDFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAxOyBhbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMTAwJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNDdweCwgNDFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAxOyB9fVxuQC13ZWJraXQta2V5ZnJhbWVzIGJ3XzlmM3EybjJsYyB7IDAlIHsgLXdlYmtpdC10cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDQ3cHgsIDQxcHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgLXdlYmtpdC1hbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMCUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNDdweCwgNDFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyB9IDAuMDAwMDElIHsgLXdlYmtpdC10cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDQ3cHgsIDQxcHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMTsgLXdlYmtpdC1hbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMTAwJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg0N3B4LCA0MXB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDE7IH19PC9zdHlsZT48L2JvZHk%2BPC9odG1sPiIsIm1ldGhvZEJsb2NrZWQiOiJpbml0aWFsREZQLXdyaXRlIn0sImJsb2NrZWQiOnRydWUsImNhbGxTdGFjayI6IkVycm9yXG4gICAgYXQgT1cgKGh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL3NldHVwYWQtaGFpL2ItOTM1ZTJmMS1kM2RmODg4MS5qczoxOjMwMzIyKVxuICAgIGF0IE9DIChodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9zZXR1cGFkLWhhaS9iLTkzNWUyZjEtZDNkZjg4ODEuanM6MTozOTc0NClcbiAgICBhdCBIVE1MRG9jdW1lbnQuPGFub255bW91cz4gKGh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL3NldHVwYWQtaGFpL2ItOTM1ZTJmMS1kM2RmODg4MS5qczoxOjQyNjc5KVxuICAgIGF0IGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9tYW5hZ2VkL2pzL2dwdC9tMjAyMzExMTQwMTAxL3B1YmFkc19pbXBsLmpzP2NiPTMxMDc5Njk1OjEwOjM4NTcxNVxuICAgIGF0IGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9tYW5hZ2VkL2pzL2dwdC9tMjAyMzExMTQwMTAxL3B1YmFkc19pbXBsLmpzP2NiPTMxMDc5Njk1OjEwOjM4OTI4XG4gICAgYXQgSWggKGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9tYW5hZ2VkL2pzL2dwdC9tMjAyMzExMTQwMTAxL3B1YmFkc19pbXBsLmpzP2NiPTMxMDc5Njk1OjEwOjM5MTQzKVxuICAgIGF0IFhOLmwgKGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9tYW5hZ2VkL2pzL2dwdC9tMjAyMzExMTQwMTAxL3B1YmFkc19pbXBsLmpzP2NiPTMxMDc5Njk1OjEwOjM4NTMwMylcbiAgICBhdCBDTS5yZW5kZXIgKGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9tYW5hZ2VkL2pzL2dwdC9tMjAyMzExMTQwMTAxL3B1YmFkc19pbXBsLmpzP2NiPTMxMDc5Njk1OjEwOjM0ODI2MClcbiAgICBhdCBkdC5qIChodHRwczovL3NlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvbWFuYWdlZC9qcy9ncHQvbTIwMjMxMTE0MDEwMS9wdWJhZHNfaW1wbC5qcz9jYj0zMTA3OTY5NToxMDozODcxMzEpXG4gICAgYXQgR3UubyAoaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL21hbmFnZWQvanMvZ3B0L20yMDIzMTExNDAxMDEvcHViYWRzX2ltcGwuanM%2FY2I9MzEwNzk2OTU6MTA6MjIxNzkwKSJ9&i=12-12&t=adltag_lpih9czz_W9obowm8wS&r=539d526d4c7c66f8610298b3ad7676f&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24009
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
z1RplZ2TSVuqHcN8-X3MYSVmO_2uLaJcGianrDnJJ56A_9t9cfQg0w==
node.php
node.setupad.com/node/ 		0
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:06 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
b-935e2f1-d3df8881.js
tagan.adlightning.com/setupad-hai/ Frame 444A 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 12:19:01 GMT
content-encoding
gzip
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
x-amz-version-id
ewraV.NlWrAuI1ITNHYKI6qCHBKA8Mbc
x-amz-cf-pop
IAD89-P1
age
1220046
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27316
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:26:13 GMT
server
AmazonS3
etag
"64ca92e55d25ac355c394baedd21198b"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
juaPwFR6BZfkktRIP7SyZ07qwMkEEjMcUR6CXpOQQEwjI23DPVCQQQ==
container.html
bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA53 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gl.modsforandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 15:13:06 GMT
expires
Wed, 27 Nov 2024 15:13:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9C5D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gl.modsforandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 15:13:06 GMT
expires
Wed, 27 Nov 2024 15:13:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tag
setupad-hai-tagan.adlightning.com/ 		0
419 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=eyJzaXRlSWQiOiJzZXR1cGFkLWhhaSIsInVybCI6Imh0dHBzOi8vZ2wubW9kc2ZvcmFuZHJvaWQuY29tL2VuL2FwcC8xNjQxNDg2NTU4L3RlbXUtc2hvcC1saWtlLWEtYmlsbGlvbmFpcmUjZ29vZ2xlX3ZpZ25ldHRlIiwiYWRVbml0IjoiLzE0NzI0NjE4OSwyMjM4NDM0NjUzMy9tb2RzZm9yYW5kcm9pZC5jb21fMzAweDI1MF9kb3VibGVfYmFubmVyX2Rlc2t0b3BfMV9sZWZ0XzAiLCJhZFNlcnZlckRldGFpbHMiOnsiYWR2ZXJ0aXNlcklkIjoiNDY2NzQ3MzgwNSIsImNhbXBhaWduSWQiOiIzMjUxMjEwMzI2IiwiY3JlYXRpdmVJZCI6IjEzODQ0Nzc4OTE2NSIsImxpbmVpdGVtSWQiOiI2Mzg5MDE1MjI1IiwiYWRTZXJ2ZXIiOiJkZnAifSwid2lkdGgiOjMwMCwiaGVpZ2h0IjoyNTAsInd2IjoiMS4wLjArOTM1ZTJmMSIsImJ2IjoiYmwtY2YxNzA2ZC00YmEwNmE2YztiLTkzNWUyZjEtZDNkZjg4ODEiLCJtZXRhIjp7ImJsb2NrZWRJbmZvIjp7InJlZnJlc2hlZENvdW50IjoxLCJibG9ja2VkQ291bnQiOjEsImhlYXZ5QWRCbG9ja2VkQ291bnQiOjAsImhlYXZ5QWRSZWZyZXNoZWRDb3VudCI6MH0sImFkUmVzb3VyY2VzIjp7ImFkSWZyYW1lcyI6WyJodHRwczovL3MuYW1hem9uLWFkc3lzdGVtLmNvbS9pdTM%2FY20zcHBkPTEmZD1kdGItcHViJmNzaWY9dCZnZHByPTAmZGw9bi1Mb29wTWVfcnhfbi1CZWVzd2F4X294LWRiNV9zbXJ0X2Nudl9uLXNoYXJldGhyb3VnaF9uLW9uZXRhZ19wbS1kYjVfbi1zaW1wbGkuZmlfeW1fbi12bWdfbi1iYWlkdV8zbGlmdF9uLU91dGJyYWluIl0sImFkSW1hZ2VzIjpbIjxpbWcgc3JjPVwiaHR0cHM6Ly9pczItc3NsLm16c3RhdGljLmNvbS9pbWFnZS90aHVtYi9QdXJwbGUxMTIvdjQvNjEvZmMvZTEvNjFmY2UxZDktMWI1Zi1jMTUwLTI3ZTAtNTA0YmRkNDIyMzRiL0FwcEljb24tMXhfVTAwN2VtYXJrZXRpbmctMC03LTAtMC1QMy04NS0yMjAucG5nLzIwMHgyMDBiYi5qcGdcIiBhbHQ9XCJUZW11OiBUZWFtIFVwLCBQcmljZSBEb3duIGFwa1wiIHN0eWxlPVwicGFkZGluZzogNXB4O2JhY2tncm91bmQ6ICNmN2Y3Zjc7Ym9yZGVyLXJhZGl1czogMTBweDtcIiBoZWlnaHQ9XCIxMDBweFwiIHdpZHRoPVwiMTAwcHhcIj4iLCI8aW1nIGRhdGEtc3JjPVwiaHR0cHM6Ly9pczEtc3NsLm16c3RhdGljLmNvbS9pbWFnZS90aHVtYi9QdXJwbGUxMTQvdjQvZWQvNDYvYWYvZWQ0NmFmNzAtMGRhNy01NDliLWYxYWUtYTg3MmU5NmY3OGFjL3NvdXJjZS8xNTB4MTUwYmIuanBnXCIgc3JjPVwiaHR0cHM6Ly9nbC5tb2RzZm9yYW5kcm9pZC5jb20vcHVibGljL2ltYWdlcy9sb2FkaW5nLnN2Z1wiIGFsdD1cIkFtYXpvbiBTaG9wcGluZ1wiIHN0eWxlPVwicGFkZGluZzogNXB4O2JhY2tncm91bmQ6ICNmN2Y3Zjc7Ym9yZGVyLXJhZGl1czogMTBweDtcIiBoZWlnaHQ9XCIxMDBweFwiIHdpZHRoPVwiMTAwcHhcIj4iLCI8aW1nIGRhdGEtc3JjPVwiaHR0cHM6Ly9pczEtc3NsLm16c3RhdGljLmNvbS9pbWFnZS90aHVtYi9QdXJwbGUxMTQvdjQvOWQvYzcvODAvOWRjNzgwZWQtMDQ5Yi0wMTlhLTFjY2UtNWY5ZWEyNGU3NDQzL3NvdXJjZS8xNTB4MTUwYmIuanBnXCIgc3JjPVwiaHR0cHM6Ly9nbC5tb2RzZm9yYW5kcm9pZC5jb20vcHVibGljL2ltYWdlcy9sb2FkaW5nLnN2Z1wiIGFsdD1cImVCYXlcIiBzdHlsZT1cInBhZGRpbmc6IDVweDtiYWNrZ3JvdW5kOiAjZjdmN2Y3O2JvcmRlci1yYWRpdXM6IDEwcHg7XCIgaGVpZ2h0PVwiMTAwcHhcIiB3aWR0aD1cIjEwMHB4XCI%2BIiwiPGltZyBkYXRhLXNyYz1cImh0dHBzOi8vaXMyLXNzbC5tenN0YXRpYy5jb20vaW1hZ2UvdGh1bWIvUHVycGxlMTI0L3Y0LzAyL2VhLzQyLzAyZWE0MjEzLTM1N2QtOTM0YS05NDMxLTk3ZGQwNTExNDIzZS9zb3VyY2UvMTUweDE1MGJiLmpwZ1wiIHNyYz1cImh0dHBzOi8vZ2wubW9kc2ZvcmFuZHJvaWQuY29tL3B1YmxpYy9pbWFnZXMvbG9hZGluZy5zdmdcIiBhbHQ9XCJUYXJnZXRcIiBzdHlsZT1cInBhZGRpbmc6IDVweDtiYWNrZ3JvdW5kOiAjZjdmN2Y3O2JvcmRlci1yYWRpdXM6IDEwcHg7XCIgaGVpZ2h0PVwiMTAwcHhcIiB3aWR0aD1cIjEwMHB4XCI%2BIiwiPGltZyBkYXRhLXNyYz1cImh0dHBzOi8vaXM1LXNzbC5tenN0YXRpYy5jb20vaW1hZ2UvdGh1bWIvUHVycGxlMTE0L3Y0Lzk0L2UwLzMxLzk0ZTAzMTI2LTYwMDgtN2Y5MC1lYWQ5LWZiOTBjNzYxOGExZS9zb3VyY2UvMTUweDE1MGJiLmpwZ1wiIHNyYz1cImh0dHBzOi8vZ2wubW9kc2ZvcmFuZHJvaWQuY29tL3B1YmxpYy9pbWFnZXMvbG9hZGluZy5zdmdcIiBhbHQ9XCJXaXNoIC0gU2hvcHBpbmcgTWFkZSBGdW5cIiBzdHlsZT1cInBhZGRpbmc6IDVweDtiYWNrZ3JvdW5kOiAjZjdmN2Y3O2JvcmRlci1yYWRpdXM6IDEwcHg7XCIgaGVpZ2h0PVwiMTAwcHhcIiB3aWR0aD1cIjEwMHB4XCI%2BIiwiPGltZyBkYXRhLXNyYz1cImh0dHBzOi8vaXM0LXNzbC5tenN0YXRpYy5jb20vaW1hZ2UvdGh1bWIvUHVycGxlMTE0L3Y0LzE4LzJmLzk4LzE4MmY5ODQ2LTAwNjctNGExYS1hZjRkLTBjNWQ5YmI3ZTA3MS9zb3VyY2UvMTUweDE1MGJiLmpwZ1wiIHNyYz1cImh0dHBzOi8vZ2wubW9kc2ZvcmFuZHJvaWQuY29tL3B1YmxpYy9pbWFnZXMvbG9hZGluZy5zdmdcIiBhbHQ9XCJXYWxtYXJ0IC0gc2hvcHBpbmcgJmFtcDsgZ3JvY2VyeVwiIHN0eWxlPVwicGFkZGluZzogNXB4O2JhY2tncm91bmQ6ICNmN2Y3Zjc7Ym9yZGVyLXJhZGl1czogMTBweDtcIiBoZWlnaHQ9XCIxMDBweFwiIHdpZHRoPVwiMTAwcHhcIj4iLCI8aW1nIGRhdGEtc3JjPVwiaHR0cHM6Ly9pczEtc3NsLm16c3RhdGljLmNvbS9pbWFnZS90aHVtYi9QdXJwbGUxMjQvdjQvNjEvNTEvNjIvNjE1MTYyY2EtZmYwMy1hZWVlLWRhMDUtMzJmNjFlZGZkNTc4L3NvdXJjZS8xNTB4MTUwYmIuanBnXCIgc3JjPVwiaHR0cHM6Ly9nbC5tb2RzZm9yYW5kcm9pZC5jb20vcHVibGljL2ltYWdlcy9sb2FkaW5nLnN2Z1wiIGFsdD1cIkdyb3Vwb25cIiBzdHlsZT1cInBhZGRpbmc6IDVweDtiYWNrZ3JvdW5kOiAjZjdmN2Y3O2JvcmRlci1yYWRpdXM6IDEwcHg7XCIgaGVpZ2h0PVwiMTAwcHhcIiB3aWR0aD1cIjEwMHB4XCI%2BIiwiPGltZyBkYXRhLXNyYz1cImh0dHBzOi8vaXMyLXNzbC5tenN0YXRpYy5jb20vaW1hZ2UvdGh1bWIvUHVycGxlMTE0L3Y0L2Q4LzQ1LzJmL2Q4NDUyZjJjLTBmN2QtYzNkNC02NWU1LTYyNjkwM2U5ZDIwZS9zb3VyY2UvMTUweDE1MGJiLmpwZ1wiIHNyYz1cImh0dHBzOi8vZ2wubW9kc2ZvcmFuZHJvaWQuY29tL3B1YmxpYy9pbWFnZXMvbG9hZGluZy5zdmdcIiBhbHQ9XCJPZmZlclVwIC0gQnV5LiBTZWxsLiBTaW1wbGUuXCIgc3R5bGU9XCJwYWRkaW5nOiA1cHg7YmFja2dyb3VuZDogI2Y3ZjdmNztib3JkZXItcmFkaXVzOiAxMHB4O1wiIGhlaWdodD1cIjEwMHB4XCIgd2lkdGg9XCIxMDBweFwiPiIsIjxpbWcgZGF0YS1zcmM9XCJodHRwczovL2lzNC1zc2wubXpzdGF0aWMuY29tL2ltYWdlL3RodW1iL1B1cnBsZTExNC92NC83MS9iZS8wZS83MWJlMGVlYS04NDQ0LWI2MDctOGQ2My02YTY3Y2JhMGE5ZTYvc291cmNlLzE1MHgxNTBiYi5qcGdcIiBzcmM9XCJodHRwczovL2dsLm1vZHNmb3JhbmRyb2lkLmNvbS9wdWJsaWMvaW1hZ2VzL2xvYWRpbmcuc3ZnXCIgYWx0PVwiUG9zaG1hcms6IEJ1eSAmYW1wOyBTZWxsIEZhc2hpb25cIiBzdHlsZT1cInBhZGRpbmc6IDVweDtiYWNrZ3JvdW5kOiAjZjdmN2Y3O2JvcmRlci1yYWRpdXM6IDEwcHg7XCIgaGVpZ2h0PVwiMTAwcHhcIiB3aWR0aD1cIjEwMHB4XCI%2BIiwiPGltZyBkYXRhLXNyYz1cImh0dHBzOi8vaXMxLXNzbC5tenN0YXRpYy5jb20vaW1hZ2UvdGh1bWIvUHVycGxlMTI0L3Y0LzM3LzYzLzcxLzM3NjM3MWRhLTk3YTEtN2IyOS05M2VjLTRkZjMzM2RiMTc4ZC9zb3VyY2UvMTUweDE1MGJiLmpwZ1wiIHNyYz1cImh0dHBzOi8vZ2wubW9kc2ZvcmFuZHJvaWQuY29tL3B1YmxpYy9pbWFnZXMvbG9hZGluZy5zdmdcIiBhbHQ9XCJsZXRnbzogU2VsbCAmYW1wOyBCdXkgVXNlZCBTdHVmZlwiIHN0eWxlPVwicGFkZGluZzogNXB4O2JhY2tncm91bmQ6ICNmN2Y3Zjc7Ym9yZGVyLXJhZGl1czogMTBweDtcIiBoZWlnaHQ9XCIxMDBweFwiIHdpZHRoPVwiMTAwcHhcIj4iLCI8aW1nIGRhdGEtc3JjPVwiaHR0cHM6Ly9pczItc3NsLm16c3RhdGljLmNvbS9pbWFnZS90aHVtYi9QdXJwbGUxMTQvdjQvMGQvNmIvZjMvMGQ2YmYzNWUtNTk0Zi01OGZlLThmYTctYTgwZWFmOGQwZWQ2L3NvdXJjZS8xNTB4MTUwYmIuanBnXCIgc3JjPVwiaHR0cHM6Ly9nbC5tb2RzZm9yYW5kcm9pZC5jb20vcHVibGljL2ltYWdlcy9sb2FkaW5nLnN2Z1wiIGFsdD1cImFkaWRhcyBDT05GSVJNRURcIiBzdHlsZT1cInBhZGRpbmc6IDVweDtiYWNrZ3JvdW5kOiAjZjdmN2Y3O2JvcmRlci1yYWRpdXM6IDEwcHg7XCIgaGVpZ2h0PVwiMTAwcHhcIiB3aWR0aD1cIjEwMHB4XCI%2BIl19fSwidGFnTWFya3VwIjoiPGlmcmFtZSBpZD1cImdvb2dsZV9hZHNfaWZyYW1lXy8xNDcyNDYxODksMjIzODQzNDY1MzMvbW9kc2ZvcmFuZHJvaWQuY29tXzMwMHgyNTBfZG91YmxlX2Jhbm5lcl9kZXNrdG9wXzFfbGVmdF8wXCIgbmFtZT1cImdvb2dsZV9hZHNfaWZyYW1lXy8xNDcyNDYxODksMjIzODQzNDY1MzMvbW9kc2ZvcmFuZHJvaWQuY29tXzMwMHgyNTBfZG91YmxlX2Jhbm5lcl9kZXNrdG9wXzFfbGVmdF8wXCIgdGl0bGU9XCIzcmQgcGFydHkgYWQgY29udGVudFwiIHdpZHRoPVwiMzAwXCIgaGVpZ2h0PVwiMjUwXCIgc2Nyb2xsaW5nPVwibm9cIiBtYXJnaW53aWR0aD1cIjBcIiBtYXJnaW5oZWlnaHQ9XCIwXCIgZnJhbWVib3JkZXI9XCIwXCIgcm9sZT1cInJlZ2lvblwiIGFyaWEtbGFiZWw9XCJBZHZlcnRpc2VtZW50XCIgdGFiaW5kZXg9XCIwXCIgc2FuZGJveD1cImFsbG93LWZvcm1zIGFsbG93LXBvcHVwcyBhbGxvdy1wb3B1cHMtdG8tZXNjYXBlLXNhbmRib3ggYWxsb3ctcG9pbnRlci1sb2NrIGFsbG93LXNhbWUtb3JpZ2luIGFsbG93LXNjcmlwdHMgYWxsb3ctdG9wLW5hdmlnYXRpb24tYnktdXNlci1hY3RpdmF0aW9uXCIgc3R5bGU9XCJib3JkZXI6IDBweDsgdmVydGljYWwtYWxpZ246IGJvdHRvbTtcIiBkYXRhLWxvYWQtY29tcGxldGU9XCJ0cnVlXCI%2BPC9pZnJhbWU%2BPCEtLSBJRlJBTUUgSU5ORVIgQ09OVEVOVCAtLT4iLCJibGFja2xpc3REYXRhIjp7ImFjdGlvbiI6MTAsImFjdGlvbkRldGFpbHMiOiJkaWdhbmV4YS5jb20iLCJyZXBvcnRSYXRpbyI6MSwicmVwb3J0TWFya3VwIjp0cnVlLCJpdGVtcyI6W3siaG9zdG5hbWUiOiJkaWdhbmV4YS5jb20iLCJ0b2tlbiI6IiIsImFjdGlvbiI6MTB9XSwibWFya3VwIjoiPGhlYWQ%2BPC9oZWFkPjxib2R5IG1hcmdpbndpZHRoPVwiMFwiIG1hcmdpbmhlaWdodD1cIjBcIj48L2JvZHk%2BPCFkb2N0eXBlIGh0bWw%2BPGh0bWwgYW1wNGFkcyBjbGFzcz1pLWFtcGh0bWwtaW5hYm94IGktYW1waHRtbC1sYXlvdXQ%2BPGhlYWQ%2BPG1ldGEgbmFtZT1cInJlZmVycmVyXCIgY29udGVudD1cIm9yaWdpblwiPjxtZXRhIGh0dHAtZXF1aXY9Q29udGVudC1TZWN1cml0eS1Qb2xpY3kgY29udGVudD1cInNjcmlwdC1zcmMgaHR0cHM6Ly9jZG4uYW1wcHJvamVjdC5vcmcvO29iamVjdC1zcmMgJ25vbmUnO2NoaWxkLXNyYyBibG9iOjtmcmFtZS1zcmMgJ25vbmUnXCI%2BPG1ldGEgY2hhcnNldD11dGYtOD48bWV0YSBjb250ZW50PVwid2lkdGg9ZGV2aWNlLXdpZHRoLG1pbmltdW0tc2NhbGU9MSxpbml0aWFsLXNjYWxlPTFcIiBuYW1lPXZpZXdwb3J0PjxzdHlsZSBhbXAtcnVudGltZSBpLWFtcGh0bWwtdmVyc2lvbj0wMTIzMTAzMDE0NTYwMDA%2BaHRtbHtvdmVyZmxvdy14OmhpZGRlbiFpbXBvcnRhbnR9aHRtbC5pLWFtcGh0bWwtZmlle2hlaWdodDoxMDAlIWltcG9ydGFudDt3aWR0aDoxMDAlIWltcG9ydGFudH1odG1sOm5vdChbYW1wNGFkc10pLGh0bWw6bm90KFthbXA0YWRzXSkgYm9keXtoZWlnaHQ6YXV0byFpbXBvcnRhbnR9aHRtbDpub3QoW2FtcDRhZHNdKSBib2R5e21hcmdpbjowIWltcG9ydGFu&i=1-13&t=adltag_lpih9e1a_AY22Lq9u2iJ&r=e1702d2e795da80a4daed1dc96b7f97&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24010
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
rJP-AbYn3Zu0qouaKKpzhn5jKcvZx-qZfLJezbgmVyJ5MZ1KEdYrgw==
tag
setupad-hai-tagan.adlightning.com/ 		0
417 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=dH1ib2R5ey13ZWJraXQtdGV4dC1zaXplLWFkanVzdDoxMDAlOy1tb3otdGV4dC1zaXplLWFkanVzdDoxMDAlOy1tcy10ZXh0LXNpemUtYWRqdXN0OjEwMCU7dGV4dC1zaXplLWFkanVzdDoxMDAlfWh0bWwuaS1hbXBodG1sLXNpbmdsZWRvYy5pLWFtcGh0bWwtZW1iZWRkZWR7LW1zLXRvdWNoLWFjdGlvbjpwYW4teSBwaW5jaC16b29tO3RvdWNoLWFjdGlvbjpwYW4teSBwaW5jaC16b29tfWh0bWwuaS1hbXBodG1sLWZpZT5ib2R5LGh0bWwuaS1hbXBodG1sLXNpbmdsZWRvYz5ib2R5e292ZXJmbG93OnZpc2libGUhaW1wb3J0YW50fWh0bWwuaS1hbXBodG1sLWZpZTpub3QoLmktYW1waHRtbC1pbmFib3gpPmJvZHksaHRtbC5pLWFtcGh0bWwtc2luZ2xlZG9jOm5vdCguaS1hbXBodG1sLWluYWJveCk%2BYm9keXtwb3NpdGlvbjpyZWxhdGl2ZSFpbXBvcnRhbnR9aHRtbC5pLWFtcGh0bWwtaW9zLWVtYmVkLWxlZ2FjeT5ib2R5e292ZXJmbG93LXg6aGlkZGVuIWltcG9ydGFudDtvdmVyZmxvdy15OmF1dG8haW1wb3J0YW50O3Bvc2l0aW9uOmFic29sdXRlIWltcG9ydGFudH1odG1sLmktYW1waHRtbC1pb3MtZW1iZWR7b3ZlcmZsb3cteTphdXRvIWltcG9ydGFudDtwb3NpdGlvbjpzdGF0aWN9I2ktYW1waHRtbC13cmFwcGVye292ZXJmbG93LXg6aGlkZGVuIWltcG9ydGFudDtvdmVyZmxvdy15OmF1dG8haW1wb3J0YW50O3Bvc2l0aW9uOmFic29sdXRlIWltcG9ydGFudDt0b3A6MCFpbXBvcnRhbnQ7bGVmdDowIWltcG9ydGFudDtyaWdodDowIWltcG9ydGFudDtib3R0b206MCFpbXBvcnRhbnQ7bWFyZ2luOjAhaW1wb3J0YW50O2Rpc3BsYXk6YmxvY2shaW1wb3J0YW50fWh0bWwuaS1hbXBodG1sLWlvcy1lbWJlZC5pLWFtcGh0bWwtaW9zLW92ZXJzY3JvbGwsaHRtbC5pLWFtcGh0bWwtaW9zLWVtYmVkLmktYW1waHRtbC1pb3Mtb3ZlcnNjcm9sbD4jaS1hbXBodG1sLXdyYXBwZXJ7LXdlYmtpdC1vdmVyZmxvdy1zY3JvbGxpbmc6dG91Y2ghaW1wb3J0YW50fSNpLWFtcGh0bWwtd3JhcHBlcj5ib2R5e3Bvc2l0aW9uOnJlbGF0aXZlIWltcG9ydGFudDtib3JkZXItdG9wOjFweCBzb2xpZCB0cmFuc3BhcmVudCFpbXBvcnRhbnR9I2ktYW1waHRtbC13cmFwcGVyK2JvZHl7dmlzaWJpbGl0eTp2aXNpYmxlfSNpLWFtcGh0bWwtd3JhcHBlcitib2R5IC5pLWFtcGh0bWwtbGlnaHRib3gtZWxlbWVudCwjaS1hbXBodG1sLXdyYXBwZXIrYm9keVtpLWFtcGh0bWwtbGlnaHRib3hde3Zpc2liaWxpdHk6aGlkZGVufSNpLWFtcGh0bWwtd3JhcHBlcitib2R5W2ktYW1waHRtbC1saWdodGJveF0gLmktYW1waHRtbC1saWdodGJveC1lbGVtZW50e3Zpc2liaWxpdHk6dmlzaWJsZX0jaS1hbXBodG1sLXdyYXBwZXIuaS1hbXBodG1sLXNjcm9sbC1kaXNhYmxlZCwuaS1hbXBodG1sLXNjcm9sbC1kaXNhYmxlZHtvdmVyZmxvdy14OmhpZGRlbiFpbXBvcnRhbnQ7b3ZlcmZsb3cteTpoaWRkZW4haW1wb3J0YW50fWFtcC1pbnN0YWdyYW17cGFkZGluZzo1NHB4IDBweCAwcHghaW1wb3J0YW50O2JhY2tncm91bmQtY29sb3I6I2ZmZn1hbXAtaWZyYW1lIGlmcmFtZXtib3gtc2l6aW5nOmJvcmRlci1ib3ghaW1wb3J0YW50fVthbXAtYWNjZXNzXVthbXAtYWNjZXNzLWhpZGVde2Rpc3BsYXk6bm9uZX1bc3Vic2NyaXB0aW9ucy1kaWFsb2ddLGJvZHk6bm90KC5pLWFtcGh0bWwtc3Vicy1yZWFkeSkgW3N1YnNjcmlwdGlvbnMtYWN0aW9uXSxib2R5Om5vdCguaS1hbXBodG1sLXN1YnMtcmVhZHkpIFtzdWJzY3JpcHRpb25zLXNlY3Rpb25de2Rpc3BsYXk6bm9uZSFpbXBvcnRhbnR9YW1wLWV4cGVyaW1lbnQsYW1wLWxpdmUtbGlzdD5bdXBkYXRlXXtkaXNwbGF5Om5vbmV9YW1wLWxpc3RbcmVzaXphYmxlLWNoaWxkcmVuXT4uaS1hbXBodG1sLWxvYWRpbmctY29udGFpbmVyLmFtcC1oaWRkZW57ZGlzcGxheTpub25lIWltcG9ydGFudH1hbXAtbGlzdCBbZmV0Y2gtZXJyb3JdLGFtcC1saXN0W2xvYWQtbW9yZV0gW2xvYWQtbW9yZS1idXR0b25dLGFtcC1saXN0W2xvYWQtbW9yZV0gW2xvYWQtbW9yZS1lbmRdLGFtcC1saXN0W2xvYWQtbW9yZV0gW2xvYWQtbW9yZS1mYWlsZWRdLGFtcC1saXN0W2xvYWQtbW9yZV0gW2xvYWQtbW9yZS1sb2FkaW5nXXtkaXNwbGF5Om5vbmV9YW1wLWxpc3RbZGlmZmFibGVdIGRpdltyb2xlPWxpc3Rde2Rpc3BsYXk6YmxvY2t9YW1wLXN0b3J5LXBhZ2UsYW1wLXN0b3J5W3N0YW5kYWxvbmVde21pbi1oZWlnaHQ6MXB4IWltcG9ydGFudDtkaXNwbGF5OmJsb2NrIWltcG9ydGFudDtoZWlnaHQ6MTAwJSFpbXBvcnRhbnQ7bWFyZ2luOjAhaW1wb3J0YW50O3BhZGRpbmc6MCFpbXBvcnRhbnQ7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDt3aWR0aDoxMDAlIWltcG9ydGFudH1hbXAtc3Rvcnlbc3RhbmRhbG9uZV17YmFja2dyb3VuZC1jb2xvcjojMDAwIWltcG9ydGFudDtwb3NpdGlvbjpyZWxhdGl2ZSFpbXBvcnRhbnR9YW1wLXN0b3J5LXBhZ2V7YmFja2dyb3VuZC1jb2xvcjojNzU3NTc1fWFtcC1zdG9yeSAuYW1wLWFjdGl2ZT5kaXYsYW1wLXN0b3J5IC5pLWFtcGh0bWwtbG9hZGVyLWJhY2tncm91bmR7ZGlzcGxheTpub25lIWltcG9ydGFudH1hbXAtc3RvcnktcGFnZTpub3QoOmZpcnN0LW9mLXR5cGUpOm5vdChbZGlzdGFuY2VdKTpub3QoW2FjdGl2ZV0pe3RyYW5zZm9ybTp0cmFuc2xhdGVZKDEwMDB2aCkhaW1wb3J0YW50fWFtcC1hdXRvY29tcGxldGV7cG9zaXRpb246cmVsYXRpdmUhaW1wb3J0YW50O2Rpc3BsYXk6aW5saW5lLWJsb2NrIWltcG9ydGFudH1hbXAtYXV0b2NvbXBsZXRlPmlucHV0LGFtcC1hdXRvY29tcGxldGU%2BdGV4dGFyZWF7cGFkZGluZzowLjVyZW07Ym9yZGVyOjFweCBzb2xpZCByZ2JhKDAsMCwwLDAuMzMpfS5pLWFtcGh0bWwtYXV0b2NvbXBsZXRlLXJlc3VsdHMsYW1wLWF1dG9jb21wbGV0ZT5pbnB1dCxhbXAtYXV0b2NvbXBsZXRlPnRleHRhcmVhe2ZvbnQtc2l6ZToxcmVtO2xpbmUtaGVpZ2h0OjEuNXJlbX1bYW1wLWZ4Xj1mbHktaW5de3Zpc2liaWxpdHk6aGlkZGVufWFtcC1zY3JpcHRbbm9kb21dLGFtcC1zY3JpcHRbc2FuZGJveGVkXXtwb3NpdGlvbjpmaXhlZCFpbXBvcnRhbnQ7dG9wOjAhaW1wb3J0YW50O3dpZHRoOjFweCFpbXBvcnRhbnQ7aGVpZ2h0OjFweCFpbXBvcnRhbnQ7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDt2aXNpYmlsaXR5OmhpZGRlbn1cbi8qIyBzb3VyY2VVUkw9L2Nzcy9hbXBkb2MuY3NzKi9baGlkZGVuXXtkaXNwbGF5Om5vbmUhaW1wb3J0YW50fS5pLWFtcGh0bWwtZWxlbWVudHtkaXNwbGF5OmlubGluZS1ibG9ja30uaS1hbXBodG1sLWJsdXJyeS1wbGFjZWhvbGRlcnt0cmFuc2l0aW9uOm9wYWNpdHkgMC4zcyBjdWJpYy1iZXppZXIoMC4wLDAuMCwwLjIsMSkhaW1wb3J0YW50O3BvaW50ZXItZXZlbnRzOm5vbmV9W2xheW91dD1ub2Rpc3BsYXldOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpe2Rpc3BsYXk6bm9uZSFpbXBvcnRhbnR9LmktYW1waHRtbC1sYXlvdXQtZml4ZWQsW2xheW91dD1maXhlZF1bd2lkdGhdW2hlaWdodF06bm90KC5pLWFtcGh0bWwtbGF5b3V0LWZpeGVkKXtkaXNwbGF5OmlubGluZS1ibG9jaztwb3NpdGlvbjpyZWxhdGl2ZX0uaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlLFtsYXlvdXQ9cmVzcG9uc2l2ZV1bd2lkdGhdW2hlaWdodF06bm90KC5pLWFtcGh0bWwtbGF5b3V0LXJlc3BvbnNpdmUpLFt3aWR0aF1baGVpZ2h0XVtoZWlnaHRzXTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlKSxbd2lkdGhdW2hlaWdodF1bc2l6ZXNdOm5vdChpbWcpOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtbGF5b3V0LXJlc3BvbnNpdmUpe2Rpc3BsYXk6YmxvY2s7cG9zaXRpb246cmVsYXRpdmV9LmktYW1waHRtbC1sYXlvdXQtaW50cmluc2ljLFtsYXlvdXQ9aW50cmluc2ljXVt3aWR0aF1baGVpZ2h0XTpub3QoLmktYW1waHRtbC1sYXlvdXQtaW50cmluc2ljKXtkaXNwbGF5OmlubGluZS1ibG9jaztwb3NpdGlvbjpyZWxhdGl2ZTttYXgtd2lkdGg6MTAwJX0uaS1hbXBodG1sLWxheW91dC1pbnRyaW5zaWMgLmktYW1waHRtbC1zaXplcnttYXgtd2lkdGg6MTAwJX0uaS1hbXBodG1sLWludHJpbnNpYy1zaXplcnttYXgtd2lkdGg6MTAwJTtkaXNwbGF5OmJsb2NrIWltcG9ydGFudH0uaS1hbXBodG1sLWxheW91dC1jb250YWluZXIsLmktYW1waHRtbC1sYXlvdXQtZml4ZWQtaGVpZ2h0LFtsYXlvdXQ9Y29udGFpbmVyXSxbbGF5b3V0PWZpeGVkLWhlaWdodF1baGVpZ2h0XTpub3QoLmktYW1waHRtbC1sYXlvdXQtZml4ZWQtaGVpZ2h0KXtkaXNwbGF5OmJsb2NrO3Bvc2l0aW9uOnJlbGF0aXZlfS5pLWFtcGh0bWwtbGF5b3V0LWZpbGwsLmktYW1waHRtbC1sYXlvdXQtZmlsbC5pLWFtcGh0bWwtbm90YnVpbHQsW2xheW91dD1maWxsXTpub3QoLmktYW1waHRtbC1sYXlvdXQtZmlsbCksYm9keSBub3NjcmlwdD4qe2Rpc3BsYXk6YmxvY2s7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDtwb3NpdGlvbjphYnNvbHV0ZTt0b3A6MDtsZWZ0OjA7Ym90dG9tOjA7cmlnaHQ6MH1ib2R5IG5vc2NyaXB0Pip7cG9zaXRpb246YWJzb2x1dGUhaW1wb3J0YW50O3dpZHRoOjEwMCU7aGVpZ2h0OjEwMCU7ei1pbmRleDoyfWJvZHkgbm9zY3JpcHR7ZGlzcGxheTppbmxpbmUhaW1wb3J0YW50fS5pLWFtcGh0bWwtbGF5b3V0LWZsZXgtaXRlbSxbbGF5b3V0PWZsZXgtaXRlbV06bm90KC5pLWFtcGh0bWwtbGF5b3V0LWZsZXgtaXRlbSl7ZGlzcGxheTpibG9jaztwb3NpdGlvbjpyZWxhdGl2ZTstbXMtZmxleDoxIDEgYXV0bztmbGV4OjEgMSBhdXRvfS5pLWFtcGh0bWwtbGF5b3V0LWZsdWlke3Bvc2l0aW9uOnJlbGF0aXZlfS5pLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZHtvdmVyZmxvdzpoaWRkZW4haW1wb3J0YW50fS5pLWFtcGh0bWwtbGF5b3V0LWF3YWl0aW5nLXNpemV7cG9zaXRpb246YWJzb2x1dGUhaW1wb3J0YW50O3RvcDphdXRvIWltcG9ydGFudDtib3R0b206YXV0byFpbXBvcnRhbnR9aS1hbXBodG1sLXNpemVye2Rpc3BsYXk6YmxvY2shaW1wb3J0YW50fUBzdXBwb3J0cyAoYXNwZWN0LXJhdGlvOjEvMSl7aS1hbXBodG1sLXNpemVyLmktYW1waHRtbC1kaXNhYmxlLWFye2Rpc3BsYXk6bm9uZSFpbXBvcnRhbnR9fS5pLWFtcGh0bWwtYmx1cnJ5LXBsYWNlaG9sZGVyLC5pLWFtcGh0bWwtZmlsbC1jb250ZW50e2Rpc3BsYXk6YmxvY2s7aGVpZ2h0OjA7bWF4LWhlaWdodDoxMDAlO21heC13aWR0aDoxMDAlO21pbi1oZWlnaHQ6MTAwJTttaW4td2lkdGg6MTAwJTt3aWR0aDowO21hcmdpbjphdXRvfS5pLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZCAuaS1hbXBodG1sLWZpbGwtY29udGVudHtwb3NpdGlvbjphYnNvbHV0ZTt0b3A6MDtsZWZ0OjA7Ym90dG9tOjA7cmlnaHQ6MH0uaS1hbXBodG1sLXJlcGxhY2VkLWNvbnRlbnQsLmktYW1waHRtbC1zY3JlZW4tcmVhZGVye3BhZGRpbmc6MCFpbXBvcnRhbnQ7Ym9yZGVyOm5vbmUhaW1wb3J0YW50fS5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcntwb3NpdGlvbjpmaXhlZCFpbXBvcnRhbnQ7dG9wOjBweCFpbXBvcnRhbnQ7bGVmdDowcHghaW1wb3J0YW50O3dpZHRoOjRweCFpbXBvcnRhbnQ7aGVpZ2h0OjRweCFpbXBvcnRhbnQ7b3BhY2l0eTowIWltcG9ydGFudDtvdmVyZmxvdzpoaWRkZW4haW1wb3J0YW50O21hcmdpbjowIWltcG9ydGFudDtkaXNwbGF5OmJsb2NrIWltcG9ydGFudDt2aXNpYmlsaXR5OnZpc2libGUhaW1wb3J0YW50fS5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcn4uaS1hbXBodG1sLXNjcmVlbi1yZWFkZXJ7bGVmdDo4cHghaW1wb3J0YW50fS5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcn4uaS1hbXBodG1sLXNjcmVlbi1yZWFkZXJ%2BLmktYW1waHRtbC1zY3JlZW4tcmVhZGVye2xlZnQ6MTJweCFpbXBvcnRhbnR9LmktYW1waHRtbC1zY3JlZW4tcmVhZGVyfi5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcn4uaS1hbXBodG1sLXNjcmVlbi1yZWFkZXJ%2BLmktYW1waHRtbC1zY3JlZW4tcmVhZGVye2xlZnQ6MTZweCFpbXBvcnRhbnR9LmktYW1waHRt&i=2-13&t=adltag_lpih9e1a_AY22Lq9u2iJ&r=e1702d2e795da80a4daed1dc96b7f97&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24010
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
KdaJl7NOrryW-1Lu8Eea88aKWA7pt-N8Vt2juTd8pZyXeZcmTHQmXA==
tag
setupad-hai-tagan.adlightning.com/ 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=bC11bnJlc29sdmVke3Bvc2l0aW9uOnJlbGF0aXZlO292ZXJmbG93OmhpZGRlbiFpbXBvcnRhbnR9LmktYW1waHRtbC1zZWxlY3QtZGlzYWJsZWR7LXdlYmtpdC11c2VyLXNlbGVjdDpub25lIWltcG9ydGFudDstbXMtdXNlci1zZWxlY3Q6bm9uZSFpbXBvcnRhbnQ7dXNlci1zZWxlY3Q6bm9uZSFpbXBvcnRhbnR9LmktYW1waHRtbC1ub3RidWlsdCxbbGF5b3V0XTpub3QoLmktYW1waHRtbC1lbGVtZW50KSxbd2lkdGhdW2hlaWdodF1baGVpZ2h0c106bm90KFtsYXlvdXRdKTpub3QoLmktYW1waHRtbC1lbGVtZW50KSxbd2lkdGhdW2hlaWdodF1bc2l6ZXNdOm5vdChpbWcpOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCl7cG9zaXRpb246cmVsYXRpdmU7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDtjb2xvcjp0cmFuc3BhcmVudCFpbXBvcnRhbnR9LmktYW1waHRtbC1ub3RidWlsdDpub3QoLmktYW1waHRtbC1sYXlvdXQtY29udGFpbmVyKT4qLFtsYXlvdXRdOm5vdChbbGF5b3V0PWNvbnRhaW5lcl0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpPiosW3dpZHRoXVtoZWlnaHRdW2hlaWdodHNdOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCk%2BKixbd2lkdGhdW2hlaWdodF1bc2l6ZXNdOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCk%2BKntkaXNwbGF5Om5vbmV9YW1wLWltZzpub3QoLmktYW1waHRtbC1lbGVtZW50KVtpLWFtcGh0bWwtc3NyXT5pbWcuaS1hbXBodG1sLWZpbGwtY29udGVudHtkaXNwbGF5OmJsb2NrfS5pLWFtcGh0bWwtbm90YnVpbHQ6bm90KC5pLWFtcGh0bWwtbGF5b3V0LWNvbnRhaW5lciksW2xheW91dF06bm90KFtsYXlvdXQ9Y29udGFpbmVyXSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCksW3dpZHRoXVtoZWlnaHRdW2hlaWdodHNdOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCksW3dpZHRoXVtoZWlnaHRdW3NpemVzXTpub3QoaW1nKTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpe2NvbG9yOnRyYW5zcGFyZW50IWltcG9ydGFudDtsaW5lLWhlaWdodDowIWltcG9ydGFudH0uaS1hbXBodG1sLWdob3N0e3Zpc2liaWxpdHk6aGlkZGVuIWltcG9ydGFudH0uaS1hbXBodG1sLWVsZW1lbnQ%2BW3BsYWNlaG9sZGVyXSxbbGF5b3V0XTpub3QoLmktYW1waHRtbC1lbGVtZW50KT5bcGxhY2Vob2xkZXJdLFt3aWR0aF1baGVpZ2h0XVtoZWlnaHRzXTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpPltwbGFjZWhvbGRlcl0sW3dpZHRoXVtoZWlnaHRdW3NpemVzXTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpPltwbGFjZWhvbGRlcl17ZGlzcGxheTpibG9jaztsaW5lLWhlaWdodDpub3JtYWx9LmktYW1waHRtbC1lbGVtZW50PltwbGFjZWhvbGRlcl0uYW1wLWhpZGRlbiwuaS1hbXBodG1sLWVsZW1lbnQ%2BW3BsYWNlaG9sZGVyXS5oaWRkZW57dmlzaWJpbGl0eTpoaWRkZW59LmktYW1waHRtbC1lbGVtZW50Om5vdCguYW1wLW5vdHN1cHBvcnRlZCk%2BW2ZhbGxiYWNrXSwuaS1hbXBodG1sLWxheW91dC1jb250YWluZXI%2BW3BsYWNlaG9sZGVyXS5hbXAtaGlkZGVuLC5pLWFtcGh0bWwtbGF5b3V0LWNvbnRhaW5lcj5bcGxhY2Vob2xkZXJdLmhpZGRlbntkaXNwbGF5Om5vbmV9LmktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkPltmYWxsYmFja10sLmktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkPltwbGFjZWhvbGRlcl17cG9zaXRpb246YWJzb2x1dGUhaW1wb3J0YW50O3RvcDowIWltcG9ydGFudDtsZWZ0OjAhaW1wb3J0YW50O3JpZ2h0OjAhaW1wb3J0YW50O2JvdHRvbTowIWltcG9ydGFudDt6LWluZGV4OjF9YW1wLWltZ1tpLWFtcGh0bWwtc3NyXTpub3QoLmktYW1waHRtbC1lbGVtZW50KT5bcGxhY2Vob2xkZXJde3otaW5kZXg6YXV0b30uaS1hbXBodG1sLW5vdGJ1aWx0PltwbGFjZWhvbGRlcl17ZGlzcGxheTpibG9jayFpbXBvcnRhbnR9LmktYW1waHRtbC1oaWRkZW4tYnktbWVkaWEtcXVlcnl7ZGlzcGxheTpub25lIWltcG9ydGFudH0uaS1hbXBodG1sLWVsZW1lbnQtZXJyb3J7YmFja2dyb3VuZDpyZWQhaW1wb3J0YW50O2NvbG9yOiNmZmYhaW1wb3J0YW50O3Bvc2l0aW9uOnJlbGF0aXZlIWltcG9ydGFudH0uaS1hbXBodG1sLWVsZW1lbnQtZXJyb3I6YmVmb3Jle2NvbnRlbnQ6YXR0cihlcnJvci1tZXNzYWdlKX1pLWFtcC1zY3JvbGwtY29udGFpbmVyLGktYW1waHRtbC1zY3JvbGwtY29udGFpbmVye3Bvc2l0aW9uOmFic29sdXRlO3RvcDowO2xlZnQ6MDtyaWdodDowO2JvdHRvbTowO2Rpc3BsYXk6YmxvY2t9aS1hbXAtc2Nyb2xsLWNvbnRhaW5lci5hbXAtYWN0aXZlLGktYW1waHRtbC1zY3JvbGwtY29udGFpbmVyLmFtcC1hY3RpdmV7b3ZlcmZsb3c6YXV0bzstd2Via2l0LW92ZXJmbG93LXNjcm9sbGluZzp0b3VjaH0uaS1hbXBodG1sLWxvYWRpbmctY29udGFpbmVye2Rpc3BsYXk6YmxvY2shaW1wb3J0YW50O3BvaW50ZXItZXZlbnRzOm5vbmU7ei1pbmRleDoxfS5pLWFtcGh0bWwtbm90YnVpbHQ%2BLmktYW1waHRtbC1sb2FkaW5nLWNvbnRhaW5lcntkaXNwbGF5OmJsb2NrIWltcG9ydGFudH0uaS1hbXBodG1sLWxvYWRpbmctY29udGFpbmVyLmFtcC1oaWRkZW57dmlzaWJpbGl0eTpoaWRkZW59LmktYW1waHRtbC1lbGVtZW50PltvdmVyZmxvd117Y3Vyc29yOnBvaW50ZXI7cG9zaXRpb246cmVsYXRpdmU7ei1pbmRleDoyO3Zpc2liaWxpdHk6aGlkZGVuO2Rpc3BsYXk6aW5pdGlhbDtsaW5lLWhlaWdodDpub3JtYWx9LmktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkPltvdmVyZmxvd117cG9zaXRpb246YWJzb2x1dGV9LmktYW1waHRtbC1lbGVtZW50PltvdmVyZmxvd10uYW1wLXZpc2libGV7dmlzaWJpbGl0eTp2aXNpYmxlfXRlbXBsYXRle2Rpc3BsYXk6bm9uZSFpbXBvcnRhbnR9LmFtcC1ib3JkZXItYm94LC5hbXAtYm9yZGVyLWJveCAqLC5hbXAtYm9yZGVyLWJveCA6YWZ0ZXIsLmFtcC1ib3JkZXItYm94IDpiZWZvcmV7Ym94LXNpemluZzpib3JkZXItYm94fWFtcC1waXhlbHtkaXNwbGF5Om5vbmUhaW1wb3J0YW50fWFtcC1hbmFseXRpY3MsYW1wLWF1dG8tYWRzLGFtcC1zdG9yeS1hdXRvLWFkc3twb3NpdGlvbjpmaXhlZCFpbXBvcnRhbnQ7dG9wOjAhaW1wb3J0YW50O3dpZHRoOjFweCFpbXBvcnRhbnQ7aGVpZ2h0OjFweCFpbXBvcnRhbnQ7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDt2aXNpYmlsaXR5OmhpZGRlbn1hbXAtc3Rvcnl7dmlzaWJpbGl0eTpoaWRkZW4haW1wb3J0YW50fWh0bWwuaS1hbXBodG1sLWZpZT5hbXAtYW5hbHl0aWNze3Bvc2l0aW9uOmluaXRpYWwhaW1wb3J0YW50fVt2aXNpYmxlLXdoZW4taW52YWxpZF06bm90KC52aXNpYmxlKSxmb3JtIFtzdWJtaXQtZXJyb3JdLGZvcm0gW3N1Ym1pdC1zdWNjZXNzXSxmb3JtIFtzdWJtaXR0aW5nXXtkaXNwbGF5Om5vbmV9YW1wLWFjY29yZGlvbntkaXNwbGF5OmJsb2NrIWltcG9ydGFudH1AbWVkaWEgKG1pbi13aWR0aDoxcHgpezp3aGVyZShhbXAtYWNjb3JkaW9uPnNlY3Rpb24pPjpmaXJzdC1jaGlsZHttYXJnaW46MDtiYWNrZ3JvdW5kLWNvbG9yOiNlZmVmZWY7cGFkZGluZy1yaWdodDoyMHB4O2JvcmRlcjoxcHggc29saWQgI2RmZGZkZn06d2hlcmUoYW1wLWFjY29yZGlvbj5zZWN0aW9uKT46bGFzdC1jaGlsZHttYXJnaW46MH19YW1wLWFjY29yZGlvbj5zZWN0aW9ue2Zsb2F0Om5vbmUhaW1wb3J0YW50fWFtcC1hY2NvcmRpb24%2Bc2VjdGlvbj4qe2Zsb2F0Om5vbmUhaW1wb3J0YW50O2Rpc3BsYXk6YmxvY2shaW1wb3J0YW50O292ZXJmbG93OmhpZGRlbiFpbXBvcnRhbnQ7cG9zaXRpb246cmVsYXRpdmUhaW1wb3J0YW50fWFtcC1hY2NvcmRpb24sYW1wLWFjY29yZGlvbj5zZWN0aW9ue21hcmdpbjowfWFtcC1hY2NvcmRpb246bm90KC5pLWFtcGh0bWwtYnVpbHQpPnNlY3Rpb24%2BOmxhc3QtY2hpbGR7ZGlzcGxheTpub25lIWltcG9ydGFudH1hbXAtYWNjb3JkaW9uOm5vdCguaS1hbXBodG1sLWJ1aWx0KT5zZWN0aW9uW2V4cGFuZGVkXT46bGFzdC1jaGlsZHtkaXNwbGF5OmJsb2NrIWltcG9ydGFudH1cbi8qIyBzb3VyY2VVUkw9L2Nzcy9hbXBzaGFyZWQuY3NzKi9odG1sLmktYW1waHRtbC1pbmFib3h7d2lkdGg6MTAwJSFpbXBvcnRhbnQ7aGVpZ2h0OjEwMCUhaW1wb3J0YW50fWh0bWwuaS1hbXBodG1sLWluYWJveD5ib2R5e3Bvc2l0aW9uOmluaXRpYWwhaW1wb3J0YW50fTwvc3R5bGU%2BPG1ldGEgY29udGVudD1cInZlbmRvcj1kb3VibGVjbGljayx0eXBlPWltcHJlc3Npb24taWQsdmFsdWU9Q0xlZDJ0Zjk1b0lERmM4RGlnTWRfTHdJVEFcIiBuYW1lPWFtcDRhZHMtaWQ%2BPG1ldGEgY29udGVudD1cIkF2aDVOeTBYRUZDeVE3K29OaWVYc2tVcnFZOGVkVXpMNS9YcndLbEdqQVJRSFc0VEZSSytqVmQ1SG5ESXBZMjBuNU9MSGZnVTRrdTd4NDhOM3VoRy9BMEFBQUJ4ZXlKdmNtbG5hVzRpT2lKb2RIUndjem92TDJSdmRXSnNaV05zYVdOckxtNWxkRG8wTkRNaUxDSm1aV0YwZFhKbElqb2lVSEpwZG1GamVWTmhibVJpYjNoQlpITkJVRWx6SWl3aVpYaHdhWEo1SWpveE5qazFNVFkzT1RrNUxDSnBjMU4xWW1SdmJXRnBiaUk2ZEhKMVpYMD1cIiBodHRwLWVxdWl2PW9yaWdpbi10cmlhbD48bWV0YSBjb250ZW50PVwiQWtGSXRKbW82YkY5VG5DeWV4N2s4cktYS0tKQkZFcmxyVnZjSGkrREp1TlFDSWRjbEJNamNmRzFieG9EL0hlQ0pOcnFkZnM4YjN0R1NWUFJFUlUyaWdzQUFBQjNleUp2Y21sbmFXNGlPaUpvZEhSd2N6b3ZMMmR2YjJkc1pYTjVibVJwWTJGMGFXOXVMbU52YlRvME5ETWlMQ0ptWldGMGRYSmxJam9pVUhKcGRtRmplVk5oYm1SaWIzaEJaSE5CVUVseklpd2laWGh3YVhKNUlqb3hOamsxTVRZM09UazVMQ0pwYzFOMVltUnZiV0ZwYmlJNmRISjFaWDA9XCIgaHR0cC1lcXVpdj1vcmlnaW4tdHJpYWw%2BPGxpbmsgYXM9c2NyaXB0IGhyZWY9aHR0cHM6Ly9jZG4uYW1wcHJvamVjdC5vcmcvcnR2LzAxMjMxMDMwMTQ1NjAwMC9hbXA0YWRzLXYwLm1qcyByZWw9cHJlbG9hZD48c2NyaXB0IGFzeW5jIHNyYz1odHRwczovL2Nkbi5hbXBwcm9qZWN0Lm9yZy9ydHYvMDEyMzEwMzAxNDU2MDAwL2FtcDRhZHMtdjAubWpzPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmMgY3VzdG9tLWVsZW1lbnQ9YW1wLWFkLWV4aXQgc3JjPWh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnL3J0di8wMTIzMTAzMDE0NTYwMDAvdjAvYW1wLWFkLWV4aXQtMC4xLm1qcz48L3NjcmlwdD48c2NyaXB0IGFzeW5jIGN1c3RvbS1lbGVtZW50PWFtcC1hbmFseXRpY3Mgc3JjPWh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnL3J0di8wMTIzMTAzMDE0NTYwMDAvdjAvYW1wLWFuYWx5dGljcy0wLjEubWpzPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmMgY3VzdG9tLWVsZW1lbnQ9YW1wLWZpdC10ZXh0IHNyYz1odHRwczovL2Nkbi5hbXBwcm9qZWN0Lm9yZy9ydHYvMDEyMzEwMzAxNDU2MDAwL3YwL2FtcC1maXQtdGV4dC0wLjEubWpzPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmMgY3VzdG9tLWVsZW1lbnQ9YW1wLWZvcm0gc3JjPWh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnL3J0di8wMTIzMTAzMDE0NTYwMDAvdjAvYW1wLWZvcm0tMC4xLm1qcz48L3NjcmlwdD48c2NyaXB0IGFzeW5jIGN1c3RvbS1lbGVtZW50PWFtcC1nd2QtYW5pbWF0aW9uIGRhdGEtc291cmNlPWh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnL3YwL2FtcC1nd2QtYW5pbWF0aW9uLTAuMS5qcyBzcmM9aHR0cHM6Ly9jZG4uYW1wcHJvamVjdC5vcmcvcnR2LzAxMjMxMDMwMTQ1NjAwMC92MC9hbXAtZ3dkLWFuaW1hdGlvbi0wLjEubWpzPjwvc2NyaXB0PjxzdHlsZSBhbXAtY3VzdG9tPi5hYmdjIHtwb3NpdGlvbjphYnNvbHV0ZTt6LWluZGV4OjIxNDc0ODM2NDY7cmlnaHQ6MDt0b3A6MDt9LmFiZ2MgYW1wLWltZywgLmFiZ2MgaW1nIHtkaXNwbGF5OmJsb2NrO30uYWJncyB7cG9zaXRpb246YWJzb2x1dGU7LXdlYmtpdC10cmFuc2Zvcm06dHJhbnNsYXRlWCg5MnB4KTt0cmFuc2Zvcm06dHJhbnNsYXRlWCg5&i=3-13&t=adltag_lpih9e1a_AY22Lq9u2iJ&r=e1702d2e795da80a4daed1dc96b7f97&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24010
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
IMbuWUC2GUedUEFFx8PrS1GWj0qASsI-2wEZl5rQKbQGjDJG1esvsA==
tag
setupad-hai-tagan.adlightning.com/ 		0
417 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=MnB4KTtyaWdodDoxN3B4O3RvcDoxcHg7fS5hYmdjcCB7cG9zaXRpb246YWJzb2x1dGU7cmlnaHQ6MDt0b3A6MDt3aWR0aDozMnB4O2hlaWdodDoxNXB4O3BhZGRpbmctbGVmdDoxMHB4O3BhZGRpbmctYm90dG9tOjEwcHg7fS5hYmdiIHtwb3NpdGlvbjpyZWxhdGl2ZTttYXJnaW4tcmlnaHQ6MTdweDt0b3A6MXB4O30uYWJnYzpob3ZlciAuYWJncyB7LXdlYmtpdC10cmFuc2Zvcm06bm9uZTt0cmFuc2Zvcm06bm9uZTt9LmNiYntkaXNwbGF5OmJsb2NrO3Bvc2l0aW9uOmFic29sdXRlO3JpZ2h0OjFweDt0b3A6MXB4O2N1cnNvcjpwb2ludGVyO2hlaWdodDoxNXB4O3dpZHRoOjE1cHg7ei1pbmRleDo5MDIwO3BhZGRpbmctbGVmdDoxNnB4O31AbWVkaWEgKG1heC13aWR0aDozNzVweCkgYW5kIChtaW4taGVpZ2h0OjEwMHB4KXsuYnRue2Rpc3BsYXk6YmxvY2s7d2lkdGg6OTAlO21heC13aWR0aDoyNDBweDttYXJnaW4tbGVmdDphdXRvO21hcmdpbi1yaWdodDphdXRvfX0jc3B2MSBhbXAtZml0LXRleHQ%2BZGl2ey13ZWJraXQtanVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnQ7anVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnR9I3NidG46aG92ZXIsI3NidG46YWN0aXZle2JhY2tncm91bmQtY29sb3I6I2Y1ZjVmNX0jcmJ0bjpob3ZlciwjcmJ0bjphY3RpdmV7YmFja2dyb3VuZC1jb2xvcjojMzI3NWU1fSNtdGF7bGVmdDowO30jbXRhIGlucHV0W3R5cGU9XCJyYWRpb1wiXXtkaXNwbGF5Om5vbmV9I210YSAucG57cmlnaHQ6LTMwMHB4O3RvcDotMjUwcHg7d2lkdGg6MzAwcHg7aGVpZ2h0OjI1MHB4O30uc3YgI3NwdjJ7LXdlYmtpdC1mbGV4LWRpcmVjdGlvbjpjb2x1bW47ZmxleC1kaXJlY3Rpb246Y29sdW1ufS5qbS5zdiAjc3B2Mnstd2Via2l0LWp1c3RpZnktY29udGVudDpjZW50ZXI7anVzdGlmeS1jb250ZW50OmNlbnRlcjstd2Via2l0LWFsaWduLWl0ZW1zOmNlbnRlcjthbGlnbi1pdGVtczpjZW50ZXJ9I3NwdjIgKnstbW96LWJveC1zaXppbmc6Ym9yZGVyLWJveDstd2Via2l0LWJveC1zaXppbmc6Ym9yZGVyLWJveDtib3gtc2l6aW5nOmJvcmRlci1ib3h9I3NwcjE6Y2hlY2tlZCB%2BICNjYmIsI3NwcjI6Y2hlY2tlZCB%2BICNjYmIsI3NwcjM6Y2hlY2tlZCB%2BICNjYmJ7ZGlzcGxheTpub25lfS5hbXAtYW5pbWF0ZSAjc3B2NHtvcGFjaXR5OjA7dHJhbnNpdGlvbjpvcGFjaXR5IC41cyBsaW5lYXIgMi41c30uYW1wLWFuaW1hdGUgICNzcHYzIGFtcC1maXQtdGV4dHtvcGFjaXR5OjE7dHJhbnNpdGlvbjpvcGFjaXR5IC41cyBsaW5lYXIgMnN9I3NwcjM6Y2hlY2tlZCB%2BICNzcHYzIGFtcC1maXQtdGV4dHtvcGFjaXR5OjB9I3NwcjM6Y2hlY2tlZCB%2BICNzcHY0e29wYWNpdHk6MX0jc3ByMTpjaGVja2VkIH4gI3NwdjEsI3NwcjI6Y2hlY2tlZCB%2BICNzcHYyLCNzcHIzOmNoZWNrZWQgfiAjc3B2Mywjc3ByMzpjaGVja2VkIH4gI3NwdjR7cmlnaHQ6MHB4O3RvcDowcHh9W2Rpcj1cInJ0bFwiXSAuY2xvc2V7dHJhbnNmb3JtOnNjYWxlWCgtMSl9LmN0IHN2Z3tib3JkZXI6MDttYXJnaW46MCAwIC0uNDVlbSAwO2Rpc3BsYXk6aW5saW5lLWJsb2NrO2hlaWdodDoxLjM4ZW07b3BhY2l0eTouNH0jdGl7d2lkdGg6MzAwcHh9I2J0bnN7d2lkdGg6MzAwcHh9LmZse3dpZHRoOjMwMHB4O2hlaWdodDoyNTBweDt9I3NwcjQ6Y2hlY2tlZCB%2BICNjYmIsI3NwcjU6Y2hlY2tlZCB%2BICNjYmJ7ZGlzcGxheTpub25lfSNzcHI1OmNoZWNrZWQgfiAjc3B2NXtyaWdodDowcHg7dG9wOjBweH0jYWJ0bjpob3ZlciwjYWJ0bjphY3RpdmV7YmFja2dyb3VuZC1jb2xvcjojMzI3NWU1fSNtdGEgLmZsID4gZGl2e2p1c3RpZnktY29udGVudDpmbGV4LXN0YXJ0fS5wdCAucGg6YmVmb3Jle3Bvc2l0aW9uOmFic29sdXRlO2NvbnRlbnQ6XCJcIjtoZWlnaHQ6MjBweDt3aWR0aDoyMHB4O2xlZnQ6LTRweDtib3R0b206LTNweDttYXJnaW4tbGVmdDo0cHg7YmFja2dyb3VuZC1jb2xvcjojZmZmOy13ZWJraXQtdHJhbnNpdGlvbjp0cmFuc2Zvcm0gLjRzO3RyYW5zaXRpb246dHJhbnNmb3JtIC40cztib3gtc2hhZG93OjAgMXB4IDJweCAwIHJnYmEoNjAsNjQsNjcsLjMpLCAwIDFweCAzcHggMXB4IHJnYmEoNjAsNjQsNjcsLjE1KTtib3JkZXItcmFkaXVzOjUwJX0ucHQgaW5wdXQ6Y2hlY2tlZCArIC5waHtiYWNrZ3JvdW5kLWNvbG9yOnJnYmEoNjYsMTMzLDI0NCwuNSl9LnB0IGlucHV0OmZvY3VzICsgLnBoe2JveC1zaGFkb3c6MCAwIDFweCAjNDI4NWY0fS5wdCBpbnB1dDpjaGVja2VkICsgLnBoOmJlZm9yZXstd2Via2l0LXRyYW5zZm9ybTp0cmFuc2xhdGVYKDE2cHgpOy1tcy10cmFuc2Zvcm06dHJhbnNsYXRlWCgxNnB4KTt0cmFuc2Zvcm06dHJhbnNsYXRlWCgxNnB4KTt0cmFuc2l0aW9uOnRyYW5zZm9ybSAuNHM7YmFja2dyb3VuZC1jb2xvcjojMWE3M2U4fS5zYntoZWlnaHQ6NTBweH0uc297d2lkdGg6OTZweDtoZWlnaHQ6NTBweDt9LnNvOmhvdmVyLC5zbzphY3RpdmV7YmFja2dyb3VuZC1jb2xvcjojZjVmNWY1fUBtZWRpYSAobWluLWhlaWdodDo1NHB4KXsuc2guc3MgLnNvLC5zdiAuc297Ym94LXNoYWRvdzowcHggMHB4IDJweCByZ2JhKDAsMCwwLC4xMiksIDBweCAxcHggM3B4IHJnYmEoMCwwLDAsLjI2KTtib3JkZXI6bm9uZX19LnN2IC5zbywuc2guc3MgLnNve2JvcmRlci1yYWRpdXM6MnB4fS5zdiAuc297bWFyZ2luOjRweH0jZ29vZ2xlX3VwbG9hZGVkX2E0YXtwb3NpdGlvbjphYnNvbHV0ZTtsZWZ0OjA7dG9wOjA7ei1pbmRleDoyMTQ3NDgzNjM2fSNnb29nbGVfdXBsb2FkZWRfYTRhe3dpZHRoOiAxMDAlOyBoZWlnaHQ6IDEwMCV9ICN4LWE0YS1mb3JtZXItYm9keXttYXJnaW46IDA7IGRpc3BsYXk6IGJsb2NrOyBwb3NpdGlvbjogcmVsYXRpdmU7IHBhZGRpbmc6IDA7IHRyYW5zZm9ybTogdHJhbnNsYXRlWigwKTsgLXdlYmtpdC10cmFuc2Zvcm06IHRyYW5zbGF0ZVooMCk7IC1tb3otdHJhbnNmb3JtOiB0cmFuc2xhdGVaKDApfSAjZ29vZ2xlX3VwbG9hZGVkX2E0YSB7ZGlzcGxheTogYmxvY2s7IHBvc2l0aW9uOiByZWxhdGl2ZTsgbWFyZ2luOiAwOyBwYWRkaW5nOiAwOyB0cmFuc2Zvcm06IHRyYW5zbGF0ZVooMCk7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGVaKDApOyAtbW96LXRyYW5zZm9ybTogdHJhbnNsYXRlWigwKX1cbiNhNGEtYmFubmVyd2lzZSB7cG9zaXRpb246IGFic29sdXRlOyBvdmVyZmxvdzogaGlkZGVuOyBib3JkZXI6IDA7IGN1cnNvcjogcG9pbnRlcjsgdHJhbnNmb3JtOiBtYXRyaXgzZCgxLCAwLCAwLCAwLCAwLCAxLCAwLCAwLCAwLCAwLCAxLCAwLCAwLCAwLCAwLCAxKTsgLXdlYmtpdC10cmFuc2Zvcm06IG1hdHJpeDNkKDEsIDAsIDAsIDAsIDAsIDEsIDAsIDAsIDAsIDAsIDEsIDAsIDAsIDAsIDAsIDEpOyBjdXJzb3I6IHBvaW50ZXI7IG92ZXJmbG93OiBoaWRkZW47IHdpZHRoOiAzMDBweDsgaGVpZ2h0OiAyNTBweDsgYmFja2dyb3VuZDogI2ZmZmZmZn1cbiNhNGEtYmFubmVyd2lzZSwgI2E0YS1iYW5uZXJ3aXNlICosICNhNGEtYmFubmVyd2lzZSAqOmJlZm9yZSwgI2E0YS1iYW5uZXJ3aXNlICo6YWZ0ZXIge2JveC1zaXppbmc6IGJvcmRlci1ib3g7IG91dGxpbmU6IDA7IC1tcy10ZXh0LXNpemUtYWRqdXN0OiBub25lOyAtbW96LXRleHQtc2l6ZS1hZGp1c3Q6IG5vbmU7IC13ZWJraXQtdGV4dC1zaXplLWFkanVzdDogbm9uZX1cbiNhNGEtYmFubmVyd2lzZSAuYTRhLWJvcmRlciB7cG9zaXRpb246IGFic29sdXRlOyB6LWluZGV4OiA5OTk5fVxuI2E0YS1iYW5uZXJ3aXNlIC5hNGEtYm9yZGVyLmE0YS1ib3JkZXItdG9wIHt0b3A6IDA7IGxlZnQ6IDA7IHdpZHRoOiAxMDAlfVxuI2E0YS1iYW5uZXJ3aXNlIC5hNGEtYm9yZGVyLmE0YS1ib3JkZXItbGVmdCB7dG9wOiAwOyBsZWZ0OiAwOyBoZWlnaHQ6IDEwMCV9XG4jYTRhLWJhbm5lcndpc2UgLmE0YS1ib3JkZXIuYTRhLWJvcmRlci1ib3R0b20ge2xlZnQ6IDA7IGJvdHRvbTogMDsgd2lkdGg6IDEwMCV9XG4jYTRhLWJhbm5lcndpc2UgLmE0YS1ib3JkZXIuYTRhLWJvcmRlci1yaWdodCB7dG9wOiAwOyByaWdodDogMDsgaGVpZ2h0OiAxMDAlfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWRvY3VtZW50LWJvZHkge21hcmdpbjogMH1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQge3Bvc2l0aW9uOiBhYnNvbHV0ZTsgZGlzcGxheTogYmxvY2s7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoMCwgMCwgMCk7IG92ZXJmbG93OiBoaWRkZW47IG9wYWNpdHk6IDA7IGZvbnQtc2l6ZTogMDsgbGluZS1oZWlnaHQ6IDB9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50OmJlZm9yZSB7Y29udGVudDogXCJcIjsgZGlzcGxheTogaW5saW5lLWJsb2NrOyBoZWlnaHQ6IDEwMCU7IG1hcmdpbi1sZWZ0OiAwOyBmb250LXNpemU6IDB9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50LmE0YS1mcm9tLXRvcDpiZWZvcmUge3ZlcnRpY2FsLWFsaWduOiB0b3B9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50LmE0YS1mcm9tLXRvcCAuYTRhLWItZWxlbWVudC10ZXh0IHt2ZXJ0aWNhbC1hbGlnbjogdG9wfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC5hNGEtZnJvbS1taWRkbGU6YmVmb3JlIHt2ZXJ0aWNhbC1hbGlnbjogbWlkZGxlfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC5hNGEtZnJvbS1taWRkbGUgLmE0YS1iLWVsZW1lbnQtdGV4dCB7dmVydGljYWwtYWxpZ246IG1pZGRsZX1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQuYTRhLWZyb20tYm90dG9tOmJlZm9yZSB7dmVydGljYWwtYWxpZ246IGJvdHRvbX1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQuYTRhLWZyb20tYm90dG9tIC5hNGEtYi1lbGVtZW50LXRleHQge3ZlcnRpY2FsLWFsaWduOiBib3R0b219XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50LmE0YS1mcm9tLWxlZnQge3RleHQtYWxpZ246IGxlZnR9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50LmE0YS1mcm9tLWNlbnRlciB7dGV4dC1hbGlnbjogY2VudGVyfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC5hNGEtZnJvbS1yaWdodCB7dGV4dC1hbGlnbjogcmlnaHR9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50LmE0YS1vbmUtbGluZSAuYTRhLWItZWxlbWVudC10YWJsZSB7dGFibGUtbGF5b3V0OiBmaXhlZH1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQuYTRhLW9uZS1saW5lIC5hNGEtYi1lbGVtZW50LWNlbGwge3doaXRlLXNwYWNlOiBub3dyYXA7IG92ZXJmbG93OiBoaWRkZW47IHRleHQtb3ZlcmZsb3c6IGVsbGlwc2lzfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC5hNGEtb25lLWxpbmUgYnIge2Rpc3BsYXk6IG5vbmV9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50LXRleHQge3Bvc2l0aW9uOiByZWxhdGl2ZTsgZGlzcGxheTogaW5saW5lLWJsb2NrOyBvdXRsaW5lOiAwOyBib3JkZXItc3R5bGU6IHNvbGlkfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC1idXR0b24ge292ZXJmbG93OiB2aXNpYmxlfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC10YWJsZSB7ZGlzcGxheTogdGFibGV9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYi1lbGVtZW50LWNlbGwge2Rpc3BsYXk6IHRhYmxlLWNlbGw7IHZlcnRpY2FsLWFsaWduOiBib3R0b207IHRleHQtcmVuZGVyaW5nOiBvcHRpbWl6ZUxlZ2liaWxpdHk7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCgwLCAwLCAwKTsgLXdlYm&i=4-13&t=adltag_lpih9e1a_AY22Lq9u2iJ&r=e1702d2e795da80a4daed1dc96b7f97&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24010
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
EI8YyapI-FtWzsq-4OLCliACkOHaeQMeJ2MWu4_M10ezO1lKL4ZY1A==
tag
setupad-hai-tagan.adlightning.com/ 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=tpdC1mb250LXNtb290aGluZzogYW50aWFsaWFzZWQ7IC1tb3otb3N4LWZvbnQtc21vb3RoaW5nOiBncmF5c2NhbGU7IHdvcmQtd3JhcDogYnJlYWstd29yZDsgd2hpdGUtc3BhY2U6IHByZS13cmFwOyBvdXRsaW5lOiAwfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC1pbWFnZSB7cG9zaXRpb246IGFic29sdXRlOyBiYWNrZ3JvdW5kLXNpemU6IDEwMCUgMTAwJTsgYmFja2dyb3VuZC1yZXBlYXQ6IG5vLXJlcGVhdDsgYmFja2dyb3VuZC1wb3NpdGlvbjogY2VudGVyIGNlbnRlcn1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQgc3ZnIHtwb3NpdGlvbjogYWJzb2x1dGU7IHRvcDogMDsgbGVmdDogMDsgd2lkdGg6IDEwMCU7IGhlaWdodDogMTAwJTsgei1pbmRleDogMX1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQuYTRhLXNoYXBlLW11bHRpcGx5IHttaXgtYmxlbmQtbW9kZTogbXVsdGlwbHk7IC1tcy1maWx0ZXI6IFwicHJvZ2lkOkRYSW1hZ2VUcmFuc2Zvcm0uTWljcm9zb2Z0LkFscGhhXFwoT3BhY2l0eT04MFxcKVwifVxuQG1lZGlhIHNjcmVlbiBhbmQgKC1tcy1oaWdoLWNvbnRyYXN0OiBhY3RpdmUpLCAoLW1zLWhpZ2gtY29udHJhc3Q6IG5vbmUpIHsgW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudC5hNGEtc2hhcGUtbXVsdGlwbHkge29wYWNpdHk6IDAuOH0gfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZWxlbWVudCBhbXAtaW1nIHtwb3NpdGlvbjogYWJzb2x1dGU7IHRvcDogMDsgbGVmdDogMH1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWVsZW1lbnQgYW1wLWltZy5hNGEtY292ZXIgaW1nIHtvYmplY3QtZml0OiBjb3Zlcn1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1iLWRhcmstZ3JhZGllbnQ6YWZ0ZXIge2NvbnRlbnQ6IFwiXCI7IHBvc2l0aW9uOiBhYnNvbHV0ZTsgdG9wOiAwOyBsZWZ0OiAwOyByaWdodDogMDsgYm90dG9tOiAwOyBiYWNrZ3JvdW5kOiAtd2Via2l0LWxpbmVhci1ncmFkaWVudCh0b3AsIHJnYmEoMCwgMCwgMCwgMCkgMCUsIHJnYmEoMCwgMCwgMCwgMC4yKSAxMDAlKTsgYmFja2dyb3VuZDogbGluZWFyLWdyYWRpZW50KHRvIGJvdHRvbSwgcmdiYSgwLCAwLCAwLCAwKSAwJSwgcmdiYSgwLCAwLCAwLCAwLjIpIDEwMCUpOyBib3JkZXItcmFkaXVzOiBpbmhlcml0fVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItbGlnaHQtZ3JhZGllbnQ6YWZ0ZXIge2NvbnRlbnQ6IFwiXCI7IHBvc2l0aW9uOiBhYnNvbHV0ZTsgdG9wOiAwOyBsZWZ0OiAwOyByaWdodDogMDsgYm90dG9tOiAwOyBiYWNrZ3JvdW5kOiAtd2Via2l0LWxpbmVhci1ncmFkaWVudCh0b3AsIHJnYmEoMjU1LCAyNTUsIDI1NSwgMCkgMCUsIHJnYmEoMjU1LCAyNTUsIDI1NSwgMC41KSAxMDAlKTsgYmFja2dyb3VuZDogbGluZWFyLWdyYWRpZW50KHRvIGJvdHRvbSwgcmdiYSgyNTUsIDI1NSwgMjU1LCAwKSAwJSwgcmdiYSgyNTUsIDI1NSwgMjU1LCAwLjUpIDEwMCUpOyBib3JkZXItcmFkaXVzOiBpbmhlcml0fVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItZGFyay1idWxsZXQ6YWZ0ZXIge2NvbnRlbnQ6IFwiXCI7IHBvc2l0aW9uOiBhYnNvbHV0ZTsgdG9wOiAwOyBsZWZ0OiAwOyByaWdodDogMDsgYm90dG9tOiAwOyBiYWNrZ3JvdW5kOiAtd2Via2l0LWxpbmVhci1ncmFkaWVudCh0b3AsIHJnYmEoMCwgMCwgMCwgMCkgMCUsIHJnYmEoMCwgMCwgMCwgMCkgNTAlLCByZ2JhKDAsIDAsIDAsIDAuMDkpIDUwJSwgcmdiYSgwLCAwLCAwLCAwLjA5KSAxMDAlKTsgYmFja2dyb3VuZDogbGluZWFyLWdyYWRpZW50KHRvIGJvdHRvbSwgcmdiYSgwLCAwLCAwLCAwKSAwJSwgcmdiYSgwLCAwLCAwLCAwKSA1MCUsIHJnYmEoMCwgMCwgMCwgMC4wOSkgNTAlLCByZ2JhKDAsIDAsIDAsIDAuMDkpIDEwMCUpOyBib3JkZXItcmFkaXVzOiBpbmhlcml0fVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWItbGlnaHQtYnVsbGV0OmFmdGVyIHtjb250ZW50OiBcIlwiOyBwb3NpdGlvbjogYWJzb2x1dGU7IHRvcDogMDsgbGVmdDogMDsgcmlnaHQ6IDA7IGJvdHRvbTogMDsgYmFja2dyb3VuZDogLXdlYmtpdC1saW5lYXItZ3JhZGllbnQodG9wLCByZ2JhKDI1NSwgMjU1LCAyNTUsIDApIDAlLCByZ2JhKDI1NSwgMjU1LCAyNTUsIDApIDUwJSwgcmdiYSgyNTUsIDI1NSwgMjU1LCAwLjEyKSA1MCUsIHJnYmEoMjU1LCAyNTUsIDI1NSwgMC4xMikgMTAwJSk7IGJhY2tncm91bmQ6IGxpbmVhci1ncmFkaWVudCh0byBib3R0b20sIHJnYmEoMjU1LCAyNTUsIDI1NSwgMCkgMCUsIHJnYmEoMjU1LCAyNTUsIDI1NSwgMCkgNTAlLCByZ2JhKDI1NSwgMjU1LCAyNTUsIDAuMTIpIDUwJSwgcmdiYSgyNTUsIDI1NSwgMjU1LCAwLjEyKSAxMDAlKTsgYm9yZGVyLXJhZGl1czogaW5oZXJpdH1cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1id19zdWRzbjB3ZXkge2FuaW1hdGlvbjogYndfNDQ4aGR3MGJyIDMuNnMgbGluZWFyIDBzIDggbm9ybWFsIGZvcndhcmRzfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWJ3X28wMHE5ZXNmNSB7YW5pbWF0aW9uOiBid18zbTJ3cDd2dTQgMy42cyBsaW5lYXIgMHMgOCBub3JtYWwgZm9yd2FyZHN9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYndfYmFjOWpycjN1IHthbmltYXRpb246IGJ3XzE3aGk0MGpwMiAzLjZzIGxpbmVhciAwcyA4IG5vcm1hbCBmb3J3YXJkc31cbltpZD1cImdvb2dsZV91cGxvYWRlZF9hNGFcIl0gLmE0YS1id196aG1maXJxd2cge2FuaW1hdGlvbjogYndfOXljZ2Zlcmw5IDMuNnMgbGluZWFyIDBzIDggbm9ybWFsIGZvcndhcmRzfVxuW2lkPVwiZ29vZ2xlX3VwbG9hZGVkX2E0YVwiXSAuYTRhLWJ3X2p1NXg4NTVqMCB7YW5pbWF0aW9uOiBid196eWM3bWp3bmIgMy42cyBsaW5lYXIgMHMgOCBub3JtYWwgZm9yd2FyZHN9XG5baWQ9XCJnb29nbGVfdXBsb2FkZWRfYTRhXCJdIC5hNGEtYndfc2p5dXR1azllIHthbmltYXRpb246IGJ3X2Q4YXIxeTZubiAzLjZzIGxpbmVhciAwcyA4IG5vcm1hbCBmb3J3YXJkc31cbiNhNGEtZTAge3dpZHRoOiAxODNweDsgaGVpZ2h0OiAyM3B4OyB6LWluZGV4OiAyfVxuI2E0YS1lMSB7d2lkdGg6IDE5M3B4OyBoZWlnaHQ6IDU0cHg7IHotaW5kZXg6IDN9XG4jYTRhLWUyIHt3aWR0aDogMjg3cHg7IGhlaWdodDogMjBweDsgei1pbmRleDogNH1cbiNhNGEtZTMge3dpZHRoOiAyMTVweDsgaGVpZ2h0OiA3OXB4OyB6LWluZGV4OiA1OyBib3JkZXI6IDB9XG4jYTRhLWU0IHt3aWR0aDogNjRweDsgaGVpZ2h0OiAxOHB4OyB6LWluZGV4OiA1OyBib3JkZXI6IDB9XG4jYTRhLWU1IHt3aWR0aDogMjE1cHg7IGhlaWdodDogNzlweDsgei1pbmRleDogNn08L3N0eWxlPjxsaW5rIGNyb3Nzb3JpZ2luPWFub255bW91cyBocmVmPVwiaHR0cHM6Ly9mb250cy5nb29nbGVhcGlzLmNvbS9jc3M%2FZmFtaWx5PU5vdG8rU2FuczoxMDAsMTAwaSwyMDAsMjAwaSwzMDAsMzAwaSw0MDAsNDAwaSw1MDAsNTAwaSw2MDAsNjAwaSw3MDAsNzAwaSw4MDAsODAwaSw5MDAsOTAwaVwiIHJlbD1zdHlsZXNoZWV0IHR5cGU9dGV4dC9jc3M%2BPHN0eWxlIGFtcDRhZHMtYm9pbGVycGxhdGU%2BYm9keXt2aXNpYmlsaXR5OmhpZGRlbn08L3N0eWxlPjwvaGVhZD48Ym9keT48ZGl2IGFyaWEtaGlkZGVuPXRydWUgY2xhc3M9XCJhYmdjIGFiZ2YgcGVuXCIgZGlyPWx0ciBpZD1hYmdjPjxkaXYgY2xhc3M9XCJhYmdjcCBwZWFcIiBpZD1hYmdjcD48ZGl2IGNsYXNzPWFiZ3MgaWQ9YWJncz48YSBjbGFzcz1hYmdsIGhyZWY9XCJodHRwczovL2Fkc3NldHRpbmdzLmdvb2dsZS5jb20vd2h5dGhpc2FkP3NvdXJjZT1kaXNwbGF5JmFtcDtyZWFzb25zPUFXeWpiQjZfRGRZZm45Y0p1YUdCU0VfS3QtZnMyMThrdmdIekE5WmtEYlI1UlpYQ1NpVE5nUTAzUWduVzc2UHg2Wl9TaGNhc1lFZWt5bDdOal9OT2F3RVU1enpsS1ctRDVWZl9NSmZKWlVOOVJ2T21ULXhaLUVyVTB6NTlkbzU2UkpzblQ0eFVwVVBtT3J5UVp2eGwtYjBGeXYwSURNR0huNDQwUjhBVkNoM0ExaUxaV0NlUkVIWWtrOXRmdGt6YVlsc3MzaHBmOGhTZHBrOHJ6THhoSFBtajl3VFE4MkhfdDZwLUFfYUdBNFlsZ1M0N0c4SDJUVkwwR2pxR1ZtRGZMbE1PV2pjeVhWcjV1SElyU3hOOXktbjBlR0FfQ0VWMVlsRlN2M0RoVEg1XzA4ZXRqTGdiLWdqeXItQ2xjUGVXMkdwWmNCV2ZMLXJMREFBS3dxTE12a0hfY3ZSbGtsQ2tDNTNxVnp0SWdkbmtHT09FYW9uc3JyYjFqWGVHM1UtSnpEOEFxaWhEMVhQT01xUGtwWjJMSUdpQ09qLXBhTC1TTWg1QmphcDhuVE4zV1loN2djVzNyazlpcWM5alkwYjhLaDN3d181Z1I1aDhRZUhQMm1Ib0NmeFRWOFpJRHQ0NWlmSHY0Y1hxUHJPeGtvUzBVR3AwdXNSQ0I4VjZQTF9nMWdkVW9pVEdaZzFDci1pX3ludHJrdjd3RXZxcjRYWW9kZ2FjWS1IaTVBVWtRUnlBSGp5N0NKelZ3X1hKdlRhLXlpTHBjOXBkQklsa1IyVjRMU0hYd1JTSVBPYWUxcFFtSU1WLXFjNWlMSGo0Tnl2cndWV1lTZElHdDFiT1Ntc0xZWFltNklSMTNkbnpLUXRrWUdVNlZZQ1RqLXRHMkVzSV80Mi1WWTlFWE9CX3hienBDbW9CYXNJTDNxdmhlWE5SUFRxY1RHOUVBQVNnMzQtNXphZHZKR3RySkR4Y1lkVk16TlBVZ1d1WTJmUlBaVG1lZnc5LXQtVU1HRjgzX2VSdU1NbnhwTGFOY3dCdTdCWlhtc0pNTklJeDI4R1V1UWRVbHVmT0FUd2lTZk1YYWJFVzJHd0NfWXR4eE9HVmFja285bnFPSWxXZThlVzZXVEFWQWo5YVZvZHdhMU9wWTJPT1VHeVBubVdoaldFaVdJLXpCSlpwbFFUYjJOV0Z0TFJncTdyd3ZHSzNhSUpkdWs2bTFtSmJNa0lzamlubWk0MEt3X1NrWldOdTJiTUNESE16Z2o4Tk95cmw2dW1LUVRuWlhrR2FjcFNDc1RNZFJkbjY0QUFMZzAxUk96MW00QUwydldtYnV4eUVwQWNvSGZxeEtmXzFIVW9LTHdaZGFxUkZlUkJpcHF5Tnh1Qm8xMEVWaXpBNTVERnNXUU5BVjZvQmxFWi10WTFYNVVkbXdRdk5oa0dVZ3VxSmVBUVVFTVhmTEktZmhUR3V4b3R2TjVZTUxRdWtiTHU4M2VZM2o5dlZPU1lqbGR0QTVILXZUTzV0NU9BYUNDbXZPMVRmZlhjbWxUQzFkb3JWZF8ycDNVekNtQXROWm5zUzZuMjZoTHpSTFQyR3FqRDdjdDAycDlLQ0xRMGM3UUtnX0cyV28tRVNhRFBRMkdDU3JQZGZqMUhuLWliUXRrRl9BV185YVBwVGx0VkUzbDVCZVF5VVM0NE9BUVgzcVRseE40TEF3XzlZMFVIRzBnMko3LVd4R2FIbm43MHZTWDMtN2NxWm1OaUtaOVVRRDVvdi1VYnB2SHBSUHNNdGt3QmI1d3k2RjhFV1ZZZW9VMnRqcDRGY3hmX0RjR2RuX3pOZWIxdVVmZ0JDcW9RN1hKRkI2d0IyX2RSajhZRmRGSVFKM3VZOXQ2aXBjOW5VQU9FSlBaRTlOLTRrQWJsdDM5MTdBQWlaYjgzT2FMdnMxSm9uTXZ2WlJsSm1ZLVo3RlJMRjgyOWJTeDNyMi15OFVqc1dGTkxtVWR4UU85YzEwWFlwRDJ0eFpqUmN3UnhxX0JUbVRvNzg3Rm0wSU83TGVicDFKTGUxU3ZIaWxGYmt0NFF6Q2VzS282aHRDWGI1eXAzeVZwVnJRdENfY1N2MmlNd01FNzZZakFtZElrblRQN3NsREU5Z1ZHYS1kTlhrZlJyZkhCVURhT1FwMnRtX1FPcmp0RUJmR3RaQjdJcUh0MkNGN21TSmFRZHJ4NjJWWXNHNUlRVzJvc2FtV2ZEUW5nQXZuY29EZVVvNUZrR2NPcl9zZmtCQktTMUpWRHU2blJkZll6VlBZU3c2dVZHTVpqS2FvV1c2TnR0SjZWeF9KeW1rTWxfd081cXkyZmRyVHEwajVVM1VZMGt3Rk9EQ1dfX2FJekp2WTNJVUFOaHdDS0tyZFlqYjRvUXFHSkZqUXZOeEZQYW1WYU9nWURibjEyRm9XRWFXTEt2ZTQxX2tMX1hEd0JDMkdqQVlQZmVXaGNfV0lFRk51Zi01Zjc2RXpZTWJpQ04xYk5CWDZYSGp1UkdBTU13bnlrN1hQbF9UaTZUOU8wQ0RZenZlS3dSZjZLdi12Z2N2V0tVN1I2UTZXLVJTcGVEeFJIcF9PUXpoaExFd0dKNGhKUWZHXzVfSHVlc1dGZTZhcEs3VVpuZ1JZdlMtSHJQT2Z5b0t5bG1JTEY0a1E5ckFnUTNlRjNtRUNtcEdrQlBWWk5nTVFvWXhhSld2MmU0NS0wMEJsZW02UXNISWlTV0lTc3IwYUMwMll6&i=5-13&t=adltag_lpih9e1a_AY22Lq9u2iJ&r=e1702d2e795da80a4daed1dc96b7f97&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24010
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
SzoPAuRnTz_Y28qxawIlE_ONCCTkO-tAyEAY3-e4bPlHhEbCw0FUfw==
tag
setupad-hai-tagan.adlightning.com/ 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=bzkxQ0p5amlFXzNCeEpaZkI2bFBwbFU0cUJBSmhIdzVtT2lIRGNYT2Y1eWZfUEc3N09ROXV4MkdtS2xLLVlGY2dfd1ZLMnFnLWpEbWJpYzZEaVFGdTFxaXNpNFBQQkEtbzVoM0RLNUhrRkhHVUtoVnk1N04xVkVoVjZkampfQkZBR2REeXRwMzFyYVJnVm02RDVJTGo2VXNZUGZreGZKQi1ueDVRXCIgaWQ9YWJnbCB0YXJnZXQ9X2JsYW5rPjxhbXAtaW1nIGNsYXNzPVwiaS1hbXBodG1sLWxheW91dC1maXhlZCBpLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZFwiIGhlaWdodD0xNSBpLWFtcGh0bWwtbGF5b3V0PWZpeGVkIGktYW1waHRtbC1zc3Igc3JjPWh0dHBzOi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvaW1hZ2VzL2FkY2hvaWNlcy9lbi5wbmcgc3R5bGU9d2lkdGg6NzVweDtoZWlnaHQ6MTVweDsgd2lkdGg9NzU%2BPGltZyBjbGFzcz1cImktYW1waHRtbC1maWxsLWNvbnRlbnQgaS1hbXBodG1sLXJlcGxhY2VkLWNvbnRlbnRcIiBkZWNvZGluZz1hc3luYyBzcmM9aHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9pbWFnZXMvYWRjaG9pY2VzL2VuLnBuZz48L2FtcC1pbWc%2BPC9hPjwvZGl2PjxkaXYgY2xhc3M9YWJnYiBpZD1hYmdiPjxhIGhyZWY9XCJodHRwczovL2Fkc3NldHRpbmdzLmdvb2dsZS5jb20vd2h5dGhpc2FkP3NvdXJjZT1kaXNwbGF5JmFtcDtyZWFzb25zPUFXeWpiQjZfRGRZZm45Y0p1YUdCU0VfS3QtZnMyMThrdmdIekE5WmtEYlI1UlpYQ1NpVE5nUTAzUWduVzc2UHg2Wl9TaGNhc1lFZWt5bDdOal9OT2F3RVU1enpsS1ctRDVWZl9NSmZKWlVOOVJ2T21ULXhaLUVyVTB6NTlkbzU2UkpzblQ0eFVwVVBtT3J5UVp2eGwtYjBGeXYwSURNR0huNDQwUjhBVkNoM0ExaUxaV0NlUkVIWWtrOXRmdGt6YVlsc3MzaHBmOGhTZHBrOHJ6THhoSFBtajl3VFE4MkhfdDZwLUFfYUdBNFlsZ1M0N0c4SDJUVkwwR2pxR1ZtRGZMbE1PV2pjeVhWcjV1SElyU3hOOXktbjBlR0FfQ0VWMVlsRlN2M0RoVEg1XzA4ZXRqTGdiLWdqeXItQ2xjUGVXMkdwWmNCV2ZMLXJMREFBS3dxTE12a0hfY3ZSbGtsQ2tDNTNxVnp0SWdkbmtHT09FYW9uc3JyYjFqWGVHM1UtSnpEOEFxaWhEMVhQT01xUGtwWjJMSUdpQ09qLXBhTC1TTWg1QmphcDhuVE4zV1loN2djVzNyazlpcWM5alkwYjhLaDN3d181Z1I1aDhRZUhQMm1Ib0NmeFRWOFpJRHQ0NWlmSHY0Y1hxUHJPeGtvUzBVR3AwdXNSQ0I4VjZQTF9nMWdkVW9pVEdaZzFDci1pX3ludHJrdjd3RXZxcjRYWW9kZ2FjWS1IaTVBVWtRUnlBSGp5N0NKelZ3X1hKdlRhLXlpTHBjOXBkQklsa1IyVjRMU0hYd1JTSVBPYWUxcFFtSU1WLXFjNWlMSGo0Tnl2cndWV1lTZElHdDFiT1Ntc0xZWFltNklSMTNkbnpLUXRrWUdVNlZZQ1RqLXRHMkVzSV80Mi1WWTlFWE9CX3hienBDbW9CYXNJTDNxdmhlWE5SUFRxY1RHOUVBQVNnMzQtNXphZHZKR3RySkR4Y1lkVk16TlBVZ1d1WTJmUlBaVG1lZnc5LXQtVU1HRjgzX2VSdU1NbnhwTGFOY3dCdTdCWlhtc0pNTklJeDI4R1V1UWRVbHVmT0FUd2lTZk1YYWJFVzJHd0NfWXR4eE9HVmFja285bnFPSWxXZThlVzZXVEFWQWo5YVZvZHdhMU9wWTJPT1VHeVBubVdoaldFaVdJLXpCSlpwbFFUYjJOV0Z0TFJncTdyd3ZHSzNhSUpkdWs2bTFtSmJNa0lzamlubWk0MEt3X1NrWldOdTJiTUNESE16Z2o4Tk95cmw2dW1LUVRuWlhrR2FjcFNDc1RNZFJkbjY0QUFMZzAxUk96MW00QUwydldtYnV4eUVwQWNvSGZxeEtmXzFIVW9LTHdaZGFxUkZlUkJpcHF5Tnh1Qm8xMEVWaXpBNTVERnNXUU5BVjZvQmxFWi10WTFYNVVkbXdRdk5oa0dVZ3VxSmVBUVVFTVhmTEktZmhUR3V4b3R2TjVZTUxRdWtiTHU4M2VZM2o5dlZPU1lqbGR0QTVILXZUTzV0NU9BYUNDbXZPMVRmZlhjbWxUQzFkb3JWZF8ycDNVekNtQXROWm5zUzZuMjZoTHpSTFQyR3FqRDdjdDAycDlLQ0xRMGM3UUtnX0cyV28tRVNhRFBRMkdDU3JQZGZqMUhuLWliUXRrRl9BV185YVBwVGx0VkUzbDVCZVF5VVM0NE9BUVgzcVRseE40TEF3XzlZMFVIRzBnMko3LVd4R2FIbm43MHZTWDMtN2NxWm1OaUtaOVVRRDVvdi1VYnB2SHBSUHNNdGt3QmI1d3k2RjhFV1ZZZW9VMnRqcDRGY3hmX0RjR2RuX3pOZWIxdVVmZ0JDcW9RN1hKRkI2d0IyX2RSajhZRmRGSVFKM3VZOXQ2aXBjOW5VQU9FSlBaRTlOLTRrQWJsdDM5MTdBQWlaYjgzT2FMdnMxSm9uTXZ2WlJsSm1ZLVo3RlJMRjgyOWJTeDNyMi15OFVqc1dGTkxtVWR4UU85YzEwWFlwRDJ0eFpqUmN3UnhxX0JUbVRvNzg3Rm0wSU83TGVicDFKTGUxU3ZIaWxGYmt0NFF6Q2VzS282aHRDWGI1eXAzeVZwVnJRdENfY1N2MmlNd01FNzZZakFtZElrblRQN3NsREU5Z1ZHYS1kTlhrZlJyZkhCVURhT1FwMnRtX1FPcmp0RUJmR3RaQjdJcUh0MkNGN21TSmFRZHJ4NjJWWXNHNUlRVzJvc2FtV2ZEUW5nQXZuY29EZVVvNUZrR2NPcl9zZmtCQktTMUpWRHU2blJkZll6VlBZU3c2dVZHTVpqS2FvV1c2TnR0SjZWeF9KeW1rTWxfd081cXkyZmRyVHEwajVVM1VZMGt3Rk9EQ1dfX2FJekp2WTNJVUFOaHdDS0tyZFlqYjRvUXFHSkZqUXZOeEZQYW1WYU9nWURibjEyRm9XRWFXTEt2ZTQxX2tMX1hEd0JDMkdqQVlQZmVXaGNfV0lFRk51Zi01Zjc2RXpZTWJpQ04xYk5CWDZYSGp1UkdBTU13bnlrN1hQbF9UaTZUOU8wQ0RZenZlS3dSZjZLdi12Z2N2V0tVN1I2UTZXLVJTcGVEeFJIcF9PUXpoaExFd0dKNGhKUWZHXzVfSHVlc1dGZTZhcEs3VVpuZ1JZdlMtSHJQT2Z5b0t5bG1JTEY0a1E5ckFnUTNlRjNtRUNtcEdrQlBWWk5nTVFvWXhhSld2MmU0NS0wMEJsZW02UXNISWlTV0lTc3IwYUMwMll6bzkxQ0p5amlFXzNCeEpaZkI2bFBwbFU0cUJBSmhIdzVtT2lIRGNYT2Y1eWZfUEc3N09ROXV4MkdtS2xLLVlGY2dfd1ZLMnFnLWpEbWJpYzZEaVFGdTFxaXNpNFBQQkEtbzVoM0RLNUhrRkhHVUtoVnk1N04xVkVoVjZkampfQkZBR2REeXRwMzFyYVJnVm02RDVJTGo2VXNZUGZreGZKQi1ueDVRXCIgdGFyZ2V0PV9ibGFuaz48YW1wLWltZyBjbGFzcz1cImktYW1waHRtbC1sYXlvdXQtZml4ZWQgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWRcIiBoZWlnaHQ9MTUgaS1hbXBodG1sLWxheW91dD1maXhlZCBpLWFtcGh0bWwtc3NyIHNyYz1odHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2ltYWdlcy9hZGNob2ljZXMvaWNvbi5wbmcgc3R5bGU9d2lkdGg6MTVweDtoZWlnaHQ6MTVweDsgd2lkdGg9MTU%2BPGltZyBjbGFzcz1cImktYW1waHRtbC1maWxsLWNvbnRlbnQgaS1hbXBodG1sLXJlcGxhY2VkLWNvbnRlbnRcIiBkZWNvZGluZz1hc3luYyBzcmM9aHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9pbWFnZXMvYWRjaG9pY2VzL2ljb24ucG5nPjwvYW1wLWltZz48L2E%2BPC9kaXY%2BPC9kaXY%2BPGFtcC1hbmFseXRpY3MgY2xhc3M9XCJpLWFtcGh0bWwtbGF5b3V0LWZpeGVkIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkXCIgaS1hbXBodG1sLWxheW91dD1maXhlZCBzdHlsZT13aWR0aDoxcHg7aGVpZ2h0OjFweDsgdHJpZ2dlcj1pbW1lZGlhdGU%2BPHNjcmlwdCB0eXBlPWFwcGxpY2F0aW9uL2pzb24%2Be1wicmVxdWVzdHNcIjoge1wicmVwb3J0Tm9MYWJlbEluc3RhbmNlXCI6IFwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2ludGVyYWN0aW9uLz9haT1DcDhiNmdBTm1aYmZkT3MtSHFNd1BfUG1pNEFUNWdNYWJkSkNncGJhcEVxWGVpNlNTRGhBQklQMnY3aWRnX2FDWmdlZ0RvQUd2bGYtYktzZ0JDYWtDMU1LanN2SmVzajdnQWdDb0F3SElBd2lxQk4wQ1Q5Q3FvV2tSMlpYcklubUVQSmNtQUNza01heEhvN2dGZFl6OWtxMVFpenJHZDJJY0lXWDdYQklvbDQySS1QbjEzTFZjRlZIMXRTbG9sVkNCenhOYnNsM0t0eG9XWHVwSlV6aUJoMzBhVVJGY0lXcFhfNzhBRW5rTXZLNkNiVFQ2bUZQUmdJVFlCNXpONjB4STJMU0lHX0toQzh3MTNIQVI3ZVdoR0RFMXBUSS12bm0xRWFEb0ZjUk5OQWhYQ0hpYV9DR1FKMHZndW5CSThNM0FsU3d3WmVQSUxSNXNtQUZMa3JDUlNxRTVEZEx3VUtabVJ6b21JdjBra2JvMmNfa0o5QTI4Qk15NjFvS2s4enh6NTZSX21pUkoybFJtd2dYZ1JnT3gzV2FaUFQyd003VkgxNWhHcl9zSUtTOHV3eUstbDVoX0MtcXo1TXA0Y1IxUWcxMC1JQWxtVGZhMERwWlpMYVdxd2RqQVN6OUEzM1R5amx6V1I4VUp6OTkzRnltRFlFUmNGaFVOX0pvX3RoNEplQnVNSEJEcW1RWmNsZTFTLWt2cXNhT2s0cVNJX1BNOTJ6ZW03YkhvbERNdnEteEpFMUJtUzJJWmg3SGZhOUoxNDhBRXVQU0hvTVVFNEFRQmlBWHc2ZFNyVGFBR0xvQUhyODNQLXdTb0I5bTJzUUtvQjQ3T0c2Z0hrOWdicUFmdWxyRUNxQWYtbnJFQ3FBZlZ5UnVvQjZhLUc2Z0htZ2FvQl9QUkc2Z0hsdGdicUFlcW03RUNxQWVEcmJFQ3FBZl9uckVDcUFmZm43RUNxQWZLcWJFQ3FBZnJwYkVDMkFjQTBnZ1VDSUJoRUFFWUhUSUNpZ0k2QW9CQVNMMzl3VHF4Q1FNc0lFQllZWFB5Z0FvQm1Bc0J5QXNCZ0F3Qm9nd1lLaFlLRk9TMHNRTHV0YkVDdGJpeEF1UzBzUUx1dGJFQzJnd1JDZ3NRNFBMLTlfcll0YkRhQVJJQ0FRT3FEUUpEUWNnTkFlSU5Fd2lCdGRUWF9lYUNBeFhQQTRvREhmeThDRXpZRXd6UUZRR1lGZ0g0RmdHQUZ3RSZzaWdoPXUtY1UzdmtTNkVjJmNpZD1DQVFTVHdESUNhYU5NM1dzd1dOTWlodWxzNkpyVGk2MTFvUWtfQ2dXVmtGeVM5N1NHeEM4dGpNckpab2NUdFZWQU1iWW8zUzdXNXhUQ0dGQ1dWbkFqWVFhakNoLWN3ZFZkcGFJLWRfYWk2U05qUFkmY2lkPUNBUVNUd0RJQ2FhTk0zV3N3V05NaWh1bHM2SnJUaTYxMW9Ra19DZ1dWa0Z5Uzk3U0d4Qzh0ak1ySlpvY1R0VlZBTWJZbzNTN1c1eFRDR0ZDV1ZuQWpZUWFqQ2gtY3dkVmRwYUktZF9haTZTTmpQWSZsYWJlbD0ke2xhYmVsfVwiLFwicmVwb3J0TGFiZWxJbnN0YW5jZVwiOiBcImh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9pbnRlcmFjdGlvbi8%2FYWk9Q3A4YjZnQU5tWmJmZE9zLUhxTXdQX1BtaTRBVDVnTWFiZEpDZ3BiYXBFcVhlaTZTU0RoQUJJUDJ2N2lkZ19hQ1pnZWdEb0FHdmxmLWJLc2dCQ2FrQzFNS2pzdkplc2o3Z0FnQ29Bd0hJQXdpcUJOMENUOUNxb1drUjJaWHJJbm1FUEpjbUFDc2tNYXhIbzdnRmRZejlrcTFRaXpyR2QySWNJV1g3WEJJb2w0MkktUG4xM0xWY0ZWSDF0U2xvbFZDQnp4TmJzbDNLdHhvV1h1cEpVemlCaDMwYVVSRmNJV3BYXzc4QUVua012SzZDYlRUNm1GUFJnSVRZQjV6TjYweEkyTFNJR19LaEM4dzEzSEFSN2VXaEdERTFwVEktdm5tMUVhRG9GY1JOTkFoWENIaWFfQ0dRSjB2Z3VuQkk4TTNBbFN3d1plUElMUjVzbUFGTGtyQ1JTcUU1RGRMd1VLWm1Sem9tSXYwa2tibzJjX2tKOUEyOEJNeTYxb0trOHp4ejU2Ul9taVJKMmxSbXdnWGdSZ094M1dhWlBUMndNN1ZIMTVoR3Jfc0lLUzh1d3lLLWw1aF9DLXF6NU1wNGNSMVFnMTAtSUFsbVRmYTBEcFpaTGFXcXdkakFTejlBMzNUeWpseldSOFVKejk5M0Z5bURZRVJjRmhVTl9Kb190aDRKZUJ1TUhCRHFtUVpjbGUxUy1rdnFzYU9rNHFTSV9QTTkyemVtN2JIb2xETXZxLXhKRTFCbVMySVpoN0hmYTlKMTQ4QUV1UFNIb01VRTRBUUJpQVh3NmRTclRhQUdMb0FIcjgzUC13U29COW0yc1FLb0I0N09HNmdIazlnYnFBZnVsckVDcUFmLW5yRUNxQWZWeVJ1b0I2YS1HNmdIbWdhb0JfUFJHNmdIbHRnYnFBZXFtN0VDcUFlRHJiRUNxQWZfbnJFQ3FBZmZuN0VDcUFmS3FiRUNxQWZycGJFQzJBY0EwZ2dVQ0lCaEVBRVlIVElDaWdJNkFvQkFTTDM5d1RxeENRTXNJRUJZWVhQeWdBb0JtQXNCeUFzQmdBd0JvZ3dZS2hZS0ZPUzBzUUx1dGJFQ3RiaXhBdVMwc1FMdXRiRUMyZ3dSQ2dzUTRQTC05X3JZdGJEYUFSSUNBUU9xRFFKRFFjZ05BZUlORXdpQnRkVFhfZWFDQXhYUEE0b0RIZnk4Q0V6WUV3elFGUUdZRmdINEZnR0FGd0Umc2lnaD11LWNVM3ZrUzZFYyZjaWQ9Q0FRU1R3RElDYWFOTTNXc3dXTk1paHVsczZKclRpNjExb1FrX0NnV1ZrRnlTOTdTR3hDOHRqTXJKWm9jVHRWVkFNYllvM1M3VzV4VENHRkNXVm5BallRYWpDaC1jd2RWZHBhSS1kX2FpNlNOalBZJmNpZD1DQVFTVHdESUNhYU5NM1dzd1dOTWlodWxzNkpyVGk2MTFvUWtfQ2dXVmtGeV&i=6-13&t=adltag_lpih9e1a_AY22Lq9u2iJ&r=e1702d2e795da80a4daed1dc96b7f97&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24010
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
kBIi_AJ8aF_4eazhQEQJxxZESe8s0BpED9mS6dx9-sTlOmwoMSG1Xg==
tag
setupad-hai-tagan.adlightning.com/ 		0
419 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=M5N1NHeEM4dGpNckpab2NUdFZWQU1iWW8zUzdXNXhUQ0dGQ1dWbkFqWVFhakNoLWN3ZFZkcGFJLWRfYWk2U05qUFkmbGFiZWw9JHtsYWJlbH0mbGFiZWxfaW5zdGFuY2U9JHtsYWJlbEluc3RhbmNlfSZjYnQ9NWpTcHhtSXNPdkFJa0tDbHRxa1NFUERwMUt0TkdQeTE2S3dGSWd4a2FXZGhibVY0WVM1amIyMHlDQWdGRXhpUXppMFVRaGRqWVMxd2RXSXRNemszTURJM056VXpOVFV5T0RZeE0wZ1NXQzVnb3dOd0FYb0ZDQVFTQVFjXCJ9LFwidHJhbnNwb3J0XCI6IHtcImJlYWNvblwiOiBmYWxzZSxcInhocnBvc3RcIjogZmFsc2UsXCJpbWFnZVwiOiB0cnVlfSxcInRyaWdnZXJzXCI6IHtcInRyYWNrTXV0ZVwiOiB7XCJvblwiOiBcImNsaWNrXCIsXCJzZWxlY3RvclwiOiBcImxhYmVsW2Zvcj0nc3ByMSddXCIsXCJyZXF1ZXN0XCI6IFwicmVwb3J0Tm9MYWJlbEluc3RhbmNlXCJ9LFwidHJhY2tSZXBvcnRBZFwiOiB7XCJvblwiOiBcImNsaWNrXCIsXCJzZWxlY3RvclwiOiBcImxhYmVsW2Zvcj0nc3ByMiddXCIsXCJyZXF1ZXN0XCI6IFwicmVwb3J0TGFiZWxJbnN0YW5jZVwifSxcInRyYWNrU3VydmV5UmVzcG9uc2VcIjoge1wib25cIjogXCJjbGlja1wiLFwic2VsZWN0b3JcIjogXCJsYWJlbFtmb3I9J3NwcjMnXVwiLFwicmVxdWVzdFwiOiBcInJlcG9ydExhYmVsSW5zdGFuY2VcIn0sXCJ0cmFja1doeVRoaXNBZFwiOiB7XCJvblwiOiBcImNsaWNrXCIsXCJzZWxlY3RvclwiOiBcIiNzYnRuXCIsXCJyZXF1ZXN0XCI6IFwicmVwb3J0TGFiZWxJbnN0YW5jZVwifSxcInBlcnNvbmFsaXphdGlvbk9mZlwiOiB7XCJvblwiOiBcImNsaWNrXCIsXCJzZWxlY3RvclwiOiBcIiNwZXJzb25hbGl6ZS1jaGVja2JveDpjaGVja2VkXCIsXCJwYXJlbnRQb3N0TWVzc2FnZVwiOiBcIntcXFwiZ29vZ01zZ1R5cGVcXFwiOlxcXCJncGktdW9vXFxcIixcXFwidXNlck9wdE91dFxcXCI6dHJ1ZX1cXG5cIn0sXCJwZXJzb25hbGl6YXRpb25PblwiOiB7XCJvblwiOiBcImNsaWNrXCIsXCJzZWxlY3RvclwiOiBcIiNwZXJzb25hbGl6ZS1jaGVja2JveDpub3QoOmNoZWNrZWQpXCIsXCJwYXJlbnRQb3N0TWVzc2FnZVwiOiBcIntcXFwiZ29vZ01zZ1R5cGVcXFwiOlxcXCJncGktdW9vXFxcIixcXFwidXNlck9wdE91dFxcXCI6ZmFsc2V9XFxuXCJ9fX08L3NjcmlwdD48L2FtcC1hbmFseXRpY3M%2BPGZvcm0gYWN0aW9uPS8vZy5jbyBjbGFzcz1cInN2IGptIGFtcC1hbmltYXRlIGFiZ2YgcGVuXCIgaWQ9bXRhIHN0eWxlPXBvc2l0aW9uOmFic29sdXRlO3RvcDowO2ZvbnQtZmFtaWx5OkFyaWFsLHNhbnMtc2VyaWY7Zm9udC1zaXplOjEycHg7Zm9udC13ZWlnaHQ6NDAwO2xpbmUtaGVpZ2h0OjFlbSB0YXJnZXQ9X2JsYW5rPjxpbnB1dCBpZD1zcHIwIG5hbWU9YSB0eXBlPXJhZGlvPjxpbnB1dCBpZD1zcHIxIG5hbWU9YSB0eXBlPXJhZGlvPjxpbnB1dCBpZD1zcHIyIG5hbWU9YSB0eXBlPXJhZGlvPjxpbnB1dCBpZD1zcHIzIG5hbWU9YSB0eXBlPXJhZGlvPjxpbnB1dCBpZD1zcHI1IG5hbWU9YSB0eXBlPXJhZGlvPjxsYWJlbCBjbGFzcz1cImNiYiBwZWFcIiBkYXRhLXZhcnMtbGFiZWw9dXNlcl9mZWVkYmFja19tZW51X2ludGVyYWN0aW9uIGZvcj1zcHIxIGlkPWNiYj48c3ZnIHN0eWxlPXdpZHRoOjE1cHg7aGVpZ2h0OjE1cHg7dmVydGljYWwtYWxpZ246dG9wIHhtbG5zPS8vd3d3LnczLm9yZy8yMDAwL3N2Zz48cGF0aCBkPU0wLDBsMTUsMGwwLDE1bC0xNSwwWiBmaWxsPSNjZGNjY2M%2BPC9wYXRoPjxwYXRoIGQ9TTMuMjUsMy4yNWw4LjUsOC41TTExLjc1LDMuMjVsLTguNSw4LjUgc3Ryb2tlPSMwMGFlY2Qgc3Ryb2tlLXdpZHRoPTEuMjU%2BPC9wYXRoPjwvc3ZnPjwvbGFiZWw%2BPGRpdiBjbGFzcz1cInBuIGFiZ2ZcIiBpZD1zcHYxIHN0eWxlPXBvc2l0aW9uOmFic29sdXRlOy1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtiYWNrZ3JvdW5kLWNvbG9yOiNmYWZhZmE7dGV4dC1hbGlnbjpjZW50ZXI%2BPGFtcC1maXQtdGV4dCBjbGFzcz1cImZsIGktYW1waHRtbC1sYXlvdXQtcmVzcG9uc2l2ZSBpLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZFwiIGhlaWdodD0yNTAgaS1hbXBodG1sLWxheW91dD1yZXNwb25zaXZlIGxheW91dD1yZXNwb25zaXZlIG1heC1mb250LXNpemU9MjAgbWluLWZvbnQtc2l6ZT04IHdpZHRoPTMwMD48aS1hbXBodG1sLXNpemVyIHNsb3Q9aS1hbXBodG1sLXN2YyBzdHlsZT1kaXNwbGF5OmJsb2NrO3BhZGRpbmctdG9wOjgzLjMzMzMlOz48L2ktYW1waHRtbC1zaXplcj48ZGl2IGNsYXNzPWNsb3NlIGlkPW1lbnUtZGlzbWlzcyBzdHlsZT1wb3NpdGlvbjphYnNvbHV0ZTt0b3A6MnB4O2NvbG9yOiMwMDA7Zm9udC1zaXplOjE1cHg7bGluZS1oZWlnaHQ6MTVweDtvcGFjaXR5Oi41O2hlaWdodDoxNXB4O3dpZHRoOjE1cHg7dXNlci1zZWxlY3Q6bm9uZTtjdXJzb3I6cG9pbnRlcj48bGFiZWwgZm9yPXNwcjA%2BPHN2ZyB2aWV3Ym94PVwiMCAwIDI0IDI0XCI%2BPHBhdGggY2xhc3M9bmF0aXZlLWFycm93IGQ9XCJNMjAgMTFINy44M2w1LjU5LTUuNTlMMTIgNGwtOCA4IDggOCAxLjQxLTEuNDFMNy44MyAxM0gyMHYtMnpcIj48L3BhdGg%2BPC9zdmc%2BPC9sYWJlbD48L2Rpdj48ZGl2IGlkPXRpPjxzcGFuIGNsYXNzPWN0IHN0eWxlPWRpc3BsYXk6aW5saW5lLWJsb2NrO2xpbmUtaGVpZ2h0OjEuMjhlbTtjb2xvcjpyZ2JhKDAsMCwwLC40KTt0ZXh0LWFsaWduOmNlbnRlcjtwYWRkaW5nOi4zZW0%2BQWQgc2VydmVkIGJ5IDxzdmcgZmlsbD0jMDAwMDAwIHZpZXdib3g9XCIwIDAgNjAgMjRcIiB4bWxucz1odHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2Zz48cGF0aCBkPVwiTTcuNSAxNi4yOWMtNC4wNyAwLTcuNDktMy4zMS03LjQ5LTcuMzhTMy40MyAxLjUzIDcuNSAxLjUzYzIuMjUgMCAzLjg1Ljg4IDUuMDYgMi4wM2wtMS40MiAxLjQyYy0uODctLjgxLTIuMDQtMS40NC0zLjY0LTEuNDQtMi45NyAwLTUuMjkgMi40LTUuMjkgNS4zN3MyLjMyIDUuMzcgNS4yOSA1LjM3YzEuOTMgMCAzLjAzLS43NyAzLjczLTEuNDguNTgtLjU4Ljk1LTEuNCAxLjEtMi41NEg3LjVWOC4yNGg2Ljc5Yy4wNy4zNi4xMS43OS4xMSAxLjI2IDAgMS41MS0uNDEgMy4zOS0xLjc1IDQuNzItMS4zIDEuMzUtMi45NSAyLjA3LTUuMTUgMi4wN3ptMTcuNzUtNC43NmMwIDIuNzQtMi4xMyA0Ljc1LTQuNzUgNC43NXMtNC43NS0yLjAyLTQuNzUtNC43NWMwLTIuNzUgMi4xMy00Ljc1IDQuNzUtNC43NXM0Ljc1IDIgNC43NSA0Ljc1em0tMi4wOCAwYzAtMS43MS0xLjI0LTIuODgtMi42Ny0yLjg4cy0yLjY3IDEuMTctMi42NyAyLjg4YzAgMS42OSAxLjI0IDIuODggMi42NyAyLjg4czIuNjctMS4xOCAyLjY3LTIuODh6bTEzLjA4IDBjMCAyLjc0LTIuMTMgNC43NS00Ljc1IDQuNzVzLTQuNzUtMi4wMi00Ljc1LTQuNzVjMC0yLjc1IDIuMTMtNC43NSA0Ljc1LTQuNzVzNC43NSAyIDQuNzUgNC43NXptLTIuMDggMGMwLTEuNzEtMS4yNC0yLjg4LTIuNjctMi44OHMtMi42NyAxLjE3LTIuNjcgMi44OGMwIDEuNjkgMS4yNCAyLjg4IDIuNjcgMi44OHMyLjY3LTEuMTggMi42Ny0yLjg4em0xMi41OC00LjQ2djguNTNjMCAzLjUxLTIuMDcgNC45NS00LjUyIDQuOTUtMi4zIDAtMy42OS0xLjU1LTQuMjEtMi44MWwxLjgyLS43NmMuMzIuNzcgMS4xMiAxLjY5IDIuMzkgMS42OSAxLjU3IDAgMi41NC0uOTcgMi41NC0yLjc5di0uNjhoLS4wN2MtLjQ3LjU4LTEuMzcgMS4wOC0yLjUgMS4wOC0yLjM4IDAtNC41Ni0yLjA3LTQuNTYtNC43NCAwLTIuNjggMi4xOC00Ljc3IDQuNTYtNC43NyAxLjEzIDAgMi4wMy41IDIuNSAxLjA2aC4wN3YtLjc2aDEuOTh6bS0xLjg0IDQuNDhjMC0xLjY3LTEuMTItMi45LTIuNTQtMi45LTEuNDQgMC0yLjY1IDEuMjItMi42NSAyLjkgMCAxLjY2IDEuMjEgMi44NiAyLjY1IDIuODYgMS40My4wMSAyLjU0LTEuMiAyLjU0LTIuODZ6bTUuODktOS41MlYxNmgtMi4wOVYyLjAzaDIuMDl6bTguNDkgMTEuMDdsMS42MiAxLjA4Yy0uNTIuNzctMS43OCAyLjExLTMuOTYgMi4xMS0yLjcgMC00LjcyLTIuMDktNC43Mi00Ljc1IDAtMi44MyAyLjAzLTQuNzUgNC40OC00Ljc1IDIuNDcgMCAzLjY3IDEuOTYgNC4wNyAzLjAybC4yMi41NC02LjM2IDIuNjNjLjQ5Ljk1IDEuMjQgMS40NCAyLjMgMS40NCAxLjA3IDAgMS44MS0uNTMgMi4zNS0xLjMyem0tNC45OS0xLjcxbDQuMjUtMS43NmMtLjIzLS41OS0uOTQtMS4wMS0xLjc2LTEuMDEtMS4wNiAwLTIuNTQuOTMtMi40OSAyLjc3elwiPjwvcGF0aD48cGF0aCBkPVwiTTAgMGg2MnYyNEgwelwiIGZpbGw9bm9uZT48L3BhdGg%2BPC9zdmc%2BPC9zcGFuPjwvZGl2PjxkaXYgaWQ9YnRucz48bGFiZWwgZm9yPXNwcjU%2BPGEgY2xhc3M9YnRuIGlkPWFidG4gc3R5bGU9XCJiYWNrZ3JvdW5kLWNvbG9yOiM0Mjg1ZjU7Y29sb3I6I2ZmZjtkaXNwbGF5OmlubGluZS1ibG9jaztib3JkZXItcmFkaXVzOjJweDstbW96LWJveC1zaXppbmc6Ym9yZGVyLWJveDstd2Via2l0LWJveC1zaXppbmc6Ym9yZGVyLWJveDtib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym94LXNoYWRvdzowcHggMHB4IDJweCByZ2JhKDAsMCwwLC4xMiksMHB4IDFweCAzcHggcmdiYSgwLDAsMCwuMjYpO2N1cnNvcjpwb2ludGVyO2ZvbnQtc2l6ZTouN2VtO21hcmdpbjowIDFweCAuNGVtIDFweFwiPjxzcGFuIHN0eWxlPVwiZGlzcGxheTppbmxpbmUtYmxvY2s7cGFkZGluZzouNWVtIC42ZW07bGluZS1oZWlnaHQ6MWVtXCI%2BQWQgb3B0aW9uczwvc3Bhbj48L2E%2BPC9sYWJlbD48bGFiZWwgZGF0YS12YXJzLWxhYmVsPXVzZXJfZmVlZGJhY2tfbWVudV9vcHRpb24gZGF0YS12YXJzLWxhYmVsLWluc3RhbmNlPTEgZm9yPXNwcjI%2BPGEgY2xhc3M9YnRuIGlkPXJidG4gc3R5bGU9XCJkaXNwbGF5OmlubGluZS1ibG9jaztib3JkZXItcmFkaXVzOjJweDstbW96LWJveC1zaXppbmc6Ym9yZGVyLWJveDstd2Via2l0LWJveC1zaXppbmc6Ym9yZGVyLWJveDtib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym94LXNoYWRvdzowcHggMHB4IDJweCByZ2JhKDAsMCwwLC4xMiksMHB4IDFweCAzcHggcmdiYSgwLDAsMCwuMjYpO2N1cnNvcjpwb2ludGVyO2ZvbnQtc2l6ZTouN2VtO21hcmdpbjowIDFweCAuNGVtIDFweDtiYWNrZ3JvdW5kLWNvbG9yOiM0Mjg1ZjU7Y29sb3I6d2hpdGVcIj48c3BhbiBzdHlsZT1cImRpc3BsYXk6aW5saW5lLWJsb2NrO3BhZGRpbmc6LjVlbSAuNmVtO2xpbmUtaGVpZ2h0OjFlbVwiPlNlbmQgZmVlZGJhY2s8L3NwYW4%2BPC9hPjwvbGFiZWw%2BPGxhYmVsPjxhIGNsYXNzPWJ0biBkYXRhLXZhcnMtbGFiZWw9Y2xvc2VidXR0b25fd2h5dGhpc2FkX2NsaWNrIGRhdGEtdmFycy1sYWJlbC1pbnN0YW5jZT0xIGhyZWY9XCJodHRwczovL2Fkc3NldHRpbmdzLmdvb2dsZS5jb20vd2h5dGhpc2FkP3NvdXJjZT1kaXNwbGF5JmFtcDtyZWFzb25zPUFXeWpiQjZfRGRZZm45Y0p1YUdCU0VfS3QtZnMyMThrdmdIekE5WmtEYlI1UlpYQ1NpVE5nUTAzUWduVzc2UHg2Wl9TaGNhc1lFZWt5bDdOal9OT2F3RVU1enpsS1ctRDVWZl9NSmZKWlVOOVJ2T21ULXhaLUVyVTB6NTlkbzU2UkpzblQ0eFVwVVBtT3J5UVp2eGwtYjBGeXYwSURNR0huNDQwUjhBVkNoM0ExaUxaV0NlUkVIWWtrOXRmdGt6YVlsc3MzaHBmOGhTZHBrOHJ6THhoSFBtajl3VFE4MkhfdDZwLUFfYUdBNFlsZ1M0N0c4SDJUVkwwR2pxR1ZtRGZMbE1PV2pjeVhWcjV1SElyU3hOOXktbjBlR0FfQ0VWMVlsRlN2M0RoVEg1XzA4ZXRqTGdiLWdqeXItQ2xjUGVXMkdwWmNCV2ZMLXJMREFBS3dxTE12a0hfY3ZSbGtsQ2tDNTNxVnp0SWdkbmtHT09FYW9uc3JyYjFqWGVHM1UtSnpEOEFxaWhEMVhQT01xUGtwWjJMSUdpQ09qLXBhTC1TTWg1QmphcDhuVE4zV1loN2djVzNyazlpcWM5alkwYjhLaDN3d181Z1I1aDhRZUhQMm1Ib0NmeFRWOFpJRHQ0NWlmSHY0Y1hxUHJPeGtvUzBVR3AwdXNSQ0I4VjZQTF9nMWdkVW9pVEdaZzFDci1pX3ludHJrdjd3RXZxcjRYWW9kZ2FjWS1IaT&i=7-13&t=adltag_lpih9e1a_AY22Lq9u2iJ&r=e1702d2e795da80a4daed1dc96b7f97&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24010
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
UVPWXL7bGN2r8ZDou5CNluGhpmDxix4HgzzffLEqmSBnQld2YCNpsw==
tag
setupad-hai-tagan.adlightning.com/ 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=VBVWtRUnlBSGp5N0NKelZ3X1hKdlRhLXlpTHBjOXBkQklsa1IyVjRMU0hYd1JTSVBPYWUxcFFtSU1WLXFjNWlMSGo0Tnl2cndWV1lTZElHdDFiT1Ntc0xZWFltNklSMTNkbnpLUXRrWUdVNlZZQ1RqLXRHMkVzSV80Mi1WWTlFWE9CX3hienBDbW9CYXNJTDNxdmhlWE5SUFRxY1RHOUVBQVNnMzQtNXphZHZKR3RySkR4Y1lkVk16TlBVZ1d1WTJmUlBaVG1lZnc5LXQtVU1HRjgzX2VSdU1NbnhwTGFOY3dCdTdCWlhtc0pNTklJeDI4R1V1UWRVbHVmT0FUd2lTZk1YYWJFVzJHd0NfWXR4eE9HVmFja285bnFPSWxXZThlVzZXVEFWQWo5YVZvZHdhMU9wWTJPT1VHeVBubVdoaldFaVdJLXpCSlpwbFFUYjJOV0Z0TFJncTdyd3ZHSzNhSUpkdWs2bTFtSmJNa0lzamlubWk0MEt3X1NrWldOdTJiTUNESE16Z2o4Tk95cmw2dW1LUVRuWlhrR2FjcFNDc1RNZFJkbjY0QUFMZzAxUk96MW00QUwydldtYnV4eUVwQWNvSGZxeEtmXzFIVW9LTHdaZGFxUkZlUkJpcHF5Tnh1Qm8xMEVWaXpBNTVERnNXUU5BVjZvQmxFWi10WTFYNVVkbXdRdk5oa0dVZ3VxSmVBUVVFTVhmTEktZmhUR3V4b3R2TjVZTUxRdWtiTHU4M2VZM2o5dlZPU1lqbGR0QTVILXZUTzV0NU9BYUNDbXZPMVRmZlhjbWxUQzFkb3JWZF8ycDNVekNtQXROWm5zUzZuMjZoTHpSTFQyR3FqRDdjdDAycDlLQ0xRMGM3UUtnX0cyV28tRVNhRFBRMkdDU3JQZGZqMUhuLWliUXRrRl9BV185YVBwVGx0VkUzbDVCZVF5VVM0NE9BUVgzcVRseE40TEF3XzlZMFVIRzBnMko3LVd4R2FIbm43MHZTWDMtN2NxWm1OaUtaOVVRRDVvdi1VYnB2SHBSUHNNdGt3QmI1d3k2RjhFV1ZZZW9VMnRqcDRGY3hmX0RjR2RuX3pOZWIxdVVmZ0JDcW9RN1hKRkI2d0IyX2RSajhZRmRGSVFKM3VZOXQ2aXBjOW5VQU9FSlBaRTlOLTRrQWJsdDM5MTdBQWlaYjgzT2FMdnMxSm9uTXZ2WlJsSm1ZLVo3RlJMRjgyOWJTeDNyMi15OFVqc1dGTkxtVWR4UU85YzEwWFlwRDJ0eFpqUmN3UnhxX0JUbVRvNzg3Rm0wSU83TGVicDFKTGUxU3ZIaWxGYmt0NFF6Q2VzS282aHRDWGI1eXAzeVZwVnJRdENfY1N2MmlNd01FNzZZakFtZElrblRQN3NsREU5Z1ZHYS1kTlhrZlJyZkhCVURhT1FwMnRtX1FPcmp0RUJmR3RaQjdJcUh0MkNGN21TSmFRZHJ4NjJWWXNHNUlRVzJvc2FtV2ZEUW5nQXZuY29EZVVvNUZrR2NPcl9zZmtCQktTMUpWRHU2blJkZll6VlBZU3c2dVZHTVpqS2FvV1c2TnR0SjZWeF9KeW1rTWxfd081cXkyZmRyVHEwajVVM1VZMGt3Rk9EQ1dfX2FJekp2WTNJVUFOaHdDS0tyZFlqYjRvUXFHSkZqUXZOeEZQYW1WYU9nWURibjEyRm9XRWFXTEt2ZTQxX2tMX1hEd0JDMkdqQVlQZmVXaGNfV0lFRk51Zi01Zjc2RXpZTWJpQ04xYk5CWDZYSGp1UkdBTU13bnlrN1hQbF9UaTZUOU8wQ0RZenZlS3dSZjZLdi12Z2N2V0tVN1I2UTZXLVJTcGVEeFJIcF9PUXpoaExFd0dKNGhKUWZHXzVfSHVlc1dGZTZhcEs3VVpuZ1JZdlMtSHJQT2Z5b0t5bG1JTEY0a1E5ckFnUTNlRjNtRUNtcEdrQlBWWk5nTVFvWXhhSld2MmU0NS0wMEJsZW02UXNISWlTV0lTc3IwYUMwMll6bzkxQ0p5amlFXzNCeEpaZkI2bFBwbFU0cUJBSmhIdzVtT2lIRGNYT2Y1eWZfUEc3N09ROXV4MkdtS2xLLVlGY2dfd1ZLMnFnLWpEbWJpYzZEaVFGdTFxaXNpNFBQQkEtbzVoM0RLNUhrRkhHVUtoVnk1N04xVkVoVjZkampfQkZBR2REeXRwMzFyYVJnVm02RDVJTGo2VXNZUGZreGZKQi1ueDVRXCIgaWQ9c2J0biBzdHlsZT1cImJhY2tncm91bmQtY29sb3I6I2ZmZjtjb2xvcjojOWU5ZWE2O3RleHQtZGVjb3JhdGlvbjpub25lO2Rpc3BsYXk6aW5saW5lLWJsb2NrO2JvcmRlci1yYWRpdXM6MnB4Oy1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtib3gtc2hhZG93OjBweCAwcHggMnB4IHJnYmEoMCwwLDAsLjEyKSwwcHggMXB4IDNweCByZ2JhKDAsMCwwLC4yNik7Y3Vyc29yOnBvaW50ZXI7Zm9udC1zaXplOi43ZW07bWFyZ2luOjAgMXB4IC40ZW0gMXB4XCIgdGFyZ2V0PV9ibGFuaz48c3BhbiBzdHlsZT1cImRpc3BsYXk6aW5saW5lLWJsb2NrO3BhZGRpbmc6LjVlbSAuNmVtO2xpbmUtaGVpZ2h0OjFlbVwiPldoeSB0aGlzIGFkP8KgPHN2ZyBmaWxsPSMwMDAwMDAgaWQ9c2kgc3R5bGU9cG9zaXRpb246cmVsYXRpdmU7ZGlzcGxheTppbmxpbmUtYmxvY2s7bWFyZ2luLWJvdHRvbTotLjE1ZW07aGVpZ2h0OjFlbTt3aWR0aDoxZW07b3BhY2l0eTouNCB2aWV3Ym94PVwiMCAwIDE2IDE2XCIgeG1sbnM9Ly93d3cudzMub3JnLzIwMDAvc3ZnPjxjaXJjbGUgY3g9NiBjeT02IHI9MC42Nz48L2NpcmNsZT48cGF0aCBkPU00LjIsMTEuM1EzLjMsMTEuOCwzLjMsMTAuNzVMMy4zLDQuMVEzLjMsMy4xLDQuMywzLjVMMTAuNCw3LjBRMTIuMCw3LjUsMTAuNCw4LjBMNi42NSwxMC4wTDYuNjUsNy43NWEwLjY1LDAuNjUsMCwxLDAsLTEuMywwTDUuMzUsMTAuNzVhMC45LDAuOSwwLDAsMCwxLjMsMC44TDEyLjcsOC4yUTEzLjcsNy41LDEyLjcsNi43TDMuMywxLjZRMi4yLDEuMywxLjgsMi41TDEuOCwxMi41UTIuMiwxMy45LDMuMywxMy4zTDQuOCwxMi41QTAuMywwLjMsMCwxLDAsNC4yLDExLjNaPjwvcGF0aD48L3N2Zz48L3NwYW4%2BPC9hPjwvbGFiZWw%2BPC9kaXY%2BPC9hbXAtZml0LXRleHQ%2BPC9kaXY%2BPGRpdiBjbGFzcz1cInBuIGFiZ2ZcIiBpZD1zcHYyIHN0eWxlPWRpc3BsYXk6LXdlYmtpdC1mbGV4O2Rpc3BsYXk6ZmxleDstd2Via2l0LWp1c3RpZnktY29udGVudDpjZW50ZXI7anVzdGlmeS1jb250ZW50OmNlbnRlcjstd2Via2l0LWZsZXgtd3JhcDpub3dyYXA7ZmxleC13cmFwOm5vd3JhcDtvdmVyZmxvdzpoaWRkZW47YmFja2dyb3VuZC1jb2xvcjojZmFmYWZhO2ZvbnQtc2l6ZTowO3Bvc2l0aW9uOmFic29sdXRlOy1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtiYWNrZ3JvdW5kLWNvbG9yOiNmYWZhZmE7dGV4dC1hbGlnbjpjZW50ZXI%2BPGxhYmVsIGNsYXNzPVwic2Igc29cIiBkYXRhLXZhcnMtbGFiZWw9bXV0ZV9zdXJ2ZXlfb3B0aW9uIGRhdGEtdmFycy1sYWJlbC1pbnN0YW5jZT0yIGZvcj1zcHIzIHN0eWxlPVwicG9zaXRpb246cmVsYXRpdmU7ei1pbmRleDo5MTEwO292ZXJmbG93OmhpZGRlbjtkaXNwbGF5OmlubGluZS1ibG9jaztwYWRkaW5nOjFweCA1cHg7YmFja2dyb3VuZC1jb2xvcjojRkZGO2N1cnNvcjpwb2ludGVyO2ZsZXgtc2hyaW5rOjBcIj48ZGl2IHN0eWxlPWRpc3BsYXk6LXdlYmtpdC1mbGV4O2Rpc3BsYXk6ZmxleDstd2Via2l0LWFsaWduLWl0ZW1zOmNlbnRlcjthbGlnbi1pdGVtczpjZW50ZXI7LXdlYmtpdC1qdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyO2p1c3RpZnktY29udGVudDpjZW50ZXI7d2lkdGg6MTAwJTtoZWlnaHQ6MTAwJT48c3BhbiBzdHlsZT1jb2xvcjojNDI4NWY0O2ZvbnQtZmFtaWx5OkFyaWFsLHNhbnMtc2VyaWY7dGV4dC1hbGlnbjpjZW50ZXI7Zm9udC1zaXplOjEycHg7bGluZS1oZWlnaHQ6MTRweDt3aGl0ZS1zcGFjZTpub3JtYWw%2BU2VlbiB0aGlzIGFkIG11bHRpcGxlIHRpbWVzPC9zcGFuPjwvZGl2PjwvbGFiZWw%2BPGxhYmVsIGNsYXNzPVwic2Igc29cIiBkYXRhLXZhcnMtbGFiZWw9bXV0ZV9zdXJ2ZXlfb3B0aW9uIGRhdGEtdmFycy1sYWJlbC1pbnN0YW5jZT0zIGZvcj1zcHIzIHN0eWxlPVwicG9zaXRpb246cmVsYXRpdmU7ei1pbmRleDo5MTEwO292ZXJmbG93OmhpZGRlbjtkaXNwbGF5OmlubGluZS1ibG9jaztwYWRkaW5nOjFweCA1cHg7YmFja2dyb3VuZC1jb2xvcjojRkZGO2N1cnNvcjpwb2ludGVyO2ZsZXgtc2hyaW5rOjBcIj48ZGl2IHN0eWxlPWRpc3BsYXk6LXdlYmtpdC1mbGV4O2Rpc3BsYXk6ZmxleDstd2Via2l0LWFsaWduLWl0ZW1zOmNlbnRlcjthbGlnbi1pdGVtczpjZW50ZXI7LXdlYmtpdC1qdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyO2p1c3RpZnktY29udGVudDpjZW50ZXI7d2lkdGg6MTAwJTtoZWlnaHQ6MTAwJT48c3BhbiBzdHlsZT1jb2xvcjojNDI4NWY0O2ZvbnQtZmFtaWx5OkFyaWFsLHNhbnMtc2VyaWY7dGV4dC1hbGlnbjpjZW50ZXI7Zm9udC1zaXplOjEycHg7bGluZS1oZWlnaHQ6MTRweDt3aGl0ZS1zcGFjZTpub3JtYWw%2BQWQgY292ZXJlZCBjb250ZW50PC9zcGFuPjwvZGl2PjwvbGFiZWw%2BPGxhYmVsIGNsYXNzPVwic2Igc29cIiBkYXRhLXZhcnMtbGFiZWw9bXV0ZV9zdXJ2ZXlfb3B0aW9uIGRhdGEtdmFycy1sYWJlbC1pbnN0YW5jZT04IGZvcj1zcHIzIHN0eWxlPVwicG9zaXRpb246cmVsYXRpdmU7ei1pbmRleDo5MTEwO292ZXJmbG93OmhpZGRlbjtkaXNwbGF5OmlubGluZS1ibG9jaztwYWRkaW5nOjFweCA1cHg7YmFja2dyb3VuZC1jb2xvcjojRkZGO2N1cnNvcjpwb2ludGVyO2ZsZXgtc2hyaW5rOjBcIj48ZGl2IHN0eWxlPWRpc3BsYXk6LXdlYmtpdC1mbGV4O2Rpc3BsYXk6ZmxleDstd2Via2l0LWFsaWduLWl0ZW1zOmNlbnRlcjthbGlnbi1pdGVtczpjZW50ZXI7LXdlYmtpdC1qdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyO2p1c3RpZnktY29udGVudDpjZW50ZXI7d2lkdGg6MTAwJTtoZWlnaHQ6MTAwJT48c3BhbiBzdHlsZT1jb2xvcjojNDI4NWY0O2ZvbnQtZmFtaWx5OkFyaWFsLHNhbnMtc2VyaWY7dGV4dC1hbGlnbjpjZW50ZXI7Zm9udC1zaXplOjEycHg7bGluZS1oZWlnaHQ6MTRweDt3aGl0ZS1zcGFjZTpub3JtYWw%2BQWQgd2FzIGluYXBwcm9wcmlhdGU8L3NwYW4%2BPC9kaXY%2BPC9sYWJlbD48bGFiZWwgY2xhc3M9XCJzYiBzb1wiIGRhdGEtdmFycy1sYWJlbD1tdXRlX3N1cnZleV9vcHRpb24gZGF0YS12YXJzLWxhYmVsLWluc3RhbmNlPTcgZm9yPXNwcjMgc3R5bGU9XCJwb3NpdGlvbjpyZWxhdGl2ZTt6LWluZGV4OjkxMTA7b3ZlcmZsb3c6aGlkZGVuO2Rpc3BsYXk6aW5saW5lLWJsb2NrO3BhZGRpbmc6MXB4IDVweDtiYWNrZ3JvdW5kLWNvbG9yOiNGRkY7Y3Vyc29yOnBvaW50ZXI7ZmxleC1zaHJpbms6MFwiPjxkaXYgc3R5bGU9ZGlzcGxheTotd2Via2l0LWZsZXg7ZGlzcGxheTpmbGV4Oy13ZWJraXQtYWxpZ24taXRlbXM6Y2VudGVyO2FsaWduLWl0ZW1zOmNlbnRlcjstd2Via2l0LWp1c3RpZnktY29udGVudDpjZW50ZXI7anVzdGlmeS1jb250ZW50OmNlbnRlcjt3aWR0aDoxMDAlO2hlaWdodDoxMDAlPjxzcGFuIHN0eWxlPWNvbG9yOiM0Mjg1ZjQ7Zm9udC1mYW1pbHk6QXJpYWwsc2Fucy1zZXJpZjt0ZXh0LWFsaWduOmNlbnRlcjtmb250LXNpemU6MTJweDtsaW5lLWhlaWdodDoxNHB4O3doaXRlLXNwYWNlOm5vcm1hbD5Ob3QgaW50ZXJlc3RlZCBpbiB0aGlzIGFkPC9zcGFuPjwvZGl2PjwvbGFiZWw%2BPC9kaXY%2BPGRpdiBjbGFzcz1cInBuIGFiZ2ZcIiBpZD1zcHYzIHN0eWxlPXBvc2l0aW9uOmFic29sdXRlOy1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtiYWNrZ3JvdW5kLWNvbG9yOiNmYWZhZmE7dGV4dC1hbGlnbjpjZW50ZXI7b3BhY2l0eToxPjxhbXAtZml0LXRleHQgY2xhc3M9XCJmbCBpLWFtcGh0bWwtbGF5b3V0LXJlc3BvbnNpdmUgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWRcIiBoZWlnaHQ9MjUwIGktYW1waHRtbC1sYXlvdXQ9cmVzcG9uc2l2ZSBsYXlvdXQ9cmVzcG9uc2l2ZSBtYXgtZm9udC1zaXplPTE3IG1pbi1mb250LXNpemU9OCB3aWR0aD0zMDA%2BPGktYW1waHRtbC1zaXplciBzbG90PWktYW1waHRtbC1zdmMgc3R5bGU9ZGlzcGxheTpibG9jaztwYWRkaW5nLXRvcDo4My4zMzMzJTs%2BPC9pLWFtcGh0bWwtc2l6ZXI%2BPHNwYW4gaWQ9cGN0IHN0eWxlPVwiZGlzcGxheTpibG9jaztmb250LXdlaWdodDpib2xkO3BhZGRpbmc6MWVtIC4zZW1cIj5UaGFua3MuIEZlZWRiYWNrIGltcHJvdmVzIEdvb2dsZSBhZHM8L3NwYW4%2BPC9hbXAtZml0LXRleHQ%2BPC9kaXY%2BPGRpdiBjbGFzcz1cInBuIGFiZ2ZcIiBpZD1zcHY0IHN0eWxlPXBvc2l0aW9uOmFic29sdXRlOy1tb3otYm94LXNpemluZzpib3JkZXItYm94&i=8-13&t=adltag_lpih9e1a_AY22Lq9u2iJ&r=e1702d2e795da80a4daed1dc96b7f97&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24010
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
Uh6W0OC-Bq9yefF3PWVBHCN9YAtuz3yKeD4O6ciSFkicxuNoNs7dGg==
tag
setupad-hai-tagan.adlightning.com/ 		0
417 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtiYWNrZ3JvdW5kLWNvbG9yOiNmYWZhZmE7dGV4dC1hbGlnbjpjZW50ZXI%2BPGFtcC1maXQtdGV4dCBjbGFzcz1cImZsIGktYW1waHRtbC1sYXlvdXQtcmVzcG9uc2l2ZSBpLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZFwiIGhlaWdodD0yNTAgaS1hbXBodG1sLWxheW91dD1yZXNwb25zaXZlIGxheW91dD1yZXNwb25zaXZlIG1heC1mb250LXNpemU9MjAgbWluLWZvbnQtc2l6ZT04IHdpZHRoPTMwMD48aS1hbXBodG1sLXNpemVyIHNsb3Q9aS1hbXBodG1sLXN2YyBzdHlsZT1kaXNwbGF5OmJsb2NrO3BhZGRpbmctdG9wOjgzLjMzMzMlOz48L2ktYW1waHRtbC1zaXplcj48c3BhbiBjbGFzcz1cImN0IGZjdFwiIHN0eWxlPWRpc3BsYXk6aW5saW5lLWJsb2NrO2xpbmUtaGVpZ2h0OjEuMjhlbTtjb2xvcjpyZ2JhKDAsMCwwLC40KTt0ZXh0LWFsaWduOmNlbnRlcjtwYWRkaW5nOjFlbT5BZCBjbG9zZWQgYnkgPHN2ZyBmaWxsPSMwMDAwMDAgdmlld2JveD1cIjAgMCA2MCAyNFwiIHhtbG5zPWh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnPjxwYXRoIGQ9XCJNNy41IDE2LjI5Yy00LjA3IDAtNy40OS0zLjMxLTcuNDktNy4zOFMzLjQzIDEuNTMgNy41IDEuNTNjMi4yNSAwIDMuODUuODggNS4wNiAyLjAzbC0xLjQyIDEuNDJjLS44Ny0uODEtMi4wNC0xLjQ0LTMuNjQtMS40NC0yLjk3IDAtNS4yOSAyLjQtNS4yOSA1LjM3czIuMzIgNS4zNyA1LjI5IDUuMzdjMS45MyAwIDMuMDMtLjc3IDMuNzMtMS40OC41OC0uNTguOTUtMS40IDEuMS0yLjU0SDcuNVY4LjI0aDYuNzljLjA3LjM2LjExLjc5LjExIDEuMjYgMCAxLjUxLS40MSAzLjM5LTEuNzUgNC43Mi0xLjMgMS4zNS0yLjk1IDIuMDctNS4xNSAyLjA3em0xNy43NS00Ljc2YzAgMi43NC0yLjEzIDQuNzUtNC43NSA0Ljc1cy00Ljc1LTIuMDItNC43NS00Ljc1YzAtMi43NSAyLjEzLTQuNzUgNC43NS00Ljc1czQuNzUgMiA0Ljc1IDQuNzV6bS0yLjA4IDBjMC0xLjcxLTEuMjQtMi44OC0yLjY3LTIuODhzLTIuNjcgMS4xNy0yLjY3IDIuODhjMCAxLjY5IDEuMjQgMi44OCAyLjY3IDIuODhzMi42Ny0xLjE4IDIuNjctMi44OHptMTMuMDggMGMwIDIuNzQtMi4xMyA0Ljc1LTQuNzUgNC43NXMtNC43NS0yLjAyLTQuNzUtNC43NWMwLTIuNzUgMi4xMy00Ljc1IDQuNzUtNC43NXM0Ljc1IDIgNC43NSA0Ljc1em0tMi4wOCAwYzAtMS43MS0xLjI0LTIuODgtMi42Ny0yLjg4cy0yLjY3IDEuMTctMi42NyAyLjg4YzAgMS42OSAxLjI0IDIuODggMi42NyAyLjg4czIuNjctMS4xOCAyLjY3LTIuODh6bTEyLjU4LTQuNDZ2OC41M2MwIDMuNTEtMi4wNyA0Ljk1LTQuNTIgNC45NS0yLjMgMC0zLjY5LTEuNTUtNC4yMS0yLjgxbDEuODItLjc2Yy4zMi43NyAxLjEyIDEuNjkgMi4zOSAxLjY5IDEuNTcgMCAyLjU0LS45NyAyLjU0LTIuNzl2LS42OGgtLjA3Yy0uNDcuNTgtMS4zNyAxLjA4LTIuNSAxLjA4LTIuMzggMC00LjU2LTIuMDctNC41Ni00Ljc0IDAtMi42OCAyLjE4LTQuNzcgNC41Ni00Ljc3IDEuMTMgMCAyLjAzLjUgMi41IDEuMDZoLjA3di0uNzZoMS45OHptLTEuODQgNC40OGMwLTEuNjctMS4xMi0yLjktMi41NC0yLjktMS40NCAwLTIuNjUgMS4yMi0yLjY1IDIuOSAwIDEuNjYgMS4yMSAyLjg2IDIuNjUgMi44NiAxLjQzLjAxIDIuNTQtMS4yIDIuNTQtMi44NnptNS44OS05LjUyVjE2aC0yLjA5VjIuMDNoMi4wOXptOC40OSAxMS4wN2wxLjYyIDEuMDhjLS41Mi43Ny0xLjc4IDIuMTEtMy45NiAyLjExLTIuNyAwLTQuNzItMi4wOS00LjcyLTQuNzUgMC0yLjgzIDIuMDMtNC43NSA0LjQ4LTQuNzUgMi40NyAwIDMuNjcgMS45NiA0LjA3IDMuMDJsLjIyLjU0LTYuMzYgMi42M2MuNDkuOTUgMS4yNCAxLjQ0IDIuMyAxLjQ0IDEuMDcgMCAxLjgxLS41MyAyLjM1LTEuMzJ6bS00Ljk5LTEuNzFsNC4yNS0xLjc2Yy0uMjMtLjU5LS45NC0xLjAxLTEuNzYtMS4wMS0xLjA2IDAtMi41NC45My0yLjQ5IDIuNzd6XCI%2BPC9wYXRoPjxwYXRoIGQ9XCJNMCAwaDYydjI0SDB6XCIgZmlsbD1ub25lPjwvcGF0aD48L3N2Zz48L3NwYW4%2BPC9hbXAtZml0LXRleHQ%2BPC9kaXY%2BPGlucHV0IGlkPXBhaWQwIG5hbWU9YSB0eXBlPXJhZGlvPjxpbnB1dCBpZD1wYWlkMSBuYW1lPWEgdHlwZT1yYWRpbz48ZGl2IGNsYXNzPVwicG4gYWJnZlwiIGlkPXNwdjUgc3R5bGU9cG9zaXRpb246YWJzb2x1dGU7LW1vei1ib3gtc2l6aW5nOmJvcmRlci1ib3g7LXdlYmtpdC1ib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym94LXNpemluZzpib3JkZXItYm94O2JhY2tncm91bmQtY29sb3I6I2ZhZmFmYTt0ZXh0LWFsaWduOmNlbnRlcj48YW1wLWZpdC10ZXh0IGNsYXNzPVwiZmwgaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkXCIgaGVpZ2h0PTI1MCBpLWFtcGh0bWwtbGF5b3V0PXJlc3BvbnNpdmUgbGF5b3V0PXJlc3BvbnNpdmUgbWF4LWZvbnQtc2l6ZT0yMCBtaW4tZm9udC1zaXplPTggd2lkdGg9MzAwPjxpLWFtcGh0bWwtc2l6ZXIgc2xvdD1pLWFtcGh0bWwtc3ZjIHN0eWxlPWRpc3BsYXk6YmxvY2s7cGFkZGluZy10b3A6ODMuMzMzMyU7PjwvaS1hbXBodG1sLXNpemVyPjxkaXYgY2xhc3M9Y2xvc2UgaWQ9b2Qgc3R5bGU9cG9zaXRpb246YWJzb2x1dGU7dG9wOjJweDtjb2xvcjojMDAwO2ZvbnQtc2l6ZToxNXB4O2xpbmUtaGVpZ2h0OjE1cHg7b3BhY2l0eTouNTtoZWlnaHQ6MTVweDt3aWR0aDoxNXB4O3VzZXItc2VsZWN0Om5vbmU7Y3Vyc29yOnBvaW50ZXI%2BPGxhYmVsIGZvcj1zcHIxPjxzdmcgdmlld2JveD1cIjAgMCAyNCAyNFwiPjxwYXRoIGNsYXNzPW5hdGl2ZS1hcnJvdyBkPVwiTTIwIDExSDcuODNsNS41OS01LjU5TDEyIDRsLTggOCA4IDggMS40MS0xLjQxTDcuODMgMTNIMjB2LTJ6XCI%2BPC9wYXRoPjwvc3ZnPjwvbGFiZWw%2BPC9kaXY%2BPGRpdiBjbGFzcz1hb2Mgc3R5bGU9bWFyZ2luLXRvcDoyMHB4PjxsYWJlbD48ZGl2IGNsYXNzPVwicGQgcGFuZWwtcm93IHBhbmVsLWJ1dHRvbnNcIj5QZXJzb25hbGl6ZSBhZHMgb24gdGhpcyBzaXRlPGxhYmVsIGNsYXNzPVwicHQgcHRrXCIgc3R5bGU9cG9zaXRpb246cmVsYXRpdmU7ZGlzcGxheTppbmxpbmUtYmxvY2s7d2lkdGg6MzZweDtoZWlnaHQ6MTRweDt0b3A6MXB4O21hcmdpbi1sZWZ0OjZweD48aW5wdXQgY2hlY2tlZCBjbGFzcz1wY2Igc3R5bGU9b3BhY2l0eTowO3dpZHRoOjA7aGVpZ2h0OjAgdHlwZT1jaGVja2JveD48c3BhbiBjbGFzcz1waCBzdHlsZT1wb3NpdGlvbjphYnNvbHV0ZTtjdXJzb3I6cG9pbnRlcjtpbnNldDowO2JhY2tncm91bmQtY29sb3I6I2RhZGNlMDstd2Via2l0LXRyYW5zaXRpb246LjRzO3RyYW5zaXRpb246LjRzO2JvcmRlci1yYWRpdXM6N3B4Pjwvc3Bhbj48L2xhYmVsPjwvZGl2PjwvbGFiZWw%2BPGxhYmVsPjxhIGNsYXNzPWJ0biBocmVmPWh0dHBzOi8vc3VwcG9ydC5nb29nbGUuY29tL2Fkcy9hbnN3ZXIvMTA5MjMzNDggaWQ9bG1iIHN0eWxlPVwiZGlzcGxheTppbmxpbmUtYmxvY2s7Ym9yZGVyLXJhZGl1czoycHg7LW1vei1ib3gtc2l6aW5nOmJvcmRlci1ib3g7LXdlYmtpdC1ib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym94LXNpemluZzpib3JkZXItYm94O2JveC1zaGFkb3c6MHB4IDBweCAycHggcmdiYSgwLDAsMCwuMTIpLDBweCAxcHggM3B4IHJnYmEoMCwwLDAsLjI2KTtjdXJzb3I6cG9pbnRlcjtmb250LXNpemU6LjdlbTttYXJnaW46MCAxcHggLjRlbSAxcHhcIiB0YXJnZXQ9X2JsYW5rPjxzcGFuIHN0eWxlPVwiZGlzcGxheTppbmxpbmUtYmxvY2s7cGFkZGluZzouNWVtIC42ZW07bGluZS1oZWlnaHQ6MWVtXCI%2BTGVhcm4gbW9yZcKgPHN2ZyBjbGFzcz13aW5kb3ctaWNvbiBzdHlsZT1oZWlnaHQ6MTRweDt3aWR0aDoxNHB4O29wYWNpdHk6LjQgdmlld2JveD1cIjAgLTIgMjQgMjRcIiB4bWxucz0vL3d3dy53My5vcmcvMjAwMC9zdmc%2BPHBhdGggZD1cIk0wIDBoMjR2MjRIMFYwelwiIGZpbGw9bm9uZT48L3BhdGg%2BPHBhdGggZD1cIk0xOSAxOUg1VjVoN1YzSDVjLTEuMTEgMC0yIC45LTIgMnYxNGMwIDEuMS44OSAyIDIgMmgxNGMxLjEgMCAyLS45IDItMnYtN2gtMnY3ek0xNCAzdjJoMy41OWwtOS44MyA5LjgzIDEuNDEgMS40MUwxOSA2LjQxVjEwaDJWM2gtN3pcIj48L3BhdGg%2BPC9zdmc%2BPC9zcGFuPjwvYT48L2xhYmVsPjwvZGl2PjwvYW1wLWZpdC10ZXh0PjwvZGl2PjwvZm9ybT48L2Rpdj48ZGl2IHN0eWxlPVwiYm90dG9tOjA7cmlnaHQ6MDt3aWR0aDozMDBweDtoZWlnaHQ6MjUwcHg7YmFja2dyb3VuZDppbml0aWFsO3Bvc2l0aW9uOmFic29sdXRlO21heC13aWR0aDoxMDAlO21heC1oZWlnaHQ6MTAwJTtwb2ludGVyLWV2ZW50czpub25lO2ltYWdlLXJlbmRlcmluZzpwaXhlbGF0ZWQ7ei1pbmRleDoyMTQ3NDgzNjQ3O2JhY2tncm91bmQtaW1hZ2U6dXJsKCYjMzk7ZGF0YTppbWFnZS9wbmc7YmFzZTY0LGlWQk9SdzBLR2dvQUFBQU5TVWhFVWdBQUFDc0FBQUFXQkFNQUFBQ3JsM2lBQUFBQUJsQk1WRVVBQUFEK0FjaVdtWnpXQUFBQUFuUlNUbE1BQXBpZHJCUUFBQUNBU1VSQlZCalRiWkdMRGNRd0NFUE5CdXcvYlFYK2hKT090a2xRSG81TGdQOVJqRjNkckhlMzBUMUxaelVFQnB3MzJYSjlhR1p2djhpSFJtcU90czR1Szh2Sml4WWIzN0IxUGNPc2laMzFzWXFuUXpYOEF5b1N6R3lZZ0laZkkzS3RxdmhPV0Z1anBKbTdDL1cwVHpkYTJuWWYydVpEcHg4MmMrNnlmRUc3K2dCeEpBV3ZSWE0ydUFBQUFBQkpSVTVFcmtKZ2dnPT0mIzM5Oyk7XCI%2BPC9kaXY%2BPGFtcC1hbmFseXRpY3MgY2xhc3M9XCJpLWFtcGh0bWwtbGF5b3V0LWZpeGVkIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkXCIgaS1hbXBodG1sLWxheW91dD1maXhlZCBzdHlsZT13aWR0aDoxcHg7aGVpZ2h0OjFweDsgdHJpZ2dlcj1pbW1lZGlhdGU%2BPHNjcmlwdCB0eXBlPWFwcGxpY2F0aW9uL2pzb24%2Be1widHJhbnNwb3J0XCI6IHtcImJlYWNvblwiOiBmYWxzZSwgXCJ4aHJwb3N0XCI6IGZhbHNlfSxcInJlcXVlc3RzXCI6IHtcInZpc2liaWxpdHkxXCI6IFwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wY3MvYWN0aXZldmlldz94YWk9QUtBT2pzdFFobFZQdDQ4OVkxVG1EZTZPRW1oVXpELWl4cEFlMlR0SWptTUdyTnlKZWZ6cEdsMjBDSDd1cGh3VEVsMVJtMEQ0LWtwVFNGNkdqWHM1S3lPbjk1ZmlpMW9SUF9jQnF1cEo0V3doUG5JcXBZNXRDb0tzUDJDYldhZ1BYSUU1SERxQzlmN0F0djhOYUEmc2FpPUFNZmwtWVRFdUllRGh3bnd4aXZVdW42T1FWaFRNYUdnUzVZSUdET0MyM3hTcE9EQ3NTbXdjcW1qeU9lLU54N0hSMnNRWmJteTBsYzR0X1p5Sjgxb2llNm9nb0NQaklKRWNySGRWTzFteTBsUEtjYnJsR1R2YjVQQlR6bDNJcElSX2lNbldBVWZsTlRiT203cFZiamlxVm5TTUEmc2lnPUNnMEFyS0pTek5TMjZ2RjNIZVh0RUFFJmNpZD1DQVFTVHdESUNhYU5NM1dzd1dOTWlodWxzNkpyVGk2MTFvUWtfQ2dXVmtGeVM5N1NHeEM4dGpNckpab2NUdFZWQU1iWW8zUzdXNXhUQ0dGQ1dWbkFqWVFhakNoLWN3ZFZkcGFJLWRfYWk2U05qUFlZQVEmaWQ9YW1waW0mbz0ke2VsZW1lbnRYfSwke2VsZW1lbnRZfSZkPSR7ZWxlbWVudFdpZHRofSwke2VsZW1lbnRIZWlnaHR9JnNzPSR7c2NyZWVuV2lkdGh9LCR7c2NyZWVuSGVpZ2h0fSZicz0ke3ZpZXdwb3J0V2lkdGh9LCR7dmlld3BvcnRIZWlnaHR9Jm1jdnQ9JHttYXhDb250aW51b3VzVmlzaWJsZVRpbWV9Jm10b3M9MCwwLCR7bWF4Q29udGludW91c1Zpc2libGVUaW1lfSwke21heENvbnRpbnVvdXNWaXNpYmxlVGltZX0sJHttYXhDb250aW51b3VzVmlzaWJsZVRpbWV9JnRvcz0wLDAsJHt0b3RhbFZpc2libGVUaW1lfSwwLDAmdGZzPSR7Zmlyc3RTZWVuVGltZX0mdGxzPSR7bGFzdFNlZW5UaW1lfSZnPSR7bWluVmlzaWJsZVBlcmNlbnRhZ2V9Jmg9JHttYXhWaXNpYmxlUGVyY2VudGFnZX0mdHQ9JHt0b3RhbFRpbWV9JnI9diZhdm1zPWFtcGEmdWFwPSR7dWFjaChwbGF0Zm9ybSl9Jn&i=9-13&t=adltag_lpih9e1a_AY22Lq9u2iJ&r=e1702d2e795da80a4daed1dc96b7f97&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24010
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
0UqKK7W4aRpzk90k6e9AWdsrGe_J8infU10tfX0XerUj6l2O-_Iuuw==
tag
setupad-hai-tagan.adlightning.com/ 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=VhcHY9JHt1YWNoKHBsYXRmb3JtVmVyc2lvbil9JnVhYT0ke3VhY2goYXJjaGl0ZWN0dXJlKX0mdWFtPSR7dWFjaChtb2RlbCl9JnVhZnY9JHt1YWNoKHVhRnVsbFZlcnNpb24pfSZ1YWI9JHt1YWNoKGJpdG5lc3MpfSZ1YWZ2bD0ke3VhY2goZnVsbFZlcnNpb25MaXN0KX0mdWF3PSR7dWFjaCh3b3c2NCl9JmFkaz0wXCJ9LFwidHJpZ2dlcnNcIjoge1wiY29udGludW91c1Zpc2libGVcIjoge1wib25cIjogXCJ2aXNpYmxlXCIsXCJyZXF1ZXN0XCI6IFtcInZpc2liaWxpdHkxXCJdLFwicGFyZW50UG9zdE1lc3NhZ2VcIjogXCJpbXByZXNzaW9uLXZpZXdhYmxlXCIsXCJ2aXNpYmlsaXR5U3BlY1wiOiB7XCJzZWxlY3RvclwiOiBcIjpyb290XCIsXCJ2aXNpYmxlUGVyY2VudGFnZU1pblwiOiA1MCxcImNvbnRpbnVvdXNUaW1lTWluXCI6IDEwMDB9fSxcInZpc2liaWxpdHlDaGFuZ2VkXCI6IHtcIm9uXCI6IFwidmlzaWJsZVwiLFwicGFyZW50UG9zdE1lc3NhZ2VcIjogXCJ2aXNpYmlsaXR5LWNoYW5nZWQtJHtpbnRlcnNlY3Rpb25SYXRpb31cIixcInZpc2liaWxpdHlTcGVjXCI6IHtcInJlcGVhdFwiOiB0cnVlLFwic2VsZWN0b3JcIjogXCI6cm9vdFwiLFwidmlzaWJsZVBlcmNlbnRhZ2VUaHJlc2hvbGRzXCI6IFtbMCwwXSxbMCw1XSxbNSwxMF0sWzEwLDE1XSxbMTUsMjBdLFsyMCwyNV0sWzI1LDMwXSxbMzAsMzVdLFszNSw0MF0sWzQwLDQ1XSxbNDUsNTBdLFs1MCw1NV0sWzU1LDYwXSxbNjAsNjVdLFs2NSw3MF0sWzcwLDc1XSxbNzUsODBdLFs4MCw4NV0sWzg1LDkwXSxbOTAsOTVdLFs5NSwxMDBdLFsxMDAsMTAwXV19fSxcImluaUxvYWRcIjoge1wib25cIjogXCJpbmktbG9hZFwiLFwicGFyZW50UG9zdE1lc3NhZ2VcIjogXCJ7XFxcImNcXFwiOlxcXCJzZmNoYW5uZWw3XFxcIixcXFwicFxcXCI6XFxcIntcXFxcXFxcInVpZFxcXFxcXFwiOlxcXFxcXFwiN1xcXFxcXFwiLFxcXFxcXFwid2lkdGhcXFxcXFxcIjoke3Njcm9sbFdpZHRofSxcXFxcXFxcImhlaWdodFxcXFxcXFwiOiR7c2Nyb2xsSGVpZ2h0fX1cXFwiLFxcXCJzXFxcIjpcXFwiY3JlYXRpdmVfZ2VvbWV0cnlfdXBkYXRlXFxcIn1cXG5cIn19fTwvc2NyaXB0PjwvYW1wLWFuYWx5dGljcz48YW1wLWFuYWx5dGljcyBjbGFzcz1cImktYW1waHRtbC1sYXlvdXQtZml4ZWQgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWRcIiBpLWFtcGh0bWwtbGF5b3V0PWZpeGVkIHN0eWxlPXdpZHRoOjFweDtoZWlnaHQ6MXB4OyB0cmlnZ2VyPWltbWVkaWF0ZT48c2NyaXB0IHR5cGU9YXBwbGljYXRpb24vanNvbj57XCJ0cmFuc3BvcnRcIjoge1wiYmVhY29uXCI6IHRydWUsIFwieGhycG9zdFwiOiBmYWxzZX0sXCJyZXF1ZXN0c1wiOiB7XCJhbXBlb3MxXCI6IFwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wY3MvYWN0aXZldmlldz94YWk9QUtBT2pzdFFobFZQdDQ4OVkxVG1EZTZPRW1oVXpELWl4cEFlMlR0SWptTUdyTnlKZWZ6cEdsMjBDSDd1cGh3VEVsMVJtMEQ0LWtwVFNGNkdqWHM1S3lPbjk1ZmlpMW9SUF9jQnF1cEo0V3doUG5JcXBZNXRDb0tzUDJDYldhZ1BYSUU1SERxQzlmN0F0djhOYUEmc2FpPUFNZmwtWVRFdUllRGh3bnd4aXZVdW42T1FWaFRNYUdnUzVZSUdET0MyM3hTcE9EQ3NTbXdjcW1qeU9lLU54N0hSMnNRWmJteTBsYzR0X1p5Sjgxb2llNm9nb0NQaklKRWNySGRWTzFteTBsUEtjYnJsR1R2YjVQQlR6bDNJcElSX2lNbldBVWZsTlRiT203cFZiamlxVm5TTUEmc2lnPUNnMEFyS0pTek5TMjZ2RjNIZVh0RUFFJmNpZD1DQVFTVHdESUNhYU5NM1dzd1dOTWlodWxzNkpyVGk2MTFvUWtfQ2dXVmtGeVM5N1NHeEM4dGpNckpab2NUdFZWQU1iWW8zUzdXNXhUQ0dGQ1dWbkFqWVFhakNoLWN3ZFZkcGFJLWRfYWk2U05qUFlZQVEmaWQ9YW1wZW9zJm89JHtlbGVtZW50WH0sJHtlbGVtZW50WX0mZD0ke2VsZW1lbnRXaWR0aH0sJHtlbGVtZW50SGVpZ2h0fSZzcz0ke3NjcmVlbldpZHRofSwke3NjcmVlbkhlaWdodH0mYnM9JHt2aWV3cG9ydFdpZHRofSwke3ZpZXdwb3J0SGVpZ2h0fSZtY3Z0PSR7bWF4Q29udGludW91c1Zpc2libGVUaW1lfSZtdG9zPTAsMCwke21heENvbnRpbnVvdXNWaXNpYmxlVGltZX0sJHttYXhDb250aW51b3VzVmlzaWJsZVRpbWV9LCR7bWF4Q29udGludW91c1Zpc2libGVUaW1lfSZ0b3M9MCwwLCR7dG90YWxWaXNpYmxlVGltZX0sMCwwJnRmcz0ke2ZpcnN0U2VlblRpbWV9JnRscz0ke2xhc3RTZWVuVGltZX0mZz0ke21pblZpc2libGVQZXJjZW50YWdlfSZoPSR7bWF4VmlzaWJsZVBlcmNlbnRhZ2V9JnB0PSR7cGFnZUxvYWRUaW1lfSZ0dD0ke3RvdGFsVGltZX0mcnB0PSR7bmF2VGltaW5nKG5hdmlnYXRpb25TdGFydCxsb2FkRXZlbnRTdGFydCl9JnJzdD0ke25hdlRpbWluZyhuYXZpZ2F0aW9uU3RhcnQpfSZyPWRlJmlzZD0ke2luaXRpYWxTY3JvbGxEZXB0aH0mbXNkPSR7bWF4U2Nyb2xsRGVwdGh9JmF2bXM9YW1wYVwifSxcInRyaWdnZXJzXCI6IHtcImVuZE9mU2Vzc2lvblwiOiB7XCJvblwiOiBcInZpc2libGVcIixcInJlcXVlc3RcIjpbXCJhbXBlb3MxXCJdLFwidmlzaWJpbGl0eVNwZWNcIjoge1wicmVwb3J0V2hlblwiOiBcImRvY3VtZW50RXhpdFwiLFwic2VsZWN0b3JcIjogXCI6cm9vdFwiLFwidmlzaWJsZVBlcmNlbnRhZ2VNaW5cIjogNTB9fX19PC9zY3JpcHQ%2BPC9hbXAtYW5hbHl0aWNzPjxhbXAtYW5hbHl0aWNzIGNsYXNzPVwiaS1hbXBodG1sLWxheW91dC1maXhlZCBpLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZFwiIGktYW1waHRtbC1sYXlvdXQ9Zml4ZWQgc3R5bGU9d2lkdGg6MXB4O2hlaWdodDoxcHg7IHRyaWdnZXI9aW1tZWRpYXRlPjxzY3JpcHQgdHlwZT1hcHBsaWNhdGlvbi9qc29uPntcInJlcXVlc3RzXCI6IHtcInBhZ2V2aWV3XCI6IFwiaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haT1DQTMtVGdBTm1aYmZkT3MtSHFNd1BfUG1pNEFUNWdNYWJkSkNncGJhcEVxWGVpNlNTRGhBQklQMnY3aWRnX2FDWmdlZ0RvQUd2bGYtYktzZ0JDYWtDMU1LanN2SmVzajdnQWdDb0F3SElBd2lxQk5vQ1Q5Q3FvV2tSMlpYcklubUVQSmNtQUNza01heEhvN2dGZFl6OWtxMVFpenJHZDJJY0lXWDdYQklvbDQySS1QbjEzTFZjRlZIMXRTbG9sVkNCenhOYnNsM0t0eG9XWHVwSlV6aUJoMzBhVVJGY0lXcFhfNzhBRW5rTXZLNkNiVFQ2bUZQUmdJVFlCNXpONjB4STJMU0lHX0toQzh3MTNIQVI3ZVdoR0RFMXBUSS12bm0xRWFEb0ZjUk5OQWhYQ0hpYV9DR1FKMHZndW5CSThNM0FsU3d3WmVQSUxSNXNtQUZMa3JDUlNxRTVEZEx3VUtabVJ6b21JdjBra2JvMmNfa0o5QTI4Qk15NjFvS2s4enh6NTZSX21pUkoybFJtd2dYZ1JnT3gzV2FaUFQyd003VkgxNWhHcl9zSUtTOHV3eUstbDVoX0MtcXo1TXA0Y1IxUWcxMC1JQWxtVGZhMERwWlpMYVdxd2RqQVN6OUEzM1R5amx6V1I4VUp6OTkzRnltRFlFUmNGaFVOX0pvX3RoNEplQnVNSEJEcW1RWWVsOHpBUExVb3gxdG02WDljaVN2QnZ4T3NSYnZHaklyVlo1bVI1WnhJWjNyZFhHdXBrOEFFdVBTSG9NVUU0QVFCaUFYdzZkU3JUWklGQkFnRUdBR1NCUVFJQlJnRW9BWXVnQWV2emNfN0JLZ0gyYmF4QXFnSGpzNGJxQWVUMkJ1b0ItNldzUUtvQl82ZXNRS29COVhKRzZnSHByNGIyQWNBOGdjRkVKci1pUUxTQ0JRSWdHRVFBUmdkTWdLS0Fqb0NnRUJJdmYzQk9wb0pRMmgwZEhCek9pOHZaR2xuWVc1bGVHRXVZMjl0TDBOQkx6WXpOakU1TmpFMlAzUnlZV05yYVdROU5qazVORGd6TnpRNUptTnBaRDA1T0RBdE5EZ3dMVGMwTXpPQUNnSElDd0dpREJncUZnb1U1TFN4QXU2MXNRSzF1TEVDNUxTeEF1NjFzUUxhREJFS0N4RGc4djczLXRpMXNOb0JFZ0lCQS1JTkV3aUJ0ZFRYX2VhQ0F4WFBBNG9ESGZ5OENFellFd3pRRlFHWUZnR0FGd0d5Rng0S0hBZ0FFaFJ3ZFdJdE16azNNREkzTnpVek5UVXlPRFl4TXhpVjRoOCZzaWdoPWwxVGZXcjY2ZG1BJnVhY2hfbT0lNUJVQUNIJTVEJmFzZT0yJm5pcz1BVFRSSUJVVElPTl9SRVBPUlRJTkdfU1RBVFVTJmNpZD1DQVFTVHdESUNhYU5NM1dzd1dOTWlodWxzNkpyVGk2MTFvUWtfQ2dXVmtGeVM5N1NHeEM4dGpNckpab2NUdFZWQU1iWW8zUzdXNXhUQ0dGQ1dWbkFqWVFhakNoLWN3ZFZkcGFJLWRfYWk2U05qUFlZQVEmdGVtcGxhdGVfaWQ9NDE5JmNidnA9MlwifSxcInRyaWdnZXJzXCI6IHtcImRlZmF1bHRQYWdldmlld1wiOiB7XCJvblwiOiBcImluaS1sb2FkXCIsXCJyZXF1ZXN0XCI6IFwicGFnZXZpZXdcIn19LFwidHJhbnNwb3J0XCI6IHtcImF0dHJpYnV0aW9uc3JjXCI6IFwiXCIsXCJiZWFjb25cIjogZmFsc2UsXCJ4aHJwb3N0XCI6IGZhbHNlLFwiaW1hZ2VcIjogdHJ1ZX19PC9zY3JpcHQ%2BPC9hbXAtYW5hbHl0aWNzPjxhbXAtYWQtZXhpdCBjbGFzcz1pLWFtcGh0bWwtbGF5b3V0LWNvbnRhaW5lciBpLWFtcGh0bWwtbGF5b3V0PWNvbnRhaW5lciBpZD1leGl0LWFwaT48c2NyaXB0IHR5cGU9YXBwbGljYXRpb24vanNvbj57XCJmaWx0ZXJzXCI6e30sXCJvcHRpb25zXCI6e1wic3RhcnRUaW1pbmdFdmVudFwiOlwibmF2aWdhdGlvblN0YXJ0XCJ9LFwidGFyZ2V0c1wiOntcInJlZGlyZWN0VXJsXCI6e1wiYmVoYXZpb3JzXCI6e1wiYnJvd3NlckFkQ29udmVyc2lvblwiOntcImF0dHJpYnV0aW9uc3JjXCI6XCJcIixcImF0dHJpYnV0aW9uZGVzdGluYXRpb25cIjpcIlwiLFwiYXR0cmlidXRpb25leHBpcnlcIjpcIlwiLFwiYXR0cmlidXRpb25yZXBvcnR0b1wiOlwiXCIsXCJhdHRyaWJ1dGlvbnNvdXJjZWV2ZW50aWRcIjpcIlwifSxcImNsaWNrVGFyZ2V0XCI6XCJcIn0sXCJmaWx0ZXJzXCI6W10sXCJmaW5hbFVybFwiOlwiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs%2Fc2E9bFxcdTAwMjZhaT1DcDhiNmdBTm1aYmZkT3MtSHFNd1BfUG1pNEFUNWdNYWJkSkNncGJhcEVxWGVpNlNTRGhBQklQMnY3aWRnX2FDWmdlZ0RvQUd2bGYtYktzZ0JDYWtDMU1LanN2SmVzajdnQWdDb0F3SElBd2lxQk4wQ1Q5Q3FvV2tSMlpYcklubUVQSmNtQUNza01heEhvN2dGZFl6OWtxMVFpenJHZDJJY0lXWDdYQklvbDQySS1QbjEzTFZjRlZIMXRTbG9sVkNCenhOYnNsM0t0eG9XWHVwSlV6aUJoMzBhVVJGY0lXcFhfNzhBRW5rTXZLNkNiVFQ2bUZQUmdJVFlCNXpONjB4STJMU0lHX0toQzh3MTNIQVI3ZVdoR0RFMXBUSS12bm0xRWFEb0ZjUk5OQWhYQ0hpYV9DR1FKMHZndW5CSThNM0FsU3d3WmVQSUxSNXNtQUZMa3JDUlNxRTVEZEx3VUtabVJ6b21JdjBra2JvMmNfa0o5QTI4Qk15NjFvS2s4enh6NTZSX21pUkoybFJtd2dYZ1JnT3gzV2FaUFQyd003VkgxNWhHcl9zSUtTOHV3eUstbDVoX0MtcXo1TXA0Y1IxUWcxMC1JQWxtVGZhMERwWlpMYVdxd2RqQVN6OUEzM1R5amx6V1I4VUp6OTkzRnltRFlFUmNGaFVOX0pvX3RoNEplQnVNSEJEcW1RWmNsZTFTLWt2cXNhT2s0cVNJX1BNOTJ6ZW03YkhvbERNdnEteEpFMUJtUzJJWmg3SGZhOUoxNDhBRXVQU0hvTVVFNEFRQmlBWHc2ZFNyVGFBR0xvQUhyODNQLXdTb0I5bTJzUUtvQjQ3T0c2Z0hrOWdicUFmdWxyRUNxQWYtbnJFQ3FBZlZ5UnVvQjZhLUc2Z0htZ2FvQl9QUkc2Z0hsdGdicUFlcW03RUNxQWVEcmJFQ3FBZl9uckVDcUFmZm43RUNxQWZLcWJFQ3FBZnJwYkVDMkFjQTBnZ1VDSUJoRUFFWUhUSUNpZ0k2QW9CQVNMMzl3VHF4Q1FNc0lFQllZWFB5Z0FvQm1Bc0J5QXNCZ0F3Qm9nd1lLaFlLRk9TMHNRTHV0YkVDdGJpeEF1UzBzUUx1dGJFQzJnd1JDZ3NRNFBMLTlfcll0YkRhQVJJQ0FRT3FEUUpEUWNnTkFlSU5Fd2lCdGRUWF9lYUNBeFhQQTRvREhmeThDRXpZRXd6UUZRR1lGZ0g0RmdHQUZ3RVxcdTAwMjZhZT0xXFx1MDAyNmFzZT0yXFx1MDAyNmdjbGlkPUVBSWFJUW9iQ2hNSXQ1M2ExXzNtZ2dNVnp3T0tBeDM4dkFoTUVBRVlBU0FBRWdJMWVmRF9Cd0VcXHUwMDI2bnVtPTFcXHUwMDI2Y2lkPUNBUVNUd0RJQ2FhTk0zV3N3V05NaWh1bHM2SnJUaTYxMW9Ra19DZ1dWa0Z5Uzk3U0d4Qzh0ak1ySlpvY1R0VlZBTWJZbzNTN1c1eFRDR0ZDV1ZuQWpZUWFqQ2gtY3dkVmRwYUktZF9haTZTTmpQ&i=10-13&t=adltag_lpih9e1a_AY22Lq9u2iJ&r=e1702d2e795da80a4daed1dc96b7f97&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24010
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
SaBKJCNQfyWHlpl3QA9ruFnCfqtx6kLgFbxR8hC7Y-0cOC-0YVcnEA==
tag
setupad-hai-tagan.adlightning.com/ 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=WVlBUVxcdTAwMjZzaWc9QU9ENjRfMzFaX2ZzcEtaM2l6bjFLaE1uZXVsNEJ2VkpRQVxcdTAwMjZjbGllbnQ9Y2EtcHViLTM5NzAyNzc1MzU1Mjg2MTNcXHUwMDI2cmY9NlxcdTAwMjZueD1DTElDS19YXFx1MDAyNm55PUNMSUNLX1lcXHUwMDI2dWFwPVVBQ0gocGxhdGZvcm0pXFx1MDAyNnVhcHY9VUFDSChwbGF0Zm9ybVZlcnNpb24pXFx1MDAyNnVhYT1VQUNIKGFyY2hpdGVjdHVyZSlcXHUwMDI2dWFtPVVBQ0gobW9kZWwpXFx1MDAyNnVhZnY9VUFDSCh1YUZ1bGxWZXJzaW9uKVxcdTAwMjZ1YWI9VUFDSChiaXRuZXNzKVxcdTAwMjZ1YXc9VUFDSCh3b3c2NClcXHUwMDI2dWFmdmw9VUFDSChmdWxsVmVyc2lvbkxpc3QpXFx1MDAyNm5pcz1BVFRSSUJVVElPTl9SRVBPUlRJTkdfU1RBVFVTXFx1MDAyNmFkdXJsPWh0dHBzOi8vZGlnYW5leGEuY29tL0NBLzYzNjE5NjE2JTNGdHJhY2tpZCUzRDY5OTQ4Mzc0OSUyNmNpZCUzRDk4MC00ODAtNzQzMyUyNnBsYWNlbWVudCUzRGdsLm1vZHNmb3JhbmRyb2lkLmNvbSUyNnRhcmdldCUzRHNlZ21lbnRfYmVfYV85MDE5NTY2NjkzMjkwOTE0MDQyJTI2Y2FtcGFpZ25pZCUzRDIwNzYxMDk3NDU2JTI2Z2NsaWQlM0RFQUlhSVFvYkNoTUl0NTNhMV8zbWdnTVZ6d09LQXgzOHZBaE1FQUVZQVNBQUVnSTFlZkRfQndFXCIsXCJ0cmFja2luZ1VybHNcIjpbXSxcInZhcnNcIjp7fX19fTwvc2NyaXB0PjwvYW1wLWFkLWV4aXQ%2BPGRpdiBpZD1nb29nbGVfdXBsb2FkZWRfYTRhPjxkaXYgY2xhc3M9YTRhLWRvY3VtZW50LWJvZHkgaWQ9eC1hNGEtZm9ybWVyLWJvZHkgb249XCJ0YXA6ZXhpdC1hcGkuZXhpdCh0YXJnZXQ9cmVkaXJlY3RVcmwpXCIgcm9sZT1saW5rIHN0eWxlIHRhYmluZGV4PTA%2BICA8ZGl2IGlkPWE0YS1iYW5uZXJ3aXNlPjxkaXYgY2xhc3M9XCJhNGEtYm9yZGVyIGE0YS1ib3JkZXItdG9wXCIgc3R5bGU9XCJoZWlnaHQ6IDFweDsgYmFja2dyb3VuZC1jb2xvcjogI2Q0ZDRkNFwiPjwvZGl2PiA8ZGl2IGNsYXNzPVwiYTRhLWJvcmRlciBhNGEtYm9yZGVyLWxlZnRcIiBzdHlsZT1cIndpZHRoOiAxcHg7IGJhY2tncm91bmQtY29sb3I6ICNkNGQ0ZDRcIj48L2Rpdj4gPGRpdiBjbGFzcz1cImE0YS1ib3JkZXIgYTRhLWJvcmRlci1ib3R0b21cIiBzdHlsZT1cImhlaWdodDogMXB4OyBiYWNrZ3JvdW5kLWNvbG9yOiAjZDRkNGQ0XCI%2BPC9kaXY%2BIDxkaXYgY2xhc3M9XCJhNGEtYm9yZGVyIGE0YS1ib3JkZXItcmlnaHRcIiBzdHlsZT1cIndpZHRoOiAxcHg7IGJhY2tncm91bmQtY29sb3I6ICNkNGQ0ZDRcIj48L2Rpdj48ZGl2IGNsYXNzPVwiYTRhLWItZWxlbWVudCBhNGEtYndfc3Vkc24wd2V5IGE0YS1iLWVsZW1lbnQtYW1wXCIgaWQ9YTRhLWUwIHN0eWxlPVwid2lkdGg6IDE4M3B4OyBoZWlnaHQ6IDIzcHg7IHotaW5kZXg6IDI7IG92ZXJmbG93OiB2aXNpYmxlXCI%2BPGRpdiBjbGFzcz1hNGEtYi1lbGVtZW50LXRleHQgc3R5bGU9XCJvcGFjaXR5OiAxOyB6LWluZGV4OiAyOyBib3JkZXItc3R5bGU6IHNvbGlkOyBib3JkZXItd2lkdGg6IDBweDsgYm9yZGVyLXJhZGl1czogMHB4OyBib3JkZXItY29sb3I6IHRyYW5zcGFyZW50OyBwYWRkaW5nOiAwcHg7IGZvbnQtZmFtaWx5OiAmIzM0O05vdG8gU2FucyYjMzQ7OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtc2l6ZTogMTRweDsgY29sb3I6ICM1NzU4NWE7IHRleHQtYWxpZ246IGxlZnQ7IGp1c3RpZnktY29udGVudDogY2VudGVyOyB0ZXh0LWRlY29yYXRpb246IG5vbmU7IHRleHQtdHJhbnNmb3JtOiBub25lOyBmb250LXdlaWdodDogNDAwOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyBsaW5lLWhlaWdodDogMS4yOyBsZXR0ZXItc3BhY2luZzogMHB4OyBiYWNrZ3JvdW5kLWNvbG9yOiB0cmFuc3BhcmVudDsgYmFja2dyb3VuZC1zaXplOiBjb250YWluOyB0ZXh0LXNoYWRvdzogbm9uZTsgd2lkdGg6IDEwMCU7IGhlaWdodDogMTAwJVwiPjxkaXYgY2xhc3M9YTRhLWItZWxlbWVudC10YWJsZSBzdHlsZT1cIndpZHRoOiAxMDAlOyBoZWlnaHQ6IDEwMCVcIj48ZGl2IGNsYXNzPWE0YS1iLWVsZW1lbnQtY2VsbCBzdHlsZT1cInZlcnRpY2FsLWFsaWduOiBtaWRkbGVcIj5UaHJlZSBzaW1wbGUgc3RlcHM8L2Rpdj48L2Rpdj48L2Rpdj48L2Rpdj48ZGl2IGNsYXNzPVwiYTRhLWItZWxlbWVudCBhNGEtYndfbzAwcTllc2Y1IGE0YS1iLWVsZW1lbnQtYW1wXCIgaWQ9YTRhLWUxIHN0eWxlPVwid2lkdGg6IDE5M3B4OyBoZWlnaHQ6IDU0cHg7IHotaW5kZXg6IDM7IG92ZXJmbG93OiB2aXNpYmxlXCI%2BPGRpdiBjbGFzcz1hNGEtYi1lbGVtZW50LXRleHQgc3R5bGU9XCJvcGFjaXR5OiAxOyB6LWluZGV4OiAzOyBib3JkZXItc3R5bGU6IHNvbGlkOyBib3JkZXItd2lkdGg6IDBweDsgYm9yZGVyLXJhZGl1czogMHB4OyBib3JkZXItY29sb3I6IHRyYW5zcGFyZW50OyBwYWRkaW5nOiAwcHg7IGZvbnQtZmFtaWx5OiAmIzM0O05vdG8gU2FucyYjMzQ7OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtc2l6ZTogMTFweDsgY29sb3I6ICM4NDg1ODc7IHRleHQtYWxpZ246IGxlZnQ7IGp1c3RpZnktY29udGVudDogY2VudGVyOyB0ZXh0LWRlY29yYXRpb246IG5vbmU7IHRleHQtdHJhbnNmb3JtOiBub25lOyBmb250LXdlaWdodDogNDAwOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyBsaW5lLWhlaWdodDogMS42OyBsZXR0ZXItc3BhY2luZzogMHB4OyBiYWNrZ3JvdW5kLWNvbG9yOiB0cmFuc3BhcmVudDsgYmFja2dyb3VuZC1zaXplOiBjb250YWluOyB0ZXh0LXNoYWRvdzogbm9uZTsgd2lkdGg6IDEwMCU7IGhlaWdodDogMTAwJVwiPjxkaXYgY2xhc3M9YTRhLWItZWxlbWVudC10YWJsZSBzdHlsZT1cIndpZHRoOiAxMDAlOyBoZWlnaHQ6IDEwMCVcIj48ZGl2IGNsYXNzPWE0YS1iLWVsZW1lbnQtY2VsbCBzdHlsZT1cInZlcnRpY2FsLWFsaWduOiB0b3BcIj4xLiBDbGljayBvbiAmIzM0O1N0YXJ0IEhlcmUmIzM0Ozxicj4yLiBBY3RpdmF0ZSB5b3VyIGFjY291bnQ8YnI%2BMy4gQWNjZXNzIHlvdXIgY29udGVudDwvZGl2PjwvZGl2PjwvZGl2PjwvZGl2PjxkaXYgY2xhc3M9XCJhNGEtYi1lbGVtZW50IGE0YS1id19iYWM5anJyM3UgYTRhLWItZWxlbWVudC1hbXBcIiBpZD1hNGEtZTIgc3R5bGU9XCJ3aWR0aDogMjg3cHg7IGhlaWdodDogMjBweDsgei1pbmRleDogNDsgb3ZlcmZsb3c6IHZpc2libGVcIj48ZGl2IGNsYXNzPWE0YS1iLWVsZW1lbnQtdGV4dCBzdHlsZT1cIm9wYWNpdHk6IDE7IHotaW5kZXg6IDQ7IGJvcmRlci1zdHlsZTogc29saWQ7IGJvcmRlci13aWR0aDogMHB4OyBib3JkZXItcmFkaXVzOiAwcHg7IGJvcmRlci1jb2xvcjogdHJhbnNwYXJlbnQ7IHBhZGRpbmc6IDBweDsgdGV4dC1zaGFkb3c6IG5vbmU7IGJhY2tncm91bmQtc2l6ZTogY29udGFpbjsgYmFja2dyb3VuZC1jb2xvcjogdHJhbnNwYXJlbnQ7IGxldHRlci1zcGFjaW5nOiAwcHg7IGxpbmUtaGVpZ2h0OiAxLjY7IHdoaXRlLXNwYWNlOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiA0MDA7IHRleHQtdHJhbnNmb3JtOiBub25lOyB0ZXh0LWRlY29yYXRpb246IG5vbmU7IGp1c3RpZnktY29udGVudDogY2VudGVyOyB0ZXh0LWFsaWduOiBjZW50ZXI7IGNvbG9yOiAjYWRhZGFkOyBmb250LXNpemU6IDExcHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC1mYW1pbHk6ICYjMzQ7Tm90byBTYW5zJiMzNDs7IHdpZHRoOiAxMDAlOyBoZWlnaHQ6IDEwMCVcIj48ZGl2IGNsYXNzPWE0YS1iLWVsZW1lbnQtdGFibGUgc3R5bGU9XCJ3aWR0aDogMTAwJTsgaGVpZ2h0OiAxMDAlXCI%2BPGRpdiBjbGFzcz1hNGEtYi1lbGVtZW50LWNlbGwgc3R5bGU9XCJ2ZXJ0aWNhbC1hbGlnbjogbWlkZGxlXCI%2BTW92aWVzLCBNdXNpYywgR2FtZXMsIEF1ZGlvYm9va3M8L2Rpdj48L2Rpdj48L2Rpdj48L2Rpdj48ZGl2IGNsYXNzPVwiYTRhLWItZWxlbWVudCBhNGEtYndfemhtZmlycXdnXCIgaWQ9YTRhLWUzPjxkaXYgY2xhc3M9YTRhLWItZWxlbWVudC1pbWFnZSBzdHlsZT1cInRvcDogMHB4OyBsZWZ0OiAwcHg7IHdpZHRoOiAyMTVweDsgaGVpZ2h0OiA3OXB4XCI%2BPGFtcC1pbWcgaGVpZ2h0PTc5cHggaS1hbXBodG1sLXNzciBsYXlvdXQ9aW50cmluc2ljIHNyYz1odHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vc2FkYnVuZGxlLzExNTE0OTk4MTU1ODMyNjA4NjMxLzY1MTU3ZjM5MDI5YjU2MDAxMTg1ZTZlMi5wbmcgc3R5bGU9XCJ3aWR0aDogMjE1cHg7IGhlaWdodDogNzlweFwiIHdpZHRoPTIxNXB4PjxpbWcgY2xhc3M9XCJpLWFtcGh0bWwtZmlsbC1jb250ZW50IGktYW1waHRtbC1yZXBsYWNlZC1jb250ZW50XCIgZGVjb2Rpbmc9YXN5bmMgc3JjPWh0dHBzOi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9zYWRidW5kbGUvMTE1MTQ5OTgxNTU4MzI2MDg2MzEvNjUxNTdmMzkwMjliNTYwMDExODVlNmUyLnBuZz48L2FtcC1pbWc%2BPC9kaXY%2BPC9kaXY%2BPGRpdiBjbGFzcz1cImE0YS1iLWVsZW1lbnQgYTRhLWJ3X2p1NXg4NTVqMFwiIGlkPWE0YS1lND48ZGl2IGNsYXNzPWE0YS1iLWVsZW1lbnQtaW1hZ2Ugc3R5bGU9XCJ0b3A6IDBweDsgbGVmdDogMHB4OyB3aWR0aDogNjNweDsgaGVpZ2h0OiAxOHB4XCI%2BPGFtcC1pbWcgaGVpZ2h0PTE4cHggaS1hbXBodG1sLXNzciBsYXlvdXQ9aW50cmluc2ljIHNyYz1odHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vc2FkYnVuZGxlLzExNTE0OTk4MTU1ODMyNjA4NjMxLzY1MTU3ZjM5MDI5YjU2MDAxMTg1ZTZlMy5wbmcgc3R5bGU9XCJ3aWR0aDogNjNweDsgaGVpZ2h0OiAxOHB4XCIgd2lkdGg9NjNweD48aW1nIGNsYXNzPVwiaS1hbXBodG1sLWZpbGwtY29udGVudCBpLWFtcGh0bWwtcmVwbGFjZWQtY29udGVudFwiIGRlY29kaW5nPWFzeW5jIHNyYz1odHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vc2FkYnVuZGxlLzExNTE0OTk4MTU1ODMyNjA4NjMxLzY1MTU3ZjM5MDI5YjU2MDAxMTg1ZTZlMy5wbmc%2BPC9hbXAtaW1nPjwvZGl2PjwvZGl2PjxkaXYgY2xhc3M9XCJhNGEtYi1lbGVtZW50IGE0YS1id19zanl1dHVrOWUgYTRhLWItZWxlbWVudC1hbXBcIiBpZD1hNGEtZTUgc3R5bGU9XCJ3aWR0aDogMjE1cHg7IGhlaWdodDogNzlweDsgei1pbmRleDogNjsgb3ZlcmZsb3c6IHZpc2libGVcIj48ZGl2IGNsYXNzPWE0YS1iLWVsZW1lbnQtdGV4dCBzdHlsZT1cIm9wYWNpdHk6IDE7IHotaW5kZXg6IDY7IGJvcmRlci1zdHlsZTogc29saWQ7IGJvcmRlci13aWR0aDogMHB4OyBib3JkZXItcmFkaXVzOiAwcHg7IGJvcmRlci1jb2xvcjogdHJhbnNwYXJlbnQ7IHBhZGRpbmc6IDBweDsgZm9udC1mYW1pbHk6ICYjMzQ7Tm90byBTYW5zJiMzNDs7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC1zaXplOiAyNXB4OyBjb2xvcjogI2ZmZmZmZjsgdGV4dC1hbGlnbjogY2VudGVyOyBqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyB0ZXh0LXRyYW5zZm9ybTogY2FwaXRhbGl6ZTsgZm9udC13ZWlnaHQ6IDcwMDsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgbGluZS1oZWlnaHQ6IDEuMjsgbGV0dGVyLXNwYWNpbmc6IDBweDsgYmFja2dyb3VuZC1jb2xvcjogdHJhbnNwYXJlbnQ7IGJhY2tncm91bmQtc2l6ZTogY29udGFpbjsgdGV4dC1zaGFkb3c6IG5vbmU7IHdpZHRoOiAxMDAlOyBoZWlnaHQ6IDEwMCVcIj48ZGl2IGNsYXNzPWE0YS1iLWVsZW1lbnQtdGFibGUgc3R5bGU9XCJ3aWR0aDogMTAwJTsgaGVpZ2h0OiAxMDAlXCI%2BPGRpdiBjbGFzcz1hNGEtYi1lbGVtZW50LWNlbGwgc3R5bGU9XCJ2ZXJ0aWNhbC1hbGlnbjogbWlkZGxlXCI%2BU3RhcnQgSGVyZTwvZGl2PjwvZGl2PjwvZGl2PjwvZGl2PjwvZGl2PjxhbXAtZ3dkLWFuaW1hdGlvbiBjbGFzcz1pLWFtcGh0bWwtbGF5b3V0LW5vZGlzcGxheSBoaWRkZW49aGlkZGVuIGktYW1waHRtbC1sYXlvdXQ9bm9kaXNwbGF5IGxheW91dD1ub2Rpc3BsYXkgdGltZWxpbmUtZXZlbnQtcHJlZml4PXRsXz48L2FtcC1nd2QtYW5pbWF0aW9uPjwvZGl2PjwvZGl2PjxzdHlsZSBhbXAta2V5ZnJhbWVzPk&i=11-13&t=adltag_lpih9e1a_AY22Lq9u2iJ&r=e1702d2e795da80a4daed1dc96b7f97&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24010
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
MeuI07n4DyWk8oNzu0RKLqNnh15CpRRvlQY3GQw3OrbYFfivHnetTg==
tag
setupad-hai-tagan.adlightning.com/ 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=BrZXlmcmFtZXMgYndfNDQ4aGR3MGJyIHsgMCUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDgzcHgsIDExNHB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDA7IGFuaW1hdGlvbi10aW1pbmctZnVuY3Rpb246IGxpbmVhcjsgfSAwJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoODNweCwgMTE0cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgfSAwLjAwMDAxJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoODNweCwgMTE0cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMTsgYW5pbWF0aW9uLXRpbWluZy1mdW5jdGlvbjogbGluZWFyOyB9IDEwMCUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDgzcHgsIDExNHB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDE7IH19XG5ALXdlYmtpdC1rZXlmcmFtZXMgYndfNDQ4aGR3MGJyIHsgMCUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoODNweCwgMTE0cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgLXdlYmtpdC1hbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMCUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoODNweCwgMTE0cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgfSAwLjAwMDAxJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg4M3B4LCAxMTRweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAxOyAtd2Via2l0LWFuaW1hdGlvbi10aW1pbmctZnVuY3Rpb246IGxpbmVhcjsgfSAxMDAlIHsgLXdlYmtpdC10cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDgzcHgsIDExNHB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDE7IH19XG5Aa2V5ZnJhbWVzIGJ3XzNtMndwN3Z1NCB7IDAlIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg4M3B4LCAxMzdweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyBhbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMCUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDgzcHgsIDEzN3B4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDA7IH0gMC4wMDAwMSUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDgzcHgsIDEzN3B4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDE7IGFuaW1hdGlvbi10aW1pbmctZnVuY3Rpb246IGxpbmVhcjsgfSAxMDAlIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg4M3B4LCAxMzdweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAxOyB9fVxuQC13ZWJraXQta2V5ZnJhbWVzIGJ3XzNtMndwN3Z1NCB7IDAlIHsgLXdlYmtpdC10cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDgzcHgsIDEzN3B4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDA7IC13ZWJraXQtYW5pbWF0aW9uLXRpbWluZy1mdW5jdGlvbjogbGluZWFyOyB9IDAlIHsgLXdlYmtpdC10cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDgzcHgsIDEzN3B4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDA7IH0gMC4wMDAwMSUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoODNweCwgMTM3cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMTsgLXdlYmtpdC1hbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMTAwJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg4M3B4LCAxMzdweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAxOyB9fVxuQGtleWZyYW1lcyBid18xN2hpNDBqcDIgeyAwJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNnB4LCAyMjZweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyBhbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMCUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDZweCwgMjI2cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgfSAwLjAwMDAxJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNnB4LCAyMjZweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAxOyBhbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMTAwJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNnB4LCAyMjZweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAxOyB9fVxuQC13ZWJraXQta2V5ZnJhbWVzIGJ3XzE3aGk0MGpwMiB7IDAlIHsgLXdlYmtpdC10cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDZweCwgMjI2cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgLXdlYmtpdC1hbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMCUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNnB4LCAyMjZweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyB9IDAuMDAwMDElIHsgLXdlYmtpdC10cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDZweCwgMjI2cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMTsgLXdlYmtpdC1hbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMTAwJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg2cHgsIDIyNnB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDE7IH19XG5Aa2V5ZnJhbWVzIGJ3Xzl5Y2dmZXJsOSB7IDAlIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg0MnB4LCAyMXB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDA7IGFuaW1hdGlvbi10aW1pbmctZnVuY3Rpb246IGxpbmVhcjsgfSAwJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNDJweCwgMjFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyB9IDAuMDAwMDElIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg0MnB4LCAyMXB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDE7IGFuaW1hdGlvbi10aW1pbmctZnVuY3Rpb246IGxpbmVhcjsgfSAxMDAlIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg0MnB4LCAyMXB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDE7IH19XG5ALXdlYmtpdC1rZXlmcmFtZXMgYndfOXljZ2Zlcmw5IHsgMCUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNDJweCwgMjFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyAtd2Via2l0LWFuaW1hdGlvbi10aW1pbmctZnVuY3Rpb246IGxpbmVhcjsgfSAwJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg0MnB4LCAyMXB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDA7IH0gMC4wMDAwMSUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNDJweCwgMjFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAxOyAtd2Via2l0LWFuaW1hdGlvbi10aW1pbmctZnVuY3Rpb246IGxpbmVhcjsgfSAxMDAlIHsgLXdlYmtpdC10cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDQycHgsIDIxcHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMTsgfX1cbkBrZXlmcmFtZXMgYndfenljN21qd25iIHsgMCUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDExOHB4LCAyMDVweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyBhbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMCUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDExOHB4LCAyMDVweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyB9IDAuMDAwMDElIHsgdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCgxMThweCwgMjA1cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMC4zOyBhbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMTAwJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoMTE4cHgsIDIwNXB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDAuMzsgfX1cbkAtd2Via2l0LWtleWZyYW1lcyBid196eWM3bWp3bmIgeyAwJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCgxMThweCwgMjA1cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgLXdlYmtpdC1hbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMCUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoMTE4cHgsIDIwNXB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDA7IH0gMC4wMDAwMSUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoMTE4cHgsIDIwNXB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDAuMzsgLXdlYmtpdC1hbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMTAwJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCgxMThweCwgMjA1cHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMC4zOyB9fVxuQGtleWZyYW1lcyBid19kOGFyMXk2bm4geyAwJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNDJweCwgMjFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyBhbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMCUgeyB0cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDQycHgsIDIxcHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgfSAwLjAwMDAxJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNDJweCwgMjFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAxOyBhbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMTAwJSB7IHRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNDJweCwgMjFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAxOyB9fVxuQC13ZWJraXQta2V5ZnJhbWVzIGJ3X2Q4YXIxeTZubiB7IDAlIHsgLXdlYmtpdC10cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDQycHgsIDIxcHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMDsgLXdlYmtpdC1hbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMCUgeyAtd2Via2l0LXRyYW5zZm9ybTogdHJhbnNsYXRlM2QoNDJweCwgMjFweCwgMCkgc2NhbGUoMSwgMSkgcm90YXRlKDBkZWcpOyBvcGFjaXR5OiAwOyB9IDAuMDAwMDElIHsgLXdlYmtpdC10cmFuc2Zvcm06IHRyYW5zbGF0ZTNkKDQycHgsIDIxcHgsIDApIHNjYWxlKDEsIDEpIHJvdGF0ZSgwZGVnKTsgb3BhY2l0eTogMTsgLXdlYmtpdC1hbmltYXRpb24tdGltaW5nLWZ1bmN0aW9uOiBsaW5lYXI7IH0gMTAwJSB7IC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUzZCg0MnB4LCAyMXB4LCAwKSBzY2FsZSgxLCAxKSByb3RhdGUoMGRlZyk7IG9wYWNpdHk6IDE7IH19PC9zdHlsZT48L2JvZHk%2BPC9odG1sPiIsIm1ldGhvZEJsb2NrZWQiOiJpbml0aWFsREZQLXdyaXRlIn0sImJsb2NrZWQiOnRydWUsImNhbGxTdGFjayI6IkVycm9yXG4gICAgYXQgT1cgKGh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL3NldHVwYWQtaGFpL2ItOTM1ZTJmMS1kM2RmODg4MS5qczoxOjMwMzIyKVxuICAgIGF0IE9DIChodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9zZXR1cGFkLWhhaS9iLTkzNWUyZjEtZDNkZjg4ODEuanM6MTozOTc0NClcbiAgICBhdCBIVE1MRG9jdW1lbnQuPGFub255bW91cz4gKGh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL3NldHVwYWQtaGFpL2ItOTM1ZTJmMS1kM2RmODg4MS5qczoxOjQyNjc5&i=12-13&t=adltag_lpih9e1a_AY22Lq9u2iJ&r=e1702d2e795da80a4daed1dc96b7f97&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24010
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
qI7AyMnA2GV1VIQd6blQAAZC_Hsn6CkAd-idXib2b8IIVj64ofxLCA==
tag
setupad-hai-tagan.adlightning.com/ 		0
419 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://setupad-hai-tagan.adlightning.com/tag?s=bl&d=KVxuICAgIGF0IGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9tYW5hZ2VkL2pzL2dwdC9tMjAyMzExMTQwMTAxL3B1YmFkc19pbXBsLmpzP2NiPTMxMDc5Njk1OjEwOjM4NTcxNVxuICAgIGF0IGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9tYW5hZ2VkL2pzL2dwdC9tMjAyMzExMTQwMTAxL3B1YmFkc19pbXBsLmpzP2NiPTMxMDc5Njk1OjEwOjM4OTI4XG4gICAgYXQgSWggKGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9tYW5hZ2VkL2pzL2dwdC9tMjAyMzExMTQwMTAxL3B1YmFkc19pbXBsLmpzP2NiPTMxMDc5Njk1OjEwOjM5MTQzKVxuICAgIGF0IFhOLmwgKGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9tYW5hZ2VkL2pzL2dwdC9tMjAyMzExMTQwMTAxL3B1YmFkc19pbXBsLmpzP2NiPTMxMDc5Njk1OjEwOjM4NTMwMylcbiAgICBhdCBDTS5yZW5kZXIgKGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9tYW5hZ2VkL2pzL2dwdC9tMjAyMzExMTQwMTAxL3B1YmFkc19pbXBsLmpzP2NiPTMxMDc5Njk1OjEwOjM0ODI2MClcbiAgICBhdCBkdC5qIChodHRwczovL3NlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvbWFuYWdlZC9qcy9ncHQvbTIwMjMxMTE0MDEwMS9wdWJhZHNfaW1wbC5qcz9jYj0zMTA3OTY5NToxMDozODcxMzEpXG4gICAgYXQgR3UubyAoaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL21hbmFnZWQvanMvZ3B0L20yMDIzMTExNDAxMDEvcHViYWRzX2ltcGwuanM%2FY2I9MzEwNzk2OTU6MTA6MjIxNzkwKSJ9&i=13-13&t=adltag_lpih9e1a_AY22Lq9u2iJ&r=e1702d2e795da80a4daed1dc96b7f97&c=setupad-hai&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-118.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
gWTmw0tfPETBYf1l15W3yTHMSfUGKL9Y
date
Tue, 28 Nov 2023 09:39:13 GMT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
age
24010
x-cache
Error from cloudfront
content-length
0
last-modified
Thu, 31 Mar 2022 19:59:52 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
V1G7Ke5aoxHQ3OdW8UGw6lWh9DPRK7Q-JCxI3UnLAieYT6JUYQ6Ddw==
b-935e2f1-d3df8881.js
tagan.adlightning.com/setupad-hai/ Frame EE64 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 12:19:01 GMT
content-encoding
gzip
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
x-amz-version-id
ewraV.NlWrAuI1ITNHYKI6qCHBKA8Mbc
x-amz-cf-pop
IAD89-P1
age
1220047
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27316
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:26:13 GMT
server
AmazonS3
etag
"64ca92e55d25ac355c394baedd21198b"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
PqiHdlG1l6XlM4KODpOdUGNpTK0V3aYHZTHttgoU6Ypj0Kwn1IFRMw==
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:07 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:07 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:07 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
ecm3
s.amazon-adsystem.com/ Frame 5371 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=ff1fd46e-a9b5-4b8e-95c5-83dad1fec44f
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 15:13:07 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8VYAVMJPB9F9WXSY00Q9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 5371
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=751df1b2-159f-4fdf-b434-ea90b27fbc1b&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=751df1b2-159f-4fdf-b434-ea90b27fbc1b&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
3.233.113.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-113-93.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:07 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=751df1b2-159f-4fdf-b434-ea90b27fbc1b&gdpr=0&gdpr_consent=
date
Tue, 28 Nov 2023 15:13:07 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 5371
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=ZmYxZmQ0NmUtYTliNS00YjhlLTk1YzUtODNkYWQxZmVjNDRm
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
3.233.113.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-113-93.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:07 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 5371
Redirect Chain
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2804893853207294712
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2804893853207294712
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
3.233.113.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-113-93.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:07 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:07 GMT
an-x-request-uuid
49a3429f-895f-4cce-bc8d-5090f59f656a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=2804893853207294712
x-proxy-origin
86.48.15.68; 86.48.15.68; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 5371
Redirect Chain
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=&s=2
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=GhXaMnNUl0F3KgDtyy_b&gdpr=0
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=GhXaMnNUl0F3KgDtyy_b&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
3.233.113.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-113-93.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:07 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 15:13:07 GMT
Content-Type
text/html; charset=utf-8
Location
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=GhXaMnNUl0F3KgDtyy_b&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
147
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=761501723253472&correlator=3928241945429301&eid=31079695%2C44808652%2C44780990%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=147246189%3A22384346533%2Cmodsforandroid.com_980x300_desktop_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C980x300%7C750x100%7C750x150%7C750x200%7C750x300%7C800x250%7C930x180%7C950x90%7C970x90%7C970x210%7C970x250%7C980x120%7C980x150%7C980x200%7C980x240%7C980x250&ifi=9&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Dd4fa2af4e2f2a4b3%3AT%3D1701184384%3ART%3D1701184384%3AS%3DALNI_MbRTIIL70EaGqaMzEGijLltg680nA&gpic=UID%3D00000da462cb7259%3AT%3D1701184384%3ART%3D1701184384%3AS%3DALNI_MaX1QLJpQeTLIokyHY6x7qY4pqSyg&abxe=1&dt=1701184387619&lmt=1701184387&adxs=436&adys=360&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&vis=1&psz=1600x286&msz=1600x250&fws=0&ohw=0&ga_vid=1335805097.1701184385&ga_sid=1701184385&ga_hid=548983438&ga_fc=false&a3p=EhsKDDMzYWNyb3NzLmNvbRjz1fazwTFIAFICCGQSGAoJeWFob28uY29tGPvW9rPBMUgAUgIIbxIZCgp1aWRhcGkuY29tGPPV9rPBMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y3dn2s8ExSABSAghqEhoKDWNyd2RjbnRybC5uZXQSABiA2PazwTFIABIZCgpwdWJjaWQub3JnGIrW9rPBMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRjz1fazwTFIAFICCGQSFwoIcnRiaG91c2UYlNf2s8ExSABSAghqEj4KBW9wZW54EixleUpwSWpvaU5EUllUVkp3WTJSVVpWZGFaVFpRYkhZd2JFOVRaejA5SW4wPRiw1_azwTFIAA..&dlt=1701184383183&idt=412&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&adks=2966010154&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
1911bd1f17e830dd09e6f1be1e79016d3013b542c38b9a0e467313b94808ade4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13997
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gl.modsforandroid.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		57 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=761501723253472&correlator=2206980859378734&eid=31079695%2C44808652%2C44780990%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=147246189%3A22384346533%2Cmodsforandroid.com_300x250_double_banner_desktop_1_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250&ifi=10&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Dd4fa2af4e2f2a4b3%3AT%3D1701184384%3ART%3D1701184384%3AS%3DALNI_MbRTIIL70EaGqaMzEGijLltg680nA&gpic=UID%3D00000da462cb7259%3AT%3D1701184384%3ART%3D1701184384%3AS%3DALNI_MaX1QLJpQeTLIokyHY6x7qY4pqSyg&abxe=1&dt=1701184387630&lmt=1701184387&adxs=486&adys=844&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&vis=1&psz=300x250&msz=300x250&fws=4&ohw=1085&ga_vid=1335805097.1701184385&ga_sid=1701184385&ga_hid=548983438&ga_fc=false&a3p=EhsKDDMzYWNyb3NzLmNvbRjz1fazwTFIAFICCGQSGAoJeWFob28uY29tGPvW9rPBMUgAUgIIbxIZCgp1aWRhcGkuY29tGPPV9rPBMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y3dn2s8ExSABSAghqEhoKDWNyd2RjbnRybC5uZXQSABiA2PazwTFIABIZCgpwdWJjaWQub3JnGIrW9rPBMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRjz1fazwTFIAFICCGQSFwoIcnRiaG91c2UYlNf2s8ExSABSAghqEj4KBW9wZW54EixleUpwSWpvaU5EUllUVkp3WTJSVVpWZGFaVFpRYkhZd2JFOVRaejA5SW4wPRiw1_azwTFIAA..&dlt=1701184383183&idt=412&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&adks=423995951&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
2f6bdd6aea5d6f5be15ca05158a78ad3c0bc4535c25f8a08d949baac48a699fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13697
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gl.modsforandroid.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 444A 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 00:49:53 GMT
age
397394
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 00:49:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 444A 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 00:42:43 GMT
age
397824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 00:42:43 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 444A 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 16:13:41 GMT
age
341966
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 16:13:41 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 444A 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-animation-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 23:51:21 GMT
age
314506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16661
x-xss-protection
0
server
sffe
etag
"6d0f8508d14b183a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 23:51:21 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 444A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 00:30:02 GMT
age
398585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 00:30:02 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 444A 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 27 Nov 2023 18:29:42 GMT
age
74605
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Nov 2024 18:29:42 GMT
css
fonts.googleapis.com/ Frame 444A 		2 KB
980 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
992052b3f5033727a2aa70a6d5b4acf2012f63a951e528fc4675307414fff6e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gl.modsforandroid.com/
Origin
https://gl.modsforandroid.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 15:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 14:24:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 15:13:07 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 444A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:48:16 GMT
x-content-type-options
nosniff
server
cafe
age
44691
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Wed, 29 Nov 2023 02:48:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 444A 		295 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:48:04 GMT
x-content-type-options
nosniff
server
cafe
age
44703
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Wed, 29 Nov 2023 02:48:04 GMT
truncated
/ Frame 444A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d48116b0df6d85cf02b5e5b6d79b359dca13842991218f61911835387f158ab5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
gfc-fav-red.png
tpc.googlesyndication.com/sadbundle/11662783782632594558/ Frame 444A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/11662783782632594558/gfc-fav-red.png
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
1d18a0e2bf140e1155006eae971ee4dcb1861eff0e9e2eb50b1610fc582263e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 20:46:45 GMT
x-content-type-options
nosniff
age
584782
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14162
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 20:56:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 20 Nov 2024 20:46:45 GMT
scissors-red.png
tpc.googlesyndication.com/sadbundle/11662783782632594558/ Frame 444A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/11662783782632594558/scissors-red.png
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
63d5192505ddd6af59e7de1e2b706556837077c8f116fb710f73da929733d84d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 20:46:45 GMT
x-content-type-options
nosniff
age
584782
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3992
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 20:56:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 20 Nov 2024 20:46:45 GMT
AGSKWxUnNI6wjBT_AVy2930A3VhKYunmeJASo9qkDmS4cuX0-7XeXe118wkOuXoAUFF2k-sNCrEUZyWmQAI0p-yPT3lA9305cjwa0boCOeNPQd7I5zgkB8JKf0yhjTCmwatk6JEjhV4ibQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUnNI6wjBT_AVy2930A3VhKYunmeJASo9qkDmS4cuX0-7XeXe118wkOuXoAUFF2k-sNCrEUZyWmQAI0p-yPT3lA9305cjwa0boCOeNPQd7I5zgkB8JKf0yhjTCmwatk6JEjhV4ibQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMxd0NKCczu8sV-iyoTNuKNlsKtSdw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lLOSzZ2CVCYFRZC2QyODmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 15:13:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-lLOSzZ2CVCYFRZC2QyODmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gl.modsforandroid.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUnNI6wjBT_AVy2930A3VhKYunmeJASo9qkDmS4cuX0-7XeXe118wkOuXoAUFF2k-sNCrEUZyWmQAI0p-yPT3lA9305cjwa0boCOeNPQd7I5zgkB8JKf0yhjTCmwatk6JEjhV4ibQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUnNI6wjBT_AVy2930A3VhKYunmeJASo9qkDmS4cuX0-7XeXe118wkOuXoAUFF2k-sNCrEUZyWmQAI0p-yPT3lA9305cjwa0boCOeNPQd7I5zgkB8JKf0yhjTCmwatk6JEjhV4ibQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMxd0NKCczu8sV-iyoTNuKNlsKtSdw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4unLa1iXY3uRRVV55afpGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 15:13:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-4unLa1iXY3uRRVV55afpGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://gl.modsforandroid.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXgZMEN3G4-83d5X87QSy79Z4MT_PonwEtNnsd1-Vh72WSfYWX4Nj_yno8CE9Dn1AK4K3_UwII2arc7c_Vnew7UNSsLmWjOwMykIfJIRkMo4485cpzM2UjItwnqqlFDJFdVArbeXA==
fundingchoicesmessages.google.com/f/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXgZMEN3G4-83d5X87QSy79Z4MT_PonwEtNnsd1-Vh72WSfYWX4Nj_yno8CE9Dn1AK4K3_UwII2arc7c_Vnew7UNSsLmWjOwMykIfJIRkMo4485cpzM2UjItwnqqlFDJFdVArbeXA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxMTg0Mzg3LDc4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZ2wubW9kc2ZvcmFuZHJvaWQuY29tL2VuL2FwcC8xNjQxNDg2NTU4L3RlbXUtc2hvcC1saWtlLWEtYmlsbGlvbmFpcmUiLG51bGwsW1s4LCJOdHM1THZZSW9iayJdLFs5LCJlbi1VUyJdLFs3LCIxNSJdLFsxMSwiW1tdLFtdLFtdXSJdLFsxOSwiMiJdXV0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
da0e198465d5269570780f6cc96ce3062bc92ede139dc279a39499a1f814bf96
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--P-79tL1K5AM4qE55SVmYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:07 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--P-79tL1K5AM4qE55SVmYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
bl-cf1706d-4ba06a6c.js
tagan.adlightning.com/setupad-hai/ Frame BA53 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad-hai/bl-cf1706d-4ba06a6c.js
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
879844f1add4207049e29b19fd91d4999303a54a9cdfc3dd741fc48cac374452

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:36:24 GMT
content-encoding
gzip
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
x-amz-version-id
1ir3pL_PxzBZCnH42CqRMMd6lUQ_Wo6N
x-amz-cf-pop
IAD89-P1
age
2204
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25050
x-amz-meta-git_commit
cf1706d
last-modified
Tue, 28 Nov 2023 14:22:21 GMT
server
AmazonS3
etag
"b30c1a1595c3d55f72cecf25a3960475"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
HSWbC7nu8tqQhQvs8AbYETZ57x8nGgnre3zW9BsmoeFig651BnbYMQ==
b-935e2f1-d3df8881.js
tagan.adlightning.com/setupad-hai/ Frame BA53 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 12:19:01 GMT
content-encoding
gzip
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
x-amz-version-id
ewraV.NlWrAuI1ITNHYKI6qCHBKA8Mbc
x-amz-cf-pop
IAD89-P1
age
1220047
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27316
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:26:13 GMT
server
AmazonS3
etag
"64ca92e55d25ac355c394baedd21198b"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
nYU-GCPVkGp8t_SJ-7lcgzvzmJRQWIclnwsZpgsV3_IJoYM5VfMkWA==
38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js
www.gstatic.com/mysidia/ Frame BA53 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
397396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4046
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 00:49:51 GMT
7c8fef2b841c224dc9dd256dc808a409.js
www.gstatic.com/mysidia/ Frame BA53 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16607
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 00:37:39 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BA53 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:50:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
44542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:50:46 GMT
b91a06220cfa130b0e547db55a85d66b.js
www.gstatic.com/mysidia/ Frame BA53 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b91a06220cfa130b0e547db55a85d66b.js?tag=exit_2019
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9816
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 00:32:35 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame BA53 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 12:05:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
11263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 12:05:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BA53 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:05:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
83281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 16:05:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BA53 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 05:01:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
36693
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 05:01:34 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BA53 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 15:13:08 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame BA53 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 00:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 00:30:57 GMT
bl-cf1706d-4ba06a6c.js
tagan.adlightning.com/setupad-hai/ Frame 9C5D 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad-hai/bl-cf1706d-4ba06a6c.js
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
879844f1add4207049e29b19fd91d4999303a54a9cdfc3dd741fc48cac374452

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:36:24 GMT
content-encoding
gzip
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
x-amz-version-id
1ir3pL_PxzBZCnH42CqRMMd6lUQ_Wo6N
x-amz-cf-pop
IAD89-P1
age
2204
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25050
x-amz-meta-git_commit
cf1706d
last-modified
Tue, 28 Nov 2023 14:22:21 GMT
server
AmazonS3
etag
"b30c1a1595c3d55f72cecf25a3960475"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
CDoDOAznhsxxUGBuoOdlgXdWfXpiTaNOMAYmALuPqQMwplas9x7EnA==
b-935e2f1-d3df8881.js
tagan.adlightning.com/setupad-hai/ Frame 9C5D 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 12:19:01 GMT
content-encoding
gzip
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
x-amz-version-id
ewraV.NlWrAuI1ITNHYKI6qCHBKA8Mbc
x-amz-cf-pop
IAD89-P1
age
1220047
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27316
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:26:13 GMT
server
AmazonS3
etag
"64ca92e55d25ac355c394baedd21198b"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6c0OCxYAfG-0c6U1h5IngPXA3retpq29VP5D4qXp8mqzeK7vpEHQLw==
css2
fonts.googleapis.com/ Frame 9C5D 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 15:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 14:23:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 15:13:07 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9C5D 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:05:39 GMT
x-content-type-options
nosniff
age
83249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 26 Nov 2024 16:05:39 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9C5D 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:20:23 GMT
x-content-type-options
nosniff
age
3165
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 27 Nov 2024 14:20:23 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 9C5D 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 03:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
42951
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 03:17:16 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 13:31:13 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6114
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 28 Nov 2023 15:31:13 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame EE64 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 00:49:53 GMT
age
397394
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 00:49:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame EE64 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 00:42:43 GMT
age
397824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 00:42:43 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame EE64 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 16:13:41 GMT
age
341966
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 16:13:41 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame EE64 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 00:30:02 GMT
age
398585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 00:30:02 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame EE64 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 27 Nov 2023 18:29:42 GMT
age
74605
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Nov 2024 18:29:42 GMT
css
fonts.googleapis.com/ Frame EE64 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 15:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 14:17:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 15:13:07 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EE64 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:48:16 GMT
x-content-type-options
nosniff
server
cafe
age
44691
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Wed, 29 Nov 2023 02:48:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EE64 		295 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:48:04 GMT
x-content-type-options
nosniff
server
cafe
age
44703
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Wed, 29 Nov 2023 02:48:04 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/3099174595027135750/ Frame EE64 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3099174595027135750/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
d8bcc2a38d6a7d4ad1cc2a8fa0c813449fa93b1b04add2550cde0b13139e8aa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:07 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40789
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 20:30:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Nov 2024 15:13:07 GMT
17823320978948381253
tpc.googlesyndication.com/simgad/ Frame EE64 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17823320978948381253?w=100&h=100&tw=1&q=75
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
27931fd217e871b8a5cb063b0897599cedc7ac10163d28b33e8dd99f8d196dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:24:34 GMT
x-content-type-options
nosniff
age
474513
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2991
x-xss-protection
0
last-modified
Wed, 02 Dec 2020 20:08:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Nov 2024 03:24:34 GMT
truncated
/ Frame EE64 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40963b8c952c03fd4511d06e6805d6d27b86c4f0c6a12cc0eb87e61484197a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
collect
a.ad.gt/api/v1/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 28 Nov 2023 15:13:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gl.modsforandroid.com
access-control-allow-credentials
true
cf-ray
82d38d98ca0136bb-YYZ
getpixels
pixels.ad.gt/api/v1/ 		0
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=397386649a3cb7ec2a513e270fc9eb7a&url=https%3A%2F%2Fgl.modsforandroid.com%2Fen%2Fapp%2F1641486558%2Ftemu-shop-like-a-billionaire%23google_vignette&code=%27none%27
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82d38d98dc1ca1de-YYZ
content-type
text/html; charset=utf-8
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 444A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gl.modsforandroid.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 18:38:51 GMT
x-content-type-options
nosniff
age
74056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Nov 2024 18:38:51 GMT
AGSKWxV9rQWehLZb6BnA-KsiUluIdFfb14G-_UFpGWs-C1Ei6mpItIDmxpP-GKILhg2GRZY7Tem0rqhoc6gJbw_71nfWCW0RGFm-tsqWzCrnM6bgD2gPZFpeJSyhV2xViS4ZznAeC7mfZQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV9rQWehLZb6BnA-KsiUluIdFfb14G-_UFpGWs-C1Ei6mpItIDmxpP-GKILhg2GRZY7Tem0rqhoc6gJbw_71nfWCW0RGFm-tsqWzCrnM6bgD2gPZFpeJSyhV2xViS4ZznAeC7mfZQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxMTg0Mzg3LDk4NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZ2wubW9kc2ZvcmFuZHJvaWQuY29tL2VuL2FwcC8xNjQxNDg2NTU4L3RlbXUtc2hvcC1saWtlLWEtYmlsbGlvbmFpcmUiLG51bGwsW1s4LCJOdHM1THZZSW9iayJdLFs5LCJlbi1VUyJdLFs3LCIxNSJdLFsxMSwiW1tdLFtdLFtdXSJdLFsxOSwiMiJdXV0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
0ccb805e5fa40dbff2de05a39cd5159b889a2bf441605300ee749085d70e1534
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zrqiwaNsmS_F6eL2EhMV2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:08 GMT
content-security-policy
script-src 'report-sample' 'nonce-zrqiwaNsmS_F6eL2EhMV2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame EE64 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gl.modsforandroid.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 00:07:09 GMT
x-content-type-options
nosniff
age
313559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 00:07:09 GMT
css
fonts.googleapis.com/ Frame E306 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 15:13:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 14:23:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 15:13:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E306 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:50:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
44542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:50:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame E306 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 12:05:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
11263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 12:05:25 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0DC1 		143 B
272 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 14:52:50 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E306 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:05:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
83281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 16:05:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E306 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 05:01:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
36694
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 05:01:34 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E306 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 15:13:08 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame E306 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 00:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 00:30:57 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:29:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
2616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 28 Nov 2023 15:29:32 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 14:34:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
2290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 28 Nov 2023 15:34:58 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3360073878299017976/ Frame E894 		108 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3360073878299017976/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
8012b2f23bf51f1982ac07e703f49a09dded11a4bf76326106c7c9893da8867e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
476326
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
30240
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 02:54:22 GMT
expires
Fri, 22 Nov 2024 02:54:22 GMT
last-modified
Tue, 18 Apr 2023 23:59:17 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
b-935e2f1-d3df8881.js
tagan.adlightning.com/setupad-hai/ Frame 2C68 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 12:19:01 GMT
content-encoding
gzip
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
x-amz-version-id
ewraV.NlWrAuI1ITNHYKI6qCHBKA8Mbc
x-amz-cf-pop
IAD89-P1
age
1220048
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27316
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:26:13 GMT
server
AmazonS3
etag
"64ca92e55d25ac355c394baedd21198b"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
OnyaCFBuBlcvHUKPEFTe6D-vieg7KdkhL_-LoQXJV7xVmFOKAg_Qag==
truncated
/ Frame BA53 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42a4e1d7b394fac00dbe84bd3657b38ee1aaf9460a22b6f2e0727983ffde20a0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame EE64
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date
Tue, 28 Nov 2023 15:13:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EE64 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:48:16 GMT
x-content-type-options
nosniff
server
cafe
age
44692
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Wed, 29 Nov 2023 02:48:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EE64 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:48:04 GMT
x-content-type-options
nosniff
server
cafe
age
44704
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Wed, 29 Nov 2023 02:48:04 GMT
AGSKWxX6Y0wWE1jlXVZSHLLCQQo3YFx5Q8qkOnlFHnWVuM2-FtsiHrr_qyq-LSDvKGo2kQTKo96HnN2plK18Meja0cGlmGwPDVfpYVpVVfWbO0deSUntzi9kZqGnRz9sSw1mqEWUWIo8WA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX6Y0wWE1jlXVZSHLLCQQo3YFx5Q8qkOnlFHnWVuM2-FtsiHrr_qyq-LSDvKGo2kQTKo96HnN2plK18Meja0cGlmGwPDVfpYVpVVfWbO0deSUntzi9kZqGnRz9sSw1mqEWUWIo8WA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxMTg0Mzg5LDE1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwLDldLG51bGwsMixudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL2dsLm1vZHNmb3JhbmRyb2lkLmNvbS9lbi9hcHAvMTY0MTQ4NjU1OC90ZW11LXNob3AtbGlrZS1hLWJpbGxpb25haXJlIixudWxsLFtbOCwiTnRzNUx2WUlvYmsiXSxbOSwiZW4tVVMiXSxbNywiMTUiXSxbMTEsIltbXSxbXSxbXV0iXSxbMTksIjIiXV1d
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
6814bbe13dc4841f8139a3df5c0836d361b08e16390d65a7dc885095dd004f9f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--_ypnuCJaEOiVCeGcGOiJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:09 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--_ypnuCJaEOiVCeGcGOiJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame E894 		2 KB
480 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:700,regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3360073878299017976/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
3ebcc90cf659bfe3a93df6f0371b1ceb3a833ab4fdfdf0123782b202992bc6d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 15:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 13:27:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 15:13:09 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E894 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3360073878299017976/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3360073878299017976/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 03:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
43330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 29 Nov 2023 03:10:59 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E894 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3360073878299017976/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3360073878299017976/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:48:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
44705
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 29 Nov 2023 02:48:04 GMT
b-935e2f1-d3df8881.js
tagan.adlightning.com/setupad-hai/ Frame DD53 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 12:19:01 GMT
content-encoding
gzip
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
x-amz-version-id
ewraV.NlWrAuI1ITNHYKI6qCHBKA8Mbc
x-amz-cf-pop
IAD89-P1
age
1220049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27316
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:26:13 GMT
server
AmazonS3
etag
"64ca92e55d25ac355c394baedd21198b"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
AT9gw_OtfC5rnEpzGtPCjkPFahxvHll6HB4uVQsbWYjlO0KVaPQ_Ng==
PugMaster
image6.pubmatic.com/AdServer/ Frame 84A7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12752692&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4a2227fc9caeefb1e5d27fe96202d25b10703b2b85b155472d4d563c80908f4f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 28 Nov 2023 15:13:08 GMT
content-length
1766
content-type
text/html; charset=UTF-8
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 2C68 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 00:49:53 GMT
age
397396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 00:49:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2C68 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 00:42:43 GMT
age
397826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 00:42:43 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2C68 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 16:13:41 GMT
age
341968
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 16:13:41 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2C68 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 00:30:02 GMT
age
398587
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 00:30:02 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2C68 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 27 Nov 2023 18:29:42 GMT
age
74607
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Nov 2024 18:29:42 GMT
css
fonts.googleapis.com/ Frame 2C68 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 15:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 14:16:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 15:13:09 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2C68 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:48:16 GMT
x-content-type-options
nosniff
server
cafe
age
44693
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Wed, 29 Nov 2023 02:48:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2C68 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:48:04 GMT
x-content-type-options
nosniff
server
cafe
age
44705
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Wed, 29 Nov 2023 02:48:04 GMT
l
www.google.com/ads/measurement/ Frame 2C68 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLve8mAduP8d3yxh0ddxuyAxu-5-hTPE-1qwzDrRkqC_hEWhSQD_2IhKc1RzuXe8l9lnKq6T8QnmHBxVnNEkCfVHnWwg
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
truncated
/ Frame 2C68 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38f2460d0090ba60c7cf2c600869c7cfe62f510d93b064cf951756e6be761bef

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 444A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAg9egANmZZLNOs-HqMwP_Pmi4AS0h6mudKGx5ey0Etmf1rLcQBABII3kvSlg_aCZgegDoAHEx-6UAcgBCeACAKgDAcgDCKoE7wJP0BttVvWNWDOsLBKCwp-pW72iZ_VfWG2cZMEgDn0GcxauhoF-6QvpImXyrT5wuyELIs6OnGwOKdwWdMvSefpVFUZJeTX6YrN03L7OfNYj3ePbXsuAuWNba5i2yGAOjI6nzoaHbjpCEck6tG1RX9BP7bk3fAZAbfYl4aiFUa7sE-yYsy6p1uRT0bjgOMtQFmLDmhABYShLJ3R_mVRPfNZeNXKjbeFsaeCuBafuJ2KeU0cP72svqGRYg4ulyqLEb-F60KO1VZfRJ--5xTME9BLPYmuqGOMulWiDkJc5XYJy5Nmweeg1TWR1XQkDeHW0X56phCl72Vai9sIEFm5EbQN05UTULHCd-zIilBey0AzujchD29BTm-Qe5E0ILBCmmJw1trJALMIY8-6KdvLl9Z6QqzrHu9Vg3A_FbuEah2bEYvkwFAGJ0c4A5vddAMKWBU1st4oV3ZptGAtGtpCteb4LxGsqS4r5dGpNRss-jcGLwASgx4Lw2QTgBAGIBcagorxNkgUECAQYAZIFBAgFGASgBi6AB6Kdj9MDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ46QR0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTU2MjQ1ODY3OTA1NjI5MDmaCe0BaHR0cHM6Ly9nZXRmcmVlY291cG9ucy5jb20vam9pbi1ub3c_cG9wdXA9MSZ1dG1fc291cmNlPWdkbl9kY2EmcG9zdGJhY2s9e2djbGlkfSZhdG5pZD17Z2NsaWR9JmFkZ3JvdXA9MTYxNTY0NjMxOTY4JmNhbXBhaWduPTIwNzk1OTIwNDU0JmRldmljZT1jJmNyZWF0aXZlPTY4MTgwNjU5MjQyNyZwdWJsaXNoZXI9Z2wubW9kc2ZvcmFuZHJvaWQuY29tJnNvdXJjZT1zZWdtZW50X2JlX2FfMzIxMTA0MDcxODU1MTM0MjgwgAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQ4LX80O-U14lVEgIBA-INEwj9tNTX_eaCAxXPA4oDHfy8CEzYEw3QFQGAFwGyFx4KHAgAEhRwdWItMzk3MDI3NzUzNTUyODYxMxiV4h8&sigh=tf6WFHazEks&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwDICaaNM3WswWNMihuls6JrTi611oQk_CgWVkFyS97SGxC8tjMrJZocTtVVAMbYo3S7W5xTCGFCWVnAjYQajCh-cwdVdpaI-d_ai6SNjPYYAQ&template_id=419&cbvp=2
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0DC1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
URL: https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 15:13:09 GMT
expires
Tue, 28 Nov 2023 15:13:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 15:13:09 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame DD53 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 00:49:53 GMT
age
397396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 00:49:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DD53 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 00:42:43 GMT
age
397826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 00:42:43 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DD53 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 16:13:41 GMT
age
341968
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 16:13:41 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DD53 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 00:30:02 GMT
age
398587
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 00:30:02 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DD53 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 27 Nov 2023 18:29:42 GMT
age
74607
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Nov 2024 18:29:42 GMT
css
fonts.googleapis.com/ Frame DD53 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 15:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 14:22:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 15:13:09 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DD53 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:48:16 GMT
x-content-type-options
nosniff
server
cafe
age
44693
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Wed, 29 Nov 2023 02:48:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DD53 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:48:04 GMT
x-content-type-options
nosniff
server
cafe
age
44705
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Wed, 29 Nov 2023 02:48:04 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2C68 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gl.modsforandroid.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 00:07:09 GMT
x-content-type-options
nosniff
age
313560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 00:07:09 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/9858426520750282193/ Frame DD53 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9858426520750282193/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
58290dbbbf9e3a85467af2fc14a2c2037312afc418d4698983725d744d6e2b13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:09 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26544
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 14:42:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Nov 2024 15:13:09 GMT
7262378093830645039
tpc.googlesyndication.com/simgad/ Frame DD53 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7262378093830645039?w=100&h=100&tw=1&q=75
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
0c80e49383a4110fa3a1eaef736cef38ac99e2ea529c2ce493b7c46ac7f03208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:46:58 GMT
x-content-type-options
nosniff
age
12371
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2725
x-xss-protection
0
last-modified
Wed, 02 Dec 2020 20:09:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Nov 2024 11:46:58 GMT
truncated
/ Frame DD53 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e74d0b39c9d1502d450f265195c3848146b09baf56b16d0609c679f7c429087d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
B29286181.359102098;dc_pre=CKqK-tn95oIDFU8NaAgdKKMKmg;dc_trk_aid=550125031;dc_trk_cid=186427139;ord=537606571;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/ Frame EE64
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359102098;dc_trk_aid=550125031;dc_trk_cid=186427139;ord=537606571;dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359102098;dc_pre=CKqK-tn95oIDFU8NaAgdKKMKmg;dc_trk_aid=550125031;dc_trk_cid=186427139;ord=537606571;dc_lat=;dc_rdi...
42 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359102098;dc_pre=CKqK-tn95oIDFU8NaAgdKKMKmg;dc_trk_aid=550125031;dc_trk_cid=186427139;ord=537606571;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&cbvp=2
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Server
172.253.115.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f149.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359102098;dc_pre=CKqK-tn95oIDFU8NaAgdKKMKmg;dc_trk_aid=550125031;dc_trk_cid=186427139;ord=537606571;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&cbvp=2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxXjSD3JOsO0Qs3dIIwLPwAZkgXFGtvy9YUtg8mK2wP8Ljzn-DPJ6CoSxQX8Xj-0Y9nItEdmHK5FXeJ_AuH1cJQuhV_XKAvuJo_6SBgD0GkK4QIgFkrN7NatTMpXXqZiJ2Kv9Kli5Q==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXjSD3JOsO0Qs3dIIwLPwAZkgXFGtvy9YUtg8mK2wP8Ljzn-DPJ6CoSxQX8Xj-0Y9nItEdmHK5FXeJ_AuH1cJQuhV_XKAvuJo_6SBgD0GkK4QIgFkrN7NatTMpXXqZiJ2Kv9Kli5Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMxd0NKCczu8sV-iyoTNuKNlsKtSdw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3d6NF9FDUq82kArNpjrLGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 15:13:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-3d6NF9FDUq82kArNpjrLGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gl.modsforandroid.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EE64 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChoaMgANmZefjOs-HqMwP_Pmi4AT_6prpc6qk1dKWEdHk4u6ODhABII3kvSlg_aCZgegDoAGk7o2vKMgBAeACAKgDAcgDCqoE3QJP0L9NdudyNfGiP08WWbzVjFaWwoyYAPQme4VI3qBb6-slKIkMbe84nk7jFtoZ9mK69yz6sfC6_8KWlrAZoOjhdrJOrGWnBHM3qUe7x8qm6A_U0aGSmEHbJFujKw9eUc8t3nE7p7usmECohWOzmXJlvTTauhANvxIJPlGGJjIXi9GImG3GsR7qeEwegfsetLUF84QpLBm6zmme68987BIScfCl_o3GX-Fv-yj-BCZ5CHJQFU90CochKRtBCkuD0zeSzYLsjk76D7VJweDLJLKKoA_skTUVAUEVN7K69GNg4iHw4RBSdxJ10_2kV62nEtT33Yx3_PI8pII1He_1o15Jw2qIwOkNOkJlWL19T27QgrX-jYHxh9Ei0qJE6mhU8wBXPeI_BvDWsZlcIjPKcykymok5tTTLJThQuxRapTbr5shJFoTmzNR769d01ymI6Vx5qSIhLama7M3oQlOewATq05fWpATgBAGIBdr3ro9JkgUECAQYAZIFBAgFGASAB7eaziyoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC5jV_SCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTYyNDU4Njc5MDU2MjkwOZoJS2h0dHBzOi8vY2xvdWQuZ29vZ2xlLmNvbS9nY3A_e2djbGlkfX4xNDcyODMzNzI1MjJ-fjE5NjI4MDE0NTU0fjY0NzM5ODE2ODAwM4AKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEQoLELCUkJiA0L3FjQESAgED4g0TCIK11Nf95oIDFc8DigMd_LwITNgTDIgUAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zOTcwMjc3NTM1NTI4NjEzGJXiHw&sigh=InvYQyipEnc&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwDICaaNM3WswWNMihuls6JrTi611oQk_CgWVkFyS97SGxC8tjMrJZocTtVVAMbYo3S7W5xTCGFCWVnAjYQajCh-cwdVdpaI-d_ai6SNjPYYAQ&template_id=5007&cbvp=2
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame E894 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:700,regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tpc.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 10:56:47 GMT
x-content-type-options
nosniff
age
274582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 10:56:47 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame E894 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:700,regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tpc.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:59:43 GMT
x-content-type-options
nosniff
age
386006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 03:59:43 GMT
dcm
s.amazon-adsystem.com/ Frame AD87 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Nov 2023 15:13:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
W3RWXWFHRJB7CCVFB5Z0
ecm3
s.amazon-adsystem.com/ Frame 0B17 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC60BC04E-54F2-45D0-9778-B22E55AE9DD3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Nov 2023 15:13:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1X5HTKD9149VRR9GHQPJ
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 84A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xgvATlTyRdCXeLIuVa6d0w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
184.31.61.14 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-61-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:09 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=48214
accept-ranges
bytes
content-length
5622
expires
Wed, 29 Nov 2023 04:36:43 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 84A7
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C60BC04E-54F2-45D0-9778-B22E55AE9DD3
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3De32df9e5-0a81-43ff-b07a-52c5f710a580%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2804893853207294712&pt=e32df9e5-0a81-43ff-b07a-52c5f710a580%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2804893853207294712&pt=e32df9e5-0a81-43ff-b07a-52c5f710a580%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:09 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:09 GMT
an-x-request-uuid
fda2b406-cfeb-42d0-b2b8-66a8ff8655a2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2804893853207294712&pt=e32df9e5-0a81-43ff-b07a-52c5f710a580%2C%2C
x-proxy-origin
86.48.15.68; 86.48.15.68; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 84A7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20C60BC04E-54F2-45D0-9778-B22E55AE9DD3&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 84A7 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Nov 2023 15:13:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 84A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzYwQkMwNEUtNTRGMi00NUQwLTk3NzgtQjIyRTU1QUU5REQz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 15:13:09 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 84A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEAT7Qs6x48TKRZroh3CvXg&google_cver=1
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEAT7Qs6x48TKRZroh3CvXg&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 15:13:09 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEAT7Qs6x48TKRZroh3CvXg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 84A7
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E3B931972A0E4668B2E412497DE90CFB
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E3B931972A0E4668B2E412497DE90CFB
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 15:13:09 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 28 Nov 2023 15:13:09 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E3B931972A0E4668B2E412497DE90CFB
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 27 Nov 2023 15:13:09 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 84A7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=751df1b2-159f-4fdf-b434-ea90b27fbc1b&gdpr=0&gdpr_consent=
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=751df1b2-159f-4fdf-b434-ea90b27fbc1b&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 15:13:09 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=751df1b2-159f-4fdf-b434-ea90b27fbc1b&gdpr=0&gdpr_consent=
date
Tue, 28 Nov 2023 15:13:09 GMT
server
Kestrel
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 84A7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SlaB4rdE2uVmCyZMH9UxA9nTfYrHbhg-~A&gdpr=0
0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SlaB4rdE2uVmCyZMH9UxA9nTfYrHbhg-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SlaB4rdE2uVmCyZMH9UxA9nTfYrHbhg-~A&gdpr=0
date
Tue, 28 Nov 2023 15:13:09 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame DD53 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gl.modsforandroid.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 00:07:09 GMT
x-content-type-options
nosniff
age
313560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 00:07:09 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2C68
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date
Tue, 28 Nov 2023 15:13:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
pagead2.googlesyndication.com/bg/ Frame 658F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
sffe /
Resource Hash
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 08:40:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
369166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15051
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 08:40:23 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame BA53
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CefbJgANmZarXOs-HqMwP_Pmi4ATtrbSydIKLtu-0EZ621KiXDhABII3kvSlg_aCZgegDoAHqnYeJA8gBCeACAKgDAcgDSKoE2AJP0M7BvMpLS1vhsNlHuJQxK8MhyLI9-fHhTHqQjG3V...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4a47edf64050670d0000000000000000%22,%222%22:%220x210cb3d4c7644d340000000000000000%22,%223%22:%220xa763bf...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4a47edf64050670d0000000000000000%22,%222%22:%220x210cb3d4c7644d340000000000000000%22,%223%22:%220xa763bf990c53f4570000000000000000%22,%224%22:%220x4eb45960a7b22ec50000000000000000%22,%225%22:%220x2b15ce2c7b9c2e450000000000000000%22},%22debug_key%22:%222633892305966048817%22,%22debug_reporting%22:true,%22destination%22:%22https://shipmentsfree.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22824299242%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213243427262915032305%22}&andc=true
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:10 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x4a47edf64050670d0000000000000000","2":"0x210cb3d4c7644d340000000000000000","3":"0xa763bf990c53f4570000000000000000","4":"0x4eb45960a7b22ec50000000000000000","5":"0x2b15ce2c7b9c2e450000000000000000"},"debug_key":"2633892305966048817","debug_reporting":true,"destination":"https://shipmentsfree.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["824299242"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"13243427262915032305"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 15:13:10 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Nov 2023 15:13:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x4a47edf64050670d0000000000000000","2":"0x210cb3d4c7644d340000000000000000","3":"0xa763bf990c53f4570000000000000000","4":"0x4eb45960a7b22ec50000000000000000","5":"0x2b15ce2c7b9c2e450000000000000000"},"debug_key":"2633892305966048817","debug_reporting":true,"destination":"https://shipmentsfree.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["824299242"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"13243427262915032305"}&andc=true
access-control-allow-origin
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CefbJgANmZarXOs-HqMwP_Pmi4ATtrbSydIKLtu-0EZ621KiXDhABII3kvSlg_aCZgegDoAHqnYeJA8gBCeACAKgDAcgDSKoE2AJP0M7BvMpLS1vhsNlHuJQxK8MhyLI9-fHhTHqQjG3VGVmzCpo7KI9kogtmmqeRDP2Kc2_cWszbc7S3Q1-ByBwvvxAM2Om8hq66hKGkgLky44tp4baXO9tXQayemQCCFufPmEbMjitepRmK0iP4lEBuJrlMrCMM2r2gSMVJc0Y95_H4L5vO090B4vjNU77EgOzBVHT_yOiatsCa0lgtXMf1LRYH-bOHTOBRd-dq65d5rmWJaPpUAigWkggVJtSS_pxS_vAvlM47E06_DT4-3B3PZBDqDFBIRKy62bsyzivUpnDbSm9fVVicHNcII5N6uazk4oIyonxR_BrmRPY6BSDRlpnGTB6dnrmQHkOQAWSMyLxmPb0d_5jsMc-zvOP3GYCO2gGJ2ip5yqrNnGgvM8w7SaSMgHyL4a73QEnFcoELZTWT9Io-b3q3Tf-nWnGt2EFngVJDq7vEzsAE-KzA54sE4AQBiAXmnfCSQ5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf-4fh2qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQrMAw0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTU2MjQ1ODY3OTA1NjI5MDmaCXZodHRwczovL3d3dy5zaGlwbWVudHNmcmVlLmNvbS9zbGFuZGVyL3NoaXBwaW5nLzE_bD1zZmxhbmQ0JnNpZD1zZmF3X0NBX1NtYXJ0XzE1JndlYnNpdGU9Z2wubW9kc2ZvcmFuZHJvaWQuY29tJm89c2hjYm9mgAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQsPOVv_DCqMAnEgIBA-INEwj_tNTX_eaCAxXPA4oDHfy8CEzYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzk3MDI3NzUzNTUyODYxMxiV4h8&sigh=SDQffSgF8iQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNM3WswWNMihuls6JrTi611oQk_CgWVkFyS97SGxC8tjMrJZocTtVVAMbYo3S7W5xTCGFCWVnAjYQajCh-cwdVdpaI-d_ai6SNjPYYAQ&template_id=419&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 15:13:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3293
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gl.modsforandroid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:09 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
pagead2.googlesyndication.com/bg/ Frame 4CC9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
sffe /
Resource Hash
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 08:40:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
369166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15051
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 08:40:23 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame DD53
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date
Tue, 28 Nov 2023 15:13:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DD53 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:48:16 GMT
x-content-type-options
nosniff
server
cafe
age
44693
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Wed, 29 Nov 2023 02:48:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DD53 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:48:04 GMT
x-content-type-options
nosniff
server
cafe
age
44705
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Wed, 29 Nov 2023 02:48:04 GMT
B29286181.359101750;dc_pre=CIK-iNr95oIDFeIZaAgdnQ4O4A;dc_trk_aid=550009035;dc_trk_cid=186427139;ord=4015263490;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/ Frame 2C68
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359101750;dc_trk_aid=550009035;dc_trk_cid=186427139;ord=4015263490;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359101750;dc_pre=CIK-iNr95oIDFeIZaAgdnQ4O4A;dc_trk_aid=550009035;dc_trk_cid=186427139;ord=4015263490;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359101750;dc_pre=CIK-iNr95oIDFeIZaAgdnQ4O4A;dc_trk_aid=550009035;dc_trk_cid=186427139;ord=4015263490;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&cbvp=2
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Server
172.253.115.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f149.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359101750;dc_pre=CIK-iNr95oIDFeIZaAgdnQ4O4A;dc_trk_aid=550009035;dc_trk_cid=186427139;ord=4015263490;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&cbvp=2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
pagead2.googlesyndication.com/bg/ Frame E894 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
sffe /
Resource Hash
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 08:40:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
369166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15051
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 08:40:23 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2C68 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAnP5gwNmZfWjKuGmo9kP8_eBoA7J_7j_c_qk1dKWEc3ei6SSDhABII3kvSlg_aCZgegDoAGk7o2vKMgBAeACAKgDAcgDCqoEwwJP0OSzLsT67W344oIXV4f1OK-GAg9hqiIhM1kz9BgxFBVwiKd5lNaeQSyEDoN2HdmdpQaXsChY3bCIQR7mHnn8TXmrDlaoGO8hl7A8N-LYv4z8Iimp7whAMGdKAk_dUYbIDuKPwq0V2FLNNyBI-90mex85ysDMjP97CWQZuhx1tufo-1xzNCPVQOSA-o5o_J_6YA5_gIQ-BcGZdwRCspraBHYMX2Jwd7crdMqjj8Xz9AuUuleLZleIV2eoSrA2QmJpHvluCdukNEc21-FU0prbdoCvdReNkKSAPX-OPXIruLsYuv00-00ykGY5dQOr68qKEqvH1Q2lkPB_PgZjbjPEZNgg58BOREPM6TqQAeibYN7O2j8Al2IsVkWcKNYWxpBciPuPVBQW5FmynbMbUPTCFmnLC1wDaLmQNfsgcZs4F8lL3MAE5M_fibIE4AQBiAWavvaSSZIFBAgEGAGSBQQIBRgEgAe3ms4sqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwUQu5eTA9IIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01NjI0NTg2NzkwNTYyOTA5mglWaHR0cHM6Ly9jbG91ZC5nb29nbGUuY29tL3NwZWVjaC10by10ZXh0P3tnY2xpZH1-MTUwODgxMTY3MzMyfn4xOTYzNTQ3ODI5OH42NDczOTgxNjgwMDmACgPICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAtoMEAoKENDzz7O5wcbbdBICAQPiDRMI-_v-2P3mggMVYdMoBR3zewDk2BMMiBQC0BUBmBYBgBcBshceChwIABIUcHViLTM5NzAyNzc1MzU1Mjg2MTMYleIf&sigh=m2YxFtNDmOc&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPADICaaNHmIrRTKEmgKbFhJ4-OaH9u3UZs6GiSet9_wxvALISF2MWvG-Tc1_zMMwZfPNTh3eqC7490vdHxgB&cbvp=2
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
B29286181.359101750;dc_pre=CPLQjtr95oIDFfIbaAgd8zkAtw;dc_trk_aid=550009035;dc_trk_cid=186427139;ord=2102173742;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/ Frame DD53
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359101750;dc_trk_aid=550009035;dc_trk_cid=186427139;ord=2102173742;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359101750;dc_pre=CPLQjtr95oIDFfIbaAgd8zkAtw;dc_trk_aid=550009035;dc_trk_cid=186427139;ord=2102173742;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359101750;dc_pre=CPLQjtr95oIDFfIbaAgd8zkAtw;dc_trk_aid=550009035;dc_trk_cid=186427139;ord=2102173742;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&cbvp=2
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Server
172.253.115.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f149.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:10 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B29286181.359101750;dc_pre=CPLQjtr95oIDFfIbaAgd8zkAtw;dc_trk_aid=550009035;dc_trk_cid=186427139;ord=2102173742;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&cbvp=2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4a47edf64050670d0000000000000000%22,%222%22:%220x210cb3d4c7644d340000000000000000%22,%223%22:%220xa763bf990c53f4570000000000000000%22,%224%22:%220x4eb45960a7b22ec50000000000000000%22,%225%22:%220x2b15ce2c7b9c2e450000000000000000%22},%22debug_key%22:%222633892305966048817%22,%22debug_reporting%22:true,%22destination%22:%22https://shipmentsfree.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22824299242%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213243427262915032305%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 15:13:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame DD53 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVAOIgwNmZbvJK-yjqMwP3MqScMn_uP9z-qTV0pYRzd6LpJIOEAEgjeS9KWD9oJmB6AOgAaTuja8oyAEB4AIAqAMByAMKqgTZAk_QqJkdMyLOksOCPYjhX60FyDLwT6b5IMYMeqwPX8JXz6BrVQaIIqHDA4IMcFstPFP3AkN4_nevOmpSP_cEj65rgAC67sEZwa_tO5mucgUAi9Fc4CTA4X3mmx2qGZeTy0VyKyv_rNS-vO_4BQq11fy0u8s43_NjFOYDSVeATkAqMEl-vxAjZ5WLmKVoVoUjMfKa65Xex4DU2Q5NHl-wYUC7mTVM3ezpZO5xL_ofRsZ02scz2eZclaKB9_EgBvxRgF6z3VqohZa3IS6SD3SWbkppCQkAq50znmljYYbeRW1GX_H8qfp4Hk8XDFREd0pZgI5f01naAQ1WZHn8oL_3uAXJEP5lRwiSRlgAhOB3am-vOUbDgIiVi_GlcNqqw_zGYgOdNtiF5eqy1O8qpBlF3oLAKbu2u0Affcbbr2poE7xOvaO8Dk5aXCc1Add_it6DTkgTy0oMx9KYGcAE5M_fibIE4AQBiAWavvaSSZIFBAgEGAGSBQQIBRgEgAe3ms4sqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwUQi4yfAdIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01NjI0NTg2NzkwNTYyOTA5mglWaHR0cHM6Ly9jbG91ZC5nb29nbGUuY29tL3NwZWVjaC10by10ZXh0P3tnY2xpZH1-MTUwODgxMTY3MzMyfn4xOTYzNTQ3ODI5OH42NDczOTgxNjgwMDmACgPICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAtoMEAoKEMCL7_zznvjjWxICAQPiDRMIu5aA2f3mggMV7BGKAx1cpQQO2BMMiBQC0BUBmBYBgBcBshceChwIABIUcHViLTM5NzAyNzc1MzU1Mjg2MTMYleIf&sigh=IEGKHhXldU4&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPADICaaN2so7EPHdhZ8_hKhqCvhjHIdm2wLf6qEmPek5nrU89LHKmXgOhiyLpdVCG0YCfQUiIiWribGp6BgB&template_id=5007&cbvp=2
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame EE64 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsti0A4gIXdjVLz8Sp3iUYw7CiEY7hKp88v6oeJ33HriR3sOSkgMWNxJUd_vBzZcskN1ePYc6eJgDy24TyUSCTja7rlphm0UhZvZu4L-rm9cD_VUnc9KbelWQOwmPyncLhqdeYsjfdeXuj_tJwrNV77WVymandIqDb6Ugm9q&sai=AMfl-YSj-A5oelOeS2YzHRefdlKGmTHwMeTRy4rKrjPn6TteZE_peYYJeQZg9pTnfk1bfzleBb_jKZwMnCG53bPt6Gd4tDjb16HfZ9L_XT6JWq_0-80HRe1DKWSJ006g9kBpkRgY-ez5zEgXNtMAq7l7OQ&sig=Cg0ArKJSzNVHgqlUDB1GEAE&cid=CAQSTwDICaaNM3WswWNMihuls6JrTi611oQk_CgWVkFyS97SGxC8tjMrJZocTtVVAMbYo3S7W5xTCGFCWVnAjYQajCh-cwdVdpaI-d_ai6SNjPYYAQ&id=ampim&o=799,844&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=2230&tls=3231&g=100&h=100&tt=3231&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2C68 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmt6y0bciVTCfzG_R7XpI6SSh3wC8nO7mtGf7Re-oHkxg1XrpZPgjXX7kK34s_NydDBcEfVs567thqcXTHc-LN3N5laC-YQwZHDQb4ngJe1rZ5inDOhda4puC_jWHvX633BbWx-Jy-zqNgzgdlMto293GBIEFKxWxamr0a&sai=AMfl-YSARWMMVgYOoApo8TKKjcSUxkht0Q8uSLyfaRW6a16L_CiORrV8l7xV7r1NTAjOLJddSYhnXr_UEwXRcLHxHy3stMGtm2PG0dE_9rSXBD3Q4UZJx8bHwti1TPYB&sig=Cg0ArKJSzPCqflRDjVZTEAE&cid=CAQSPADICaaNHmIrRTKEmgKbFhJ4-OaH9u3UZs6GiSet9_wxvALISF2MWvG-Tc1_zMMwZfPNTh3eqC7490vdHxgB&id=ampim&o=310,360&d=980,300&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=1299&tls=2300&g=100&h=100&tt=2300&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DD53 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthFfc_pMNUxtqXD0VARz2XMQNqVFID2IWGX2JyGb8R2hCtIvpJXSEyfZFryt93qkWqeNY5YLSQ7NPlTbGyMB-G95DC7XBavqIjzVEqJzVdkD0KrrZPo5fWnLADLtEOJs48sWgYxcec3qKs67OI34BQjfi4poiYQYMnfjUu&sai=AMfl-YRbp-PlIaUDTeVMH19MGZ5tNKi4Tjw3gYIJGgMvGNP4u0Mt3EEc6fh4FjGxHDgnWzpKhWabngVDhPL9v_bJkJU7kLFlqG9nzYF4Pvb3DbcDJN-QEg-zCcJ7mfh7&sig=Cg0ArKJSzO_1M-V63xNREAE&cid=CAQSPADICaaN2so7EPHdhZ8_hKhqCvhjHIdm2wLf6qEmPek5nrU89LHKmXgOhiyLpdVCG0YCfQUiIiWribGp6BgB&id=ampim&o=486,894&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=950&tls=1950&g=100&h=100&tt=1950&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: gl.modsforandroid.com
URL: https://gl.modsforandroid.com/en/app/1641486558/temu-shop-like-a-billionaire
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 84A7 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 84A7 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3533940&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
85fba440dc7cc1a574ec233f5f819cdcd2cd13241f9cd6ea77779ba76daa1b69

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 28 Nov 2023 15:13:12 GMT
content-length
1520
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 17B8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2804893853207294712&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2804893853207294712&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 15:13:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
bd4e4898-3aee-44b0-bf47-8f23921db41c
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 15:13:12 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2804893853207294712&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
86.48.15.68; 86.48.15.68; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame E294
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFZzVVN0t6QWNBQUJPRU4ycFlxQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAEg5U7KzAcAABOEN2pYqA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEg5U7KzAcAABOEN2pYqA&pid=558502&do=add&gd...
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEg5U7KzAcAABOEN2pYqA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1855738958334292245&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AAEg5U7KzAcAABOEN2pYqA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D1855738958334292245%26gdpr%3D0%...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3DCE18C4E1829D41A285822FE7C8C42357%26att%3D1%26pid%3D82%26cb%3Dhttps%...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3DCE18C4E1829D41A285822FE7C8C42357%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F...
  • https://sync.technoratimedia.com/services?srv=cs&nuid=CE18C4E1829D41A285822FE7C8C42357&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D18557389583342...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=1855738958334292245&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEg5U7KzAcAABOEN2pYqA&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEg5U7KzAcAABOEN2pYqA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 15:13:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 28 Nov 2023 15:13:12 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEg5U7KzAcAABOEN2pYqA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
ecm3
s.amazon-adsystem.com/ Frame DF19 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC60BC04E-54F2-45D0-9778-B22E55AE9DD3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Nov 2023 15:13:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ZKAV6ED1R8XHQN42JSCE
insync
thrtle.com/ Frame 84A7
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&vxii_pid=12&vxii_pid1=10067&vxii_rcid=f94fd300-150f-4a93-b66d-53ae534924ad
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&vxii_pid=12&vxii_pid1=10067&vxii_rcid=f94fd300-150f-4a93-b66d-53ae534924ad
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
3.232.123.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-123-49.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 28 Nov 2023 15:13:12 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&vxii_pid=12&vxii_pid1=10067&vxii_rcid=f94fd300-150f-4a93-b66d-53ae534924ad
date
Tue, 28 Nov 2023 15:13:12 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 84A7 		43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 84A7 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.50.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-50-245.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:12 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 84A7 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.32.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-32-195.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 28 Nov 2023 15:13:12 GMT
C60BC04E-54F2-45D0-9778-B22E55AE9DD3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 84A7 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C60BC04E-54F2-45D0-9778-B22E55AE9DD3?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.221.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-221-201.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 84A7
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6f45ba9d0258041d&is_secure=true&networkId=17100&version=1&nuid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB-kmpAui-CwNR_VXpAAAAAAA&expiration=1701270792&nuid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&...
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB-kmpAui-CwNR_VXpAAAAAAA&expiration=1701270792&nuid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 06:06:06 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:12 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAB-kmpAui-CwNR_VXpAAAAAAA&expiration=1701270792&nuid=C60BC04E-54F2-45D0-9778-B22E55AE9DD3&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 84A7
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c6dd1cea-b790-417a-88f6-49500e86c0f5&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c6dd1cea-b790-417a-88f6-49500e86c0f5&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 15:13:11 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c6dd1cea-b790-417a-88f6-49500e86c0f5&gdpr=0&gdpr_consent=
Date
Tue, 28 Nov 2023 15:13:12 GMT
Connection
keep-alive
X-CI-RTID
9a8784cf-4669-4b13-8918-dd4706ba2b9a
Content-Length
205
Content-Type
text/html; charset=utf-8
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 84A7 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_rx_n-Beeswax_ox-db5_smrt_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-baidu_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.39.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-39-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:12 GMT
ecm3
s.amazon-adsystem.com/ Frame C6FE 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=3FAkOUUEEkUntnUqey4b&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 15:13:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4YYNVQAA6SP883EWKMQY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/ Frame C6FE
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LPIH9CJV-1S-4EAX
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LPIH9CJV-1S-4EAX
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
23.22.130.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-130-111.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:12 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LPIH9CJV-1S-4EAX
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
sync
ads.yieldmo.com/v000/ Frame C6FE
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
  • https://ads.yieldmo.com/v000/sync?userid=bpPBDMKgqDGP&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
43 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=bpPBDMKgqDGP&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
23.22.130.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-130-111.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:12 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://ads.yieldmo.com/v000/sync?userid=bpPBDMKgqDGP&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-m75nm
expires
-1
pixel
cm.g.doubleclick.net/ Frame C6FE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M0ZBa09VVUVFa1VudG5VcWV5NGI=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame C6FE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1044240098
  • https://sync.1rx.io/usersync/tradedesk/751df1b2-159f-4fdf-b434-ea90b27fbc1b
  • https://sync.targeting.unrulymedia.com/csync/RX-5127db62-b4b2-4611-b0db-0573559fb579-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-5127db62-b4b2-4611-b0db-0573559fb5...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-5127db62-b4b2-4611-b0db-0573559fb579-005
43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-5127db62-b4b2-4611-b0db-0573559fb579-005
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
23.22.130.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-130-111.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:12 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-5127db62-b4b2-4611-b0db-0573559fb579-005
Date
Tue, 28 Nov 2023 15:13:12 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX5127db62b4b24611b0db0573559fb579005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
receive
pixel.tapad.com/idsync/ex/ Frame C6FE
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3FAkOUUEEkUntnUqey4b
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=e32df9e5-0a81-43ff-b07a-52c5f710a580&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=e32df9e5-0a81-43ff-b07a-52c5f710a580&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=88429566416353562420466934988573243224&pt=e32df9e5-0a81-43ff-b07a-52c5f710a580%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=88429566416353562420466934988573243224&pt=e32df9e5-0a81-43ff-b07a-52c5f710a580%2C%2C
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:12 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

dcs
dcs-prod-va6-2-v053-0527a3f70.edge-va6.demdex.com 3 ms
pragma
no-cache
date
Tue, 28 Nov 2023 15:13:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
T3REyDpETgA=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=88429566416353562420466934988573243224&pt=e32df9e5-0a81-43ff-b07a-52c5f710a580%2C%2C
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311140101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
7609c4fc86c10708947a7d961dbe4f30ff1dd575b3cb437db7158868c7049c65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12447
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 15:13:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A05D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gl.modsforandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
7963
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 13:00:30 GMT
expires
Wed, 27 Nov 2024 13:00:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3884 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f106.1e100.net
Software
GSE /
Resource Hash
4ee5f9970ce4d212313e380029ebf9e33396d0197a3c8aa05e6a8b001c84c820
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-giBIUqSCcZU05L0fYWhp1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gl.modsforandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-giBIUqSCcZU05L0fYWhp1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 15:13:13 GMT
expires
Tue, 28 Nov 2023 15:13:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame A05D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 12:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 12:30:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3884 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311140101&jk=761501723253472&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A05D 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WNXMjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 15:13:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311140101&jk=761501723253472&bg=!q6ilqOfNAAZxrfrxUa07ADQBe5WfOB2t_dpW8J5ilr5sMfUfhZAvrYX6Ednh__bWuUuBY9unG6hjK9UHTs9VQFRAO3tiAgAAAE1SAAAAA2gBBwoAb6zml8rKgqpCsncS4VwO9ogWSXJs9jTscrxHLAPDZ1BYtDcLC0_Up6oLZqBJDeHL4Y7zH8kCBDhzSePvXTpmTNVic-AUxsZYklPCqWsBFaKCLGSNt_KY8DRzMG09BMeIvbM_4gX91LJPGKRf3HSZtpkCwDWUFxsbFfSg-41s9KS1Dz-AgPp89WugePvD0QbP7aAUX5BTVVuzrD1uRLLg-3wpqXiHw5cyVwMdepxPi4d245ZC_djTTTd8gweGdvIaaQreUwC7VwJJGZ_ls0bNDAeKuIvrTLBfG1YYjqaQTaizLGyXS0nNfEzrrHKzsBkJeVlcJFucQt1cnSqE0jTWYErl9tQW2WozLss4soXeHP4B0Nv9siJGcqoFq_Q5RY-2ZZwf1ixyvBYBehm0lEwHzw_F9Ya-cabY4A7bsHoFQyy-jgbhkWKSxIRbUhke7qXYbPii_XZ-jGFHXrL5GaYkcHg68OBEPLWBIPVQ9H6_ko2Ofur1NCa0FIvcPx1SyRHVR6qVitWJ35_tLsb0GiT9FLRCWk9k0NA2J7W8zUBqMyhrE9_Cy1ukZWcpIsLIaBSkuLn723VWCLpMezqh3W0fTDzYt51-5qLPErcHLMYN-PQmxNiapJKFf5xCIHjrT0uS1131Ptevh4CD24v1X-GNcMg4KPieC8uJiX3Gycmtljd751d7HQBPo0nXGRwDfn5i24s0o0_ou_TJRE-njMbIWT_qtkdOgqcvCroizxNPbMeIOCEYUGhikcav5op98tIhcIY8I9DhOLe98Osjm-GA1fHt8a0ee1fR87GHM-1NjXmUyoWI3ybvC8xRsVajBMbKMIynzgO42Sq5EQcG1Ahi8pcI2FM7mJg3LVYHRcdK-PL_E-HJ3ta-CJ_LAGRTpTB3muc6kZFSAQrMrM-9ZBeCAeTHm4K9AhKxqGEV7Y1v8QDhnY33dLJSdyv3wfec2Y7D7YNxsMNpyZFPQFcjGkFQFiBzwucamsyrqs-hgiiUw67RPiBDxAaLrJfzrQH43Id-GZp3gGIr92pO0iSnEkbS-5C1K6vJnCBLVNEFRahLPc6ENGylwacaULWEqZDFYLMH0u6D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gl.modsforandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame BA53 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqPznufTKIdPO-aRxSZ0bhAXjtLLooz-kLhp_8ySbVAxDomorsJnrZ_a5H5VJ7qJdTDpf25DKFaj84A6h_tdTNOWs1xOdgbCS7LVr_X-6XqvZq-xtgY7o_zc_5mBJAluaIqgzW0MjFJg&sai=AMfl-YTOpYtXNQ4ETH_r3QZxnIRAvr42zCKOaqp12GddXj8GEx1pBWhGh_1GP6DbTUO2CEj4RVLS772Jmc8_HubBnbJBdyn-QcPGl6PABFSdtysQWG1gUPZhDspwwm6VYhni2ixFaP3Do4fKaY5BD6OANw&sig=Cg0ArKJSzLANqPzaI_NGEAE&cid=CAQSTwDICaaNM3WswWNMihuls6JrTi611oQk_CgWVkFyS97SGxC8tjMrJZocTtVVAMbYo3S7W5xTCGFCWVnAjYQajCh-cwdVdpaI-d_ai6SNjPYYAQ&id=lidar2&mcvt=1000&p=1708,307,1958,1277&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=110439033&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701184386664&rpt=2175&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad-hai/b-935e2f1-d3df8881.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 15:13:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid-stag.setupad.net
URL
https://prebid-stag.setupad.net/openrtb2/auction
Domain
lb.eu-1-id5-sync.com
URL
https://lb.eu-1-id5-sync.com/lb/v1
Domain
lb.eu-1-id5-sync.com
URL
https://lb.eu-1-id5-sync.com/lb/v1

Verdicts & Comments Add Verdict or Comment

345 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| documentPictureInPicture function| $ function| jQuery function| __d3lUW8vwsKlB__ object| stpdInterscroller object| dist function| inView object| googletag object| rows object| jQuery112406377478429156702 function| ym object| ggeac object| google_tag_data object| google_js_reporting_queue object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef object| ZjI1MDVkOGQ4NDQ1YTA4YWxvYWRlcl9qcw== string| ZjI1MDVkOGQ4NDQ1YTA4YWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady undefined| google_measure_js_timing object| google_reactive_ads_global_state object| pbjs object| regeneratorRuntime object| ox_esp object| _33across object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 function| findCMP function| _defineProperty object| stpdChunk object| stpd function| stpdPassback object| stpdSource string| clientContinent object| __stpdTags object| apstag object| aax function| stpdLog object| Ya object| yaCounter47987153 object| XMCQ1d function| XMCQ1w object| xop object| -ihn2q4ck7i8 object| 1kq9zggv2zuo object| _aps boolean| apstagLOADED object| apscustom object| wiZUkt2 function| wiZUkt3 function| xblocker object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded function| ha object| cnvr_launcher_options object| OgQ9SX function| OgQ9SB object| xblacklist object| ID5 object| __id5_instances function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| hadron boolean| __halo_loaded__ object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| conversant object| PublisherCommonId object| au number| google_unique_id object| gaGlobal object| auvars object| publink_options object| coreid boolean| 116c5be6-8f9f-43a5-afcf-c92249c3c493 boolean| DFPMessageEnabled function| docReady object| autag string| GoogleAnalyticsObject function| ga object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| gaplugins object| gaData object| GoogleGcLKhOms

108 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ69_2s8ExCgoIkQIQ69_2s8ExCgoItAIQ69_2s8ExCgoI5gEQ69_2s8ExCgoIhwIQ69_2s8ExCgoItwIQ69_2s8ExCgkIOhDr3_azwTEKCgiMAhDr3_azwTEKCQhfEOvf9rPBMQoJCB8Q69_2s8Ex
gl.modsforandroid.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkYyWTR2TmhLd083NmlGc1ZheVJDNlE9PSIsInZhbHVlIjoiOU8ybVBvZjdpTDcyQmN6ZXZmck55djhNdW4xdXlaRGlTRlV6bnJCcmNYcFRNZzBVanVTZUVWaHMyR0UxQlRPdCIsIm1hYyI6ImIxY2NlMTNkMDc5ZTI4ZmU1NWQ5ZGI3ZmMwN2VkM2M5NTk2ODFmOWI2NWFlZmZkODVhYTAwNDhjYTgzYTQxYmYifQ%3D%3D
gl.modsforandroid.com/ Name: laravel_session
Value: eyJpdiI6IjM2b0t2WUM0QmdCVlRaNGJWKzNUYlE9PSIsInZhbHVlIjoiU0VnV3owQ3NFUjlXY0t1cVRGZkN3ZlNHNG04dE41QWIwanorTHlUYW1ZZFZUWUZ5OTVxUVZDU2dpU2dUQU13NSIsIm1hYyI6ImU5MmMyYmU4NjM2ZTM1NjI3NjcxYzE0YTRjMDQ0N2Y2MjkxZWZmZmQ4YmM2M2E5YzEyNTdiZTM4MDEyYzM0MWYifQ%3D%3D
.modsforandroid.com/ Name: lotame_domain_check
Value: modsforandroid.com
.openx.net/ Name: i
Value: e385cc46-971d-4de5-997b-a3e5bf494e4a|1701184383
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 4e5dcac9139e72cf40219d9e8c6824b2
.modsforandroid.com/ Name: _cc_id
Value: 4e5dcac9139e72cf40219d9e8c6824b2
.modsforandroid.com/ Name: panoramaId_expiry
Value: 1701270783967
.yandex.ru/ Name: i
Value: eexc71qqc7ZpCLyBbYR1+1BgBB6eeXO7lPoY8MRhmA/W+MM8b98PHokGfA44IAoC2niYx1tzVvCZl1Qwh3e06cDh1gU=
.yandex.ru/ Name: yandexuid
Value: 8931652551701184383
gl.modsforandroid.com/ Name: stpdOrigin
Value: {"origin":"direct"}
gl.modsforandroid.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.modsforandroid.com/ Name: _ym_uid
Value: 1701184384914406958
.modsforandroid.com/ Name: _ym_d
Value: 1701184384
.modsforandroid.com/ Name: cto_bundle
Value: xcj2mV9sU0NkcVpoNWRKUVdxcm9FOFkwTmxNTjN5ZWk3Q0NoWXIlMkZKRklkbXY2M2NKWU9SR0x5JTJGUEJrMHVPeDM2RXVHZFNPT2FSMVROR0tqOEw5MDBta2FpRlFIaklrdXNnbVBVa25uazdaM2pPU0QlMkZGWFlVMjNHb2NFaFFZOFhqTjQwMQ
.modsforandroid.com/ Name: cto_bidid
Value: Nj0lZV80THJhdkVHc1dHc0lmTEtNcDdrbU85SHhRZUpSaXhXU21xR01BUHcwam1UNnNsbUlMeEUlMkJZb0tmbVFLTEdRRjdSR0Z1SzVZb2plVlR0OU9QdWtYcElRJTNEJTNE
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2257198535fake
.modsforandroid.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1317188339fake
.yandex.com/ Name: yandexuid
Value: 8931652551701184383
.yandex.com/ Name: yuidss
Value: 8931652551701184383
.yandex.com/ Name: i
Value: eexc71qqc7ZpCLyBbYR1+1BgBB6eeXO7lPoY8MRhmA/W+MM8b98PHokGfA44IAoC2niYx1tzVvCZl1Qwh3e06cDh1gU=
.yandex.com/ Name: yp
Value: 1701270784.yu.4215508011701184384
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.modsforandroid.com/ Name: _au_1d
Value: AU1D-0100-001701184385-W9QITQVP-TH09
.modsforandroid.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE3MDExODQzODUsInR0ZCI6MTcwMTE4NDM4NSwicHViIjoxNzAxMTg0Mzg1LCJydWIiOjE3MDExODQzODUsInRhcGFkIjoxNzAxMTg0Mzg1LCJhZHgiOjE3MDExODQzODUsImdvbyI6MTcwMTE4NDM4NSwidW5ydWx5IjoxNzAxMTg0Mzg1LCJjb2xvc3N1cyI6MTcwMTE4NDM4NX0%3D
.3lift.com/ Name: tluid
Value: 1323980097837956547258
.tapad.com/ Name: TapAd_TS
Value: 1701184384956
.tapad.com/ Name: TapAd_DID
Value: e32df9e5-0a81-43ff-b07a-52c5f710a580
.adnxs.com/ Name: uuid2
Value: 2804893853207294712
.adsrvr.org/ Name: TDID
Value: 751df1b2-159f-4fdf-b434-ea90b27fbc1b
.amazon-adsystem.com/ Name: ad-id
Value: A8j5yGqSmEt1sOAcIzdGKFU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
mc.yandex.com/ Name: yabs-sid
Value: 2661453571701184384
.yandex.com/ Name: ymex
Value: 1703776384.oyu.4215508011701184384#2016544384.yrts.1701184384
.yandex.com/ Name: bh
Value: KgI/MA==
.adnxs.com/ Name: anj
Value: dTM7k!M4/YDunaTF']wIg2Hb[a+E9i!1yIE'Yg-$<8jIk*2o))4Km!J`c:dF^ZelG5VgQ$4KurK4>:`/GsMz%=sO)uXs6>J7y:.a
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIxMzIzOTgwMDk3ODM3OTU2NTQ3MjU4IiwiZXhwaXJlcyI6IjIwMjQtMDItMjZUMTU6MTM6MDVaIn19LCJiaXJ0aGRheSI6IjIwMjMtMTEtMjhUMTU6MTM6MDVaIn0=
.doubleclick.net/ Name: IDE
Value: AHWqTUnjmbUAOD6g0pFinFdtCwFplDc_DuuPV-YXw7JL5P0SiqrxY5HtJYEDn9rdLVE
.openx.net/ Name: pd
Value: v2|1701184385|vMgavPkWgy
.linkedin.com/ Name: li_sugr
Value: e920571f-df64-4305-9e09-e119b6c31361
.linkedin.com/ Name: bcookie
Value: "v=2&2fb6ffb7-892d-49a7-8742-3e463a670beb"
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3156:u=1:x=1:i=1701184385:t=1701270785:v=2:sig=AQHdgY7y2lKjuASfJ-CEEb7Iadrvfvtd"
.rubiconproject.com/ Name: khaos
Value: LPIH9CJV-1S-4EAX
.openx.net/ Name: univ_id
Value: 537072971|751df1b2-159f-4fdf-b434-ea90b27fbc1b|1701184385248539
.ad.gt/ Name: au_id
Value: AU1D-0100-001701184385-W9QITQVP-TH09
.turn.com/ Name: uid
Value: 2506387012964920555
.csync.loopme.me/ Name: viewer_token
Value: 2dee24cc-0a3d-41bd-a605-6c3406cc2e0b
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5127db62-b4b2-4611-b0db-0573559fb579-005%22%7D
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.modsforandroid.com/ Name: __gads
Value: ID=d4fa2af4e2f2a4b3:T=1701184384:RT=1701184384:S=ALNI_MbRTIIL70EaGqaMzEGijLltg680nA
.modsforandroid.com/ Name: __gpi
Value: UID=00000da462cb7259:T=1701184384:RT=1701184384:S=ALNI_MaX1QLJpQeTLIokyHY6x7qY4pqSyg
.bidswitch.net/ Name: tuuid
Value: 2e91d863-f89d-45bb-9aa9-d8270df82910
.bidswitch.net/ Name: c
Value: 1701184386
.sharethrough.com/ Name: stx_user_id
Value: ff1fd46e-a9b5-4b8e-95c5-83dad1fec44f
.mediago.io/ Name: __mguid_
Value: 1b7de7e824d70101294i8900lpih9die
.bidswitch.net/ Name: tuuid_lu
Value: 1701184387
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ3-7Z-KEBwwGpyqCcXA4nYmyILtyQkZuCI_GqYS35mLWnYpQIWr2zz2d6pQC4TM1
.zemanta.com/ Name: zuid
Value: 5edrGJD_vo6C4DQRsQkg
.smartadserver.com/ Name: pid
Value: 1855738958334292245
.bidr.io/ Name: bito
Value: AAEg5U7KzAcAABOEN2pYqA
.bidr.io/ Name: bitoIsSecure
Value: ok
.modsforandroid.com/ Name: _ga
Value: GA1.2.1335805097.1701184385
.modsforandroid.com/ Name: _gid
Value: GA1.2.1272469579.1701184389
.doubleclick.net/ Name: DSID
Value: NO_DATA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C60BC04E-54F2-45D0-9778-B22E55AE9DD3
.modsforandroid.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-gs2Kysz7HNYoTGfOGeU2-mT_-XFUjvKPJf6XGvy3X7Cwyfu-_ya4u-HSacYJMe_L-KDhN9p6zD1rkDIY8GzpwZsPlCy75IyPhBqL4Jndvf1sB64CkK_D7TPp1tufgvSYJo1unw0eeMu445jidz1Vtr-usMg%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22274%22%5D%5D%5D
.simpli.fi/ Name: suid
Value: E3B931972A0E4668B2E412497DE90CFB
.yahoo.com/ Name: A3
Value: d=AQABBIEDZmUCEEEHAWJxR5CFVehPdSHU2msFEgEBAQFVZ2VvZQAAAAAA_eMAAA&S=AQAAAsuO72k9R5JzOEmm2I5Uh6I
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2fb3:18y3~2fb3"
.doubleclick.net/ Name: APC
Value: AfxxVi49BMLsMyWs4XTvQklqZ2Ma-fuQZdbgwJerR4XLTDq7MD9aMA
.googleadservices.com/ Name: ar_debug
Value: 1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156011:4
.pubmatic.com/ Name: DPSync3
Value: 1701216000%3A248%7C1701734400%3A265%7C1702339200%3A262_261_260_259_263_201
.pubmatic.com/ Name: SyncRTB3
Value: 1702339200%3A13_250_220_21_54_71_3_104_166_178%7C1701734400%3A223_15
.yieldmo.com/ Name: yieldmo_id
Value: 3FAkOUUEEkUntnUqey4b%7C1701129600000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: pp%3D1182218%7Crc%3D1182218%7Cunl%3D1182218%7Ctapad%3D1182218%7Cdv360%3D1182218
.dotomi.com/ Name: DotomiTest
Value: 6f45ba9d0258041d
.contextweb.com/ Name: V
Value: bpPBDMKgqDGP
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 736b0367d54da2e2
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_a594ca43-8e00-11ee-9bfa-12fa6b58ae11
.kargo.com/ Name: ktcid
Value: 3fca5027-b955-05fb-5b96-54ba2e4d9ea8
.rubiconproject.com/ Name: audit
Value: 1|a8J54URYBfXJagTAM2c4QHzNfZK/NPGkMfhD34tsNdlANEhL6jmjsojfLuyox92wqkctpbGXsfVBK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPMXP81VeBBoLud3yJOBjawmdfVwi49lcLbQpb7EmG8F9zY7yoJVHQ3jeJRBGYIPH7rKpUjWTmmg0
.bfmio.com/ Name: __187_cid
Value: C60BC04E-54F2-45D0-9778-B22E55AE9DD3
.bfmio.com/ Name: __io_cid
Value: 4e1e7114b8bdd58b9cff34ea01681ace4ae1fda9
.ipredictive.com/ Name: cu
Value: c6dd1cea-b790-417a-88f6-49500e86c0f5|1701184392439
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o8y|7TZ.0.1|7dN.0.AAEg5U7KzAcAABOEN2pYqA
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCJ7_9drRi7g8EAUSFAoFdGFwYWQSCwjKzKrb0Yu4PBAFEhsKDHNoYXJldGhyb3VnaBILCNagvvPRi7g8EAUSFwoIcHVibWF0aWMSCwjquuKG0ou4PBAFGAEgASgCMgsI9om0zuiLuDwQBTgBWgthZGNvbmR1Y3RvcmAC
.thrtle.com/ Name: mc
Value: eyJpZCI6ImY5NGZkMzAwLTE1MGYtNGE5My1iNjZkLTUzYWU1MzQ5MjRhZCIsImwiOjE3MDExODQzOTI0NDMsInQiOjF9
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5127db62-b4b2-4611-b0db-0573559fb579-005%22%2C%22nxtrdr%22%3Afalse%7D
.demdex.net/ Name: demdex
Value: 88429566416353562420466934988573243224
.ads.yieldmo.com/ Name: ptrrc
Value: LPIH9CJV-1S-4EAX
.ads.yieldmo.com/ Name: ptrpp
Value: bpPBDMKgqDGP
.dpm.demdex.net/ Name: dpm
Value: 88429566416353562420466934988573243224
.smartadserver.com/ Name: csync
Value: 127:AAEg5U7KzAcAABOEN2pYqA
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7983-2!7983-3!7983
.ads.yieldmo.com/ Name: ptrunl
Value: RX-5127db62-b4b2-4611-b0db-0573559fb579-005
.technoratimedia.com/ Name: tads_uidp_73
Value: AAEg5U7KzAcAABOEN2pYqA
.technoratimedia.com/ Name: tads_uid
Value: CE18C4E1829D41A285822FE7C8C42357
.technoratimedia.com/ Name: tads_uid_cd
Value: 20231128151312+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.casalemedia.com/ Name: CMID
Value: ZWYDiGxMiqTtrUoP1gDLuQAA
.casalemedia.com/ Name: CMPS
Value: 1364
.casalemedia.com/ Name: CMPRO
Value: 1364
.technoratimedia.com/ Name: tads_uidp_82
Value: ZWYDiGxMiqTtrUoP1gDLuQAA&1364

7 Console Messages

Source Level URL
Text
security warning URL: https://tagan.adlightning.com/setupad-hai/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/setupad-hai/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/setupad-hai/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/setupad-hai/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/setupad-hai/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/setupad-hai/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20C60BC04E-54F2-45D0-9778-B22E55AE9DD3&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.yieldmo.com
ajax.googleapis.com
amazon-tam-match.dotomi.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bea868347b73d01d710df4f7556f81eb.safeframe.googlesyndication.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connectid.analytics.yahoo.com
crb.kargo.com
csync.loopme.me
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gl.modsforandroid.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
invstatic101.creativecdn.com
is2-ssl.mzstatic.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
node.setupad.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.ad.gt
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
pr-bh.ybp.yahoo.com
prebid-stag.setupad.net
proc.ad.cpe.dotomi.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adentifi.com
s.amazon-adsystem.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
setupad-hai-tagan.adlightning.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-us.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
stpd.cloud
sync-amz.ads.yieldmo.com
sync.1rx.io
sync.bfmio.com
sync.colossusssp.com
sync.ipredictive.com
sync.outbrain.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tagan.adlightning.com
tags.crwdcntrl.net
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
lb.eu-1-id5-sync.com
prebid-stag.setupad.net
100.25.92.92
104.17.25.14
104.18.30.49
104.22.4.69
104.22.5.69
104.22.52.173
104.22.52.86
13.107.42.14
13.249.42.27
141.95.98.65
142.250.31.132
142.250.31.155
142.250.31.94
142.251.111.95
142.251.16.156
142.251.16.94
142.251.167.106
15.197.193.217
151.101.193.229
159.127.42.146
159.89.25.223
162.248.18.37
172.240.155.116
172.253.115.149
172.253.115.155
172.253.122.132
172.253.122.95
172.253.62.132
172.253.62.154
172.253.63.102
172.253.63.155
172.64.151.101
172.64.152.89
172.67.23.234
172.67.68.162
18.160.1.134
18.160.10.118
18.160.10.20
18.160.46.100
18.67.65.75
184.28.136.25
184.31.61.14
192.53.122.254
193.122.128.135
198.148.27.131
199.127.204.142
209.54.182.161
216.22.16.40
216.22.16.52
216.34.207.140
23.218.1.25
23.22.130.111
3.162.125.90
3.215.27.95
3.225.218.10
3.232.123.49
3.233.113.93
34.102.146.192
34.111.113.62
34.120.107.143
34.202.221.201
34.96.70.87
35.194.66.159
35.208.249.213
35.211.178.172
35.214.167.128
35.244.159.8
35.71.139.29
37.157.2.229
40.76.134.238
44.209.50.245
50.116.194.21
51.222.239.230
52.4.32.195
54.161.205.127
54.162.226.62
54.162.57.130
54.175.39.171
64.202.112.31
64.38.119.43
64.74.236.95
68.67.160.137
74.119.119.129
74.119.119.131
74.119.119.139
74.119.119.150
8.28.7.81
8.28.7.83
8.28.7.84
8.43.72.98
87.250.251.119
99.84.222.71
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0828ff138959647667235067a0290defa35f9000217b30ce6a5b21c1cfc61ef3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c80e49383a4110fa3a1eaef736cef38ac99e2ea529c2ce493b7c46ac7f03208
0ccb805e5fa40dbff2de05a39cd5159b889a2bf441605300ee749085d70e1534
0f1a0ad12205a0cd6724635e9ee5ce1bbb2fdc9553f04aa1fcaab28dfa5d4475
16157006c912d2a3911dde19b2778799cafb3e30cf976353dbd6413c5e99ceb1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1844de70f8a19e1bb882b6f7a1161affa42ebe90640ab3415b44819251de0843
18478ed8e022b1dafea066b54657927860919a8ab2db2b37ae9527894482117a
184e7803648009592cfe4e896371ed60808e61a58c880066a90ea34d73c9fbd2
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1911bd1f17e830dd09e6f1be1e79016d3013b542c38b9a0e467313b94808ade4
1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89
1d18a0e2bf140e1155006eae971ee4dcb1861eff0e9e2eb50b1610fc582263e7
20827f3919adfa45d4fdea53ad8be9205c46378ae28db51cb87d111cbcfa87b5
2094652ea4eab8436cd0c53b3b5513ccddffc5ccc301e9e6eb3c998a0903aa3e
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b
259512e688bddaf6af7bfa1505e61258cffce118064087ae5bdba212fb992f29
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
27931fd217e871b8a5cb063b0897599cedc7ac10163d28b33e8dd99f8d196dec
28dd8e78831ecfac5f553cf7673c1215419913ab662aefcd27f6b77c68d7a54f
2914e819eb164f610f08c4508b29f98bb5cdc4ca4c6916aad9e03e224571d750
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f6bdd6aea5d6f5be15ca05158a78ad3c0bc4535c25f8a08d949baac48a699fd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38f2460d0090ba60c7cf2c600869c7cfe62f510d93b064cf951756e6be761bef
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d13a779e1e3252005d139450747164e94e7b4814f7b63cb9694c6bc0d38b861
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebcc90cf659bfe3a93df6f0371b1ceb3a833ab4fdfdf0123782b202992bc6d6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42a4e1d7b394fac00dbe84bd3657b38ee1aaf9460a22b6f2e0727983ffde20a0
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
452967d6778dbfa89dc0360fe3021a9ecb86f5a08affc6375671a590d87c0760
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a2227fc9caeefb1e5d27fe96202d25b10703b2b85b155472d4d563c80908f4f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d8fc43bffbe520fcff9f4818daaa59adba984204ac253fb4ce9d2f921a737c8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee5f9970ce4d212313e380029ebf9e33396d0197a3c8aa05e6a8b001c84c820
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58290dbbbf9e3a85467af2fc14a2c2037312afc418d4698983725d744d6e2b13
58dc4bee0e72ec8f293e0e0b314a04c73ea7ae4b5d6335eacbe45a7b0fed758e
5a6e3810a016fc6175c4bbbf8693aee9c0b515fad1396ac4cde8403aa7e687fd
5aaec1a613cf2bbe21ceed5996b16ef37a600a65680e34d0a3de13c09456513d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633bca05c44befc246a6b19a1e88a63cb46ba27be40801d28415d8f3a959919a
63d5192505ddd6af59e7de1e2b706556837077c8f116fb710f73da929733d84d
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6814bbe13dc4841f8139a3df5c0836d361b08e16390d65a7dc885095dd004f9f
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879
6aa8e9f89442ed5ac58d1dda0f543105216ce2b668c3acf728036c0028eeec77
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b7154e71ef7544e0491a78da0ceb7181b670c7d259b90805620b7d76b513d06
6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
756c4fe6f9911423dbc4b241b2c9fd5c40d1d5310e7c82abecb95e102c59b07c
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
7609c4fc86c10708947a7d961dbe4f30ff1dd575b3cb437db7158868c7049c65
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7a0461f9b9eb2a31aee19957ca35ffb910e9f6db97637ea0a9b94697d23b4324
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7de4625b02b51e38a98e3c31cbcfde04cdf11d203ce8932d67109440fc1543ed
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8012b2f23bf51f1982ac07e703f49a09dded11a4bf76326106c7c9893da8867e
85fba440dc7cc1a574ec233f5f819cdcd2cd13241f9cd6ea77779ba76daa1b69
86f7523fd3bff5a6464ace1e296b6e5c864b4a444d833b4decd992da40f658cd
879844f1add4207049e29b19fd91d4999303a54a9cdfc3dd741fc48cac374452
8a2770268fb74d2f9c0463b4b836e2764c553e1ad4e914ae2bc1c31a9230ab78
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
978f46f059f8b7580f0ace9c2a00175c926cb91b1bb69d1b39d7fd3a9e8582ad
992052b3f5033727a2aa70a6d5b4acf2012f63a951e528fc4675307414fff6e7
9a42ab0f0f5f0eb12e84cde79bc62ca2070f3d385b4e3eaa3452bc4095ba2e25
9fabb04bc6053a78538621f0c95edf9eed38d9914ff5d3c68b4cb3227ed96aaf
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad16f2f68023c2158c052d32d5b9558570236f3079faa0895a09c9b19f36cc70
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc40963b8c952c03fd4511d06e6805d6d27b86c4f0c6a12cc0eb87e61484197a
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bcf4acc65924082a4cc2548efbbdd4ae705017a3882a6b00ec0b91dd0f74550b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c33f40ab939ca2d48b1aae408ad1a69c0d758f0d8cccf8fab6d78ec5a8524f54
c3d606568f389989dd02561ca2b0d20d29eeb477ed633a690a518879748f487a
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c95854c0186798febbe2964481c8237ba90e782784c5039ad3af9fc128cd788b
ce8f0fb95df3621397a6873332651103b96dd71088c41ca1cc6d897df5442c24
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d48116b0df6d85cf02b5e5b6d79b359dca13842991218f61911835387f158ab5
d6ef3fd5623ae5008fa3c70b222291c40e4dcfa493ea5d4ce2b066e0788b1edc
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d8bcc2a38d6a7d4ad1cc2a8fa0c813449fa93b1b04add2550cde0b13139e8aa2
da0e198465d5269570780f6cc96ce3062bc92ede139dc279a39499a1f814bf96
dd3997b4575c043588f5080499bb622e9f0d395bf9ea885bc2c9eda8a6fd60df
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de49d6fcb8fd60805ec73f3a148055e721e7dbadc5eefcd014c0fe13bcc80599
e21550d798d78297c17767601bf03c13e13c88001332d3dbe0f343aabc6543bf
e2651c08f7fa61aa39c3ffea1803795a9da8e14f04f9a53abe127af4eaeceef9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74d0b39c9d1502d450f265195c3848146b09baf56b16d0609c679f7c429087d
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ed8944fef483f12fd4053722824ca9e05856a250d6c6d6869f5a547096a2c71a
eeaaf718f8ca1e38f84bd43ffee1ae099ae5b39616a9e2a4eebccc24e19fe572
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48