www.apkhere.com Open in urlscan Pro
2606:4700:10::ac43:499 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://m.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Effective URL:
https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Submission Tags: falconsandbox
Submission: On August 11 via api (August 11th 2022, 2:02:59 am UTC) from US — Scanned from DE

Summary HTTP 154 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 38 IPs in 5 countries across 38 domains to perform 154 HTTP transactions. The main IP is 2606:4700:10::ac43:499, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.apkhere.com. The Cisco Umbrella rank of the primary domain is 476592.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 30th 2022. Valid for: a year.

This is the only time www.apkhere.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	2606:4700:10:... 2606:4700:10::ac43:499	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	94.31.29.32 94.31.29.32	33438 (STACKPATH) (STACKPATH)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
5	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	45.55.47.38 45.55.47.38	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	34.197.60.25 34.197.60.25	14618 (AMAZON-AES) (AMAZON-AES)
4	18.158.191.240 18.158.191.240	16509 (AMAZON-02) (AMAZON-02)
2	34.224.253.29 34.224.253.29	14618 (AMAZON-AES) (AMAZON-AES)
2	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.236.83.94 34.236.83.94	14618 (AMAZON-AES) (AMAZON-AES)
4	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	18.66.139.100 18.66.139.100	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
4	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	23.35.236.201 23.35.236.201	() ()
1	18.66.112.30 18.66.112.30	() ()
154	38

32 2606:4700:10::ac43:499 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

m.apkhere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.apkhere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.apkhere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.apkhere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.31.29.32 (London, United Kingdom)

ASN33438 (STACKPATH, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.47.38 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-us-ny-13.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

buysellads-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.60.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-60-25.compute-1.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.158.191.240 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-191-240.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.224.253.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-253-29.compute-1.amazonaws.com

mantodea.mantisadnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

629360e506d8cc634ad590e69130197f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.139.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-100.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.30 (None, )

ASN- ()

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	apkhere.com 1 redirects m.apkhere.com — Cisco Umbrella Rank: 560648 www.apkhere.com — Cisco Umbrella Rank: 476592 s.apkhere.com data.apkhere.com — Cisco Umbrella Rank: 760617	104 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 629360e506d8cc634ad590e69130197f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	79 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com	647 KB
12	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 118 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	438 KB
10	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 98	91 KB
8	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 238 cdn.adnxs.com — Cisco Umbrella Rank: 1351 fra1-ib.adnxs.com — Cisco Umbrella Rank: 6801 acdn.adnxs.com	63 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 792	400 B
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 732 gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755	8 KB
4	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1301	453 B
3	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 518 ads.pubmatic.com image6.pubmatic.com Failed	12 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 2580 mp.4dex.io — Cisco Umbrella Rank: 3595	24 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	115 KB
3	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 14269	202 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 627	57 KB
2	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1772	44 KB
2	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1033 ups.analytics.yahoo.com Failed	410 B
2	mantisadnetwork.com mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 14798	830 B
2	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 1885 public.servenobid.com	4 KB
2	openx.net buysellads-d.openx.net — Cisco Umbrella Rank: 45891 u.openx.net	468 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 423	10 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8117	792 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4534	708 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 16176	671 B
0	adsrvr.org Failed match.adsrvr.org Failed
0	yabidos.com Failed pixel.yabidos.com Failed
0	disqus.com Failed ssp.disqus.com Failed
0	a-mo.net Failed prebid.a-mo.net Failed
0	sonobi.com Failed sync.go.sonobi.com Failed
0	rfihub.com Failed p.rfihub.com Failed
0	1rx.io Failed sync.1rx.io Failed
0	yieldlift.com Failed x.yieldlift.com Failed
0	lijit.com Failed ce.lijit.com Failed ap.lijit.com Failed
0	rubiconproject.com Failed pixel.rubiconproject.com Failed
0	casalemedia.com Failed ssum-sec.casalemedia.com Failed
0	smartadserver.com Failed ssbsync.smartadserver.com Failed
0	gumgum.com Failed g2.gumgum.com Failed
154	38

	Domain	Requested by
23	s.apkhere.com	www.apkhere.com s.apkhere.com
11	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com tagan.adlightning.com www.apkhere.com www.googletagservices.com
9	www.google.com	1 redirects www.apkhere.com www.gstatic.com www.google.com tpc.googlesyndication.com googleads.g.doubleclick.net
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net
7	data.apkhere.com	www.apkhere.com
6	googleads.g.doubleclick.net	tagan.adlightning.com googleads.g.doubleclick.net
6	fonts.gstatic.com	www.google.com fonts.googleapis.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.apkhere.com
4	fra1-ib.adnxs.com	tagan.adlightning.com cdn.adnxs.com
4	onetag-sys.com	cdn4.buysellads.net public.servenobid.com
4	btlr.sharethrough.com	cdn4.buysellads.net
3	www.googletagservices.com	cdn4.buysellads.net securepubads.g.doubleclick.net googleads.g.doubleclick.net
3	cdn4.buysellads.net	www.apkhere.com
2	ads.pubmatic.com	cdn4.buysellads.net public.servenobid.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	tagan.adlightning.com	www.apkhere.com
2	c2shb.ssp.yahoo.com	cdn4.buysellads.net
2	ib.adnxs.com	cdn4.buysellads.net acdn.adnxs.com
2	mantodea.mantisadnetwork.com	cdn4.buysellads.net
2	script.4dex.io	cdn4.buysellads.net script.4dex.io
2	www.google-analytics.com	www.apkhere.com www.google-analytics.com
1	public.servenobid.com	cdn4.buysellads.net
1	acdn.adnxs.com	cdn4.buysellads.net
1	u.openx.net	cdn4.buysellads.net
1	mug.criteo.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	cdn.adnxs.com	tagan.adlightning.com
1	cdn.jsdelivr.net	tagan.adlightning.com
1	629360e506d8cc634ad590e69130197f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	hbopenbid.pubmatic.com	cdn4.buysellads.net
1	mp.4dex.io	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com
1	buysellads-d.openx.net	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.apkhere.com
1	m.apkhere.com	1 redirects
0	match.adsrvr.org Failed	mantodea.mantisadnetwork.com
0	pixel.yabidos.com Failed	mantodea.mantisadnetwork.com
0	ssp.disqus.com Failed	public.servenobid.com
0	ups.analytics.yahoo.com Failed	public.servenobid.com
0	prebid.a-mo.net Failed	public.servenobid.com
0	sync.go.sonobi.com Failed	public.servenobid.com
0	p.rfihub.com Failed	public.servenobid.com
0	sync.1rx.io Failed	public.servenobid.com
0	x.yieldlift.com Failed	public.servenobid.com
0	ap.lijit.com Failed	public.servenobid.com
0	ce.lijit.com Failed	public.servenobid.com
0	pixel.rubiconproject.com Failed	public.servenobid.com
0	ssum-sec.casalemedia.com Failed	public.servenobid.com
0	ssbsync.smartadserver.com Failed	public.servenobid.com
0	g2.gumgum.com Failed	public.servenobid.com
0	image6.pubmatic.com Failed	ads.pubmatic.com
154	59

This site contains links to these domains. Also see Links.

Domain
m.apkhere.com
en.apkhere.com
cn.apkhere.com
ru.apkhere.com
ja.apkhere.com
ko.apkhere.com
pt.apkhere.com
it.apkhere.com
nl.apkhere.com
de.apkhere.com
es.apkhere.com
fr.apkhere.com
tw.apkhere.com
ar.apkhere.com

Subject Issuer	Validity	Valid
apkhere.com Cloudflare Inc ECC CA-3	`2022-04-30` - `2023-04-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2021-08-03` - `2022-09-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-06-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
ads.servenobid.com Amazon	`2022-05-29` - `2023-06-27`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.mantisadnetwork.com Amazon	`2021-10-14` - `2022-11-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.adlightning.com Amazon	`2022-06-09` - `2023-07-07`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.servenobid.com Amazon	`2022-02-06` - `2023-03-07`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Frame ID: 412A22CAF220C46FAE4E8F2E9B648658
Requests: 70 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5lBgUAAAAACRY7Tb2-GPjEJxH2fJTmreZafPd&co=aHR0cHM6Ly93d3cuYXBraGVyZS5jb206NDQz&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=p21fobui17p5
Frame ID: 4ABED30C93A4D3A21DADED568936E193
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&k=6Lc5lBgUAAAAACRY7Tb2-GPjEJxH2fJTmreZafPd
Frame ID: 20D20B9D48BF8F0A444472D6C4AD0518
Requests: 12 HTTP requests in this frame

Frame: https://629360e506d8cc634ad590e69130197f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 41F21A32C6A92154A3948EBF68F21FD0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIm_RQnC5I6Tt1A-64mvYzxCnIqbEtTCAlPADUX6SPeD0HlgjzBD4wRfBGa0-_t9CtxkAPzOKFKdF-gCm1bH37KHIQAJNvz9PFKo_GJD8jA0TROjzZn9Wtc24E3vkjnzM2YMBbZ_zAIDrVcqEc6VWX5JvIa7wuOBJnI9O3JTEIaPMSNsP6vcN2xWJH1lpzsSt4ninh_pomyw8uPX8yvQKzolK-Q0rj6i8zdK4G2j3Vn3oW1l0QHFLR4Gbh0_51EphEhBwRKTY0WlSECi7aCSbnJbAkPq5P8Rsaejf1UORHdtnfhfQS18cUKIbL1nsiLVr5CTtIE_9jMFeWon-eBceZjw&sai=AMfl-YQCnu2hNDX25SEOV6JIMLBMh9UUUJ3VBNmi5Y-6NNeNLez-To2Cdw2AeRJxL0I8O40Vae_eEgZQFYWIkwjhipzfrZPFNkTW4F2UlyfuUaGFv-eoU7VjY4cLvwEEuD8-QQ&sig=Cg0ArKJSzPIsWuy86TFREAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BB031329E1E4BB13592DA361FD8BD344
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C1A13C9D317B326D41032261C3FFF36E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 99B4F0E0308C48C2688FB8F4D0E4988B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: EFA262D9348D20F95F0AB48E39BDE1B5
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: 63213BEC60F082F879C18F0BF0A73461
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FD36FDD6A64372582B0C4D9359DF67C7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Frame ID: 455F0551E4481CB2E1A05283EE8617BA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.apkhere.com
Frame ID: 7A87720DD4705148E93600AA5800D5D3
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1660183374710
Frame ID: 612713547AA4E736E67BD6EFCC6378FC
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 510F8A48255CB8537464363DE0A2BEB1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5B853AB60F800D112CB1F9C6F94443B5
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: D8B100D2467ECAA802FCF5651512925F
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 162A9F7265A4EA5B3E0B805CCE23DC73
Requests: 13 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1660183375026&secure=true&version=9&title=Herunterladen%20Five%20Nights%20at%20Freddy%27s%203%201.07%20apk%20paid%20-%20ApkHere.com&url=https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid
Frame ID: EC57A38E6B8F3266226CB9621E075D78
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: B81CEE387BA18F0083B98E1FAB7769F7
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: E8B167C167DACC4D7126986A214BE418
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 0E299DC8EDC2B10841A29442325915B5
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 0EA6E683B41F0C8FD464BF881E10DA0E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 6FA74E533A71BD25FF8BAB7F88579222
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Herunterladen Five Nights at Freddy's 3 1.07 apk paid - ApkHere.com

Page URL History Show full URLs

https://m.apkhere.com/down/com.scottgames.fnaf3_1.07_paid HTTP 302
https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

154
Requests

88 %
HTTPS

49 %
IPv6

38
Domains

59
Subdomains

38
IPs

5
Countries

1923 kB
Transfer

4123 kB
Size

13
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://m.apkhere.com/
Title: Mobile

Search URL Search Domain Scan URL

URL: https://en.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Search URL Search Domain Scan URL

URL: https://cn.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Search URL Search Domain Scan URL

URL: https://ru.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Search URL Search Domain Scan URL

URL: https://ja.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Search URL Search Domain Scan URL

URL: https://ko.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Search URL Search Domain Scan URL

URL: https://pt.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Search URL Search Domain Scan URL

URL: https://it.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Search URL Search Domain Scan URL

URL: https://nl.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Search URL Search Domain Scan URL

URL: https://de.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Search URL Search Domain Scan URL

URL: https://es.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Search URL Search Domain Scan URL

URL: https://fr.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Search URL Search Domain Scan URL

URL: https://tw.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Search URL Search Domain Scan URL

URL: https://ar.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://m.apkhere.com/down/com.scottgames.fnaf3_1.07_paid HTTP 302
https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 123

https://gum.criteo.com/sid/json?origin=publishertag&domain=apkhere.com&sn=ChromeSyncframe&so=0&topUrl=www.apkhere.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=3vvhs3x3WklMb0hhUUg4VXljYjBZdjNrMHVOWWtUWGh0NTJ5QUU2UE02clBZSUxnblI0QUZ6VW1iZEtEdnhaMjg0SitncjlGMCt5dHVuM2lVYW52cFN5MUJ0dE16cmtQZVJoWmlIUlY1QWN4L3R3VkxYK2p3TDUzVnp0ZGtINmZpUkhjQlM2MU9NU29oZjZIL0ZqbEJLVkk5MmJYTzFEb0hmR3REdmFIQWFyaFlVbndXenM1T0F6U0l6VDV1eUc1UjJuZE9ndU1heUZwUDR2Mzdjb1ArOVRReUtaeXhSZWNVS3ZWSGtubzhicUVSRDA0N0FBK2ZwL3M3aDRFbVV3bnJUcTI0NTlTOTIvbmxMMjR0NmlFU0ZtNjJvQT09fA&cppv=2

Request Chain 141

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=8976699090832640064

154 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request com.scottgames.fnaf3_1.07_paid Show response
www.apkhere.com/down/
Redirect Chain

https://m.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

11 KB
3 KB

392ms
381ms

Document
text/html

2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d04db63884e31b112333ad8b5fa3d8112b3ec4a543487bc5b955d9854aa781d1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 738d6443ab920219-ZRH
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:02:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 738d64414a4c0219-ZRH
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:02:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
pragma: no-cache
server: cloudflare

GET
H2 200 style.css
s.apkhere.com/css/ 46 KB
12 KB 51ms
36ms Stylesheet
text/css 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.apkhere.com/css/style.css?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84de4595580fb163bf1dca47fd39d63e191fe765891a7e55c4638295c1ceba92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 17076
cf-polished: origSize=50990
last-modified: Thu, 13 Dec 2018 09:23:58 GMT
server: cloudflare
etag: W/"5c12252e-c72e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Fri, 09 Sep 2022 21:18:17 GMT
cache-control: max-age=2592000
cf-ray: 738d64462cb20219-ZRH
cf-bgj: minify

GET
H2 200 form.css
s.apkhere.com/css/ 1 KB
663 B 50ms
36ms Stylesheet
text/css 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.apkhere.com/css/form.css?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f71e7d6c7f1750e5e460bbbf464145ee40052bdd56b8c4324a4eadd11bcfe546

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1246614
cf-polished: origSize=1535
last-modified: Thu, 13 Dec 2018 09:23:58 GMT
server: cloudflare
etag: W/"5c12252e-5ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Fri, 26 Aug 2022 15:45:59 GMT
cache-control: max-age=2592000
cf-ray: 738d64462cb30219-ZRH
cf-bgj: minify

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 64ms
25ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

33d533cede95a42fc46b7c65654e2cd019dd4ef3233357b326cc015a5aa0ea06

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Thu, 11 Aug 2022 02:02:53 GMT

GET
H2 200 us.png
s.apkhere.com/images/ 358 B
462 B 46ms
43ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/us.png?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eccee7fa621befe970ca3419c1415373b35afe88689598d88d15eb832490253

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:58 GMT
server: cloudflare
age: 59535
etag: "5c12252e-166"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64467cda0219-ZRH
content-length: 358
expires: Fri, 09 Sep 2022 09:30:38 GMT

GET
H2 200 cn.png
s.apkhere.com/images/ 471 B
560 B 33ms
30ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/cn.png?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95b702580e59233f79e5ce9f3679af2ea2da954e6fa6f0694c70e6adfd4e6bce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:58 GMT
server: cloudflare
age: 1246614
etag: "5c12252e-1d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64467cdb0219-ZRH
content-length: 471
expires: Fri, 26 Aug 2022 15:45:59 GMT

GET
H2 200 ru.png
s.apkhere.com/images/ 413 B
493 B 41ms
40ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/ru.png?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4258b0779c067213b528a81ffe114bec739e680ed83bceb06329a954652e56b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:58 GMT
server: cloudflare
age: 59535
etag: "5c12252e-19d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64469cf10219-ZRH
content-length: 413
expires: Fri, 09 Sep 2022 09:30:38 GMT

GET
H2 200 jp.png
s.apkhere.com/images/ 383 B
488 B 43ms
41ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/jp.png?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77743d156bbd4d1af7c7f1bc5bb2fbb24e54109f3d595a7cae13afe98757ecb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:57 GMT
server: cloudflare
age: 157860
etag: "5c12252d-17f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64469ce80219-ZRH
content-length: 383
expires: Thu, 08 Sep 2022 06:11:53 GMT

GET
H2 200 ko.png
s.apkhere.com/images/ 561 B
673 B 44ms
43ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/ko.png?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e1caa60135159633028996ed6c44a4d2ebcca95678895d1d1b230e0073231ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:57 GMT
server: cloudflare
age: 1246613
etag: "5c12252d-231"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64469cee0219-ZRH
content-length: 561
expires: Fri, 26 Aug 2022 15:45:59 GMT

GET
H2 200 br.png
s.apkhere.com/images/ 718 B
817 B 45ms
44ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/br.png?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77d4281998f29132a8df168a4c251db0373d1a8b7985bfb8ea44c69b49b0f04d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:57 GMT
server: cloudflare
age: 1246613
etag: "5c12252d-2ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64469cec0219-ZRH
content-length: 718
expires: Fri, 26 Aug 2022 15:46:00 GMT

GET
H2 200 it.png
s.apkhere.com/images/ 414 B
490 B 45ms
44ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/it.png?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22c85272179e4648650e45027b391431d1f2316a3beffd776bbfaf3984080372

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:57 GMT
server: cloudflare
age: 1799771
etag: "5c12252d-19e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64469cf40219-ZRH
content-length: 414
expires: Sat, 20 Aug 2022 06:06:42 GMT

GET
H2 200 nl.png
s.apkhere.com/images/ 346 B
423 B 46ms
45ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/nl.png?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eba9fe077e08ed616957a57cd915a2ef0bca5f6e6c8ca582768cdc6bd2ab5387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:58 GMT
server: cloudflare
age: 1246613
etag: "5c12252e-15a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64469ce90219-ZRH
content-length: 346
expires: Fri, 26 Aug 2022 15:46:00 GMT

GET
H2 200 de.png
s.apkhere.com/images/ 381 B
482 B 43ms
42ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/de.png?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 221d34369f618542873a092445e8a5f1ef7c68f36804a9bbc405433b71febf41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:58 GMT
server: cloudflare
age: 1246613
etag: "5c12252e-17d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64469ce70219-ZRH
content-length: 381
expires: Fri, 26 Aug 2022 15:46:00 GMT

GET
H2 200 es.png
s.apkhere.com/images/ 473 B
550 B 44ms
43ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/es.png?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3275566f0d4fa5a27fd970b0c87f5a9dd52983379e138cefa7a422a88bddfd99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:57 GMT
server: cloudflare
age: 1246613
etag: "5c12252d-1d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64469cf20219-ZRH
content-length: 473
expires: Fri, 26 Aug 2022 15:46:00 GMT

GET
H2 200 fr.png
s.apkhere.com/images/ 410 B
485 B 46ms
45ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/fr.png?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c082e5ca64fae1f8b2eeba078f2c2597ead8164828c54c8fda5df2e80bc53c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:58 GMT
server: cloudflare
age: 1246613
etag: "5c12252e-19a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64469cf30219-ZRH
content-length: 410
expires: Fri, 26 Aug 2022 15:46:00 GMT

GET
H2 200 tw.png
s.apkhere.com/images/ 334 B
454 B 41ms
40ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/tw.png?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbf7d473c9ebbc594bd488c5d1a31a2bb2cce68b1272095a418e171bbcd7fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:57 GMT
server: cloudflare
age: 1246613
etag: "5c12252d-14e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64469cef0219-ZRH
content-length: 334
expires: Fri, 26 Aug 2022 15:46:00 GMT

GET
H2 200 ar.png
s.apkhere.com/images/ 284 B
415 B 40ms
39ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/ar.png?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcaa66088644354067b7eb339891c382c970144a1d76c105e869ecb82088fedb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:57 GMT
server: cloudflare
age: 1799771
etag: "5c12252d-11c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64469cea0219-ZRH
content-length: 284
expires: Sat, 20 Aug 2022 06:06:42 GMT

GET
H2 200 download.css
s.apkhere.com/css/ 1 KB
586 B 33ms
33ms Stylesheet
text/css 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.apkhere.com/css/download.css?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd30837003ab0bbfc8011fa1b8eb716d97d28b5ef4566c53503bdd2b4a5b6cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 127686
cf-polished: origSize=1370
last-modified: Thu, 13 Dec 2018 09:23:58 GMT
server: cloudflare
etag: W/"5c12252e-55a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Thu, 08 Sep 2022 14:34:47 GMT
cache-control: max-age=2592000
cf-ray: 738d64465ccc0219-ZRH
cf-bgj: minify

GET
H2 200 icon.png!xs
data.apkhere.com/a2/com.scottgames.fnaf3/1.07/ 10 KB
10 KB 370ms
354ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.apkhere.com/a2/com.scottgames.fnaf3/1.07/icon.png!xs
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa8ec6dd3e06da95d33d60cc0fb5be08c528ad9722f6bc7f9b2b8d0904588c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:54 GMT
cf-cache-status: MISS
last-modified: Thu, 02 Apr 2015 18:04:20 GMT
server: cloudflare
etag: W/"551d84a4-86c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 738d64469cfb0219-ZRH
content-length: 9801

GET
H2 200 icon.png!xs
data.apkhere.com/25/org.sbtools.gamehack/4.0/ 4 KB
4 KB 52ms
37ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.apkhere.com/25/org.sbtools.gamehack/4.0/icon.png!xs
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4aef1c5610fc172a852128a0c228babc432fb45f23ef2748b424a7cc92da21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Tue, 30 Jan 2018 13:23:20 GMT
server: cloudflare
age: 59534
etag: W/"5a7071c8-fce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 738d64469cf60219-ZRH
content-length: 4085

GET
H2 200 icon.png!xs
data.apkhere.com/cf/com.alephzain.framaroot/1.9.3/ 6 KB
6 KB 49ms
34ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.apkhere.com/cf/com.alephzain.framaroot/1.9.3/icon.png!xs
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94d0eb033179b7213bfe201d5b849377aa0e4caf709bea1637492d0f576dcda4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Jul 2015 19:59:21 GMT
server: cloudflare
age: 1846461
etag: W/"55b68d99-1815"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 738d64469cf50219-ZRH
content-length: 6088

GET
H2 200 icon.png!xs
data.apkhere.com/c2/com.forpda.lp/5.4.9/ 8 KB
9 KB 55ms
40ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.apkhere.com/c2/com.forpda.lp/5.4.9/icon.png!xs
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 786154249b6626c66e5098ab2164f977327bacbed1b85395d02d1461e9fa5a14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Jul 2015 20:03:12 GMT
server: cloudflare
age: 2215059
etag: W/"55b68e80-72c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 738d64469cf80219-ZRH
content-length: 8698

GET
H2 200 icon.png!xs
data.apkhere.com/d9/com.advasoft.touchretouch/4.4.16/ 6 KB
6 KB 44ms
38ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.apkhere.com/d9/com.advasoft.touchretouch/4.4.16/icon.png!xs
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f55f0b715c44657663f8b6d28c404caacf00a4243043917a7b546d8d9f35270d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Tue, 25 May 2021 04:05:14 GMT
server: cloudflare
age: 579517
etag: W/"60ac777a-3ed1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 738d64469cf90219-ZRH
content-length: 5680

GET
H2 200 icon.png!xs
data.apkhere.com/7f/com.qihoo.permmgr/8.1.1.3/ 4 KB
4 KB 47ms
42ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.apkhere.com/7f/com.qihoo.permmgr/8.1.1.3/icon.png!xs
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c34a95e494720bb2e32a0a34dd860f7af948c5c7387f8f3f318f1592da9becb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Mar 2018 13:38:59 GMT
server: cloudflare
age: 2215059
etag: W/"5aabc8f3-1d4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 738d64469cfc0219-ZRH
content-length: 4149

GET
H2 200 icon.png!xs
data.apkhere.com/37/com.kingroot.kinguser/5.4.0/ 1 KB
1 KB 28ms
27ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.apkhere.com/37/com.kingroot.kinguser/5.4.0/icon.png!xs
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc19ccfa56bdff35e47648e10c559c8473c9c2204e4d7a3fde57eb5dc4e3180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Wed, 21 Aug 2019 11:43:04 GMT
server: cloudflare
age: 2215059
etag: W/"5d5d2e48-c0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 738d6446bd040219-ZRH
content-length: 1264

GET
H2 200 dcma.png
s.apkhere.com/images/ 761 B
958 B 31ms
31ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/dcma.png?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f468b1caffffea196bb16d2964a1cd8ae1d1503390ad2f2435202d687d2d562

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:57 GMT
server: cloudflare
age: 1252998
etag: "5c12252d-2f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d6446bd050219-ZRH
content-length: 761
expires: Fri, 26 Aug 2022 13:59:35 GMT

GET
H2 200 jquery.1.9.1.min.js Show response
s.apkhere.com/js/ 90 KB
32 KB 34ms
34ms Script
application/javascript 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.apkhere.com/js/jquery.1.9.1.min.js?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:59 GMT
server: cloudflare
age: 1253030
etag: W/"5c12252f-169d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 738d64467cd40219-ZRH
expires: Fri, 26 Aug 2022 13:59:03 GMT

GET
H2 200 j.js Show response
s.apkhere.com/js/ 7 KB
2 KB 34ms
31ms Script
application/javascript 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.apkhere.com/js/j.js?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1166e1051e01562449e705273ae117f3fbd5dacc66b469e190ca7f52a3223810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1252033
cf-polished: origSize=10787
last-modified: Thu, 13 Dec 2018 09:23:59 GMT
server: cloudflare
etag: W/"5c12252f-2a23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 26 Aug 2022 14:15:39 GMT
cache-control: max-age=2592000
cf-ray: 738d64467cd80219-ZRH
cf-bgj: minify

GET
H2 200 j2.js Show response
s.apkhere.com/js/ 9 KB
3 KB 37ms
33ms Script
application/javascript 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.apkhere.com/js/j2.js?v=6
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce4ab8d5a11dcc9959e251498e664465b04eecbf6c79cf64a1a191d03848d572

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1253030
cf-polished: origSize=13227
last-modified: Thu, 13 Dec 2018 09:23:59 GMT
server: cloudflare
etag: W/"5c12252f-33ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 26 Aug 2022 13:59:03 GMT
cache-control: max-age=2592000
cf-ray: 738d64467cd90219-ZRH
cf-bgj: minify

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ 387 KB
155 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apkhere.com/
Origin: https://www.apkhere.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158422
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 04:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 20:10:18 GMT

GET
H2 200 apkhere.js Show response
cdn4.buysellads.net/pub/ 621 KB
201 KB 93ms
30ms Script
application/javascript 94.31.29.32
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 London, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 09d7914481b4c07b6076fb8f8c5b38b08c921d7a3925fef09c66e242ed1d8780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 01:56:19 GMT
server: NetDNA-cache/2.2
x-amz-request-id: N2D378C9ZN0241H0
etag: W/"f4eae77766f551506940938b6b47bd0e"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31104000
x-amz-id-2: zDM5rlLvmSICD/cPzpQOQQdQXz5vhX6/pqNIKkZHYDFo5SWr0EAEHa1ChszrEitnkBBi01o0iSw=
expires: Sun, 06 Aug 2023 02:02:53 GMT

GET
H2 200 header.png
s.apkhere.com/images/ 149 B
277 B 33ms
32ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/header.png
Requested by: Host: s.apkhere.com
URL: https://s.apkhere.com/css/style.css?v=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc2607b06ff410dac2cf56ae846c2da2994958af066ecd3d48303f7fa6bffe16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.apkhere.com/css/style.css?v=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:57 GMT
server: cloudflare
age: 1794159
etag: "5c12252d-95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64468ce10219-ZRH
content-length: 149
expires: Sat, 20 Aug 2022 07:40:14 GMT

GET
H2 200 split2.png
s.apkhere.com/images/ 82 B
250 B 40ms
39ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/split2.png
Requested by: Host: s.apkhere.com
URL: https://s.apkhere.com/css/style.css?v=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0af2c95fe327a68319793b8515686306ca9f923adee7e03408a21c8abee3faf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.apkhere.com/css/style.css?v=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:57 GMT
server: cloudflare
age: 1794159
etag: "5c12252d-52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64469cf00219-ZRH
content-length: 82
expires: Sat, 20 Aug 2022 07:40:14 GMT

GET
H2 200 logo.png
s.apkhere.com/images/ 3 KB
3 KB 34ms
33ms Image
image/png 2606:4700:10::ac43:499
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.apkhere.com/images/logo.png
Requested by: Host: s.apkhere.com
URL: https://s.apkhere.com/css/style.css?v=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:499 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 715a51f550c1324bbfcbb0b60ade76bc662e3640709cd2bc0d1bde03de233c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.apkhere.com/css/style.css?v=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Dec 2018 09:23:57 GMT
server: cloudflare
age: 1794159
etag: "5c12252d-b88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 738d64468ce20219-ZRH
content-length: 2952
expires: Sat, 20 Aug 2022 07:40:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 56ms
15ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3416
date: Thu, 11 Aug 2022 01:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Aug 2022 03:05:57 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4ABE 43 KB
23 KB 40ms
39ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5lBgUAAAAACRY7Tb2-GPjEJxH2fJTmreZafPd&co=aHR0cHM6Ly93d3cuYXBraGVyZS5jb206NDQz&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=p21fobui17p5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3548902555177f6fa5685ad5b05d61ef50292f7f66c0471aef22ad55905ad58d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FsyL2e_DLudaehHM3QeCOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apkhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23137
content-security-policy: script-src 'report-sample' 'nonce-FsyL2e_DLudaehHM3QeCOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:02:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 23ms
22ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=276253165&t=pageview&_s=1&dl=https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid&ul=en-us&de=UTF-8&dt=Herunterladen%20Five%20Nights%20at%20Freddy%27s%203%201.07%20apk%20paid%20-%20ApkHere.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=276083594&gjid=2132002301&cid=798044068.1660183374&tid=UA-47324435-1&_gid=1230804486.1660183374&_r=1&_slc=1&z=900912287

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:02:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.apkhere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 62ms
23ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77f2dc9b6f0795bd37c21453e2f478f8f7160ad3b78ba939e003037405e90d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28612
x-xss-protection: 0
server: sffe
etag: "1300 / 409 of 1000 / last-modified: 1660136572"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 Aug 2022 02:02:54 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
370 B 203ms
202ms Image
image/gif 94.31.29.32
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=3.8531233966903935
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 London, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:54 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: HBDPTF0QG77XQ1DZ
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: vNRGKroTqtKjyPdXsJdvjeL0a+CiZaMW+PvXTxVgBbaFRIxkR81UTI6QpjwIjr2tKvvSl6k3FDg=
expires: Sun, 06 Aug 2023 02:02:54 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
365 B 202ms
201ms Image
image/gif 94.31.29.32
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=3.8531233966903935
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 London, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:54 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: HBDSK56CW5KA0634
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: TxbK4a/G7Obin2hTafKV724VAjxjDO6JQHJTU2fmJ6ad0n50ZhGQIUPB3pFrrRhtckn/WKoBtUM=
expires: Sun, 06 Aug 2023 02:02:54 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 83ms
28ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-47324435-1&cid=798044068.1660183374&jid=276083594&gjid=2132002301&_gid=1230804486.1660183374&_u=IEBAAAAAAAAAAC~&z=603595417

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 11 Aug 2022 02:02:54 GMT
content-type: text/plain
access-control-allow-origin: https://www.apkhere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 4ABE 51 KB
24 KB 47ms
16ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5lBgUAAAAACRY7Tb2-GPjEJxH2fJTmreZafPd&co=aHR0cHM6Ly93d3cuYXBraGVyZS5jb206NDQz&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=p21fobui17p5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 15:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 04:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 15:16:08 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 4ABE 387 KB
155 KB 46ms
15ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158422
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 04:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 20:10:18 GMT

GET
H2 200 pubads_impl_2022080401.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
382 KB 67ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 15:22:16 GMT
x-content-type-options: nosniff
age: 38438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 390095
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 08:38:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Aug 2023 15:22:16 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 37 B
687 B 75ms
24ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.apkhere.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

3a5f90638a835869f10539cd62cd5b3941d7827738f1fffeb74f2c1084b674c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51
x-xss-protection: 0
expires: Thu, 11 Aug 2022 02:02:54 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4ABE 2 KB
2 KB 15ms
15ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 111786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 16 Aug 2022 18:59:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4ABE 15 KB
16 KB 54ms
16ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 118573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Aug 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4ABE 15 KB
15 KB 57ms
19ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 186095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4ABE 102 B
133 B 25ms
25ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gWN_U6xTIPevg0vuq7g1hct0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

49e3d3c02d2e66e6d545c98e1249a2de848e7c17c0c676d883e764794eb22021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5lBgUAAAAACRY7Tb2-GPjEJxH2fJTmreZafPd&co=aHR0cHM6Ly93d3cuYXBraGVyZS5jb206NDQz&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=p21fobui17p5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 11 Aug 2022 02:02:54 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 20D2 7 KB
1 KB 30ms
29ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&k=6Lc5lBgUAAAAACRY7Tb2-GPjEJxH2fJTmreZafPd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9712072425a7ecff18c5be201a9576d2a12359231c861e04dffc1621f07a7d31

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-erWDni8uWf3sOdviAS_ysg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apkhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1114
content-security-policy: script-src 'report-sample' 'nonce-erWDni8uWf3sOdviAS_ysg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:02:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 20D2 51 KB
24 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&k=6Lc5lBgUAAAAACRY7Tb2-GPjEJxH2fJTmreZafPd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 15:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 04:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 15:16:08 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 20D2 387 KB
155 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&k=6Lc5lBgUAAAAACRY7Tb2-GPjEJxH2fJTmreZafPd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158422
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 04:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 20:10:18 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 20D2 39 KB
24 KB 94ms
94ms XHR
application/json 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lc5lBgUAAAAACRY7Tb2-GPjEJxH2fJTmreZafPd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5c5ec13b0f19febcc6bc5e2ab63aa90eeacedc2522a2052bddbbed8e4e91c45e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&k=6Lc5lBgUAAAAACRY7Tb2-GPjEJxH2fJTmreZafPd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 11 Aug 2022 02:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24475
x-xss-protection: 1; mode=block
expires: Thu, 11 Aug 2022 02:02:54 GMT

GET
H3 200 canonical_car.png
www.gstatic.com/recaptcha/api2/ Frame 20D2 11 KB
11 KB 16ms
16ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/canonical_car.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 08:46:28 GMT
x-content-type-options: nosniff
age: 62186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11174
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 17 Aug 2022 08:46:28 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 20D2 600 B
624 B 17ms
15ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 08:44:59 GMT
x-content-type-options: nosniff
age: 62275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 17 Aug 2022 08:44:59 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 20D2 530 B
554 B 17ms
15ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 23:42:15 GMT
x-content-type-options: nosniff
age: 181239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 15 Aug 2022 23:42:15 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 20D2 665 B
689 B 18ms
16ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 16:37:52 GMT
x-content-type-options: nosniff
age: 120302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 16 Aug 2022 16:37:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 20D2 15 KB
15 KB 49ms
15ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 118573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Aug 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 20D2 15 KB
15 KB 58ms
25ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 21:19:14 GMT
x-content-type-options: nosniff
age: 189820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Aug 2023 21:19:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 20D2 15 KB
15 KB 53ms
20ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 186095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 22:21:19 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 20D2 41 KB
41 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06ANYolqv61XlF980RTxPeaf_iGVsmsuor8CafaXgq9fidZcWvcRLP0sM4pCm7Tu53hn39IXDzF2sTOD2PiNLnUj2yuI5sjvQIQOdymg5xbMSIIgpFXZeiD-wNvfAjHJ88wSPZ186n_w6MdJF_75wFeeTM-UtF2JdBskzYFbBCDqjE37Cy-NTyvNgVFx9i770bN9V8DBtX14Uq0oiZS-1WidZ9mVZUFZzsrf5zGTpfT9oMNNgsk356Zss&k=6Lc5lBgUAAAAACRY7Tb2-GPjEJxH2fJTmreZafPd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

64ab332019b220556be54c38c656440b9e3f419067bd00d6f46ca4661ce84fe6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&k=6Lc5lBgUAAAAACRY7Tb2-GPjEJxH2fJTmreZafPd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:54 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41548
x-xss-protection: 1; mode=block
expires: Thu, 11 Aug 2022 02:02:54 GMT

GET
H2 200 CEAIV2QY.json Show response
srv.buysellads.com/ads/ 932 B
671 B 366ms
111ms Fetch
application/json 45.55.47.38
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CEAIV2QY.json?forcebanner=464230&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.55.47.38 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-us-ny-13.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 5992eac7f7648e647738efff9f2e7831f69eaec77e5d3724eaee6a90c320059f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 02:02:54 GMT
content-encoding: gzip
server: //srv.buysellads.com
content-length: 558
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
941 B 117ms
34ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1537414
x-amz-request-id: tx71de9a623ae143c39231a-00629f978d
x-amz-id-2: tx71de9a623ae143c39231a-00629f978d
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gh7BRR4KttOl7LFKhbsgY%2FwMm3vg7Wnpg7rYYswHwLPj24Gi3FCkI%2BRtZuIjBI95Yyq8BPZAQlv%2BYjeeq1jEffSyBVBo4CuUatIIFoMs32V6pvPQra21EpHXVCeBVw2DpFzisKGML2zOUMZE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 738d644bdb0fbabb-MXP

GET
H2 200 arj Show response
buysellads-d.openx.net/w/1.0/ 73 B
377 B 73ms
28ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://buysellads-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=85959a72-49df-459e-9b76-250ff7dc81f7%2C85959a72-49df-459e-9b76-250ff7dc81f7&nocache=1660183374602&schain=1.0%2C1!buysellads.com%2C16047%2C1%2C%2C%2C&aus=970x90%7C728x90&divids=bsa-zone_1655818832248-0_123456%2Cbsa-zone_1655818832248-0_123456&aucs=%252F8691100%252FApkhere_S2S_FixedFooter_ROS%2523bsa-zone_1655818832248-0_123456%2C%252F8691100%252FApkhere_S2S_FixedFooter_ROS%2523bsa-zone_1655818832248-0_123456&auid=541023048%2C541001000
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: bd38f1ac1bab15900b2e3773af6ba4ba3a55d91a231bc360785a271d34166584

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:02:54 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.apkhere.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 669 B
640 B 494ms
256ms XHR
application/json 34.197.60.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=8652
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.60.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-60-25.compute-1.amazonaws.com
Software: /
Resource Hash: dc8d70327a8ca1e400badb7999d6aeca0872017122ddd6084b00f96cb4bceddd

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 02:02:55 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.apkhere.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
113 B 95ms
21ms XHR
text/plain 18.158.191.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.191.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-191-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.apkhere.com
date: Thu, 11 Aug 2022 02:02:54 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
113 B 93ms
19ms XHR
text/plain 18.158.191.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.191.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-191-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.apkhere.com
date: Thu, 11 Aug 2022 02:02:54 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
114 B 91ms
18ms XHR
text/plain 18.158.191.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.191.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-191-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.apkhere.com
date: Thu, 11 Aug 2022 02:02:54 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
113 B 96ms
23ms XHR
text/plain 18.158.191.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.191.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-191-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.apkhere.com
date: Thu, 11 Aug 2022 02:02:54 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 400 display Show response
mantodea.mantisadnetwork.com/prebid/ 56 B
333 B 399ms
118ms XHR
text/html 34.224.253.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1660183374607&secure=true&version=9&title=Herunterladen%20Five%20Nights%20at%20Freddy%27s%203%201.07%20apk%20paid%20-%20ApkHere.com&url=https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid&measurable=true&bids[0][bidId]=1267bc3c59040c4&bids[0][config][property]=APKHere&bids[0][config][zone]=Apkhere_S2S_FixedFooter_ROS&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&property=APKHere&foo
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.253.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-253-29.compute-1.amazonaws.com
Software: / Express
Resource Hash: 5352720a5ffb778e42dbb1d4b81c975c02018dd660e1fe9c430cbf13dba78762

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:02:54 GMT
x-powered-by: Express
etag: W/"38-oN4RNSEETikJBvZER0pAAAEOHrw"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.apkhere.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 56
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 22 KB
13 KB 229ms
147ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

588e7ffb502faafd9e273358864d56a7a93922b2cff7bc74c2a049a55216441e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 11 Aug 2022 02:02:54 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: da23137e-a9de-4fa1-9eb1-ebb719b88115
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.apkhere.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 358 B
708 B 164ms
48ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid&PublisherDomain=https%3A%2F%2Fwww.apkhere.com

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

9e45a877001102dfd735e4f72c64be86148fd4af4cf6d8034df549b0c94ee19e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:02:54 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkhere.com
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 24
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 358
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 238ms
39ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=57210243500

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 02:02:53 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkhere.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
760 B 128ms
53ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f12fa8c9dec4d2b9bfca0ab21d9a4dae4d50c01906242ad82e01881e544cfdd

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 02:02:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Process Shapings. Seat shared_improvedigital: No adunits with mapping rule and shaping, Process Shapings. Seat shared_pubmatic: No adunits with mapping rule and shaping, Process Shapings. Seat shared_drbanner: No adunits with mapping rule and shaping
content-encoding: gzip
x-err: Shapings: no adunits with size and seat and mapping
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkhere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 738d644bef36cc62-ZRH
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
293 B 438ms
186ms XHR
application/json 34.236.83.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280a57d4001b&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-83-94.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 9bb3fc2999377ca03c85a4303fd3382bf59618a441e267cc3d0c376cf464b455

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 02:02:54 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.apkhere.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
117 B 449ms
198ms XHR
application/json 34.236.83.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-83-94.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 591ebeb4b5b90d51f3b375dd787872047bf9c6e8e21e8e0b523bb96891d0dc46

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Aug 2022 02:02:55 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.apkhere.com
access-control-allow-credentials: true
content-length: 62

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 91ms
18ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.apkhere.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 1333ms
71ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkhere.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.apkhere.com
date: Thu, 11 Aug 2022 02:02:55 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 93ms
35ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 141067
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txa59bd2177624409e94492-0062cf26a6
x-amz-id-2: txa59bd2177624409e94492-0062cf26a6
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKsyUoLURcDAqa08%2FIqdnam9p2eFlWZaAVBWu%2Fo8JBm6DcXUHrGF6yxeyUcnnFN5aa7iQNVK2ina6%2BDwULlxaiH3pUGT2gc1ZV4cjv7yj2GsIKwjDKmiZk39XowqtWTkgCx6BHRmCdmqgrNT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 738d644c7bc1badc-MXP
access-control-allow-headers: Authorization

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 65ms
24ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.apkhere.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 63ms
23ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.apkhere.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
442 B 89ms
50ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=4071463549446536&vrg=2022080401&nw_id=8691100&nslots=1&eid=31064226&pub_url=https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid&sig=1&req=0&req_cnt=1&dm=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:02:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 100ms
67ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4071463549446536&correlator=3425326503169158&eid=31064226&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=8691100%2CApkhere_S2S_FixedFooter_ROS&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=1&adks=494918668&sfv=1-0-38&fsapi=false&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1655818832248-0_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.04%26hb_adid_appnexus%3D30a4d2f4a37258b%26hb_bidder_appnexus%3Dappnexus%26hb_size%3D728x90%26hb_pb%3D0.04%26hb_creative%3D78827815%26hb_adid%3D30a4d2f4a37258b%26hb_bidder%3Dappnexus%26_bd%3Dbid%26_pl%3D0.04&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3Dbsa%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dapkhere%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1660183376005&lmt=1660183376&dlt=1660183373750&idt=522&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid&frm=20&vis=1&psz=1600x-1&msz=0x-1&fws=640&ohw=0&ga_vid=798044068.1660183374&ga_sid=1660183376&ga_hid=276253165&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c9f5325bf2a5a14cdd9285030a7884d00ef106c46db96143e3974acd241de35d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11162
x-xss-protection: 0
google-lineitem-id: 5650535188
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343936416
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.apkhere.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 66ms
28ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dc9c8956ff491bb354b7871add423de7bb46503782fbe25ec7a7c4e1c3be8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11063
x-xss-protection: 0

GET
H2 200 container.html Show response
629360e506d8cc634ad590e69130197f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 41F2 6 KB
4 KB 155ms
24ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://629360e506d8cc634ad590e69130197f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apkhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:02:56 GMT
expires: Fri, 11 Aug 2023 02:02:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 97ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 02:02:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BB03 0
0 53ms
52ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIm_RQnC5I6Tt1A-64mvYzxCnIqbEtTCAlPADUX6SPeD0HlgjzBD4wRfBGa0-_t9CtxkAPzOKFKdF-gCm1bH37KHIQAJNvz9PFKo_GJD8jA0TROjzZn9Wtc24E3vkjnzM2YMBbZ_zAIDrVcqEc6VWX5JvIa7wuOBJnI9O3JTEIaPMSNsP6vcN2xWJH1lpzsSt4ninh_pomyw8uPX8yvQKzolK-Q0rj6i8zdK4G2j3Vn3oW1l0QHFLR4Gbh0_51EphEhBwRKTY0WlSECi7aCSbnJbAkPq5P8Rsaejf1UORHdtnfhfQS18cUKIbL1nsiLVr5CTtIE_9jMFeWon-eBceZjw&sai=AMfl-YQCnu2hNDX25SEOV6JIMLBMh9UUUJ3VBNmi5Y-6NNeNLez-To2Cdw2AeRJxL0I8O40Vae_eEgZQFYWIkwjhipzfrZPFNkTW4F2UlyfuUaGFv-eoU7VjY4cLvwEEuD8-QQ&sig=Cg0ArKJSzPIsWuy86TFREAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:02:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 11 Aug 2022 02:02:56 GMT

GET
H2 200 blacklist_script.js Show response
tagan.adlightning.com/bsa/ Frame BB03 31 KB
14 KB 63ms
16ms Script
application/javascript 18.66.139.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/bsa/blacklist_script.js
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 704e5d3e5afb36b32c02fb7b4ce1a5499c2c7439a1e2acf8699e416336a58e39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: gf_1vHVFdVD2xO4xAJEoLuCbM27QINkN
content-encoding: gzip
etag: "715c51870fd7489887841d39bd1e13ce"
age: 2875
x-cache: Hit from cloudfront
content-length: 13475
x-amz-meta-git_commit: fffd939
last-modified: Wed, 10 Aug 2022 18:14:48 GMT
server: AmazonS3
date: Thu, 11 Aug 2022 01:15:27 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: IVuz8XQdLe96xIRx4Pqt-7mmRwDyPmKEoD7m15hkxmq7IIHmwlbTCg==

GET
H2 200 blocking_script.js Show response
tagan.adlightning.com/bsa/ Frame BB03 80 KB
30 KB 65ms
19ms Script
application/javascript 18.66.139.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/bsa/blocking_script.js
Requested by: Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7bf2d88d96dcc7fa23f1d8fb4601da127d2012b0e12f46e42e4e74615ba7f15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: JhsEvgoHlOjK_0lT1tnhaBpZ9OTS0aRA
content-encoding: gzip
etag: "786c4e10341bc771b70d2df7406834c8"
age: 71098
x-cache: Hit from cloudfront
content-length: 30675
x-amz-meta-git_commit: 39123b0
last-modified: Wed, 13 Apr 2022 18:16:26 GMT
server: AmazonS3
date: Wed, 10 Aug 2022 06:18:24 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: Cx9yl4DMrcH1m9_rEIub61_LFZE_SJRxjosb-KGf18vAJQ-wQ7cz2A==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB03 140 KB
43 KB 57ms
25ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 02:02:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C1A1 13 KB
5 KB 48ms
15ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apkhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 20:50:35 GMT
expires: Thu, 10 Aug 2023 20:50:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 99B4 783 B
536 B 26ms
25ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

194eb2d26a33fcf4708d51be9887d4cdcb9653b8566eb00a2fc9f0b9d58586d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zqJvrGAkYQ4Wzip9vyXhsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apkhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-zqJvrGAkYQ4Wzip9vyXhsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:02:56 GMT
expires: Thu, 11 Aug 2022 02:02:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 99B4 0
0 81ms
49ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080401&jk=4071463549446536&rc=05AMjm62XGzPPzd4mb5muBbSOr1z-eNn_0TZxPN7Y0VWYQZPRS4ttNkXRl3wv5OzgC0Dnl3qJA3eC0bfuNb5O9Xmz-65iciVD68WpMii49XAwobb4-9UApywEX6eJtG92Vb9sdHpC6xmKnoGic7_VsL07Fcy-42tnjRaB_U7Q_SdtkB_QOtWlG38BY_QxQeo-Tyuc86GDtFFz8FAFu6FaW7Qw0ATFDb10iasw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame BB03 26 KB
10 KB 78ms
29ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/bsa/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16529
x-jsd-version: 1.13.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19162-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PgEnNWrWGXP6qvNoAbR4%2FeYG%2Bh3ES4dGVnzeLexWMtt%2B1qVY%2BjmqoiDg902nLbmT%2F7FS%2BN3cGT5OGd3Hjq9ZqZy%2FftJpTz%2F0suN4sMjybkzuH6kKFp8jatQX0raJx01JHjvc2jtvpH8apD8fIc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 738d6456ac960219-ZRH

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame C1A1 36 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 17:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 17:58:27 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C1A1 0
9 B 15ms
14ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?R8jq8Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BB03 0
0 85ms
53ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUgI_dkWPWkt4wDQi3ER57MrBdTm5YKBpou9AaKx__3ha09sshFay2K95A7nqwHH40axKe16cgR3eLnOyjL-ZF84gm9JgWtNXTCbA07NTFuXIY8MfcrNWXbiuc3s1JqBWuQ4tq-W3ED1fu2BbPT2f6A_SsbwuIKDYh-6tF8uWt1kuI7UF_uG4Eh1zRKfIIvVYv5K4hzlGaDd9kZ1muNIxkRUqONNG_-mWzjDjJT9mebjh1Lv7QVe3nVLjxYi1kuhilzyVPeZwROI9DrPgEqCzVFN-IStbaEQG5sbgi4In4MIhQneHdO6Yd9xa4CEVcKnL6yAgeE-iNN1enTPg3xHLTBMSL&sai=AMfl-YTw7eliz04vEgIW1cdnqOFPUOw67unhuoPNSqwSQO_RqW4S5IUYNiA5QuirvE452hGtE4G4t40VKnwkGzxiYM6AwcV6naOS5YfDDz6Yd3RgMv_3_KnT768hfvrDL20NXA&sig=Cg0ArKJSzKssJ2qQt9bhEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:02:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 11 Aug 2022 02:02:56 GMT

GET
H2 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame EFA2 13 KB
5 KB 63ms
16ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/bsa/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apkhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 4980
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 06:07:12 GMT
etag: 12223946614886178233
expires: Thu, 11 Aug 2022 06:07:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 6321 11 KB
5 KB 66ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/bsa/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05fdf9059f82368fa058a4fed88c9b56263934d770af68ea301f57f80be88ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1953
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4665
x-xss-protection: 0
server: cafe
etag: 1690156577369591742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 02:30:23 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 6321 85 KB
29 KB 192ms
29ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/bsa/blocking_script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 02:02:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29216
Expires: Fri, 11 Aug 2023 02:02:56 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 6321 0
815 B 95ms
17ms Image
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.apkhere.com%252Fdown%252Fcom.scottgames.fnaf3_1.07_paid&e=wqT_3QKoBugoAwAAAwDWAAUBCM7G0ZcGEJCp7LrV9va7eRgAKjYJVrYPecvVrz8RwMjLmljgpz8ZAAAAgML12D8hwA0SACkRJMgxAAAAQOF6pD8w-vrKDDjKQUDlHkhlUKeiyyVYmNVSYABoz_hreP7VBYABAYoBA1VTRJIFBvB9mAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACn_A_6gI7aHR0cHM6Ly93d3cuYXBraGVyZS5jb20vZG93bi9jb20uc2NvdHRnYW1lcy5mbmFmM18xLjA3X3BhaWSAAwCIAwGQAwCYAxegAwGqA-oBCr8BEVFkcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi4BXwkeRC9nZW5fMjA0P2lkPWF3YmlkJgUG9GkBX2I9QUtBbWYtQmJUekpPUW9YVjNOdDQwdUxLM05sd05NT1B1Z2JGZDl2YlNXVm9OeWlEVE9PaGtSY1VrVE5KNEl0dFRoaWs2a1RaeUxsZDhINnRucjJWM2VmUWpHME04c1ZLMWcmcHI9MTA6JHtBVUNUSU9OX1BSSUNFfRoTODc1MjcwNTk3MjcxODk5ODY3MiIINzg4Mjc4MTUqBDM5NDE6ATDAA6wCyAMA2AOFhaUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTIxNy42NC4xNTEuMjioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAFisX29I7LvuFHwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFzJAl-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAFFgkBoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEwNjE1NzE5Mjc5NroHDwgAASlEIAAwADi9BkAAyAf-1QXSBw0JCUUAAAVHCNoHBgknaOAHAOoHAggA8AeH4wKKCAIQAJUIAACAP5gIAQ..&s=761741aa600840e07a826bc145a2723c9b5f84af

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/bsa/blocking_script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:02:56 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7e0b5c47-1df4-4b36-8842-744d6c9868d5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6321 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-A1PoaGAwtXl2qEkIoMjHlHV07a24_ym_KL8dI2CKQuM99PQxTfjhXEQ3fsrqBTzTeazr4jibbG99vQ-vjpda5efGH9rQ

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/bsa/blocking_script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:02:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame BB03 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1fcecf5d137bbb9b72dd9a50a8b3a0681115d0dac1b0d3c7f5140c1f5c88ad5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 6321 0
815 B 16ms
16ms Script
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid&e=wqT_3QKGMeiGGAAAAwDWAAUBCM7G0ZcGEJCp7LrV9va7eRgAKjYJVrYPecvVrz8RwMjLmljgpz8ZAAAAgML12D8hwA0SACkRJMgxAAAAQOF6pD8w-vrKDDjKQUDlHkhlUKeiyyVYmNVSYABoz_hreP7VBYABAYoBA1VTRJIFBvRgDpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCO2h0dHBzOi8vd3d3LmFwa2hlcmUuY29tL2Rvd24vY29tLnNjb3R0Z2FtZXMuZm5hZjNfMS4wN19wYWlk8gIMCgZIRUlHSFQSAjkw8gIMCgVXSURUSBIDNzI48gIhCgZMT0FERVISF3JlbmRlcl9wb3N0X2Fkc192MS5odG1s8gIYCgpJRlJBTUVfS0VZEgoxNTQ3Njk2OTEx8gK_FQoLUFJFX1NDUklQVFMSrxU8c2NyaXB0PihmdW5jdGlvbigpey8qCgogQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy4KIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wCiovCnZhciBoPXRoaXN8fHNlbGY7LyoKCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwp2YXIgaz1BcnJheS5wcm90b3R5cGUuaW5kZXhPZj9mdW5jdGlvbihhLGMpe3JldHVybiBBcnJheS5wcm90b3R5cGUuaW5kZXhPZi5jYWxsKGEsYyx2b2lkIDApfTpmdW5jdGlvbihhLGMpe2lmKCJzdHJpbmciPT09dHlwZW9mIGEpcmV0dXJuInN0cmluZyIhPT10eXBlb2YgY3x8MSE9Yy5sZW5ndGg_LTE6YS5pbmRleE9mKGMsMCk7Zm9yKHZhciBkPTA7ZDxhLmxlbmd0aDtkKyspaWYoZCBpbiBhJiZhW2RdPT09YylyZXR1cm4gZDtyZXR1cm4tMX07ZnVuY3Rpb24gbChhKXtsWyIgIl0oYSk7cmV0dXJuIGF9bFsiICJdPWZ1bmN0aW9uKCl7fTtmdW5jdGlvbiBuKGEpe2E9dm9pZCAwPT09YT9kb2N1bWVudDphO3JldHVybiBhLmNyZWF0ZUVsZW1lbnQoImltZyIpfTtmdW5jdGlvbiBwKGEsYyxkKXthLmdvb2dsZV9pbWFnZV9yZXF1ZXN0c3x8KGEuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzPVtdKTt2YXIgYj1uKGEuZG9jdW1lbnQpO2lmKGQpe3ZhciBlPWZ1bmN0aW9uKCl7aWYoZCl7dmFyIGY9YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHMsZz1rKGYsYik7MDw9ZyYmQXJyYXkucHJvdG90eXBlLnNwbGljZS5jYWxsKGYsZywxKX1iLnJlbW92ZUV2ZW50TGlzdGVuZXImJmIucmVtb3ZlRXZlbnRMaXN0ZW5lcigibG9hZCIsZSwhMSk7Yi5yZW1vdmVFdmVudExpc3RlbmVyJiZiLnJlbW92ZUV2ZW50TGlzdGVuZXIoImVycm9yIixlLCExKX07Yi5hZGRFdmVudExpc3RlbmVyJiZiLmFkZEV2ZW50TGlzdGVuZXIoImxvYWQiLGUsITEpO2IuYWRkRXZlbnRMaXN0ZW5lciYmYi5hZGRFdmVudExpc3RlbmVyKCJlcnJvciIsZSwhMSl9Yi5zcmM9YzthLmdvb2dsZV9pbWFnZV9yZXF1ZXN0cy5wdXNoKGIpfTtmdW5jdGlvbiBxKCl7dmFyIGE9ZG9jdW1lbnQuY3VycmVudFNjcmlwdDtyZXR1cm4oYT12b2lkIDA9PT1hP251bGw6YSkmJiI3NyI9PT1hLmdldEF0dHJpYnV0ZSgiZGF0YS1qYyIpP2E6ZG9jdW1lbnQucXVlcnlTZWxlY3RvcignW2RhdGEtamM9Ijc3Il0nKX07dmFyIHI9UmVnRXhwKCJeaHR0cHM_Oi8vKFxcd3wtKStcXC5jZG5cXC5hbXBwcm9qZWN0XFwuKG5ldHxvcmcpKFxcP3wvfCQpIik7CmZ1bmN0aW9uIHQoKXt2YXIgYT1oO3ZhciBjPVtdO3ZhciBkPW51bGw7ZG97dmFyIGI9YTt0cnl7dmFyIGU7aWYoZT0hIWImJm51bGwhPWIubG9jYXRpb24uaHJlZiliOnt0cnl7bChiLmZvbyk7ZT0hMDticmVhayBifWNhdGNoKG0pe31lPSExfXZhciBmPWV9Y2F0Y2gobSl7Zj0hMX1pZihmKXt2YXIgZz1iLmxvY2F0aW9uLmhyZWY7ZD1iLmRvY3VtZW50JiZiLmRvY3VtZW50LnJlZmVycmVyfHxudWxsfWVsc2UgZz1kLGQ9bnVsbDtjLnB1c2gobmV3IHUoZ3x8IiIpKTt0cnl7YT1iLnBhcmVudH1jYXRjaChtKXthPW51bGx9fXdoaWxlKGEmJmIhPWEpO2I9MDtmb3IoYT1jLmxlbmd0aC0xO2I8PWE7KytiKWNbYl0uZGVwdGg9YS1iO2I9aDtpZihiLmxvY2F0aW9uJiZiLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2lucyYmYi5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMubGVuZ3RoPT1jLmxlbmd0aC0xKWZvcihhPTE7YTxjLmxlbmd0aDsrK2EpZz1jW2FdLGcudXJsfHwoZy51cmw9Yi5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnNbYS0KMV18fCIiLGcuaD0hMCk7Yj1uZXcgdShoLmxvY2F0aW9uLmhyZWYsITEpO2c9bnVsbDtmb3IoZD1hPWMubGVuZ3RoLTE7MDw9ZDstLWQpaWYoZj1jW2RdLCFnJiZyLnRlc3QoZi51cmwpJiYoZz1mKSxmLnVybCYmIWYuaCl7Yj1mO2JyZWFrfWc9bnVsbDtkPWMubGVuZ3RoJiZjW2FdLnVybDswIT1iLmRlcHRoJiZkJiYoZz1jW2FdKTtjPW5ldyB2KGIsZyk7cmV0dXJuIGMuZz9jLmcudXJsOmMuaS51cmx9ZnVuY3Rpb24gdihhLGMpe3RoaXMuaT1hO3RoaXMuZz1jfWZ1bmN0aW9uIHUoYSxjKXt0aGlzLnVybD1hO3RoaXMuaD0hIWM7dGhpcy5kZXB0aD1udWxsfTtmdW5jdGlvbiB3KCl7dmFyIGE9dCgpLGM9YS5pbmRleE9mKCI_Iik7c2V0VGltZW91dChmdW5jdGlvbigpe3ZhciBkPXZvaWQgMD09PWQ_LjAxOmQ7aWYoIShNYXRoLnJhbmRvbSgpPmQpKXt2YXIgYj1xKCk7Yj0iaHR0cHM6Ly8iKyhiJiYidHJ1ZSI9PT1iLmdldEF0dHJpYnV0ZSgiZGF0YS1qYy1yY2QiKT8icGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi1jbi5jb20iOiJwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbSIpKyIvcGFnZWFkL2dlbl8yMDQ_aWQ9amNhJmpjPTc3JnZlcnNpb249Ijt2YXIgZT0oZT1xKCkpJiZlLmdldEF0dHJpYnV0ZSgiZGF0YS1qYy12ZXJzaW9uIil8fCJ1bmtub3duIjtkPWIrZSsiJnNhbXBsZT0iK2Q7Yj13aW5kb3c7dmFyIGY9dm9pZCAwPT09Zj8hMTpmO2lmKGU9Yi5uYXZpZ2F0b3IpZT1iLm5hdmlnYXRvci51c2VyQWdlbnQsZT0vQ2hyb21lLy50ZXN0KGUpJiYhL0VkZ2UvLnRlc3QoZSk_ITA6ITE7ZSYmYi5uYXZpZ2F0b3Iuc2VuZEJlYWNvbj8KYi5uYXZpZ2F0b3Iuc2VuZEJlYWNvbihkKTpwKGIsZCx2b2lkIDA9PT1mPyExOmYpfX0sMCk7cmV0dXJuIDA8PWM_YS5zdWJzdHJpbmcoMCxjKTphfXdpbmRvdy5yZmw9ZnVuY3Rpb24oKXtyZXR1cm4gZW5jb2RlVVJJQ29tcG9uZW50KHcoKSl9O30pLmNhbGwodGhpcyk7Cjwvc2NyaXB0PvICyQIKCkVYVFJBX1RBR1MSugI8ZGl2IHN0eWxlPSJwb3NpdGlvbjogYWJzb2x1dGU7IGxlZnQ6IDBweDsgdG9wOiAwcHg7IHZpc2liaWxpdHk6IGhpZGRlbjsiPjxpbWcgc3JjPSJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9nZW5fMjA0P2lkPWF3YmlkJmF3YmlkX2I9QUtBbWYtQTFQb2FHQXd0WGwycUVrSW9NakhsSFYwN2EyNF95bV9LTDhkSTJDS1F1TTk5UFF4VGZqaFhFUTNmc3JxQlR6VGVhenI0amliYkc5OXZRLXZqcGRhNWVmR0g5clEiIGJvcmRlcj0wIHdpZHRoPTEgaGVpZ2h0PTEgYWx0PSIiIHN0eWxlPSJkaXNwbGF5Om5vbmUiPjwvZGl2PvICmgEKDFBPU1RfU0NSSVBUUxKJATxzY3JpcHQgc3JjPSJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQveGJmZV9iYWNrZmlsbC5qcyI-PC9zY3JpcHQ-PHNjcmlwdD4oZnVuY3Rpb24oKSB7cjNweCgnMTU0NzY5NjkxMScpO30pKCk7PC9zY3JpcHQ-8gK6EgoQSE9TVF9QT1JUX1BBUkFNUxKlEmh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZGZldGNoP2Fkaz0xODMyNDk0MTEzJmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD03Mjh4OTBfYXMmaXA9MjE3LjY0LjE1MS4yOCZvdXRwdXQ9aHRtbCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJnVybD1odHRwczovL3d3dy5hcGtoZXJlLmNvbS9kb4IaDvSACSZzdWJfY2xpZW50PWJpZGRlci0zMDU2NDQ3JmhsPWRlJmFjZWlkPU1FWGhNd0IxRjdRQS1WVTBBZnBZTkFFdVl6UUJkR1UwQWFoMU5BSEFkVFFCYUhjMEFRMTROQUdiZURRQlpYbzBBZlI2TkFFSmV6UUJuSHMwQWJ4N05BSHBlelFCN0hzMEFSeDhOQUV0ZkRRQkxudzBBVDU4TkFGRmZEUUJVWHcwQVZsOE5BRmJmRFFCWG53MEFWOThOQUZoZkRRQmJudzBBWHA4TkFGOWZEUUJnWHcwQVlKOE5BR0ZmRFFCajN3MEFaNThOQUd2ZkRRQnRIdzBBYmQ4TkFGTGMwRUJUWE5CQWYwUTJnRmdIRndDZXZtSUFpZENxZ0lvUXFvQ0tVS3FBaHRFcWdMUFlhb0NmbUtxQXY1NHFnTFBlcW9DOTVxcUFvQ2JxZ0tCbTZvQ2dwdXFBcUdvcWdLcXNLb0NscmlxQXV1OHFnTE96YW9DYTlLcUFoclVxZ0twMUtvQzBkV3FBbFhlcWdMSjRxb0NvT1dxQW9mc3FnTFg4YW9DOV9LcUFrSDRxZ0o0LUtvQ3FmcXFBZ2o3cWdJbS02b0NRdnVxQWpFQXF3SkVBS3NDQ2dXckFxc0Zxd0wyQmFzQ1ZnZXJBaUFJcXdKR0NLc0NiZ21yQW80SnF3TEZDYXNDMmcyckFoMFFxd0t6RUtzQ3NoS3JBa1lUcXdKaEU2c0NhUk9yQWgwVXF3TG9GcXNDTFJlckFrd1lxd0pjR0tzQ09obXJBb1FhcXdKOUc2c0NDeHlyQXF3Y3F3S1FIcXNDb0I2ckF2NGVxd0lDSDZzQ0ZoLXJBcU1mcXdLb0g2c0NXU0NyQXNJZ3F3SmFJYXNDcHlHckFoTWlxd0tJSXFzQ1FTT3JBZ0FrcXdJckpLc0NvaVNyQXRja3F3SmNKcXNDclNhckFzRnNKQVFENTU4TEJZVmlFQ3VzLXhMTTBmc1NSOV83RXZubC14SUo2UHNTVHVyN0VvWDMteEk5LVBzU0NmdjdFbUQtLXhLWV9fc1NuTXNjR1BoV2F4byZleGs9MTU0NzY5NjkxMSZhd2JpZF9jPUFLQW1mLURfOGZmSEVVMDdBUmNKandiYnFUc1hBaG1icmFsRVJqTHI5aDhkWndqNHdCX1ZrSC1sYjhnbzJFRDJJRHNNY1NvNHNLa1FnWmlIV2k3V3pPckl3a183a0ZKdEZzY1VUWnVha3FTNWVZei0yNWw4Z0pSN3pXc1pEMFlMMmg5ZkQ1ZHo4aHozTkJwMFBLSlFMUDNua1c1WTczUlJmaW1UX0RFemNYeU1PSm5VUEhVYmdlcyZhd2JpZF9kPUFLQW1mLUJ4RzRHSzlYX2c0ZFgwcXE3cXFvOHdKbnJOZHppVDItTS1RLWs4ZHFtdUxLaGlyeTRLaVRZN1lVSzh0SHhzd2lYbmQwT0tTQUhSZzl6Ny1NSjNCZUZDVkt2V3dCQ08ySkRNVDdqVXlfMW1maFoyS2VDSThkVVp3TVpoSWQteUxaT012RkF6aWVVRi10SW83akJnUWZCQmN5MERHUGotcjF5blYzSDc4SDI2Z3JJbk9UTjl1TmlyV3dWR2VGa05YRzhxb1BDMHhuOXpMc1NBVXN6VjA1bzI0Nlh3WmVFTHBMMW94cVZCeGo3dGxiUm0xZHNWaW5ZUElTOFdjTnB0Vmt6NVNBemNZb3M3cnNWdFZqN3N4dVZqR2dKaFNYdlhtNi1nTkx0RWNsRmRLUlVyY05tMDgwZXdiUGZ2ZEJsczRqY2Zma2pGejlYd0VXNElJbG5jMUw4Mm1fVnNxU3l6dzlHVUpGWC1nM2xCTHFLVUFPM2ZRWUJ5bEhLT183NDliWDZpUWhKX2MwSXdvOEdRenYzZ1VsWk41ei1UN1JfWXY3ODBPNjM1WVRfR0JrX0NJN0lFQ0wwTzR6djhLc09NTi1nWUFwWVB0d1BGdnhqMGFlTGI0UUpTSmdoa1Q1djhvdF9NNnFsN3MxZVpjbm8wWW9QTS1RS19TVlJSYlhyQXVOTXB0U2FOLS1wOVlpUmVQN0txaFBaZnpHdlRtUERRUFFGM2IyelFkTG5NN1VKLTEwZGdEa1BOa19Ebnh5SlVVOFJHdk9iSXRERFp6TF9JSXNZYmpzM2NRV2ZXbUJoaXN6REtpV1FrUU1NeDdGV2dleW5lUy1RWjZlcVFtRjhYaFVodXBjM0Jqdi1QdVVjeVVfZW9KbHRfWjJjMWg1amx0Z2RyZjhuLVl3aUV0REt3RU5vMFhlVVNmN25BVmhJcWlGNlVCQkNPZ25MbEp4cjdtZG05S3ZfVmJtNFNMYWVLRE5mT0FYR0dfdF9Qem5zTkVyVXNjekRpdXYxLVpjQmNBWlo1QldsVjM5ZW8tbktiTUFNZnlQdHNGTm1uQ0htUmZHdnNSVWtUNTBUTmY4dFAyRzd0YWRiT1RFZEVsNnRVUWN1dTVDOEdwdlVtNi0yVHVBMUpxSGVRWTMyWDl1ZlBMU3laY2R5MXhWX2pzbmdjQzlPU2JVWjZ6TkdacVFLZjNRTGtrWGxNdWVDMDF0dkhBeE1GcldIRmJjZnlGcEtyLThrd05MY0NTbWs2Y3U3UVFiYUhPQ0kxdlB5MHFlX1V0clFpTjdNZjZFTFcxQ2NtTWRTQXBnRXZhZUVER1JWUnp0VkpWT0NlM2xkLWliOU9lMWtaUGpvZjhhMFlCOHh3TjRFVEo2M05rRVdpbk02LTlkUjNWTWI2MVR0LVVnJmNpZD1DQUFTQk9Sb05MZyZhX2NpZD2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOFhaUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTIxNy42NC4xNTEuMjioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAFisX29I7LvuFHwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFzJAl-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEwNjE1NzE5Mjc5NroHDwgAEAAYACAAMAA4vQZAAMgH_tUF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AeH4wKKCAIQAJUIAACAP5gIAQ..&s=d9b3c1fe1a07b214f91f58c9162422d1439ff10f&bdref=https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid,https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid,https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid&

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/bsa/blocking_script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:02:56 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1fb5ca85-8c72-40e7-ad4e-1ed714e93e6f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame EFA2 99 KB
34 KB 121ms
87ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

474b4be4299aed1815a78b1b9adcf144913510a3a5f1497e8e457caec8884de2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 11 Aug 2022 02:02:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34475
x-xss-protection: 0

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 6321 0
837 B 17ms
17ms Ping
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid&e=wqT_3QKoBugoAwAAAwDWAAUBCM7G0ZcGEJCp7LrV9va7eRgAKjYJVrYPecvVrz8RwMjLmljgpz8ZAAAAgML12D8hwA0SACkRJMgxAAAAQOF6pD8w-vrKDDjKQUDlHkhlUKeiyyVYmNVSYABoz_hreP7VBYABAYoBA1VTRJIFBvB9mAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACn_A_6gI7aHR0cHM6Ly93d3cuYXBraGVyZS5jb20vZG93bi9jb20uc2NvdHRnYW1lcy5mbmFmM18xLjA3X3BhaWSAAwCIAwGQAwCYAxegAwGqA-oBCr8BEVFkcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi4BXwkeRC9nZW5fMjA0P2lkPWF3YmlkJgUG9GkBX2I9QUtBbWYtQmJUekpPUW9YVjNOdDQwdUxLM05sd05NT1B1Z2JGZDl2YlNXVm9OeWlEVE9PaGtSY1VrVE5KNEl0dFRoaWs2a1RaeUxsZDhINnRucjJWM2VmUWpHME04c1ZLMWcmcHI9MTA6JHtBVUNUSU9OX1BSSUNFfRoTODc1MjcwNTk3MjcxODk5ODY3MiIINzg4Mjc4MTUqBDM5NDE6ATDAA6wCyAMA2AOFhaUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTIxNy42NC4xNTEuMjioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAFisX29I7LvuFHwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFzJAl-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAFFgkBoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEwNjE1NzE5Mjc5NroHDwgAASlEIAAwADi9BkAAyAf-1QXSBw0JCUUAAAVHCNoHBgknaOAHAOoHAggA8AeH4wKKCAIQAJUIAACAP5gIAQ..&s=761741aa600840e07a826bc145a2723c9b5f84af&type=nv&nvt=5&jm=1003&px=436&py=1100&bw=728&bh=90&sid=3022425531374422064&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26393978&sw=1600&sh=1200&pw=1600&ph=1200&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:02:56 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 45f3ff7a-5b0c-4875-9e4b-557656b80576
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.apkhere.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EFA2 8 KB
1 KB 63ms
25ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 00:39:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 02:02:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 02:02:56 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame EFA2 2 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/load_preloaded_resource.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623cd019389b2c8dcd7a61982ff834b85f6082663474f08b784e07f0c3fb954d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:23:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1202
x-xss-protection: 0
server: cafe
etag: 10137335727447750368
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:23:08 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame EFA2 30 KB
12 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11825
x-xss-protection: 0
server: cafe
etag: 9647346768486398696
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:08:52 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame EFA2 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 23:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
server: cafe
etag: 17826921741551292351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Aug 2022 23:37:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EFA2 140 KB
43 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 02:02:56 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame EFA2 26 KB
10 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99bb23e517678ec44a603b7f053a410e97e715649dd196400a5c444a3fdae6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10272
x-xss-protection: 0
server: cafe
etag: 176313366917465162
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:02:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EFA2 0
0 23ms
22ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfG6DAg8_H1SKA8e2diBYaXJ2aNuvWbWd4JKyvwpjeTrzjVMd9TgCYZqZsO5-hs8lSfeUM22eVonXBwGABFcCBDuXQTQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 8ab3c530fd8e92b79021f3068786d509.js Show response
www.gstatic.com/mysidia/ Frame EFA2 42 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ab3c530fd8e92b79021f3068786d509.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

125e014d00c3569891c3689625973016278837e431c2f029728552316e38d4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16306
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 21:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 22:31:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EFA2 0
17 B 60ms
60ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6k5xTmP0YtHMLfHKmLAP6ri3-Aq-5tmRaO_Eh4vvDr-7wbjBCRABIOaX1iVglYKAgLQHoAHw9u6RA8gBAakCf0dtY2FIsT6oAwHIA8sEqgTdAU_QvaavEXUdbpYxtPitSdBO3buEurb3bN9yoDFLuXiLAi8s1p1TSdhYug9VEJhTPtnwy_IRKLE4v7gKOtVR1Qk1jQy9WeZz46nLgJSm2vcDyEvIyCrRUkSBmKFpt_v5N9heimlr6U0LedIyhz7n6bz0K9BYGfPk3uZDTAuEEqpBjryx3oRWVmP8fvDRd1FGjoMEaorWI7j9qW1pC6_LEy2XSNtdlfcAXjtTJAKKnyWwsGuR9JfIvvJqzDb3oej5yTQC7oFc0bFj_1EtNcUgQxNTkIWjsNBK3_OXLnzMwATc7Ni7iwOSBQQIBBgBkgUECAUYBIAH-IiRbqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB0ggRCIDhgBAQARgAMgKqAjoCgEDyCA5iaWRkZXItMzA1NjQ0N4AKBMgLAdgTDIgUEdAVAYAXAbIXCAoGCAASABgA&sigh=mqMDm07mBBk&uach_m=[UACH]&pr=10:0.062178&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Aug 2022 02:02:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FD36 143 B
163 B 15ms
15ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 01:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EFA2 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541d2a2bd4661606f0f995ac451e3db0366d537974faac0df4bad8daa426c2a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame EFA2 28 KB
28 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 19562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 20:36:54 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FD36
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

32ms
32ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:02:56 GMT
expires: Thu, 11 Aug 2022 02:02:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:02:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame 455F 36 KB
14 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: www.apkhere.com
URL: https://www.apkhere.com/down/com.scottgames.fnaf3_1.07_paid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 17:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 17:58:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
53ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080401&jk=4071463549446536&bg=!-fql-r7NAAZGjrx1Zo47ACkAdvg8WgDYSJDeqftk9-n6Dco5ia_X4CqoS5rW95jSUQpjiGRdNUsytQIAAACZUgAAAAJoAQeZAtI7WRpFcIJ1wd3TpNtiLiKyojeAFSl9908S1ZbTWfsxzrQSa2DTpKp9j2FS2_DHNUCxC-y1dO84fJuizfpkApsKb8z4U0ajcQ-r3sHc0GbhAMB5hzOgBcCIkYxjzWW8obr5lJyU7uC5sP0WhBnpgjZiehSM_1rNBzDytoFwfW1SW1tq0qUPvuD_m7kknf8W_KRfEr3Fy_cFa4I6n-LvPCJbJxISc6RTntcrGNb1AEpsYEuFpJCOiR4Ra9Hmd9YdJNVZhpD2-sOfR7yji3I8aZ-sx4DxwIFQAm8uGRd4MJqO9xoEuDGAk9nogClmf7HLlXiuYJkrbUBNm2kWgnYs-ZLr8OWlBCzFdcoL3WTWvefscBbeKPmuxAG3jKY3sMBSFfTBqYxge5k21hzVL7deJRajIYelIYot5NWyevOknoKtoceYHL8i6amg9jFGDo8Rf6h36V1cZGzrifioP7sZ5ombIyrC_cK6m326SUGlbPu5GpuSa7G6g-xKBW3CVSoM-AuFVI5mOqCMt7g4ZRHI1bsqpYsd5W2wu1WWKJz1tpZ8NPXAHFv0skC_Zj1uyPChbFTZZP03btnK5LX7LeogXoqcMxVmjJg_No_8HCdIa2jlCKa0Ffw8Hlnqu52CDQvXBP6t-_miMRR6lp4NkTOi7KqDNZTeN27Q47_gu5Xrn_VRkDbeoQQGGDS1cp_P1meBk8Cl46oQiP4MxjjwaROJBlJ9Q8wib_BRVTL9Dmk5fKhZhiib7a9ogSt3BN_IKGCftFrD8vPss2KwZDhBuh9pjzHEXX4McGj4HNp62dOAfNGavA4UVd1r4W3O6Jaj9az6PulnRYbhbdA34dqMqwzkFrZKe3zdxUPSLJKGlYlnsC-Owy6oZqafFCCuFvBqm1h8h_jzaamuHGV5j9AAec9YWV5NB-IQMZHsyzlL1qO0k6hmWJVoYQZXEWa8uCAHcYXTz4wTfA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 128ms
26ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:57 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Aug 2022 02:02:57 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7A87 15 KB
6 KB 99ms
31ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.apkhere.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apkhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:02:56 GMT
server-processing-duration-in-ticks: 2315
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 75ms
26ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:02:57 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Aug 2022 02:02:57 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7A87
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=apkhere.com&sn=ChromeSyncframe&so=0&topUrl=www.apkhere.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=3vvhs3x3WklMb0hhUUg4VXljYjBZdjNrMHVOWWtUWGh0NTJ5QUU2UE02clBZSUxnblI0QUZ6VW1iZEtEdnhaMjg0SitncjlGMCt5dHVuM2lVYW52cFN5MUJ0dE16cmtQZVJoWmlIUlY1QWN4L3R3VkxYK2p3TDUzVnp0ZG...

427 B
625 B

139ms
26ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3vvhs3x3WklMb0hhUUg4VXljYjBZdjNrMHVOWWtUWGh0NTJ5QUU2UE02clBZSUxnblI0QUZ6VW1iZEtEdnhaMjg0SitncjlGMCt5dHVuM2lVYW52cFN5MUJ0dE16cmtQZVJoWmlIUlY1QWN4L3R3VkxYK2p3TDUzVnp0ZGtINmZpUkhjQlM2MU9NU29oZjZIL0ZqbEJLVkk5MmJYTzFEb0hmR3REdmFIQWFyaFlVbndXenM1T0F6U0l6VDV1eUc1UjJuZE9ndU1heUZwUDR2Mzdjb1ArOVRReUtaeXhSZWNVS3ZWSGtubzhicUVSRDA0N0FBK2ZwL3M3aDRFbVV3bnJUcTI0NTlTOTIvbmxMMjR0NmlFU0ZtNjJvQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

087f462bb429453d8613d369e37b91d8eac089322ff4fe221884ee2b3de71b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:02:57 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 6199
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:02:57 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=3vvhs3x3WklMb0hhUUg4VXljYjBZdjNrMHVOWWtUWGh0NTJ5QUU2UE02clBZSUxnblI0QUZ6VW1iZEtEdnhaMjg0SitncjlGMCt5dHVuM2lVYW52cFN5MUJ0dE16cmtQZVJoWmlIUlY1QWN4L3R3VkxYK2p3TDUzVnp0ZGtINmZpUkhjQlM2MU9NU29oZjZIL0ZqbEJLVkk5MmJYTzFEb0hmR3REdmFIQWFyaFlVbndXenM1T0F6U0l6VDV1eUc1UjJuZE9ndU1heUZwUDR2Mzdjb1ArOVRReUtaeXhSZWNVS3ZWSGtubzhicUVSRDA0N0FBK2ZwL3M3aDRFbVV3bnJUcTI0NTlTOTIvbmxMMjR0NmlFU0ZtNjJvQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1650
content-length: 541
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BB03 42 B
64 B 84ms
50ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscOjR_KVspilzQ3PdDnnrpj-DKnAtsxtUp1kvkHvBarvV9PxEm6GxkkH7O8wurlD8yqwUzlfgbcdwSiRh4yW4JRaxnollqeab5ou5BAAHpWpt-MZv4&sig=Cg0ArKJSzHOICfExJSuxEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220808&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=494918668&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660183376163&rpt=336&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:02:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 6321 0
837 B 17ms
16ms Ping
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid&e=wqT_3QKoBugoAwAAAwDWAAUBCM7G0ZcGEJCp7LrV9va7eRgAKjYJVrYPecvVrz8RwMjLmljgpz8ZAAAAgML12D8hwA0SACkRJMgxAAAAQOF6pD8w-vrKDDjKQUDlHkhlUKeiyyVYmNVSYABoz_hreP7VBYABAYoBA1VTRJIFBvB9mAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACn_A_6gI7aHR0cHM6Ly93d3cuYXBraGVyZS5jb20vZG93bi9jb20uc2NvdHRnYW1lcy5mbmFmM18xLjA3X3BhaWSAAwCIAwGQAwCYAxegAwGqA-oBCr8BEVFkcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi4BXwkeRC9nZW5fMjA0P2lkPWF3YmlkJgUG9GkBX2I9QUtBbWYtQmJUekpPUW9YVjNOdDQwdUxLM05sd05NT1B1Z2JGZDl2YlNXVm9OeWlEVE9PaGtSY1VrVE5KNEl0dFRoaWs2a1RaeUxsZDhINnRucjJWM2VmUWpHME04c1ZLMWcmcHI9MTA6JHtBVUNUSU9OX1BSSUNFfRoTODc1MjcwNTk3MjcxODk5ODY3MiIINzg4Mjc4MTUqBDM5NDE6ATDAA6wCyAMA2AOFhaUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTIxNy42NC4xNTEuMjioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAFisX29I7LvuFHwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFzJAl-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAFFgkBoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEwNjE1NzE5Mjc5NroHDwgAASlEIAAwADi9BkAAyAf-1QXSBw0JCUUAAAVHCNoHBgknaOAHAOoHAggA8AeH4wKKCAIQAJUIAACAP5gIAQ..&s=761741aa600840e07a826bc145a2723c9b5f84af&type=pv&jm=1003&px=436&py=1100&bw=728&bh=90&sf=1&sid=3022425531374422064&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26393978&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:02:57 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b1c35a6f-7fc8-402e-a259-5cc984f4ae98
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.apkhere.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EFA2 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7aEyjqDmj1RSYIpok9QfFK-3CQyNT4A9NVmAP3nLH2yE_OQQEfFaoq1xC5W6LpKgyvjFByJs9TZZjfQy04gU2k9lfanM3UVS5p9qDJSR04JdtP4o2QuBzSBKG7thqbYpOUkpG17GowN3j&sig=Cg0ArKJSzKVucKTJ8XSfEAE&cid=CAASF-RoJGTtI3JJjiOX6nRsuy6tHzD4r5Y5&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1832494113&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660183376543&rpt=451&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:02:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 6127 0
0 16ms
16ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1660183374710

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.apkhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 510F 0
91 B 30ms
24ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 11 Aug 2022 02:02:58 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5B85 52 KB
17 KB 102ms
25ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.apkhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 11 Aug 2022 02:02:59 GMT
ETag: "623de86a-cf34"
Expires: Fri, 12 Aug 2022 02:03:01 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D8B1 15 KB
6 KB 82ms
23ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.apkhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=83380
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:02:59 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 12 Aug 2022 01:12:39 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 162A 9 KB
4 KB 99ms
15ms Document
text/html 18.66.112.30

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.30 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82e3811cdfceb32fce78d37685ff4189f3927def60304312c3519603939f0ba8

Request headers

Referer: https://www.apkhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 137458
cache-control: max-age=345600
content-encoding: br
content-type: text/html
date: Tue, 09 Aug 2022 11:52:02 GMT
etag: W/"dded7396fbe6d087909057448e1ad0c8"
last-modified: Tue, 26 Jul 2022 15:11:15 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id: tUY1TC_aJLGcNy0g1H8rHV64h_cl2i--UjMDu_Jq1v_NJ9G8G9IK8g==
x-amz-cf-pop: FRA56-P5
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:37f5e49a-fa66-49da-8441-dd45098ed05e
x-amz-meta-codebuild-content-md5: b40e23c2c399349f8349f9ae9edec2ec
x-amz-meta-codebuild-content-sha256: 495aaab93a2848b45bf77774751801430fcd8a0741179b148bb54de4435f2b80
x-cache: Hit from cloudfront

GET
H2 200 iframe Show response
mantodea.mantisadnetwork.com/prebid/ Frame EC57 260 B
497 B 106ms
106ms Document
text/html 34.224.253.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1660183375026&secure=true&version=9&title=Herunterladen%20Five%20Nights%20at%20Freddy%27s%203%201.07%20apk%20paid%20-%20ApkHere.com&url=https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/apkhere.js?1660183200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.253.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-253-29.compute-1.amazonaws.com
Software: / Express
Resource Hash: 2d5b50d12b5f7493f6d0a2817df47930d0024155afcfde5db684947be496bc25

Request headers

Referer: https://www.apkhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: private, no-cache, no-store, must-revalidate
content-length: 260
content-type: text/html; charset=utf-8
date: Thu, 11 Aug 2022 02:02:59 GMT
etag: W/"104-1McC+binxaacYP8xNao0vWgpmiU"
expires: -1
pragma: no-cache
vary: Origin
x-powered-by: Express

GET
H2 204 /
onetag-sys.com/usync/ 0
38 B 16ms
16ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.apkhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store

GET PugMaster
image6.pubmatic.com/AdServer/ Frame D8B1 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B81C 15 KB
6 KB 23ms
22ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=83380
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:02:59 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 12 Aug 2022 01:12:39 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET 13926
g2.gumgum.com/usync/ Frame E8B1 0
0

GET
H2 204 /
onetag-sys.com/usync/ Frame 0E29 0
0 16ms
16ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET sync
ssbsync.smartadserver.com/api/ Frame 0EA6 0
0

GET usermatch
ssum-sec.casalemedia.com/ Frame 6FA7 0
0

GET sync.php
pixel.rubiconproject.com/exchange/ Frame 162A 0
0

GET

sync
ads.servenobid.com/ Frame 162A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=8976699090832640064

0
0

GET merge
ce.lijit.com/ Frame 162A 0
0

GET pixel
ap.lijit.com/ Frame 162A 0
0

GET getuid
x.yieldlift.com/ Frame 162A 0
0

GET rmpssp
sync.1rx.io/usersync2/ Frame 162A 0
0

GET cm
p.rfihub.com/ Frame 162A 0
0

GET usa
sync.go.sonobi.com/ Frame 162A 0
0

GET 0
prebid.a-mo.net/cchain/ Frame 162A 0
0

GET occ
ups.analytics.yahoo.com/ups/58559/ Frame 162A 0
0

GET redirectuser
ssp.disqus.com/ Frame 162A 0
0

GET occ
ups.analytics.yahoo.com/ups/58632/ Frame 162A 0
0

GET fltiu.js
pixel.yabidos.com/ Frame EC57 0
0

GET generic
match.adsrvr.org/track/cmf/ Frame EC57 0
0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5B85 0
743 B 27ms
15ms Script
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 02:02:59 GMT
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 690d1e33-ac1f-4e16-b55f-cb0e128ba34c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46158175&p=161102&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=312&uid=8976699090832640064

Domain: ce.lijit.com
URL: https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID

Domain: x.yieldlift.com
URL: https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?pub=44007&in=1

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58559/occ

Domain: ssp.disqus.com
URL: https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58632/occ

Domain: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=www.apkhere.com

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 09:28:55	Name: _GRECAPTCHA Value: 09AMjm62Xbg_r5AXvvRO7a7IDEhnB7JSjBhrjNzVJd845Bb40Qxlgt5jASiJqDXN44vDNuo_dOhe24bdAiniues7U
m.apkhere.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ksd62fm9g1al706idtu68ng771
www.apkhere.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 05fftjhrup89p5760q5p2ad4i3
.apkhere.com/	1970-01-20 14:45:43	Name: _ga Value: GA1.2.798044068.1660183374
.apkhere.com/	1970-01-20 05:11:09	Name: _gid Value: GA1.2.1230804486.1660183374
.apkhere.com/	1970-01-20 05:09:43	Name: _gat Value: 1
.adnxs.com/	1970-01-20 07:19:19	Name: icu Value: ChgIvahBEAoYASABKAEwzsbRlwY4AUABSAEQzsbRlwYYAA..
.adnxs.com/	1970-01-20 07:19:19	Name: uuid2 Value: 8976699090832640064
.apkhere.com/	1970-01-20 14:31:19	Name: __gads Value: ID=2f4b434f0a3bb8fb-22c19e5fedcd005e:T=1660183376:S=ALNI_MZkBYRyCjXv8LctB0gUpYfYymYsww
.doubleclick.net/	1970-01-20 14:31:19	Name: IDE Value: AHWqTUk7DIunCznwxNzp995kYbcXoCsiXDwFDyiwFW-UBRy83sz7sBxWbJkZDGJRAN8
.doubleclick.net/	1970-01-20 05:09:46	Name: DSID Value: NO_DATA
.criteo.com/	1970-01-20 14:31:19	Name: uid Value: 277cf95f-cc20-4dd5-96a0-f2e1ccf70c82
.apkhere.com/	1970-01-20 14:31:19	Name: cto_bundle Value: roNucF9UQ1lnRVUwJTJCNFBFdXQwd3hIcUxycVNGRkpLdXlBTnlWUFFaTlQyZENUdkFBWElmVGJBemVWTjlsSTFZQ2Nnb1lmRENtMG9aYVFsZUNzaThxTDdxV3ZRaGsyRUZtMk5DdyUyQnI2TWElMkZEVWklMkZTMWQ1YWtMWHRPRTQlMkZ1VkoyTzdNZGxoWVl3aEdBRmVtMXNkM0JoalA4aEJBJTNEJTNE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1660183374607&secure=true&version=9&title=Herunterladen%20Five%20Nights%20at%20Freddy%27s%203%201.07%20apk%20paid%20-%20ApkHere.com&url=https%3A%2F%2Fwww.apkhere.com%2Fdown%2Fcom.scottgames.fnaf3_1.07_paid&measurable=true&bids[0][bidId]=1267bc3c59040c4&bids[0][config][property]=APKHere&bids[0][config][zone]=Apkhere_S2S_FixedFooter_ROS&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&property=APKHere&foo Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

629360e506d8cc634ad590e69130197f.safeframe.googlesyndication.com
acdn.adnxs.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ap.lijit.com
bidder.criteo.com
btlr.sharethrough.com
buysellads-d.openx.net
c2shb.ssp.yahoo.com
cdn.adnxs.com
cdn.jsdelivr.net
cdn4.buysellads.net
ce.lijit.com
data.apkhere.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
g2.gumgum.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
image6.pubmatic.com
m.apkhere.com
mantodea.mantisadnetwork.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.yabidos.com
prebid.a-mo.net
public.servenobid.com
s.apkhere.com
script.4dex.io
securepubads.g.doubleclick.net
srv.buysellads.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.go.sonobi.com
tagan.adlightning.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
www.apkhere.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.yieldlift.com
ads.servenobid.com
ap.lijit.com
ce.lijit.com
g2.gumgum.com
image6.pubmatic.com
match.adsrvr.org
p.rfihub.com
pixel.rubiconproject.com
pixel.yabidos.com
prebid.a-mo.net
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
sync.1rx.io
sync.go.sonobi.com
ups.analytics.yahoo.com
x.yieldlift.com
142.250.184.194
178.250.2.131
178.250.2.146
18.158.191.240
18.66.112.30
18.66.139.100
185.255.84.150
185.64.189.112
23.35.236.188
23.35.236.201
2606:4700:10::ac43:499
2606:4700:20::681a:8a9
2606:4700::6810:5514
2606:4700::6812:372
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9d
2a02:2638:1::13
2a02:2638::3
34.197.60.25
34.224.253.29
34.236.83.94
35.244.159.8
37.252.173.22
37.252.173.62
45.55.47.38
51.75.86.98
94.31.29.32
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
05fdf9059f82368fa058a4fed88c9b56263934d770af68ea301f57f80be88ca6
087f462bb429453d8613d369e37b91d8eac089322ff4fe221884ee2b3de71b62
09d7914481b4c07b6076fb8f8c5b38b08c921d7a3925fef09c66e242ed1d8780
0af2c95fe327a68319793b8515686306ca9f923adee7e03408a21c8abee3faf8
1166e1051e01562449e705273ae117f3fbd5dacc66b469e190ca7f52a3223810
125e014d00c3569891c3689625973016278837e431c2f029728552316e38d4d4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
194eb2d26a33fcf4708d51be9887d4cdcb9653b8566eb00a2fc9f0b9d58586d8
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c082e5ca64fae1f8b2eeba078f2c2597ead8164828c54c8fda5df2e80bc53c4
221d34369f618542873a092445e8a5f1ef7c68f36804a9bbc405433b71febf41
22c85272179e4648650e45027b391431d1f2316a3beffd776bbfaf3984080372
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
2d5b50d12b5f7493f6d0a2817df47930d0024155afcfde5db684947be496bc25
3275566f0d4fa5a27fd970b0c87f5a9dd52983379e138cefa7a422a88bddfd99
33d533cede95a42fc46b7c65654e2cd019dd4ef3233357b326cc015a5aa0ea06
3548902555177f6fa5685ad5b05d61ef50292f7f66c0471aef22ad55905ad58d
3a5f90638a835869f10539cd62cd5b3941d7827738f1fffeb74f2c1084b674c6
3c4aef1c5610fc172a852128a0c228babc432fb45f23ef2748b424a7cc92da21
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f468b1caffffea196bb16d2964a1cd8ae1d1503390ad2f2435202d687d2d562
3fc19ccfa56bdff35e47648e10c559c8473c9c2204e4d7a3fde57eb5dc4e3180
4258b0779c067213b528a81ffe114bec739e680ed83bceb06329a954652e56b5
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
474b4be4299aed1815a78b1b9adcf144913510a3a5f1497e8e457caec8884de2
49e3d3c02d2e66e6d545c98e1249a2de848e7c17c0c676d883e764794eb22021
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
5352720a5ffb778e42dbb1d4b81c975c02018dd660e1fe9c430cbf13dba78762
541d2a2bd4661606f0f995ac451e3db0366d537974faac0df4bad8daa426c2a7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
588e7ffb502faafd9e273358864d56a7a93922b2cff7bc74c2a049a55216441e
591ebeb4b5b90d51f3b375dd787872047bf9c6e8e21e8e0b523bb96891d0dc46
5992eac7f7648e647738efff9f2e7831f69eaec77e5d3724eaee6a90c320059f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c5ec13b0f19febcc6bc5e2ab63aa90eeacedc2522a2052bddbbed8e4e91c45e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623cd019389b2c8dcd7a61982ff834b85f6082663474f08b784e07f0c3fb954d
64ab332019b220556be54c38c656440b9e3f419067bd00d6f46ca4661ce84fe6
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
704e5d3e5afb36b32c02fb7b4ce1a5499c2c7439a1e2acf8699e416336a58e39
715a51f550c1324bbfcbb0b60ade76bc662e3640709cd2bc0d1bde03de233c04
77743d156bbd4d1af7c7f1bc5bb2fbb24e54109f3d595a7cae13afe98757ecb4
77d4281998f29132a8df168a4c251db0373d1a8b7985bfb8ea44c69b49b0f04d
786154249b6626c66e5098ab2164f977327bacbed1b85395d02d1461e9fa5a14
7bf2d88d96dcc7fa23f1d8fb4601da127d2012b0e12f46e42e4e74615ba7f15b
7dc9c8956ff491bb354b7871add423de7bb46503782fbe25ec7a7c4e1c3be8ca
7f12fa8c9dec4d2b9bfca0ab21d9a4dae4d50c01906242ad82e01881e544cfdd
82e3811cdfceb32fce78d37685ff4189f3927def60304312c3519603939f0ba8
84de4595580fb163bf1dca47fd39d63e191fe765891a7e55c4638295c1ceba92
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8eccee7fa621befe970ca3419c1415373b35afe88689598d88d15eb832490253
94d0eb033179b7213bfe201d5b849377aa0e4caf709bea1637492d0f576dcda4
95b702580e59233f79e5ce9f3679af2ea2da954e6fa6f0694c70e6adfd4e6bce
9712072425a7ecff18c5be201a9576d2a12359231c861e04dffc1621f07a7d31
99bb23e517678ec44a603b7f053a410e97e715649dd196400a5c444a3fdae6e2
9bb3fc2999377ca03c85a4303fd3382bf59618a441e267cc3d0c376cf464b455
9e1caa60135159633028996ed6c44a4d2ebcca95678895d1d1b230e0073231ab
9e45a877001102dfd735e4f72c64be86148fd4af4cf6d8034df549b0c94ee19e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fcecf5d137bbb9b72dd9a50a8b3a0681115d0dac1b0d3c7f5140c1f5c88ad5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
bc2607b06ff410dac2cf56ae846c2da2994958af066ecd3d48303f7fa6bffe16
bd38f1ac1bab15900b2e3773af6ba4ba3a55d91a231bc360785a271d34166584
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892
c34a95e494720bb2e32a0a34dd860f7af948c5c7387f8f3f318f1592da9becb5
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805
c9f5325bf2a5a14cdd9285030a7884d00ef106c46db96143e3974acd241de35d
cabeba94738a961f0e3ee62c071f3d3759cb1bc06fad8a9f487bd28586203ba0
ccd30837003ab0bbfc8011fa1b8eb716d97d28b5ef4566c53503bdd2b4a5b6cc
ce4ab8d5a11dcc9959e251498e664465b04eecbf6c79cf64a1a191d03848d572
d04db63884e31b112333ad8b5fa3d8112b3ec4a543487bc5b955d9854aa781d1
dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59
dc8d70327a8ca1e400badb7999d6aeca0872017122ddd6084b00f96cb4bceddd
dcaa66088644354067b7eb339891c382c970144a1d76c105e869ecb82088fedb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3
eba9fe077e08ed616957a57cd915a2ef0bca5f6e6c8ca582768cdc6bd2ab5387
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55f0b715c44657663f8b6d28c404caacf00a4243043917a7b546d8d9f35270d
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f71e7d6c7f1750e5e460bbbf464145ee40052bdd56b8c4324a4eadd11bcfe546
f77f2dc9b6f0795bd37c21453e2f478f8f7160ad3b78ba939e003037405e90d6
fa8ec6dd3e06da95d33d60cc0fb5be08c528ad9722f6bc7f9b2b8d0904588c2a
ffbf7d473c9ebbc594bd488c5d1a31a2bb2cce68b1272095a418e171bbcd7fc4

www.apkhere.com Open in urlscan Pro 2606:4700:10::ac43:499 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

154 Requests

88 %HTTPS

49 %IPv6

38 Domains

59 Subdomains

38 IPs

5 Countries

1923 kBTransfer

4123 kBSize

13 Cookies

14 Outgoing links

Page URL History

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.apkhere.com Open in urlscan Pro
2606:4700:10::ac43:499 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

88 %
HTTPS

49 %
IPv6

38
Domains

59
Subdomains

38
IPs

5
Countries

1923 kB
Transfer

4123 kB
Size

13
Cookies

154 HTTP transactions
2 data transactions