urlscan.io logo urlscan.io
SecurityTrails logo

payback-2-the-battle-sandbox.en.softonic.com Open in urlscan Pro
35.227.233.104  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://payback-2-the-battle-sandbox.en.softonic.com/
Effective URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Submission: On June 16 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 66 IPs in 8 countries across 66 domains to perform 234 HTTP transactions. The main IP is 35.227.233.104, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is payback-2-the-battle-sandbox.en.softonic.com.
TLS certificate: Issued by Don Dominio / MrDomain RSA DV CA on December 23rd 2022. Valid for: a year.
This is the only time payback-2-the-battle-sandbox.en.softonic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 35.227.233.104 15169 (GOOGLE)
2 2600:9000:251... 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
1 2620:100:a001::4 19750 (AS-CRITEO)
14 151.101.129.91 54113 (FASTLY)
34 2600:1400:d:4... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 23.77.173.185 16625 (AKAMAI-AS)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
3 6 64.202.112.63 22075 (AS-OUTBRAIN)
1 108.138.106.49 16509 (AMAZON-02)
1 13.225.224.171 16509 (AMAZON-02)
3 108.138.107.138 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2600:9000:251... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 162.19.138.118 16276 (OVH)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 18.164.96.77 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.65.198 15169 (GOOGLE)
2 18.164.107.227 16509 (AMAZON-02)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 141.95.98.65 16276 (OVH)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2600:9000:251... 16509 (AMAZON-02)
1 108.138.128.34 16509 (AMAZON-02)
1 104.18.35.34 13335 (CLOUDFLAR...)
9 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 130.211.23.194 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 14 52.46.151.131 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 35.190.39.111 15169 (GOOGLE)
7 65.108.134.244 24940 (HETZNER-AS)
1 3.92.38.212 14618 (AMAZON-AES)
4 4 199.127.204.171 26120 (RHYTHMONE)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
1 52.1.59.237 14618 (AMAZON-AES)
2 10 192.40.39.223 27381 (CASALE-MEDIA)
2 23.77.173.8 16625 (AKAMAI-AS)
4 52.116.53.150 36351 (SOFTLAYER)
1 2607:f8b0:400... 15169 (GOOGLE)
4 184.28.206.17 16625 (AKAMAI-AS)
2 5 34.98.64.218 396982 (GOOGLE-CL...)
2 2 23.105.12.170 30633 (LEASEWEB-...)
2 2 35.71.139.29 16509 (AMAZON-02)
4 4 68.67.161.208 29990 (ASN-APPNEX)
1 19 52.207.45.55 14618 (AMAZON-AES)
5 6 35.211.178.172 15169 (GOOGLE)
2 2 52.86.34.19 14618 (AMAZON-AES)
1 1 44.194.73.244 14618 (AMAZON-AES)
2 2 64.202.112.191 23352 (SERVERCEN...)
1 1 23.197.21.62 16625 (AKAMAI-AS)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 1 35.211.118.13 15169 (GOOGLE)
3 3 34.111.113.62 396982 (GOOGLE-CL...)
7 7 15.197.193.217 16509 (AMAZON-02)
2 3 2600:1f18:4e9... 14618 (AMAZON-AES)
1 1 54.172.162.57 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 34.199.137.96 14618 (AMAZON-AES)
5 9 142.250.80.98 15169 (GOOGLE)
2 2 216.200.232.253 30419 (MEDIAMATH...)
2 2 151.101.130.49 54113 (FASTLY)
1 1 124.146.215.44 2514 (INFOSPHER...)
1 1 80.77.87.162 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 104.127.84.215 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
7 11 69.173.151.100 26667 (RUBICONPR...)
1 1 8.43.72.98 26667 (RUBICONPR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 67.220.226.234 16509 (AMAZON-02)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 74.119.119.150 19750 (AS-CRITEO)
1 74.119.119.139 19750 (AS-CRITEO)
234 66
6    35.227.233.104 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 104.233.227.35.bc.googleusercontent.com
payback-2-the-battle-sandbox.en.softonic.com
softonic.com
2    2600:9000:2510:bc00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
4    2607:f8b0:4006:820::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    2607:f8b0:4006:824::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
8    2607:f8b0:4006:81c::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
14    151.101.129.91 (United States)

ASN54113 (FASTLY, US)
sc.sftcdn.net
34    2600:1400:d:4a6::29cc (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
images.sftcdn.net
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    23.77.173.185 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-173-185.deploy.static.akamaitechnologies.com
amplify.outbrain.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
6    64.202.112.63 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
sync.outbrain.com
1    108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net
static.hotjar.com
1    13.225.224.171 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-224-171.jfk51.r.cloudfront.net
www.datadoghq-browser-agent.com
3    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    2600:9000:2512:9600:d:2044:5c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.privacy-center.org
1    2607:f8b0:4006:823::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
3    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    18.164.96.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-77.jfk50.r.cloudfront.net
script.hotjar.com
5    2607:f8b0:4006:80c::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
www.googletagservices.com
2    2607:f8b0:4006:80f::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.65.198 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net
ad.doubleclick.net
2    18.164.107.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-107-227.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
1    2606:4700:e2::ac40:8004 (United States)

ASN13335 (CLOUDFLARENET, US)
oth2kklpqszcjh2u2.ay.delivery
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2600:9000:2511:5400:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    108.138.128.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-34.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    104.18.35.34 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
9    2607:f8b0:4006:817::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    2607:f8b0:4006:80d::2010 (Flushing, United States)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
14    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2607:f8b0:4006:820::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    2607:f8b0:4006:806::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
1    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
7    65.108.134.244 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.134.108.65.clients.your-server.de
api.assertcom.de
1    3.92.38.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-38-212.compute-1.amazonaws.com
bcp.crwdcntrl.net
4    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    52.1.59.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-59-237.compute-1.amazonaws.com
rtb.gumgum.com
10    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    23.77.173.8 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-173-8.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    52.116.53.150 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 96.35.7434.ip4.static.sl-reverse.com
8proof.com
1    2607:f8b0:4006:81c::200a (Flushing, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    184.28.206.17 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-206-17.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    23.105.12.170 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
4    68.67.161.208 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
19    52.207.45.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-45-55.compute-1.amazonaws.com
usersync.gumgum.com
6    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    52.86.34.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-34-19.compute-1.amazonaws.com
ads.avct.cloud
1    44.194.73.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-73-244.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    64.202.112.191 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    23.197.21.62 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-21-62.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    35.211.118.13 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
7    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    2600:1f18:4e9:5a07:38d4:5f6b:456c:5f55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    54.172.162.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-162-57.compute-1.amazonaws.com
sync.ipredictive.com
1    2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    34.199.137.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-137-96.compute-1.amazonaws.com
ad.360yield.com
9    142.250.80.98 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
cm.g.doubleclick.net
2    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    124.146.215.44 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    104.127.84.215 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-84-215.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    2607:f8b0:4006:821::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
11    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    2607:f8b0:4006:80d::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    67.220.226.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
sslwidget.criteo.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
Apex Domain
Subdomains		 Transfer
48 sftcdn.net
sc.sftcdn.net — Cisco Umbrella Rank: 102902
images.sftcdn.net — Cisco Umbrella Rank: 99881
279 KB
25 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
ad.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 124
cm.g.doubleclick.net — Cisco Umbrella Rank: 244
183 KB
20 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1673
usersync.gumgum.com — Cisco Umbrella Rank: 2018
6 KB
20 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 357
aax.amazon-adsystem.com — Cisco Umbrella Rank: 444
s.amazon-adsystem.com — Cisco Umbrella Rank: 337
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1032
74 KB
17 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 639
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1134
token.rubiconproject.com — Cisco Umbrella Rank: 656
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1178
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
29 KB
12 googlesyndication.com
027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
pagead2.googlesyndication.com — Cisco Umbrella Rank: 133
47 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com — Cisco Umbrella Rank: 107
ampcid.google.com — Cisco Umbrella Rank: 2322
analytics.google.com — Cisco Umbrella Rank: 256
107 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621
8 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 375
4 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 361
r.bidswitch.net — Cisco Umbrella Rank: 8174
3 KB
7 assertcom.de
api.assertcom.de — Cisco Umbrella Rank: 12880
2 KB
7 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3143
tr.outbrain.com — Cisco Umbrella Rank: 2888
sync.outbrain.com — Cisco Umbrella Rank: 763
9 KB
6 softonic.com
payback-2-the-battle-sandbox.en.softonic.com
softonic.com — Cisco Umbrella Rank: 34513
en.softonic.com Failed
220 KB
5 openx.net
u.openx.net — Cisco Umbrella Rank: 740
us-u.openx.net — Cisco Umbrella Rank: 492
1 KB
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 434
cdn.id5-sync.com — Cisco Umbrella Rank: 839
36 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
sslwidget.criteo.com — Cisco Umbrella Rank: 1713
mug.criteo.com — Cisco Umbrella Rank: 2114
8 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 476
4 KB
4 8proof.com
8proof.com — Cisco Umbrella Rank: 38306
cdn.8proof.com Failed
5 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
300 KB
4 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6076
api.privacy-center.org — Cisco Umbrella Rank: 8934
90 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 513
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
168 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 618
2 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408
creativecdn.com — Cisco Umbrella Rank: 498
3 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
257 B
3 btloader.com
btloader.com — Cisco Umbrella Rank: 1086
api.btloader.com — Cisco Umbrella Rank: 1196
7 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 389
13 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 778
643 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 566
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 662
645 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4619
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 421
739 B
2 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 8210
ssbsync.smartadserver.com — Cisco Umbrella Rank: 867
393 B
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 547
12 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1039
859 B
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 1538
334 B
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 9843
997 B
2 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 465
fonts.googleapis.com — Cisco Umbrella Rank: 80
8 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1019
bcp.crwdcntrl.net — Cisco Umbrella Rank: 952
12 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1167
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
21 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 749
script.hotjar.com — Cisco Umbrella Rank: 1067
73 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
136 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 408
515 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1103
660 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1091
830 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1163
222 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1587
3 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1069
465 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 648
817 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 589
685 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 792
889 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1281
600 B
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 3582
4 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509
2 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1553
8 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1117
431 B
1 ay.delivery
oth2kklpqszcjh2u2.ay.delivery — Cisco Umbrella Rank: 266243
23 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1107
592 B
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2021
45 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 583
15 KB
0 iqzone.com Failed
cs.iqzone.com Failed
0 adkernel.com Failed
sync.adkernel.com Failed
234 66
Domain Requested by
34 images.sftcdn.net payback-2-the-battle-sandbox.en.softonic.com
19 usersync.gumgum.com 1 redirects rtb.gumgum.com
14 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
rtb.gumgum.com
ssum-sec.casalemedia.com
u.openx.net
14 sc.sftcdn.net payback-2-the-battle-sandbox.en.softonic.com
sc.sftcdn.net
12 securepubads.g.doubleclick.net payback-2-the-battle-sandbox.en.softonic.com
securepubads.g.doubleclick.net
sc.sftcdn.net
www.datadoghq-browser-agent.com
027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
www.googletagservices.com
9 cm.g.doubleclick.net 5 redirects u.openx.net
rtb.gumgum.com
s.amazon-adsystem.com
8 www.google.com payback-2-the-battle-sandbox.en.softonic.com
www.google.com
027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
7 match.adsrvr.org 7 redirects
7 api.assertcom.de www.datadoghq-browser-agent.com
oth2kklpqszcjh2u2.ay.delivery
6 pixel.rubiconproject.com 3 redirects s.amazon-adsystem.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 x.bidswitch.net 5 redirects ssum-sec.casalemedia.com
5 token.rubiconproject.com 4 redirects s.amazon-adsystem.com
5 tpc.googlesyndication.com 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 secure.adnxs.com 4 redirects
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
4 8proof.com payback-2-the-battle-sandbox.en.softonic.com
027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
4 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
rtb.gumgum.com
4 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.googletagmanager.com payback-2-the-battle-sandbox.en.softonic.com
www.googletagmanager.com
sdk.privacy-center.org
3 pagead2.googlesyndication.com www.googletagservices.com
3 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
3 us-u.openx.net 1 redirects u.openx.net
3 pixel.tapad.com 3 redirects
3 www.googletagservices.com 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
3 sync.1rx.io 3 redirects
3 www.facebook.com payback-2-the-battle-sandbox.en.softonic.com
3 id5-sync.com softonic.com
www.datadoghq-browser-agent.com
3 c.amazon-adsystem.com softonic.com
www.datadoghq-browser-agent.com
3 bat.bing.com payback-2-the-battle-sandbox.en.softonic.com
bat.bing.com
3 softonic.com payback-2-the-battle-sandbox.en.softonic.com
softonic.com
3 payback-2-the-battle-sandbox.en.softonic.com 1 redirects softonic.com
2 gum.criteo.com 1 redirects static.criteo.net
2 creativecdn.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 sync.mathtag.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 ads.avct.cloud 2 redirects
2 eb2.3lift.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
2 ad.turn.com 2 redirects
2 esp.rtbhouse.com www.datadoghq-browser-agent.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.datadoghq-browser-agent.com
2 afs.googleusercontent.com www.google.com
2 cdn.id5-sync.com payback-2-the-battle-sandbox.en.softonic.com
securepubads.g.doubleclick.net
2 api.btloader.com www.datadoghq-browser-agent.com
2 aax.amazon-adsystem.com www.datadoghq-browser-agent.com
2 ad-delivery.net payback-2-the-battle-sandbox.en.softonic.com
2 www.google-analytics.com www.googletagmanager.com
payback-2-the-battle-sandbox.en.softonic.com
2 api.privacy-center.org sdk.privacy-center.org
2 tr.outbrain.com amplify.outbrain.com
payback-2-the-battle-sandbox.en.softonic.com
2 connect.facebook.net payback-2-the-battle-sandbox.en.softonic.com
connect.facebook.net
2 sdk.privacy-center.org payback-2-the-battle-sandbox.en.softonic.com
sdk.privacy-center.org
1 mug.criteo.com payback-2-the-battle-sandbox.en.softonic.com
1 sslwidget.criteo.com static.criteo.net
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 px.ads.linkedin.com s.amazon-adsystem.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 secure-assets.rubiconproject.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 tg.socdm.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 r.bidswitch.net 1 redirects
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 fonts.googleapis.com 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
1 rtb.gumgum.com s.amazon-adsystem.com
1 sync.targeting.unrulymedia.com 1 redirects
1 bcp.crwdcntrl.net www.datadoghq-browser-agent.com
1 analytics.google.com www.googletagmanager.com
1 ampcid.google.com www.datadoghq-browser-agent.com
1 storage.googleapis.com payback-2-the-battle-sandbox.en.softonic.com
1 adservice.google.com securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 lb.eu-1-id5-sync.com www.datadoghq-browser-agent.com
1 oth2kklpqszcjh2u2.ay.delivery payback-2-the-battle-sandbox.en.softonic.com
1 ad.doubleclick.net payback-2-the-battle-sandbox.en.softonic.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 partner.googleadservices.com www.google.com
1 btloader.com softonic.com
1 www.datadoghq-browser-agent.com softonic.com
1 static.hotjar.com www.googletagmanager.com
1 amplify.outbrain.com payback-2-the-battle-sandbox.en.softonic.com
1 static.criteo.net payback-2-the-battle-sandbox.en.softonic.com
0 en.softonic.com Failed 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
0 cdn.8proof.com Failed 8proof.com
0 cs.iqzone.com Failed rtb.gumgum.com
0 sync.adkernel.com Failed rtb.gumgum.com
234 102

This site contains links to these domains. Also see Links.

Domain
en.softonic.com
roblox.en.softonic.com
chrome.en.softonic.com
free-pdf-tools.en.softonic.com
www.softonic-ar.com
de.softonic.com
www.softonic.com
fr.softonic.com
www.softonic-id.com
it.softonic.com
www.softonic.jp
www.softonic.kr
www.softonic.nl
www.softonic.pl
www.softonic.com.br
www.softonic.ru
www.softonic-th.com
www.softonic.com.tr
www.softonic.vn
www.softonic.cn
images.sftcdn.net
www.apex-designs.net
www.facebook.com
twitter.com
api.whatsapp.com
docs.google.com
payback-2-the-battle-sandbox.it.softonic.com
payback-2-the-battle-sandbox.softonic-id.com
payback-2-the-battle-sandbox.softonic-ar.com
payback-2-the-battle-sandbox.softonic.nl
payback-2-the-battle-sandbox.de.softonic.com
payback-2-the-battle-sandbox.softonic.vn
payback-2-the-battle-sandbox.fr.softonic.com
payback-2-the-battle-sandbox.softonic.cn
payback-2-the-battle-sandbox.softonic.com.tr
payback-2-the-battle-sandbox.softonic.com
payback-2-the-battle-sandbox.softonic.jp
payback-2-the-battle-sandbox.softonic.kr
payback-2-the-battle-sandbox.softonic.pl
payback-2-the-battle-sandbox.softonic.ru
payback-2-the-battle-sandbox.softonic.com.br
payback-2-the-battle-sandbox.softonic-th.com
fortnite.en.softonic.com
gta-v.en.softonic.com
pubg-mobile.en.softonic.com
call-of-duty-mobile.en.softonic.com
call-of-duty-warzone.en.softonic.com
my-talking-tom-friends.en.softonic.com
trial-xtreme-4.en.softonic.com
payback-showdown-afk-fighting-rpg.en.softonic.com
beach-buggy-racing.en.softonic.com
count-masters-crowd-clash-stickman-running-game.en.softonic.com
special-forces-group-2.en.softonic.com
assassin-gunner.en.softonic.com
counter-terrorist-shoot.en.softonic.com
sniper-shot-3d-call-of-snipers.en.softonic.com
taxi-sim-2020.en.softonic.com
the-dark-knight-rises.en.softonic.com
sigma-game-battle-royale.en.softonic.com
fps-sniper-missions.en.softonic.com
amanda-the-adventurer-horror-cig.en.softonic.com
red-dead-redemption-2-pic.en.softonic.com
gta-via.en.softonic.com
lalkamal-nilkamal.en.softonic.com
lallu-tallu-action-game.en.softonic.com
fps-shooting-games-fire-games-10d.en.softonic.com
arrow-slashers.en.softonic.com
hunter-assassin-2.en.softonic.com
free-survival-fire-battlegrounds-battle-royale.en.softonic.com
hello.softonic.com
get-support.softonic.com
revamp.softonic.com
dev-support.softonic.com
www.linkedin.com
fetchrss.com
www.avg.com
Subject Issuer Validity Valid
*.softonic.com
Don Dominio / MrDomain RSA DV CA		 2022-12-23 -
2023-12-22		 a year crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
s4-san.cloudinary.com
R3		 2023-04-06 -
2023-07-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-25 -
2023-06-23		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-14 -
2024-01-16		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-05 -
2023-08-05		 a year crt.sh
api.privacy-center.org
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
ay.delivery
GTS CA 1P5		 2023-05-03 -
2023-08-01		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-05-28 -
2023-08-26		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-06-13 -
2023-09-11		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
api.assertcom.de
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-06-07 -
2024-07-06		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.8proof.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-29 -
2024-02-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh

This page contains 31 frames:

Primary Page: https://payback-2-the-battle-sandbox.en.softonic.com/android
Frame ID: 047D0E39FF213D834C1FC612923EACF0
Requests: 129 HTTP requests in this frame

Frame: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A0EAF19F44951934EB458301EB09D80E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&hl=en&cpp=3&rpbu=https%3A%2F%2Fen.softonic.com%2Fs%2F%3Frscp%3D12345678%26platformId%3Dandroid&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4&nocache=8591686928557086&num=0&output=afd_ads&domain_name=payback-2-the-battle-sandbox.en.softonic.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686928557088&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=6358&frm=0&cl=537871741&uio=wi290-&cont=rscontainer&jsid=csa&jsv=537871741&rurl=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&adbw=master-1%3A290
Frame ID: 75839CE1D2E5C89D0ABB064BD75D0D0C
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C3A6752FC999A186715D793D84C9CF78
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Frame ID: 1DF9E86F0112CC42FE5E755E817F245A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 3F46E6686E85372ED8F2BADBEA67D5DA
Requests: 2 HTTP requests in this frame

Frame: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D5C100E887E1AAE0101E5ED662B03BB0
Requests: 10 HTTP requests in this frame

Frame: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0CB1F5B0EA9B8A754C41CF40A939B231
Requests: 10 HTTP requests in this frame

Frame: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3E6350C8955BF49987254ED1F44F5F17
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 7989C3F265F6752F161BC8B14E4BBFD7
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 9D8E5365629C18045D214FAE57927C97
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 433DBDC03508EAD99E408E380BDDC8B2
Requests: 1 HTTP requests in this frame

Frame: https://8proof.com/app/rtbmarkup/5111?id=509471515746&ctd=51034&crid=1212&ap=ZIx8rgAAMyAKs8oPAA6IoniFcE7wsCSmVJU83A
Frame ID: F7398B275B59500E79320E99DF4B35F6
Requests: 3 HTTP requests in this frame

Frame: https://8proof.com/app/rtbmarkup/5111?id=509471561857&ctd=51034&crid=1192&ap=ZIx8rgAAMyIKs8oPAA6IolFtIMmOqRA_6IC2mQ
Frame ID: 591AA4CEB175C14F2DA4E9ED4EE9C28D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: DF012638DFB3287E43FBAC0F87DF6EFC
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 3E3FD611F4E344D9347163D4571D5527
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5454639609193321319&gdpr=0&gdpr_consent=
Frame ID: 4D43DEE5C02F23310D254AEB1DAC7FB6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3822089690018205873899
Frame ID: 13E2B625F1431278644414600487623C
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 017A85D7DD0D1F057095DB4025EB5116
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=u_207366bc-7b8e-4a47-8629-6b6a2523baae&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: D13B970D812C0B8786A54C3CD358C54A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 3DD29B9CAD4E8D61CDE6FFC607CBFB81
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=052146df-8fcd-4e08-8e97-b362036788f1
Frame ID: 229AE3E2C505D5874E17BEBAD5ED3AF3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=eb9b648c-7caf-4f00-af0a-6ac16b6fedf4&gdpr=&gdpr_consent=
Frame ID: 6D6B3193934A8AA88386E28FCC2841C8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZIx8rwAICGzMHQBI&gdpr=&gdpr_consent=&_test=ZIx8rwAICGzMHQBI
Frame ID: 7F325AD390E6688C4DC82500B4F5D1D7
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8yMDczNjZiYy03YjhlLTRhNDctODYyOS02YjZhMjUyM2JhYWU=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 73D7A6853F82B2F71389A98A48EA808B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZIx8sMCo8XkAALcHl04AAAAA
Frame ID: 1F74F38EF9B31D650A471B44E80C9E67
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=c48efcb7-af23-486a-9bab-5bcb0335e19a
Frame ID: F8C7406D86F359093509BDB881E5EC23
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 20FF7BFED08941B26363B38CD4C703CB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=CSpya5oZkrqY6J6ZWBR8&pi=gumgum&tc=1
Frame ID: C2953D3F9151703CEF17DF5DC950A234
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 91DACD28B6D3FC609AE7042350B0B7F8
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=payback-2-the-battle-sandbox.en.softonic.com&origin=onetag
Frame ID: E77AF528B4FF8E793C0187D5BE7CCE4B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Payback 2 - The Battle Sandbox APK for Android - Download

Page URL History Show full URLs

  1. https://payback-2-the-battle-sandbox.en.softonic.com/ HTTP 301
    https://payback-2-the-battle-sandbox.en.softonic.com/android Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

234
Requests

84 %
HTTPS

36 %
IPv6

66
Domains

102
Subdomains

66
IPs

8
Countries

1963 kB
Transfer

6077 kB
Size

110
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://payback-2-the-battle-sandbox.en.softonic.com/ HTTP 301
    https://payback-2-the-battle-sandbox.en.softonic.com/android Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Request Chain 133
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1686928558766 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7602918316 HTTP 302
  • https://sync.1rx.io/usersync/turn/4194221799780867193?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7883e645-30bd-4b92-ac0e-160d050aa984-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-7883e645-30bd-4b92-ac0e-160d050aa984-005 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-7883e645-30bd-4b92-ac0e-160d050aa984-005
Request Chain 136
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 156
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 157
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5454639609193321319&gdpr=0&gdpr_consent=
Request Chain 158
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3822089690018205873899
Request Chain 160
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5821511692898312231
Request Chain 161
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_207366bc-7b8e-4a47-8629-6b6a2523baae&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_207366bc-7b8e-4a47-8629-6b6a2523baae&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=0a683625-483c-4bab-a4c0-f9cc6839db83&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=b8b1c5dd-311f-4b74-a5ab-3670119c0856&gdpr=&gdpr_consent=&us_privacy=
Request Chain 162
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-48fb3a85-af74-50a2-7ed8-37ab99324174$ip$96.9.249.44
Request Chain 163
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_207366bc-7b8e-4a47-8629-6b6a2523baae&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=qMXnGoDn0bCznGKqR65p&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVYU2WDOI5XUI3RQMJBXU3SHJNYVENRVOA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVYU2WDOI5XUI3RQMJBXU3SHJNYVENRVOA HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=qMXnGoDn0bCznGKqR65p
Request Chain 164
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=APiRrPip1RCL&ev=1&pid=558355
Request Chain 165
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ewGfReY2kKGH1OSyG_v0GQQ64rMw3X-MMM9SxAVG5dyML4juI_vC2BhtlaIeN7cY%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28ewGfReY2kKGH1OSyG_v0GQQ64rMw3X-MMM9SxAVG5dyML4juI_vC2BhtlaIeN7cY%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_207366bc-7b8e-4a47-8629-6b6a2523baae&obuid=ENC(ewGfReY2kKGH1OSyG_v0GQQ64rMw3X-MMM9SxAVG5dyML4juI_vC2BhtlaIeN7cY) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=ewGfReY2kKGH1OSyG_v0GQQ64rMw3X-MMM9SxAVG5dyML4juI_vC2BhtlaIeN7cY HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=outbrain&bsw_custom_parameter=b8b1c5dd-311f-4b74-a5ab-3670119c0856 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=b8b1c5dd-311f-4b74-a5ab-3670119c0856&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Doutbrain%26bsw_param%3Db8b1c5dd-311f-4b74-a5ab-3670119c0856 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=b8b1c5dd-311f-4b74-a5ab-3670119c0856&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Doutbrain%26bsw_param%3Db8b1c5dd-311f-4b74-a5ab-3670119c0856 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6c568d48-7976-49d8-a2c4-12d0257d15ea%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Doutbrain%252526bsw_param%25253Db8b1c5dd-311f-4b74-a5ab-3670119c0856%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=052146df-8fcd-4e08-8e97-b362036788f1&ttd_puid=6c568d48-7976-49d8-a2c4-12d0257d15ea%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Doutbrain%2526bsw_param%253Db8b1c5dd-311f-4b74-a5ab-3670119c0856%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=outbrain&bsw_param=b8b1c5dd-311f-4b74-a5ab-3670119c0856 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=b8b1c5dd-311f-4b74-a5ab-3670119c0856&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 166
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=998b8fef-fc78-0406-3309-813ad18a8e44
Request Chain 167
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-PUyLkh5E2pdlKfAx1RCujRiEE1e.8232eLIp~A
Request Chain 168
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=448fb763-103e-46f4-aae1-1f06086700b0
Request Chain 169
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=A42684DA40694E48B36D7397BF65523E
Request Chain 171
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=dfcc6c7e-e57c-4322-88aa-15d248f53001
Request Chain 172
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=5454639609193321319
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIx8rn0OvQdiiT36zlQXswAADtMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIb8DdDqUGO1ttxcf4XqtYk&google_cver=1
Request Chain 177
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=052146df-8fcd-4e08-8e97-b362036788f1&expiration=1689520559&gdpr=0&gdpr_consent=
Request Chain 178
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIx8rn0OvQdiiT36zlQXswAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKbyySbCnhy43rL-IvgkbZY&google_cver=1
Request Chain 179
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3d89648c-7caf-4000-a6ca-4237ab0e8468
Request Chain 180
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5821511692898312231
Request Chain 181
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4122164205742939257
Request Chain 187
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=052146df-8fcd-4e08-8e97-b362036788f1
Request Chain 188
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=eb9b648c-7caf-4f00-af0a-6ac16b6fedf4&gdpr=&gdpr_consent=
Request Chain 200
  • https://match.adsrvr.org/track/cmf/openx?oxid=6eb62b9f-d46d-3c50-5472-91d719da8f02&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=052146df-8fcd-4e08-8e97-b362036788f1&ttd_puid=6eb62b9f-d46d-3c50-5472-91d719da8f02&gdpr=0&gdpr_consent=
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELquLRkt8uO-s1Q3QoAzNO4&google_cver=1
Request Chain 203
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZIx8rwAICGzMHQBI HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZIx8rwAICGzMHQBI&gdpr=&gdpr_consent=&_test=ZIx8rwAICGzMHQBI
Request Chain 208
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZIx8sMCo8XkAALcHl04AAAAA
Request Chain 209
  • https://cs.admanmedia.com/sync/gumgum?puid=u_207366bc-7b8e-4a47-8629-6b6a2523baae&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=c48efcb7-af23-486a-9bab-5bcb0335e19a
Request Chain 211
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=CSpya5oZkrqY6J6ZWBR8&pi=gumgum&tc=1
Request Chain 212
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 218
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LIYPPJGL-E-ADNX HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LIYPPJGL-E-ADNX&ex=d-rubiconproject.com&status=ok
Request Chain 219
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LIYPPJGL-E-ADNX HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LIYPPJGL-E-ADNX
Request Chain 222
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzA4YjFiYjRjNDhmZDVjZGUxODc1YzAyNWYzMTEyZmNjNjVmMGJlOQ
Request Chain 223
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qJC_XSSpTUuyGWTx_3R0Iw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qJC_XSSpTUuyGWTx_3R0Iw
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO2RVw1_IoGY0kPxR4QCZCk&google_cver=1
Request Chain 225
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/uGp54woxy0afys1Pr-piBA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oyphXjFE2oKshVynmU8YtKxRmlDcVmS7v0fYDg--~A
Request Chain 226
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIYPPJGL-E-ADNX
Request Chain 227
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElZUFBKR0wtRS1BRE5Y HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJS07fCCY7c4eydFAqte2p4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElZUFBKR0wtRS1BRE5Y&google_push=
Request Chain 229
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=052146df-8fcd-4e08-8e97-b362036788f1&gdpr=0&gdpr_consent=&expires=30
Request Chain 237
  • https://gum.criteo.com/sid/json?origin=onetag&domain=softonic.com&sn=ChromeSyncframe&so=0&topUrl=payback-2-the-battle-sandbox.en.softonic.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=TmskXXxZMVQ4aGJrVjJoQ0M3Y0EzZSsvRnBCNUdqMWlNNEdsc1o1MkM0dzZGZSt5bU5wNVc0aVB6R0lTU3Nsekl4MW1JZUNTdVh0dUZuVDU0LzZzSmNwMXFGYjFjcnU3WEE0b2JydWpUZW54MW0vTGZFQW1xRnY5elVaYjA0L0NsZVMxY25BVjBNUVFrZ3RweGg1VlhkNkhSeXRHWExIdGtQYmRTem1BV1N6OEVHZGZ2cW14RkEwTThkVGRHbHVydHhBaGQ2UjVEdWVZU3RBNXkzYnFnaUNKKzJ1SS9iYTlKS1NxakUxZmJWR2JUTHMvQkI0ZHhzZzdacS9vQzBlZm12a3F3RXBZeWhGMXRJVHRKclNlZXBwZkhYQT09fA&cppv=2

234 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request android
payback-2-the-battle-sandbox.en.softonic.com/
Redirect Chain
  • https://payback-2-the-battle-sandbox.en.softonic.com/
  • https://payback-2-the-battle-sandbox.en.softonic.com/android
332 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
aa0a093e4ab14ef619b40f8211dff362caf855c317be5c26d93e4d8bec117aac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
br
content-language
en-US
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 15:15:54 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
user-agent,accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-detected-as
desktop
x-envoy-upstream-service-time
189
x-frame-options
sameorigin
x-is-bot
false
x-page-id
app
x-rendered-as
desktop
x-request-id
fed5fc22-a49a-42ec-9c23-1faff99ee288
x-served-by
server-645944647b-cqc4g
x-version
1.5897.0
x-xss-protection
1

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-language
en-US
content-length
0
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 15:15:54 GMT
location
https://payback-2-the-battle-sandbox.en.softonic.com/android
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
user-agent
via
1.1 google
x-content-type-options
nosniff
x-detected-as
desktop
x-envoy-upstream-service-time
57
x-frame-options
sameorigin
x-is-bot
false
x-page-id
app
x-rendered-as
desktop
x-request-id
68c1e8fb-0e63-4ffe-811b-9824e7c1a873
x-served-by
server-645944647b-6vw52
x-version
1.5897.0
x-xss-protection
1
loader.js
sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/ 		53 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=en.softonic.com
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:bc00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f3669b0e93eb4d2fd43ef750b28394d113554adafec90bacdaecb994e73f436a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:53:19 GMT
content-encoding
gzip
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
x-didomi-remote-config-source
Lambda
server
CloudFront
x-amz-cf-pop
JFK50-P5
age
1356
etag
"062c2f3535d94d41762123d6f9a1efa2"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
10363
x-amz-cf-id
q2ME-TxqTePPOtB7dekwRN_mew9R2EQ5aGHsmoZ2AKvGvwsihVOi1Q==
gtm.js
www.googletagmanager.com/ 		401 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb1abd7116e473e8d0a3d27d6d003dc6a21f9b5ca234980067bd562e718d0f57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114877
x-xss-protection
0
last-modified
Fri, 16 Jun 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Jun 2023 15:15:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eeee43b23cd416865291bfeb5e5a65801359299d50aca81ac4f202016baa2d4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27254
x-xss-protection
0
server
cafe
etag
795 / 19524 / 31075377 / config-hash: 10714554489475813448
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:15:55 GMT
ads.js
www.google.com/adsense/search/ 		140 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/ads.js
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74cfe810b9c516f53664b35c4f89e90073fbbd03da994fc299636dc0bc3ae23d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"13279118432341385747"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Fri, 16 Jun 2023 15:15:55 GMT
sft-prebid.js
softonic.com/revamp/ 		304 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://softonic.com/revamp/sft-prebid.js
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
65a5f06c8dff9cd0ceb7c0e4b48d917bdc8ed613a0cb281e1cc82a4cefb2a2ed

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Origin
https://payback-2-the-battle-sandbox.en.softonic.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-version
1.1138.0
date
Fri, 16 Jun 2023 15:15:55 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
27786
x-cache
MISS, HIT
x-envoy-upstream-service-time
8
x-region
MA
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87893
x-request-id
5281c426-7926-4876-b779-e465a8f5db5c
x-served-by
cache-ams21030-AMS, cache-bfi-krnt7300031-BFI
x-platform-version
NT 10.0
x-browser-version
114.0.5735.133
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1686928555.161524,VS0,VE0
etag
W/"484a0a90a172e05746b39a619b64b665"
x-browser-name
Chrome
vary
Accept-Encoding,x-country-code,x-device-platform
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
US
x-cache-hits
0, 336
ld.js
static.criteo.net/js/ld/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 17 May 2023 12:05:15 GMT
server
nginx
etag
W/"6464c2fb-b219"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:15:55 GMT
72c3f-7452e.mjs
sc.sftcdn.net/scripts/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/72c3f-7452e.mjs
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
9653fbd6ee7a03421660e98228c44951f599f58e01bfced389d8a8b587bf22ef

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Origin
https://payback-2-the-battle-sandbox.en.softonic.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Wed, 12 Jun 2024 10:05:07 GMT
date
Fri, 16 Jun 2023 15:15:54 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
277848
x-cache
HIT, HIT
x-envoy-upstream-service-time
5
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13649
x-served-by
cache-ams21020-AMS, cache-yyz4541-YYZ
last-modified
Tue, 13 Jun 2023 08:32:11 GMT
server
istio-envoy
x-timer
S1686928555.994383,VS0,VE2
etag
W/"6488298b-bfa4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
28, 1
23986-f8c70.mjs
sc.sftcdn.net/scripts/ 		95 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/23986-f8c70.mjs
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
a62f22b1ea19141932bc6bcd209fa72a1c03094d1fc8b566d480051e3aae14ba

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Origin
https://payback-2-the-battle-sandbox.en.softonic.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Fri, 14 Jun 2024 14:53:27 GMT
date
Fri, 16 Jun 2023 15:15:54 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
87748
x-cache
HIT, HIT
x-envoy-upstream-service-time
3
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
20898
x-served-by
cache-ams12783-AMS, cache-yyz4541-YYZ
last-modified
Thu, 15 Jun 2023 14:29:06 GMT
server
istio-envoy
x-timer
S1686928555.994658,VS0,VE0
etag
W/"648b2032-17c14"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
42, 109
payback-2-the-battle-sandbox-logo
images.sftcdn.net/images/t_app-icon-s/p/6238f67a-e6d4-11e6-a7ad-8a4597916e17/2162140785/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/6238f67a-e6d4-11e6-a7ad-8a4597916e17/2162140785/payback-2-the-battle-sandbox-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
81cb046ce8bc7d7a6cbf4f9f81eb242a810bb1575cde53828c31706c92304d51
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:55 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:04:15 GMT
server
Cloudinary
etag
"d4862f710eb39439b856fd840f57d46a"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2162140785.webp"
server-timing
cld-akam;dur=185;cpu=106;start=2023-06-16T15:15:55.139Z;desc=hit-near,rtt;dur=25
accept-ranges
bytes
timing-allow-origin
*
content-length
2142
payback-2-the-battle-sandbox-unnamed%20(2).png
images.sftcdn.net/images/t_app-cover-s,f_auto/p/6238f67a-e6d4-11e6-a7ad-8a4597916e17/3521327034/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-cover-s,f_auto/p/6238f67a-e6d4-11e6-a7ad-8a4597916e17/3521327034/payback-2-the-battle-sandbox-unnamed%20(2).png
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
17291071ef8a4b9c674355fbe2e3945210d8cd572dc9eae27dcc7596162f3e2d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:55 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="3521327034.webp"
server-timing
cld-akam;dur=151;cpu=69;start=2023-06-16T15:15:55.138Z;desc=miss,rtt;dur=25,cloudinary;dur=66;start=2023-06-16T15:15:55.197Z
content-length
7646
last-modified
Mon, 06 Mar 2023 09:20:49 GMT
server
Cloudinary
etag
"f95fcbac3075bdd6e2ed54ec8c0d3c77"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
5bba3-e5711.woff2
sc.sftcdn.net/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/5bba3-e5711.woff2
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Origin
https://payback-2-the-battle-sandbox.en.softonic.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Tue, 21 May 2024 23:01:06 GMT
date
Fri, 16 Jun 2023 15:15:54 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
2132089
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
12698
x-served-by
cache-ams12758-AMS, cache-yyz4541-YYZ
last-modified
Mon, 22 May 2023 10:21:27 GMT
server
istio-envoy
x-timer
S1686928555.994706,VS0,VE0
etag
W/"646b4227-319c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
87, 12
fa090-0d026.svg
sc.sftcdn.net/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sc.sftcdn.net/images/fa090-0d026.svg
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
2088f5aa1ebfab0d8de47886b0418c34f5b36d5b19286b9c87616547dfa3562d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Wed, 29 May 2024 22:51:42 GMT
date
Fri, 16 Jun 2023 15:15:55 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
1441452
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2107
x-served-by
cache-ams21030-AMS, cache-yyz4567-YYZ
last-modified
Tue, 30 May 2023 15:54:15 GMT
server
istio-envoy
x-timer
S1686928555.052588,VS0,VE0
etag
W/"64761c27-12b0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1628, 22
sft-bundle.js
softonic.com/revamp/ 		332 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://softonic.com/revamp/sft-bundle.js?modern=1
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e4b543e367e5cb57d282d87ab6cc568510b6096ebbbad83d7c24127e76ee1ce1

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Origin
https://payback-2-the-battle-sandbox.en.softonic.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-version
1.1138.0
date
Fri, 16 Jun 2023 15:15:55 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
27786
x-cache
HIT, HIT
x-envoy-upstream-service-time
8
x-region
MA
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74813
x-request-id
605261ca-e344-4d97-ae8c-ba229f3833df
x-served-by
cache-ams12763-AMS, cache-bfi-krnt7300026-BFI
x-platform-version
NT 10.0
x-browser-version
114.0.5735.133
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1686928555.162827,VS0,VE0
etag
W/"a67ed6baf0bf9c9cae4ad307d17a6cb6"
x-browser-name
Chrome
vary
Accept-Encoding,x-device-platform
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
US
x-cache-hits
2, 1036
fbevents.js
connect.facebook.net/en_US/ 		108 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Jun 2023 15:15:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27810
x-xss-protection
0
pragma
public
x-fb-debug
1fqfzdcv8nZ/IZyoqytjV9zR3KoruUGBDe/w55KkRt/o2GCIFel20sxsqcMvAJmN+Xg4SooI41UJuzbWUdTSQA==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.173.185 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-185.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f8cb3417715e1f98e281c70c4a0cfa4d8b2934bea25ac91bc9f0682259a8f3e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:15:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2023 14:50:39 GMT
Server
AkamaiNetStorage
ETag
"966f548b03fbf3b19ba87f8ba3bc7617:1686581802.701749"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
NA
Cache-Control
max-age=1200
X-CC
US
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6952
Expires
Fri, 16 Jun 2023 15:35:55 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 16 Jun 2023 15:15:54 GMT
last-modified
Thu, 11 May 2023 18:08:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 02DB3CC6FC4D492283C1988F1CA8B82F Ref B: EWR311000103037 Ref C: 2023-06-16T15:15:55Z
etag
"80df77953384d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12183
e1d66-49326.css
sc.sftcdn.net/styles/ 		117 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/e1d66-49326.css
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
9e495f6b1513fc3cb5a4b4ca17b38112028276aae572fdf565f64c47fe206130

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Fri, 14 Jun 2024 08:07:37 GMT
date
Fri, 16 Jun 2023 15:15:55 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
112098
x-cache
HIT, HIT
x-envoy-upstream-service-time
3
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
18033
x-served-by
cache-ams21040-AMS, cache-yyz4567-YYZ
last-modified
Thu, 15 Jun 2023 07:50:28 GMT
server
istio-envoy
x-timer
S1686928555.053813,VS0,VE0
etag
W/"648ac2c4-1d220"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
60, 46
40150-89a48.css
sc.sftcdn.net/styles/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/40150-89a48.css
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
74e9e0b0ddf0f5ca3ef65df8d565cce03a7612817ff6dde265f2222fb85a2525

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Tue, 28 May 2024 10:25:08 GMT
date
Fri, 16 Jun 2023 15:15:55 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
1572646
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2849
x-served-by
cache-ams12764-AMS, cache-yyz4567-YYZ
last-modified
Mon, 29 May 2023 10:12:06 GMT
server
istio-envoy
x-timer
S1686928555.052233,VS0,VE0
etag
W/"64747a76-2f14"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
85, 37
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
585ea-68c47.woff2
sc.sftcdn.net/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/585ea-68c47.woff2
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Origin
https://payback-2-the-battle-sandbox.en.softonic.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:03:59 GMT
date
Fri, 16 Jun 2023 15:15:55 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
4425117
x-cache
HIT, HIT
x-envoy-upstream-service-time
5
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16706
x-served-by
cache-ams21069-AMS, cache-yyz4541-YYZ
last-modified
Tue, 25 Apr 2023 16:38:22 GMT
server
istio-envoy
x-timer
S1686928555.118497,VS0,VE0
etag
W/"644801fe-4144"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
16184, 11
d1174-0627e.woff2
sc.sftcdn.net/fonts/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/d1174-0627e.woff2
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Origin
https://payback-2-the-battle-sandbox.en.softonic.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:04:01 GMT
date
Fri, 16 Jun 2023 15:15:55 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
4425113
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17553
x-served-by
cache-ams21076-AMS, cache-yyz4579-YYZ
last-modified
Tue, 25 Apr 2023 16:38:22 GMT
server
istio-envoy
x-timer
S1686928555.117895,VS0,VE0
etag
W/"644801fe-4490"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
3204, 19
b94b1-d9c76.css
sc.sftcdn.net/styles/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/b94b1-d9c76.css
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Thu, 06 Jun 2024 23:22:17 GMT
date
Fri, 16 Jun 2023 15:15:55 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
748418
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1856
x-served-by
cache-ams12746-AMS, cache-yyz4567-YYZ
last-modified
Wed, 07 Jun 2023 09:12:16 GMT
server
istio-envoy
x-timer
S1686928555.190536,VS0,VE0
etag
W/"648049f0-12d9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
25, 32
sdk.7d19e06713ceb9d914b0821b7c447bf70a8420d9.js
sdk.privacy-center.org/sdk/7d19e06713ceb9d914b0821b7c447bf70a8420d9/modern/ 		312 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/7d19e06713ceb9d914b0821b7c447bf70a8420d9/modern/sdk.7d19e06713ceb9d914b0821b7c447bf70a8420d9.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=en.softonic.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:bc00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9a66eec16aefcf23dc44d9456c9f0f0dd59cb08782c2195cd2732989a3911bc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 15:46:30 GMT
content-encoding
gzip
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
last-modified
Thu, 15 Jun 2023 15:42:06 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1686843421/ctime:1686843421/gid:0/gname:root/md5:24657e4e9c68f2229ab05199fb1d52fd/mode:33188/mtime:1686843421/uid:0/uname:root
x-amz-cf-pop
JFK50-P5
age
84566
etag
W/"24657e4e9c68f2229ab05199fb1d52fd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
HK9aXW15tJF1RLJET8Lz6f9vG-XJEnF8q1jUHuNYuwsmTJWPQvIvMA==
cachedClickId
tr.outbrain.com/ 		35 B
194 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00a3d36c60122238463de2f625cdad8f07
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:15:55 GMT
X-TraceId
4a26ff142cfba92cb39f951193dc1241
Content-Length
35
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=06655874083086359&referrer=&cht=gtm&marketerId=00a3d36c60122238463de2f625cdad8f07&name=PAGE_VIEW&dl=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/android
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:15:55 GMT
Cache-Control
no-cache
X-TraceId
5fd93ad05508f1ff3072180bbc82bad7
Content-Length
53
Content-Type
image/gif;
448368701978882
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/448368701978882?v=2.9.107&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
064403a47dbbd1a8c1dcee59b2859b70356faa90ba53fbb676798b8223fb6f83
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Jun 2023 15:15:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110040
x-xss-protection
0
pragma
public
x-fb-debug
KkeM4bmZ7/OnN4t/6kuqoISYagrj1ChBiqT6CvQeqUvcLJWv7HIQOF1rTVGaQpI6m2jlNcP4iMbdE3V5S5fiWA==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		945 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9dc00a29bb76d8400dcdc45c36a160d3e5bd4b3b376712f0673279f0bf84ddb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/ 		408 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 15:36:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
85147
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128933
x-xss-protection
0
server
cafe
etag
1396361306703029922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 14 Jun 2024 15:36:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		4 KB
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=payback-2-the-battle-sandbox.en.softonic.com&ppc_eid=31075027
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e071a5a05a3dcbb99787852a3e52ccc0d7f49d4282627e6c9a7e3fc4183d156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
769
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:15:55 GMT
26115935.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/26115935.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 16 Jun 2023 15:15:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D2A218D4F8D7455D8251B21581F6ADEE Ref B: EWR311000103037 Ref C: 2023-06-16T15:15:55Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=26115935&Ver=2&mid=f48d864d-bd51-4bc0-aa56-b0afeed469b8&sid=b0d2a8400c5811ee9d72637780a2e2de&vid=b0d2d2300c5811ee8026674b5b69aed0&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Payback%202%20-%20The%20Battle%20Sandbox%20APK%20for%20Android%20-%20Download&p=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&r=&lt=1189&evt=pageLoad&sv=1&rn=987382
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 16 Jun 2023 15:15:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9627CFE8FBD24B918D4CDD0292F2F8D1 Ref B: EWR311000103037 Ref C: 2023-06-16T15:15:55Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-424839.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-424839.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
18215decdf58b38c1cb47c012eac437cab735cf36e0dde09e02807e47952cf9f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 16 Jun 2023 15:15:44 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
12
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/4850137a4abf0a36592e179ef80b6a2b
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
yuST2DqsqihMR4enwIm3OVoH4kolcK8SDOjzKic5C-u-MSRaU0UTWA==
js
www.googletagmanager.com/gtag/ 		139 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-631321069&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c9e150fd78bf812a62ed5df3da6da56bbc4583dd66107099707fc5349679758
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54554
x-xss-protection
0
last-modified
Fri, 16 Jun 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Jun 2023 15:15:55 GMT
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 		140 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.224.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-224-171.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ef4ec79abf2124328933f87b397b40528f041cad0684e42b0b8c24bea5eac31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:39 GMT
content-encoding
br
via
1.1 8844c3dbe820eac69f8ca9f1c7fb7402.cloudfront.net (CloudFront)
last-modified
Mon, 15 May 2023 16:08:38 GMT
server
AmazonS3
x-amz-cf-pop
JFK51-C1
age
18
x-amz-server-side-encryption
AES256
etag
W/"da9010ded1146d56a7457c67db4dedd1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
JpTBt9QxjkuLVJxB-IxApaPKRUchwx5bakTJlBb_gMfwfE76eEWaPA==
sft-bundle.js
softonic.com/revamp/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://softonic.com/revamp/sft-bundle.js?modern=1
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-version
1.1138.0
date
Fri, 16 Jun 2023 15:15:56 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
27787
x-cache
HIT, HIT
x-envoy-upstream-service-time
7
x-region
MA
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74813
x-request-id
605261ca-e344-4d97-ae8c-ba229f3833df
x-served-by
cache-ams12763-AMS, cache-bfi-krnt7300027-BFI
x-platform-version
NT 10.0
x-browser-version
114.0.5735.133
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1686928556.019673,VS0,VE0
etag
W/"a67ed6baf0bf9c9cae4ad307d17a6cb6"
x-browser-name
Chrome
vary
Accept-Encoding,x-device-platform
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
US
x-cache-hits
2, 918
apstag.js
c.amazon-adsystem.com/aax2/ 		236 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:45:42 GMT
content-encoding
gzip
via
1.1 c889e9448c63bb4bf9dd41fcb2250e08.cloudfront.net (CloudFront), 1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
last-modified
Thu, 15 Jun 2023 18:14:56 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
1814
x-amz-server-side-encryption
AES256
etag
W/"7c6a36eb4b73f6b7cf4a63a33418a2c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
VZKMMcm5beoiep-iE1JktN0dYil8X0-IasxDBQsD81iZH7r6zrAlxw==
tag
btloader.com/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5633429348548608&domain=softonic.com&upapi=true
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
625a58209585a0233f023ab9973809edaf28b1446402edc069ff71d4533881b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:56 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Jun 2023 15:13:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
32
etag
W/"e9547c1eea13e61846e95034e6e871ee"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXkcz8YKOaBg30PqdC01P%2BcmcFkvM1ntThoydwP3nYfZPAxOdEYCAaNM8e%2FeuPH%2Fs4rrQBR2G6s2uVB22OYGuWc34DYZRRb5Q%2FD1JW97qyNIiYPhxycpdNVtA9IjrfvNrkkuj%2F32CV3A8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7d8402d3783a0c92-EWR
current
api.privacy-center.org/v1/locations/ 		40 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.privacy-center.org/v1/locations/current?fields[]=country_code&fields[]=region_code
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/7d19e06713ceb9d914b0821b7c447bf70a8420d9/modern/sdk.7d19e06713ceb9d914b0821b7c447bf70a8420d9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:9600:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
55905f7b3c0cb367751791a71d4c4c6518d40275f764685a0cbf00ffec6a8804
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Jun 2023 15:15:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
40
x-xss-protection
1; mode=block
etag
W/"28-wHiac1ydCP02hf5BtPgUzN+Jpvs"
x-download-options
noopen
x-frame-options
SAMEORIGIN
allow
GET
content-type
application/json; charset=utf-8
vary
Accept
access-control-allow-origin
*
cache-control
max-age=3600, private
x-amz-cf-id
mvRr3DdWxNhHxnOQMwDfvDQRUInKFOw2Y-6bAhDW_ZWy3puJMj-EUA==
current
api.privacy-center.org/v1/locations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.privacy-center.org/v1/locations/current?fields[]=country_code&fields[]=region_code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:9600:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://payback-2-the-battle-sandbox.en.softonic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
date
Fri, 16 Jun 2023 15:15:56 GMT
vary
Access-Control-Request-Headers
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
x-amz-cf-id
u9fPYM0GJLMB0ljJPBW7McJe_NcCITzx9uVd6eVV49OHpILRWRfOMg==
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
x-powered-by
Express
cookie.js
partner.googleadservices.com/gampad/ 		378 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=payback-2-the-battle-sandbox.en.softonic.com&client=softonic&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26ca28a8776f1aef354f6f7e5b1a28cbcb7f8894a344fb01f02a37e7abba4fe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241
x-xss-protection
0
prebid
id5-sync.com/api/config/ 		135 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
1e8565c2fefd99bae229bf5912b8a400f64eed0f6e6762f7101771328ea1bd48
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
date
Fri, 16 Jun 2023 15:15:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
best-recommended-apps
payback-2-the-battle-sandbox.en.softonic.com/ 		5 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://payback-2-the-battle-sandbox.en.softonic.com/best-recommended-apps?appId=6238f67a-e6d4-11e6-a7ad-8a4597916e17&categoryId=action&pageId=app&developerSlug=apex-designs-entertainment-ltd&platformId=android&locale=en-US&programName=Payback+2+-+The+Battle+Sandbox&browserName=chrome&browserVersion=114.0.5735.133&countryCode=US&deviceType=desktop&isEU=false&isCalifornia=false&region=MA&userPlatformId=windows&userPlatformVersion=10.0&placementId=download-intent&position=85
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
a6580e6713792edc7dd36a72c6af4f93d48bc4cf302525540ca10642d5206e37

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/android
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-version
3.32.0
date
Fri, 16 Jun 2023 15:15:56 GMT
via
1.1 google
x-winner-campaign-logic
rpm
x-user-platform
windows
x-winner-campaign-id
avg-secure-browser
x-resource-id
BestRecommendedApp
x-envoy-upstream-service-time
37
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5613
x-served-by
server-64ff5c584d-s4zg9
server
istio-envoy
x-operation-id
getBestRecommendedApp
x-publisher-id
sft
vary
origin
content-type
application/json; charset=utf-8
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
x-suitable-campaigns-count
4
accept-ranges
bytes
x-country-code
US
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448368701978882&ev=PageView&dl=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&rl=&if=false&ts=1686928556401&sw=1600&sh=1200&v=2.9.107&r=stable&ec=0&o=30&fbp=fb.1.1686928556394.820645645&cs_est=true&it=1686928555427&coo=false&rqm=GET
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Jun 2023 15:15:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
modules.d300ab0f8311d57bf5d6.js
script.hotjar.com/ 		270 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.d300ab0f8311d57bf5d6.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-424839.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-77.jfk50.r.cloudfront.net
Software
/
Resource Hash
29a6e44de81a864485015f9623497c4729266f2be8244bf442caf96b53d43d82
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 12:15:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
97249
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
70183
last-modified
Thu, 15 Jun 2023 12:14:20 GMT
etag
"389003ed05f597fc11f5765f5651f0ba"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Oju6VKZ9PFzWlicNm0Ig7L6v9P8sgmlumO8TiIkC-eUC8EeQfs9chg==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/?random=1686928556499&cv=11&fst=1686928556499&bg=ffffff&guid=ON&async=1&gtm=45be36e0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&hn=www.googleadservices.com&frm=0&tiba=Payback%202%20-%20The%20Battle%20Sandbox%20APK%20for%20Android%20-%20Download&us_privacy=error&auid=775637062.1686928556&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-631321069&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7942c071ba410cca851fd005dbe533d91d5ad5668c18bf6643991f69559f9416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1353
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Jun 2023 14:11:08 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3888
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 16 Jun 2023 16:11:08 GMT
js
www.googletagmanager.com/gtag/ 		225 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7dcb1f79911894171ef7b9d117bf29a31c86753b0abf72f2ea86e7484b2f4280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82285
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 16 Jun 2023 15:15:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		4 KB
777 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=en.softonic.com
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-f8c70.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
736eadfa15772323c2cf0655d6b9d82c5f1a439d232a8618e06102a21c07305a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
752
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:15:56 GMT
px.gif
ad-delivery.net/ 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
595245
x-guploader-uploadid
ADPycdtrSEouERMMLPTNWA23n-ztYXDq7RaGc9h5u3ea0s5uSPGKF7VMkMyrp-Ld8THwcpG3GZTYxocI9l_K0KVaEz8Weg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyG5R1sKi77wyR7ke%2BylexBUhw%2BmK9%2BagHwF4u0Euk%2Bk12urat8HYFxb9vMxRjV7UQEMP%2F1ZwFObrRTKsbGR%2Bm9PASlAMQAF%2BgoDRe%2F4NQLl5uIhG8fPFe9D0OcO5aYw1nNatMtNjlJh2SYi1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7d8402d7b92242b9-EWR
expires
Fri, 09 Jun 2023 18:47:00 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 09:33:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 09:33:44 GMT
px.gif
ad-delivery.net/ 		43 B
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.30970507154532423
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
595245
x-guploader-uploadid
ADPycdtrSEouERMMLPTNWA23n-ztYXDq7RaGc9h5u3ea0s5uSPGKF7VMkMyrp-Ld8THwcpG3GZTYxocI9l_K0KVaEz8Weg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpCzdrzbkX0vU8itljA9qRfmOL02nGPtISY6gDMpEOaNW0dWgV0fwBeJaYVEn4GSf8MBW9UVI%2BRqJoNGMKVgE8cxukbOm9Qg8TEYAsV3TMvX1hs7bTHlOTnrBhcpt3rPt%2FSSDWtrpZpou0RPlg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7d8402d7c92342b9-EWR
expires
Fri, 09 Jun 2023 18:47:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		470 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3177&u=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
8117ea09b5caab594dd88ba8826f107ef9f3a5f91e36b1f89672b03dc33ae48e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:55 GMT
via
1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
470
x-amz-cf-id
3xf_amRjjS6fuQDHU07cuDDm-ugRoiooGqYlweovgHeGwxVGnYPOjw==
bid
aax.amazon-adsystem.com/e/dtb/ 		137 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3177&u=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&pid=mdQLZFesmYE6G&cb=0&ws=1600x1200&v=23.612.1758&t=600&slots=%5B%7B%22sd%22%3A%22top-mpu-1__ad%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x180%22%2C%22300x150%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-en%2FApps%2FProgrampage%2FATF_MPU_First%22%7D%2C%7B%22sd%22%3A%22top-leaderboard-1__ad%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22960x90%22%2C%22950x90%22%2C%22728x90%22%2C%22500x90%22%2C%22468x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-en%2FApps%2FProgrampage%2FATF_Leaderboard_First%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.107.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-107-227.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
80cd4bb42ae5db873104aef0b9cb4f6e55d72ea7440eae108640d9779d258c14
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P6
x-amz-rid
BQYXH7RZD4BMWFJN8MPK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
137
x-amz-cf-id
8__Ea0mQ8uR7ZeVKmTL9jl5fzIv_V9vjvlH1pF7c3dqPtcmPla4pZA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
x-amz-version-id
Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding
gzip
via
1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Fri, 26 May 2023 01:35:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
qvAasUYm2lrfG7VEEM5Zq8gRLYmSlIyCl-tdiIbuq9ZSDTVbXzzwRA==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22_system%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22apstag%252Flibrary%252FdidLoad%22%2C%22feat...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22_system%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22apstag%252Flibrary%252FdidLoad%22%2C%22feat%22%3A%22undefined%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fpayback-2-the-battle-sandbox.en.softonic.com%252Fandroid%22%2C%22lv%22%3A%2223.612.1758%22%7D
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.107.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-107-227.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/android
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c70c0d114d0fcf32b9941c29c00266de.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P6
x-amz-rid
6Y5S34HKMJAGKKHMJN7D
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-language
en
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
gN5BAxlPWCGeKYDjZkp5qvQc0W37sXDAnhlyUH6YbZAIrx7s-Gy78A==
js
www.googletagmanager.com/gtag/ 		139 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-631321069
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/7d19e06713ceb9d914b0821b7c447bf70a8420d9/modern/sdk.7d19e06713ceb9d914b0821b7c447bf70a8420d9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60a87520e71b3795a6f6c1610a4c4f49f0f6ece6b09fd6851fac21f917e1195a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54545
x-xss-protection
0
last-modified
Fri, 16 Jun 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Jun 2023 15:15:57 GMT
client-v2.js
oth2kklpqszcjh2u2.ay.delivery/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oth2kklpqszcjh2u2.ay.delivery/client-v2.js
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d85f395cd46a59873728519df62c418447e4ad7fc9b1b77d3a8d31ed37d9ecc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Jun 2023 20:53:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
194
etag
W/"647e4b48-1120d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIjlZfMsFDVqNH0orLJf9mVgIWjugX32APsrDxkEiyak6HpA6w%2BV%2BDFjHH%2F3k4nQDKJT%2BFQcgRWtIafLsla1Y5StceiuuszDYRLNpWzORK3EBZFe8KgRCJlszL7FXcWEl9nwYCZDXkCfZV9Sx91pEmr%2BI70o8y7LDsqT6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7d8402da3d1a4387-EWR
alt-svc
h3=":443"; ma=86400
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448368701978882&ev=ViewContent&dl=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&rl=&if=false&ts=1686928557025&cd[content_type]=App&cd[content_name]=payback-2-the-battle-sandbox&sw=1600&sh=1200&v=2.9.107&r=stable&ec=1&o=30&fbp=fb.1.1686928556394.820645645&it=1686928555427&coo=false&rqm=GET
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Jun 2023 15:15:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
3402bfb0b178920cfafc6d76feb2e4d4e4c1c076c67a8ca29d0b16c55ebc7172
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
date
Fri, 16 Jun 2023 15:15:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 07:50:23 GMT
content-encoding
gzip
age
890734
x-guploader-uploadid
ADPycds3JwSMfjQ_7tyrkJkHYOWiMih3In4NNdnRTqxkvFzZG_cJxuMGoEEGDbByHhOVpF6uTCRM29ZrKY6rSCrUtgw2-Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 05 Jun 2024 07:50:23 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:41:03 GMT
via
1.1 google
age
2094
x-guploader-uploadid
ADPycdscOQMSKVFUOHcp-reGVdiGwo76yI25S4Q0oVnZ-gam9J5N4HaKS3UUkrh49ootWBgbhsv6tpmowM-pWQsyIDUUpw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Fri, 16 Jun 2023 15:41:03 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:5400:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
null
Date
Fri, 16 Jun 2023 09:16:59 GMT
Via
1.1 05b3bdb53d1146d1176c185d2da0d530.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P6
Age
21539
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
UR2Qm-2-OUdDRGp4y8NqfCSXHPbNOQ-V0GnBvgy1-NkSuboibscpKg==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:06:27 GMT
content-encoding
gzip
via
1.1 77c1752e5c6dfb050c6304b9d473a1e2.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
36571
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
0j7WazZoCMbrh4_dQty5_3HNPP9EwoccynIMNoaHSPr4r7k7Xwy60Q==
ob.js
cdn-ima.33across.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 15 Jun 2023 16:15:13 GMT
server
cloudflare
age
28818
etag
W/"648b3911-2e4b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7d8402dc78bea211-YYZ
expires
Sat, 17 Jun 2023 15:15:57 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=payback-2-the-battle-sandbox.en.softonic.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		839 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1467893338100435&correlator=2407511407596173&eid=31075027%2C31075377%2C31075029&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fifs&trt=2&iu_parts=5302%2Cdesktop%2Cdesktop-Web-en%2CApps%2CProgrampage%2CATF_OOP_Wallpaper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&adks=3454979113&didk=821598582&sfv=1-0-40&ists=1&prev_scp=pos%3Dtop%26countryCluster%3DA1%26td-slot%3Dtop-wallpaper%26hvi%3Dfalse%26type%3Doop_display_wallpaper&eri=1&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26region%3DA%26devel%3D0%26compliant%3D1%26recat%3Dgames%252Caction%26file%3D6238f67a-e6d4-11e6-a7ad-8a4597916e17%26country%3DUS%26ab_medium%3Dundefined%26author%3DApex%2520Designs%2520Entertainment%2520Ltd%26platformId%3Dandroid%26hosted%3Dtrue%26content%3Drich%26locale%3Den-US%26ab_upr%3D7%26segments%3D%26personalized%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1686928557296&lmt=1686928557&dlt=1686928554912&idt=1500&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=2133169270.1686928557&ga_sid=1686928557&ga_hid=1155549655&ga_fc=false
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f1065a4ce53a0c495900c1e798206784f2a7842bf4462a74d97ca06f7c391a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
448
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A0EA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:15:57 GMT
expires
Sat, 15 Jun 2024 15:15:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
corporate-logo-nb.svg
storage.googleapis.com/storage-proxy-assets/revamp-di-sft/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/storage-proxy-assets/revamp-di-sft/corporate-logo-nb.svg
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2010 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d8dac4dfb15299ed2b7c3b13a3ee6ad080342ee87638f44190dea188ea674120

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:10:43 GMT
age
314
x-guploader-uploadid
ADPycdt4dH4ROlkMFLoJRrLBACQU6aEx26IuJ5JIotd7d7KYx6gbxbAXS8PHCADHKxBHJPK7l45wXWf3BMEMppdH6s0eFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6593
last-modified
Wed, 01 Mar 2023 13:19:57 GMT
server
UploadServer
etag
"8a5ec86f9e44863fd94329cebaecb4d1"
x-goog-generation
1677676797280447
x-goog-hash
crc32c=wuPwOw==, md5=il7Ib55Ehj/ZQynOuuy00Q==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
6593
accept-ranges
bytes
expires
Fri, 16 Jun 2023 16:10:43 GMT
logo
images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/avg-secure-browser/AVG_Secure_Browser/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/avg-secure-browser/AVG_Secure_Browser/logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
a9664295397b85958955f42005ca77a9daccaeb55687cf4bc12ac781e41a9622
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:57 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="AVG_Secure_Browser.webp"
server-timing
cld-akam;dur=7;start=2023-06-16T15:15:57.426Z;desc=hit,rtt;dur=31
content-length
2722
last-modified
Tue, 26 Jul 2022 07:38:49 GMT
server
Cloudinary
etag
"29155b0342b628b761a18ab2055a8f5b"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
feature
images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/avg-secure-browser/1/ 		892 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/avg-secure-browser/1/feature
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
f799ebf29f04ec59dd3c4f76fce9bb2be188ff9cfbf7721df303f15a4570df50
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:57 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="1.webp"
server-timing
cld-akam;dur=10;start=2023-06-16T15:15:57.416Z;desc=hit,rtt;dur=31
content-length
892
last-modified
Thu, 08 Jun 2023 14:16:51 GMT
server
Cloudinary
etag
"308ab3a7783a6a88b374a243d9ad0474"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
feature
images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/avg-secure-browser/2/ 		338 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/avg-secure-browser/2/feature
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
719a4290222444c3739f27b7a72dedd00d3f63a2ee1c93448d46d5b80cef4245
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:57 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="2.webp"
server-timing
cld-akam;dur=6;start=2023-06-16T15:15:57.423Z;desc=hit,rtt;dur=31
content-length
338
last-modified
Thu, 08 Jun 2023 14:16:51 GMT
server
Cloudinary
etag
"3851e01f702ce09323448869e88d7212"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
feature
images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/avg-secure-browser/3/ 		698 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/avg-secure-browser/3/feature
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
f51f8b58bdb64d159ae18b0221b696e94f8eb4f2714b6cd1362b2b6f65ca7ed0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:57 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="3.webp"
server-timing
cld-akam;dur=8;start=2023-06-16T15:15:57.416Z;desc=hit,rtt;dur=31
content-length
698
last-modified
Thu, 08 Jun 2023 14:16:51 GMT
server
Cloudinary
etag
"b7d374ec13a0d2fc7c0f7a05b1ea00d0"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
chunk6-518966.mjs
sc.sftcdn.net/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk6-518966.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-f8c70.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
f04c6a33be37053de4e7dfafd9cf5e783874d4b11190a7e02bd01adf971ffa2d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Wed, 12 Jun 2024 10:05:08 GMT
date
Fri, 16 Jun 2023 15:15:57 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
277849
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3516
x-served-by
cache-ams12741-AMS, cache-yyz4539-YYZ
last-modified
Tue, 13 Jun 2023 08:32:11 GMT
server
istio-envoy
x-timer
S1686928557.414505,VS0,VE0
etag
W/"6488298b-2d7a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
54, 13
ads
www.google.com/afs/ Frame 7583 		16 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&hl=en&cpp=3&rpbu=https%3A%2F%2Fen.softonic.com%2Fs%2F%3Frscp%3D12345678%26platformId%3Dandroid&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4&nocache=8591686928557086&num=0&output=afd_ads&domain_name=payback-2-the-battle-sandbox.en.softonic.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686928557088&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=6358&frm=0&cl=537871741&uio=wi290-&cont=rscontainer&jsid=csa&jsv=537871741&rurl=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&adbw=master-1%3A290
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
5535b04ce57cc74aa8e305ed5c2255d14aeb1dc52d1ebe2081f75f9470babeb8
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-_kB64JMRaLrYWtpXDRd8tQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2893
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-_kB64JMRaLrYWtpXDRd8tQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Fri, 16 Jun 2023 15:15:57 GMT
expires
Fri, 16 Jun 2023 15:15:57 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
country
api.btloader.com/ 		16 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:57 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=WolRgjdX&w=5299385968099328&o=5633429348548608&cv=2.1.12-7-gb1eec29&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&sid=d2F2HXlUk&upapi=true
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Jun 2023 15:15:57 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
/
www.facebook.com/tr/ Frame C3A6 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://payback-2-the-battle-sandbox.en.softonic.com
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:15:57 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ffd682978600218b840e3c6f9aeee91c676f7867e43723056e5873043332cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 14:15:50 GMT
server
cloudflare
x-amz-request-id
R4AYT29X1C1Z5Y56
age
2037
etag
W/"bd84c027369eea0cf742a8ca6f03b75c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7d8402dca8c6c32f-EWR
x-amz-id-2
zzqzYtfGGOSSFuUXmhDY+vdC74wnesDBCWQYYjzoq/QsYf5Rv2tkn1YuQCVLW7cywUaKqD1BCDLFTFjylmiAtQ==
iu3
s.amazon-adsystem.com/ Frame 1DF9
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
307 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
991af7dd3de951ca288e28e445bb9bea1787505ee067ff4d871964c216fc430d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
307
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 16 Jun 2023 15:15:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
JZW9EQE13XFY6TPAZVR9

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 16 Jun 2023 15:15:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XKQNG87VQ4HSA8DP5W3M
/
www.google.com/pagead/1p-user-list/631321069/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/631321069/?random=1686928556499&cv=11&fst=1686927600000&bg=ffffff&guid=ON&async=1&gtm=45be36e0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&frm=0&tiba=Payback%202%20-%20The%20Battle%20Sandbox%20APK%20for%20Android%20-%20Download&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3965644450&rmt_tld=0&ipr=y
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		3 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Jun 2023 15:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
691.json
id5-sync.com/g/v2/ 		634 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/691.json
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
cb9e53ebc39f761bd77c3e13efcc9de1de04ca3746505c1bd7db0930ad923b81
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Jun 2023 15:15:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
call_to_action_arrow_v2.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 7583 		209 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow_v2.svg
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&hl=en&cpp=3&rpbu=https%3A%2F%2Fen.softonic.com%2Fs%2F%3Frscp%3D12345678%26platformId%3Dandroid&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4&nocache=8591686928557086&num=0&output=afd_ads&domain_name=payback-2-the-battle-sandbox.en.softonic.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686928557088&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=6358&frm=0&cl=537871741&uio=wi290-&cont=rscontainer&jsid=csa&jsv=537871741&rurl=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&adbw=master-1%3A290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d635d09bda9708c5a14649270950e0943edab5443eb2b2ff0ba1c7ff16bde09f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Jun 2023 01:37:24 GMT
age
49113
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
x-xss-protection
0
last-modified
Wed, 14 Jun 2023 09:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Sat, 17 Jun 2023 00:37:24 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 7583 		200 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&hl=en&cpp=3&rpbu=https%3A%2F%2Fen.softonic.com%2Fs%2F%3Frscp%3D12345678%26platformId%3Dandroid&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4&nocache=8591686928557086&num=0&output=afd_ads&domain_name=payback-2-the-battle-sandbox.en.softonic.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686928557088&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=6358&frm=0&cl=537871741&uio=wi290-&cont=rscontainer&jsid=csa&jsv=537871741&rurl=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&adbw=master-1%3A290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Jun 2023 14:38:19 GMT
age
2258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 21:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Sat, 17 Jun 2023 13:38:19 GMT
ads.js
www.google.com/adsense/search/ Frame 7583 		140 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/ads.js?pac=0
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&hl=en&cpp=3&rpbu=https%3A%2F%2Fen.softonic.com%2Fs%2F%3Frscp%3D12345678%26platformId%3Dandroid&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4&nocache=8591686928557086&num=0&output=afd_ads&domain_name=payback-2-the-battle-sandbox.en.softonic.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686928557088&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=6358&frm=0&cl=537871741&uio=wi290-&cont=rscontainer&jsid=csa&jsv=537871741&rurl=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&adbw=master-1%3A290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7a970757782d15ebfb80f54b154d7e4845fb2226799b92bfaf6042e8e8243c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"4495603262332791334"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Fri, 16 Jun 2023 15:15:58 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		96 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1467893338100435&correlator=631712602141328&eid=31075027%2C31075377%2C31075029&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fifs&gdpr=0&trt=2&iu_parts=5302%2Cdesktop%2Cdesktop-Web-en%2CApps%2CProgrampage%2CATF_MPU_First%2CATF_Notificationbar%2CATF_Leaderboard_First&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7&prev_iu_szs=300x600%7C300x250%7C300x180%7C300x150%7C250x250%7C200x200%7C180x150%7C160x600%7C120x600%2C320x50%2C1x1%7C970x250%7C970x90%7C960x90%7C950x90%7C728x90%7C500x90%7C468x90%7C468x60&fluid=0%2Cheight%2C0&ifi=2&adks=1913829646%2C3361850746%2C3361797518&didk=3758857423~2641185686~1866715383&sfv=1-0-40&prev_scp=pos%3Dtop%26countryCluster%3DA1%26td-slot%3Dtop-mpu-1%26hvi%3Dfalse%26type%3Dtop_display_mpu%26afcSlotId%3D2833355604%26amznbid%3D1%26amznp%3D1%7Cpos%3Dtop%26countryCluster%3DA1%26td-slot%3Dnative-notificationbar%26hvi%3Dfalse%26type%3Dnative_notificationbar%26devicePlatformId%3Dwindows%7Cpos%3Dtop%26countryCluster%3DA1%26td-slot%3Dtop-leaderboard-1%26hvi%3Dfalse%26type%3Dtop_display_leaderboard%26amznbid%3D1%26amznp%3D1&eri=1&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26region%3DA%26devel%3D0%26compliant%3D1%26recat%3Dgames%252Caction%26file%3D6238f67a-e6d4-11e6-a7ad-8a4597916e17%26country%3DUS%26ab_medium%3Dundefined%26author%3DApex%2520Designs%2520Entertainment%2520Ltd%26platformId%3Dandroid%26hosted%3Dtrue%26content%3Drich%26locale%3Den-US%26ab_upr%3D7%26segments%3D%26personalized%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1686928557910&lmt=1686928557&dlt=1686928554912&idt=1500&adxs=1116%2C0%2C315&adys=424%2C0%2C258&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&frm=20&vis=1&psz=300x0%7C1600x0%7C970x0&msz=300x0%7C1600x0%7C970x0&fws=512%2C4%2C4&ohw=0%2C1600%2C970&ga_vid=2133169270.1686928557&ga_sid=1686928557&ga_hid=1155549655&ga_fc=false
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39c3dba88e456aced19ce22f0dc47fd7d6c163b6933c22fe6adeccfc492fbf2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23654
x-xss-protection
0
google-lineitem-id
5859851515,6032936126,5909393668
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
483738838047,138394006699,483738838047
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
274 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R5K71YRXMV&gtm=45je36e0&_p=1155549655&_gaz=1&cid=2133169270.1686928557&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686928557&sct=1&seg=0&dl=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&dt=Payback%202%20-%20The%20Battle%20Sandbox%20APK%20for%20Android%20-%20Download&en=page_view&_fv=1&_ss=1&ep.page_type=program_page&ep.site_language=en&ep.google_click_id=&ep.test_variant=&ep.program_id=6238f67a-e6d4-11e6-a7ad-8a4597916e17&ep.program_platform=android&ep.program_category=games&ep.program_subcategory=action&ep.program_origin=42-matters&ep.program_sources=c9&ep.program_review_source=legacy&ep.program_download_type=internalDownload&ep.program_review_modification_date=2023-05-30&ep.program_opinions=no&ep.program_review_publication_date=2017-03-31&ep.program_has_button_buy=no&ep.program_has_button_download=yes&ep.program_has_gallery=yes&ep.program_has_offer=no&epn.program_user_score=8.805970149253724&ep.google_compliant=yes&ep.program_name=Payback%202%20-%20The%20Battle%20Sandbox
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
274 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R5K71YRXMV&cid=2133169270.1686928557&gtm=45je36e0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-152357-1&cid=2133169270.1686928557&jid=1388909180&gjid=406347975&_gid=670540500.1686928558&_u=YCDAgEABAAQCAEAAI~&z=902033406
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 16 Jun 2023 15:15:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1155549655&t=pageview&_s=1&dl=https%3A%2F%2Fpayback-2-the-battle-sandbox.en.softonic.com%2Fandroid&ul=en-us&de=UTF-8&dt=Payback%202%20-%20The%20Battle%20Sandbox%20APK%20for%20Android%20-%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAQCAAAAI~&jid=1388909180&gjid=406347975&cid=2133169270.1686928557&tid=UA-152357-1&_gid=670540500.1686928558&gtm=45He36e0n715LWWHP&cd1=%2Fprogram_page&cd2=1&cd3=android&cd4=games&cd5=action&cd6=no&cd7=no&cd10=yes&cd11=yes&cd12=US&cd14=free&cd15=2017-03-31&cd16=G8BzdghzTXGLv4LQjBmbkbQ3&cd17=0&cd18=no&cd19=8.805970149253724&cd21=6238f67a-e6d4-11e6-a7ad-8a4597916e17&cd52=%2Fprogram_page&cd72=&cd79=Payback%202%20-%20The%20Battle%20Sandbox&cd82=internalDownload&cd85=2023-05-30&cd94=ac91a73f-7a7e-4789-a080-cdf637097903&cd97=&cd110=c9&cd111=42-matters&cd112=legacy&z=949349809
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 06:38:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31077
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
encrypt
esp.rtbhouse.com/ 		241 B
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
c108d58def3510609995ed245508bf4c9eda3b759c6334d5c205690012d1a727

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
2a8f31e180069c1bad521d015b2ac7db
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://payback-2-the-battle-sandbox.en.softonic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 16 Jun 2023 15:15:58 GMT
server
Google Frontend
vary
Origin
via
1.1 google, 1.1 google
x-cloud-trace-context
88b1a1e336102ac65c26e522466d506b
pr
s.amazon-adsystem.com/v3/ Frame 3F46 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7d01297b77a6e9e8b63de7649a17a2def504a2e6e125e91cc71857d5e51ae816
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2137
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 16 Jun 2023 15:15:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
F50BZG4TJAATHR2XZN36
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 14:15:50 GMT
server
cloudflare
x-amz-request-id
EA57VJH583BCJXX7
age
1556
etag
W/"8c1740edd46834c66e82586d99a9e74c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7d8402e28d8ac32f-EWR
x-amz-id-2
eQEBzV7tYOSgMQhfTc9Akeev6TFhSBPy4BRvUfLfys7EQNN7WFVCiAoqh7CNA6a9B7Ra5fw8FAc=
container.html
027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D5C1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:15:57 GMT
expires
Sat, 15 Jun 2024 15:15:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0CB1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:15:57 GMT
expires
Sat, 15 Jun 2024 15:15:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3E63 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:15:57 GMT
expires
Sat, 15 Jun 2024 15:15:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
api.assertcom.de/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.134.244 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.134.108.65.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
/
api.assertcom.de/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.134.244 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.134.108.65.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
/
api.assertcom.de/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.134.244 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.134.108.65.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Jun 2023 15:15:59 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
fortnite-logo
images.sftcdn.net/images/t_app-icon-s/p/0f1cd020-5f3b-11e8-a529-0242ac120009/55309067/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/0f1cd020-5f3b-11e8-a529-0242ac120009/55309067/fortnite-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
ab5a1701594d411ad6f76607be52f4b3b2708b2d2df9672573df9444bb693c61
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:51:09 GMT
server
Cloudinary
etag
"0af2c8a943e4ff5db46e7790dab097ee"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="55309067.webp"
server-timing
cld-akam;dur=17;start=2023-06-16T15:15:58.730Z;desc=hit,rtt;dur=23
accept-ranges
bytes
timing-allow-origin
*
content-length
2224
gta-v-Download-Grand-Theft-Auto-V-Unofficial.jpg
images.sftcdn.net/images/t_app-icon-s/p/193a347b-7f90-4a8a-8f45-9f7e84cd9e76/66632773/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/193a347b-7f90-4a8a-8f45-9f7e84cd9e76/66632773/gta-v-Download-Grand-Theft-Auto-V-Unofficial.jpg
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
74b9570dd1fea70495944638939e2fd842d03482a72d89e92e84a80fbd0a7c39
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Fri, 12 May 2023 08:34:40 GMT
server
Cloudinary
etag
"acb0de9bc214ebfe3eb9eb033456d6be"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="66632773.webp"
server-timing
cld-akam;dur=12;start=2023-06-16T15:15:58.669Z;desc=hit,rtt;dur=25
accept-ranges
bytes
timing-allow-origin
*
content-length
2282
pubg-mobile-logo
images.sftcdn.net/images/t_app-icon-s/p/f16a3fe4-6774-4ca4-a0f9-df9dfb352797/1453337448/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/f16a3fe4-6774-4ca4-a0f9-df9dfb352797/1453337448/pubg-mobile-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
485d4fd0f7ce6ef94041b163efa4b8e9931b8ff3027e902cbfd740bc57429ead
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:54:24 GMT
server
Cloudinary
etag
"439bdc402f3e28b74a10bd9318d56fa6"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1453337448.webp"
server-timing
cld-akam;dur=7;start=2023-06-16T15:15:58.669Z;desc=hit,rtt;dur=25
accept-ranges
bytes
timing-allow-origin
*
content-length
3146
call-of-duty-mobile-logo
images.sftcdn.net/images/t_app-icon-s/p/1fff34ee-06ee-4e70-8304-d20b3d252bcd/484126203/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/1fff34ee-06ee-4e70-8304-d20b3d252bcd/484126203/call-of-duty-mobile-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
64a47dc31815a9e1707c28b59dd18e2a96a61be58026bf847de5420593ef7b02
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 05 Jun 2023 18:07:43 GMT
server
Cloudinary
etag
"a627925213461397426f5dc00c9e7618"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="484126203.webp"
server-timing
cld-akam;dur=9;start=2023-06-16T15:15:58.672Z;desc=hit,rtt;dur=25
accept-ranges
bytes
timing-allow-origin
*
content-length
3290
call-of-duty-warzone-logo
images.sftcdn.net/images/t_app-icon-s/p/dcad2150-82b2-4ffb-b77a-d480d2c853d2/570528362/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/dcad2150-82b2-4ffb-b77a-d480d2c853d2/570528362/call-of-duty-warzone-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1f4e51ea9c561d5a9258d3e6185780f8255cdab21aa19f15650df545165c5c83
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sat, 29 Apr 2023 13:01:08 GMT
server
Cloudinary
etag
"42b174254624ede115f850683a84b2cb"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="570528362.webp"
server-timing
cld-akam;dur=6;start=2023-06-16T15:15:58.670Z;desc=hit,rtt;dur=25
accept-ranges
bytes
timing-allow-origin
*
content-length
4778
my-talking-tom-friends-logo
images.sftcdn.net/images/t_app-icon-m/p/f5133325-72f1-49e7-a88e-d36b990b9cf0/425370015/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/f5133325-72f1-49e7-a88e-d36b990b9cf0/425370015/my-talking-tom-friends-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
7131943767b60284e2cabc5078d9dca3e2b98287ef549916ce192b127afc5b33
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 01 Jun 2023 23:41:36 GMT
server
Cloudinary
etag
"7a4d836fed0f2223d63e529ac4c5a191"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="425370015.webp"
server-timing
cld-akam;dur=248;cpu=125;start=2023-06-16T15:15:58.676Z;desc=miss,rtt;dur=25,cloudinary;dur=105;start=2023-06-16T15:15:58.765Z
accept-ranges
bytes
timing-allow-origin
*
content-length
7242
trial-xtreme-4-logo
images.sftcdn.net/images/t_app-icon-m/p/2526ee0a-9b2e-11e6-84fa-00163ec9f5fa/2826098988/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/2526ee0a-9b2e-11e6-84fa-00163ec9f5fa/2826098988/trial-xtreme-4-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
968740682f6a201a528345c3f2ba667031c6fa3ac0532b1ad50b135a05bbadf1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 10:07:00 GMT
server
Cloudinary
etag
"91b6e59da7df6efc3bad0d830d8702d9"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2826098988.webp"
server-timing
cld-akam;dur=226;cpu=174;start=2023-06-16T15:15:58.673Z;desc=miss,rtt;dur=25,cloudinary;dur=25;start=2023-06-16T15:15:58.849Z
accept-ranges
bytes
timing-allow-origin
*
content-length
8924
payback-showdown-afk-fighting-rpg-icon.png
images.sftcdn.net/images/t_app-icon-m/p/3304ae40-f98f-47f1-9b98-3873b1141e73/1655326148/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/3304ae40-f98f-47f1-9b98-3873b1141e73/1655326148/payback-showdown-afk-fighting-rpg-icon.png
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
0cd713f2d27bdb7993d0e492ee9c65529080343162c6cc11093a18bc3c911ec8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:19:50 GMT
server
Cloudinary
etag
"b954ccdc648898111cef789445e83197"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1655326148.webp"
server-timing
cld-akam;dur=57;start=2023-06-16T15:15:58.673Z;desc=hit-near,rtt;dur=25
accept-ranges
bytes
timing-allow-origin
*
content-length
10458
beach-buggy-racing-logo
images.sftcdn.net/images/t_app-icon-m/p/4bbd1782-9b34-11e6-9d68-00163ed833e7/1053964789/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/4bbd1782-9b34-11e6-9d68-00163ed833e7/1053964789/beach-buggy-racing-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
99d5644e31644faef79df33a6d89278140cb2c37a77046dfebb4cce51b2a05d5
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:51:22 GMT
server
Cloudinary
etag
"8d70d5183e2fd1b85453d6412fa7c74a"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1053964789.webp"
server-timing
cld-akam;dur=37;start=2023-06-16T15:15:58.672Z;desc=hit-near,rtt;dur=25
accept-ranges
bytes
timing-allow-origin
*
content-length
12028
count-masters-crowd-clash-stickman-running-game-logo
images.sftcdn.net/images/t_app-icon-m/p/1e347c2c-fba6-46a6-8b5e-65514ad73af2/361972964/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/1e347c2c-fba6-46a6-8b5e-65514ad73af2/361972964/count-masters-crowd-clash-stickman-running-game-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
ec95e323d7f3f6d2ae5c9286a60b74f00fdc3348d66605256e7ecb83093384f7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:54:24 GMT
server
Cloudinary
etag
"1e347bc40079844f37024eef45f2ac34"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="361972964.webp"
server-timing
cld-akam;dur=211;cpu=144;start=2023-06-16T15:15:58.669Z;desc=miss,rtt;dur=25,cloudinary;dur=52;start=2023-06-16T15:15:58.781Z
accept-ranges
bytes
timing-allow-origin
*
content-length
6206
payback-showdown-afk-fighting-rpg-icon.png
images.sftcdn.net/images/t_app-icon-s/p/3304ae40-f98f-47f1-9b98-3873b1141e73/1655326148/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/3304ae40-f98f-47f1-9b98-3873b1141e73/1655326148/payback-showdown-afk-fighting-rpg-icon.png
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
23e536a6d1561890b1908b1396c6e7911eade6f3bb216fe40d1790f5cffdd271
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:06:19 GMT
server
Cloudinary
etag
"db3c1c74514d9d7af95248cc067d3082"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1655326148.webp"
server-timing
cld-akam;dur=115;cpu=40;start=2023-06-16T15:15:58.689Z;desc=hit-near,rtt;dur=24
accept-ranges
bytes
timing-allow-origin
*
content-length
3202
special-forces-group-2-icon%20(32).png
images.sftcdn.net/images/t_app-icon-s/p/55ec51de-e24c-4254-9714-7082890af22a/5059263/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/55ec51de-e24c-4254-9714-7082890af22a/5059263/special-forces-group-2-icon%20(32).png
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1a1d8ef69b5711dc60b097ac2c25aa45e65eb1baacd506cd4969140f03f821a5
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:00:37 GMT
server
Cloudinary
etag
"c5aa8a1869166058446e10ec6ae57403"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="5059263.webp"
server-timing
cld-akam;dur=139;cpu=80;start=2023-06-16T15:15:58.831Z;desc=hit-near,rtt;dur=24
accept-ranges
bytes
timing-allow-origin
*
content-length
3212
assassin-gunner-icon.png
images.sftcdn.net/images/t_app-icon-s/p/f9f28019-c709-4e10-be66-1420b58ddc81/806660096/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/f9f28019-c709-4e10-be66-1420b58ddc81/806660096/assassin-gunner-icon.png
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
d1de0cd6592676cec0da073e3946ea3a467a0a15e282b7a6c6067183bb2f5b65
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:06:19 GMT
server
Cloudinary
etag
"30ae7773857cc99730610096dc459413"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="806660096.webp"
server-timing
cld-akam;dur=139;cpu=64;start=2023-06-16T15:15:58.692Z;desc=miss,rtt;dur=25,cloudinary;dur=57;start=2023-06-16T15:15:58.743Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2604
counter-terrorist-shoot-logo
images.sftcdn.net/images/t_app-icon-s/p/41d9c4bf-1dc3-4355-9d44-4f30da9c4ef5/3023338047/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/41d9c4bf-1dc3-4355-9d44-4f30da9c4ef5/3023338047/counter-terrorist-shoot-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
4242e7c20a9295b2ce15bda5e2f6ce7705bfa4177f9cb5473a37bd0d77ff4310
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:29:23 GMT
server
Cloudinary
etag
"153166b60e9b0772e34d025ae0bcf533"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3023338047.webp"
server-timing
cld-akam;dur=177;cpu=87;start=2023-06-16T15:15:58.689Z;desc=miss,rtt;dur=25,cloudinary;dur=70;start=2023-06-16T15:15:58.733Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2674
sniper-shot-3d-call-of-snipers-logo
images.sftcdn.net/images/t_app-icon-s/p/59c20232-01b0-11e8-a0aa-0242ac12000f/3764599347/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/59c20232-01b0-11e8-a0aa-0242ac12000f/3764599347/sniper-shot-3d-call-of-snipers-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
6fac00529b89548f560b8f75038066bf6dd1cb7c7ace9a9cf92719f8601ed89a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 05 Jun 2023 22:25:15 GMT
server
Cloudinary
etag
"7742691ad94fa6fa113cee99758ed4cf"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3764599347.webp"
server-timing
cld-akam;dur=122;cpu=18;start=2023-06-16T15:15:58.723Z;desc=hit-near,rtt;dur=23
accept-ranges
bytes
timing-allow-origin
*
content-length
3188
taxi-sim-2020-logo
images.sftcdn.net/images/t_app-icon-s/p/be68c27d-eea6-4cdf-ac25-64a52ec6d697/3904618847/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/be68c27d-eea6-4cdf-ac25-64a52ec6d697/3904618847/taxi-sim-2020-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
d087a32f4de498511f850c5e7153477592176494f017589bae73d08f7f384178
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:06:09 GMT
server
Cloudinary
etag
"6e051fedf610b86b3404ce3d92c96ba2"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3904618847.webp"
server-timing
cld-akam;dur=193;cpu=97;start=2023-06-16T15:15:58.690Z;desc=miss,rtt;dur=25,cloudinary;dur=81;start=2023-06-16T15:15:58.751Z
accept-ranges
bytes
timing-allow-origin
*
content-length
3630
the-dark-knight-rises-logo.png
images.sftcdn.net/images/t_app-icon-s/p/e8bdf04a-9b36-11e6-b99a-00163ec9f5fa/1525226619/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/e8bdf04a-9b36-11e6-b99a-00163ec9f5fa/1525226619/the-dark-knight-rises-logo.png
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
141d10901e6e6391e48a585cbeca990d65f628c2c3f0881f0cd1d3aa56c664cb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:53:48 GMT
server
Cloudinary
etag
"ddd33eaeec7c0019712fa798a4ee151a"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1525226619.webp"
server-timing
cld-akam;dur=108;cpu=23;start=2023-06-16T15:15:58.696Z;desc=hit-near,rtt;dur=25
accept-ranges
bytes
timing-allow-origin
*
content-length
1644
sigma-game-battle-royale-logo
images.sftcdn.net/images/t_app-icon-s/p/dc1dd8bd-1756-438a-9afb-7e990f90f03e/979813251/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/dc1dd8bd-1756-438a-9afb-7e990f90f03e/979813251/sigma-game-battle-royale-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
2b4c451ec4299b927e1dbd2f83ce6e700791c6a5ae8006c2d7f570f75770f662
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Fri, 31 Mar 2023 21:16:07 GMT
server
Cloudinary
etag
"4b325be6b068d138278f3fc7ef9cf154"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="979813251.webp"
server-timing
cld-akam;dur=38;start=2023-06-16T15:15:58.689Z;desc=miss,rtt;dur=25,cloudinary;dur=51;start=2023-06-16T13:57:23.733Z
accept-ranges
bytes
timing-allow-origin
*
content-length
3156
fps-sniper-missions-logo
images.sftcdn.net/images/t_app-icon-s/p/2d078287-96c8-4fbb-a17c-4da5fc470115/1108000437/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/2d078287-96c8-4fbb-a17c-4da5fc470115/1108000437/fps-sniper-missions-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
72f4838268cfb3fd2509c8fbe404788fcf6242d2d1a5c91b9c535257e2e9cf41
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Wed, 14 Jun 2023 10:42:03 GMT
server
Cloudinary
etag
"fabd45b5bbd98d7d31ea23868ac51f4d"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1108000437.webp"
server-timing
cld-akam;dur=160;cpu=104;start=2023-06-16T15:15:58.689Z;desc=miss,rtt;dur=25,cloudinary;dur=36;start=2023-06-16T15:15:58.795Z
accept-ranges
bytes
timing-allow-origin
*
content-length
3616
amanda-the-adventurer-horror-cig-logo
images.sftcdn.net/images/t_app-icon-s/p/45df35ea-1d47-4000-8937-f0b335b7a74a/3438156465/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/45df35ea-1d47-4000-8937-f0b335b7a74a/3438156465/amanda-the-adventurer-horror-cig-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
41bd0e4a51d3be6346b668247cbafc8e6d8c2d00884f243ec78e82669ff13b87
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:59 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Wed, 14 Jun 2023 10:29:09 GMT
server
Cloudinary
etag
"133764aa272dcd8b4de85ffe3181172d"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3438156465.webp"
server-timing
cld-akam;dur=536;cpu=441;start=2023-06-16T15:15:58.690Z;desc=miss,rtt;dur=25,cloudinary;dur=62;start=2023-06-16T15:15:58.916Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2682
red-dead-redemption-2-pic-icon.png
images.sftcdn.net/images/t_app-icon-s/p/10459b51-51a3-482d-8e4f-c491478e672e/2369295961/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/10459b51-51a3-482d-8e4f-c491478e672e/2369295961/red-dead-redemption-2-pic-icon.png
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
2737d87f0b977ac0e5adc916c826b96b74ea37e1faf19b3afe2ee161ed700e3d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:59 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:50:05 GMT
server
Cloudinary
etag
"77bf12d031a4cac82828f3f9c95a261f"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2369295961.webp"
server-timing
cld-akam;dur=473;cpu=389;start=2023-06-16T15:15:58.696Z;desc=hit-near,rtt;dur=25
accept-ranges
bytes
timing-allow-origin
*
content-length
8268
gta-via-icon.png
images.sftcdn.net/images/t_app-icon-s/p/16ac7aba-1e60-41b3-9820-a28459c01584/1321656126/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/16ac7aba-1e60-41b3-9820-a28459c01584/1321656126/gta-via-icon.png
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
910d03b1a50b59a01914f2a1caa5aee09136041d1b76c8938c897ed38c95a460
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:54:02 GMT
server
Cloudinary
etag
"9ac783b246933df3996a434eb0468c67"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1321656126.webp"
server-timing
cld-akam;dur=52;start=2023-06-16T15:15:58.690Z;desc=hit-near,rtt;dur=25
accept-ranges
bytes
timing-allow-origin
*
content-length
3776
lalkamal-nilkamal-logo
images.sftcdn.net/images/t_app-icon-s/p/279ad933-5760-4856-84df-214f2868991f/3403937578/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/279ad933-5760-4856-84df-214f2868991f/3403937578/lalkamal-nilkamal-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
ff73107a302cf5e5b2939f47b86fcf27e9f25c679cd5b05dd8a39d17ddedf4ca
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Wed, 14 Jun 2023 19:47:17 GMT
server
Cloudinary
etag
"461ec3bad4afb0eca9b670d211c537e6"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3403937578.webp"
server-timing
cld-akam;dur=54;start=2023-06-16T15:15:58.689Z;desc=hit-near,rtt;dur=25
accept-ranges
bytes
timing-allow-origin
*
content-length
3988
lallu-tallu-action-game-logo
images.sftcdn.net/images/t_app-icon-s/p/eca9e0bd-5791-4aee-9033-6cb443413be6/4006345406/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/eca9e0bd-5791-4aee-9033-6cb443413be6/4006345406/lallu-tallu-action-game-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
9b0e664fc85cbb5f3fbdc5486c54cfa806b25d75ef9f2e8e329f813a8b9704fe
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Wed, 14 Jun 2023 18:00:16 GMT
server
Cloudinary
etag
"1e93fb52168fda28ae68ddcfd10b7795"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="4006345406.webp"
server-timing
cld-akam;dur=89;cpu=20;start=2023-06-16T15:15:58.696Z;desc=hit-near,rtt;dur=24
accept-ranges
bytes
timing-allow-origin
*
content-length
3684
fps-shooting-games-fire-games-10d-logo
images.sftcdn.net/images/t_app-icon-s/p/9deae087-07a9-4adf-8335-cb306475bdee/2349334171/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/9deae087-07a9-4adf-8335-cb306475bdee/2349334171/fps-shooting-games-fire-games-10d-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
88236815fea74615dd07b84215acafddcbdbccc46d71ead4d96237b3e1270f04
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Wed, 14 Jun 2023 21:54:12 GMT
server
Cloudinary
etag
"3a6afb36a8813364edacaf90406fc851"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2349334171.webp"
server-timing
cld-akam;dur=104;start=2023-06-16T15:15:58.690Z;desc=hit-near,rtt;dur=25
accept-ranges
bytes
timing-allow-origin
*
content-length
3654
arrow-slashers-logo
images.sftcdn.net/images/t_app-icon-s/p/0a812932-77a0-4f55-b154-9460399de319/243840856/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/0a812932-77a0-4f55-b154-9460399de319/243840856/arrow-slashers-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
05699397165d3308edffb34d389180b73436daeb762b248c2fcd82703c07cea3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Wed, 14 Jun 2023 10:12:38 GMT
server
Cloudinary
etag
"12f8fcd238b63a71fb4428d1f86894f6"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="243840856.webp"
server-timing
cld-akam;dur=74;cpu=5;start=2023-06-16T15:15:58.690Z;desc=hit-near,rtt;dur=25
accept-ranges
bytes
timing-allow-origin
*
content-length
2616
hunter-assassin-2-logo
images.sftcdn.net/images/t_app-icon-s/p/855f1679-096d-40e3-8e0e-13444dd14e5e/671807899/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/855f1679-096d-40e3-8e0e-13444dd14e5e/671807899/hunter-assassin-2-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
ef6b5ea69552a73783cf6f676dbfeb9e9dcdda4041f8735d626a2ed649cd4664
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:39:04 GMT
server
Cloudinary
etag
"a022e40e93a0a01b319532f5c371c303"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="671807899.webp"
server-timing
cld-akam;dur=140;cpu=117;start=2023-06-16T15:15:58.804Z;desc=hit-near,rtt;dur=24
accept-ranges
bytes
timing-allow-origin
*
content-length
4022
free-survival-fire-battlegrounds-battle-royale-logo
images.sftcdn.net/images/t_app-icon-s/p/90595a4f-dce9-411b-9259-d0011baa2ab5/2900665223/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/90595a4f-dce9-411b-9259-d0011baa2ab5/2900665223/free-survival-fire-battlegrounds-battle-royale-logo
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:4a6::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
972cf12825e9215f90a0e643c653e9425754a9df60c0d1fb46c0ac2ea8a60d2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 11:37:37 GMT
server
Cloudinary
etag
"d23659749c80993cf91de8c9d8ef3ffc"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2900665223.webp"
server-timing
cld-akam;dur=93;cpu=11;start=2023-06-16T15:15:58.690Z;desc=hit-near,rtt;dur=25
accept-ranges
bytes
timing-allow-origin
*
content-length
2772
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-152357-1&cid=2133169270.1686928557&jid=1388909180&_u=YCDAgEABAAQCAEAAI~&z=1603744228
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		156 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.38.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-38-212.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
630b168c00ec2c79b90aa78252b416d12ed58cf5551f053f9c6aa6ca26ff206e

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
cache-control
no-cache
x-server
10.40.38.133
access-control-allow-credentials
true
content-length
156
expires
0
chunk0-54938d.mjs
sc.sftcdn.net/scripts/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk0-54938d.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-f8c70.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
5a1fc5ea4f2dc7784214f3950b4f5542255198909655590e1fc181a909e73968

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Wed, 12 Jun 2024 10:05:08 GMT
date
Fri, 16 Jun 2023 15:15:58 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
277849
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7820
x-served-by
cache-ams12752-AMS, cache-yyz4539-YYZ
last-modified
Tue, 13 Jun 2023 08:32:11 GMT
server
istio-envoy
x-timer
S1686928559.665144,VS0,VE0
etag
W/"6488298b-6589"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
55, 44
chunk1-18e531.mjs
sc.sftcdn.net/scripts/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk1-18e531.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-f8c70.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
06f01dc583b02be72189e6fa59533a981838f158862a65b0fb0e4d94c567db35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Wed, 12 Jun 2024 10:05:08 GMT
date
Fri, 16 Jun 2023 15:15:58 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
277850
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4602
x-served-by
cache-ams21067-AMS, cache-yyz4539-YYZ
last-modified
Tue, 13 Jun 2023 08:32:11 GMT
server
istio-envoy
x-timer
S1686928559.665129,VS0,VE0
etag
W/"6488298b-406c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
30, 45
chunk7-11073d.mjs
sc.sftcdn.net/scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk7-11073d.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-f8c70.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
11f5e4de72141a50d703cda705b8d506bef38703f7c3be8a89c5246e25e8ab7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Wed, 12 Jun 2024 10:05:09 GMT
date
Fri, 16 Jun 2023 15:15:58 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
277850
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2922
x-served-by
cache-ams21059-AMS, cache-yyz4539-YYZ
last-modified
Tue, 13 Jun 2023 08:32:11 GMT
server
istio-envoy
x-timer
S1686928559.665124,VS0,VE0
etag
W/"6488298b-27dd"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
9, 10
ecm3
s.amazon-adsystem.com/ Frame 3F46
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1686928558766
  • https://ad.turn.com/r/cs?pid=45&rndcb=7602918316
  • https://sync.1rx.io/usersync/turn/4194221799780867193?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7883e645-30bd-4b92-ac0e-160d050aa984-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-7883e645-30bd-4b92-ac0e-160d...
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-7883e645-30bd-4b92-ac0e-160d050aa984-005
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-7883e645-30bd-4b92-ac0e-160d050aa984-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:16:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TXAJ59QGJK0WY44SMV73
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:16:00 GMT
Server
Tengine
ETag
RX7883e64530bd4b92ac0e160d050aa984005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-7883e645-30bd-4b92-ac0e-160d050aa984-005
Content-Type
text/html
Connection
keep-alive
error
api.assertcom.de/ 		0
329 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/error
Requested by
Host: oth2kklpqszcjh2u2.ay.delivery
URL: https://oth2kklpqszcjh2u2.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.134.244 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.134.108.65.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:59 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
amzns2s
rtb.gumgum.com/usync/ Frame 7989 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.59.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-59-237.compute-1.amazonaws.com
Software
nginx /
Resource Hash
325b8d161905c235788081e05224dbb09426286bd2429e15ef80d2d09675ead6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 16 Jun 2023 15:15:58 GMT
etag
W/"00af351a91b6c677ec2ff17e2f0853c1f"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 9D8E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
f5b6e38f1d9784f32daed2ddd7bb37aca41b2cc6f0e33f846dceeb7b9d2a5950

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1716
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:15:58 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Fri, 16 Jun 2023 15:15:58 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 433D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.173.8 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=61007
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:15:58 GMT
expires
Sat, 17 Jun 2023 08:12:45 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame D5C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1J5-BSfIwO9z1iZP8icknC2x7upyF76bvqO-loyWKSGNrqmZtvBAkQAGu4J9XQ17tT971nTRyv_m-n_tYLH26ppyPUONlxMgpCxF9d7X98mUf23TnjVoGHl5pWaHxY_Y2uJHXM8KyKIOr_zRGOl9t1dvZuA45EpLC1-AT-4W-opjgokt4UO_sr6XEqVV4StR4j8_wpauQqAkfamgL4be46AR6Vhirhr9RiBMiuOoYRFsGkAmqtIsHjW42AVykWICQldZ6eYtZF3WJM9zKu-sRXghLtUEpgxMCoHEr4A4_PFPi23Z3dkWh2EGD-NSZ_ApF_tY_6h_8pir3MQ6UTidZO1643x-D0D0XC-4Y89UqYJnr6ft_YS2iWNAa0zh5durtYnCE1unrSUjqMJ1V0skGh6LAZc_AFsOEevfHGRu0OW2WQ_1WeOaXz-AjNgkHE44MHK96xHhfcomDGxcXNt7iG7-9vPJDcCfeN9BDaDPb-ozp6IHdCGdDlil_TBQs4aky9MYu_lqT2txrgUCNMnt8ad5BbLy_IKdk6kQtbPVeebSgCtBlGhI-Dp0DCQdOXw3HtGuGPhbNZYi-X5oVex_t-sTPijaMD89fEsf-T6eaBNCa2nyqQYkMWbv4wEGR1iUkiQ8tl-abnvixprvL43-ZVCZcH5Q_mQr2to3AajSD6DJAT7bmi4yFECNWcqq8Wwcqca0Tpi_uexfYOr7n7xH3J033nD0PKV6-JyqLIIwQwvBKmbZXnzDOYDpTU7AJ_15szmJGbejm6rWHqpE-bQPrhFMVlrXC9zNHa3CuGV_YmIyEQekHS83ZA9eT1aeumUcBwk6PqlnVXcBzsZOwUIaVzUVv3c2xS1y0A9pSbCV95mQGNrAoEitP20R2i3zKwSYN5TnmKCVPbepLCo76OwDarucSS5yhHnDTL1PpqNoGRmnEva35TH-UPkwJ-3glTcZ9tG5WoUCE03pqDw63FZmsQ726HFvZHl2CoeIX1508fyWss3o88pLPSR1R0t7mex-PAZsLQEoklFVjD3NE78b3Rh_vOSbNn17LHByNj8Ndb87ws9KYLE6GT9wsRQZswdhXGrZweGumPtxBvworwBI9HWgg6TEf9jnTTpXMyhmIJScH0MqY8uPkiTUFOw3fJbWTg5C_eNHaItK9wR3kGENS3Xx52Gmk0S0J9AQ-oze5Jt0u-KDiCvG21jPXFFtz3Ng_xMgEPKXga9hvrlEnmyhxFxLEtMZOpLcqQL9jSoJt8_lkh0M0dyA8xK9iDfQKwRnVFhoWyhbp6-rJQj2LN-_BP74M5ptgLKUHJ29a4nP95aSzS6uu1OgmgaUaVkOMFOj0pwcD23O9sT7p-XL5n74lxy4fsRULT8c6YkD1MzB_jPwtxVULZeCi1JDZQp5ySyKtDxYLG6ATjb-pMIxGrV5rezEjb5Iy2EKYIKTv3fZkVt9CI0wvKuNTGOYVTKRtiCg2MwIAXqRJ7AA_jA&sai=AMfl-YTQhyzPVEoVK-k_QdSJGZveOQPnhY_IKuREqgNU93bZbEqFC6KxZ2CTZew8EmDNJ-mIeR9S0efnLatwgSvoOiunmXQsxu_5cCqMA4D9mlqsRYkXUy9K8_nDu13MdKHk56j0TcQahVfYsWTRD353WeF66cTuBpV7sH9jtyL0ad6vizG34snEPOfY9K22Ch-nGZHwKZNwkKFW4ZKM8AHtBlCogabAdbHx1_ycwXc3688l5oP7R9w-kciA7s8DLD1fzwJ7e6asE7SeSSNh2Q&sig=Cg0ArKJSzIOyIZ6G0qJWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 15:15:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
win
8proof.com/app/ Frame D5C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://8proof.com/app/win?id=509471515746&ap=ZIx8rgAAMyAKs8oPAA6IoniFcE7wsCSmVJU83A&t=b
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
96.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
content-length
0
server
nginx
5111
8proof.com/app/rtbmarkup/ Frame F739 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8proof.com/app/rtbmarkup/5111?id=509471515746&ctd=51034&crid=1212&ap=ZIx8rgAAMyAKs8oPAA6IoniFcE7wsCSmVJU83A
Requested by
Host: 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
96.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
7723a12707862ef77e0ef6ec14d57fca04486590ae9150eb2a3dd80749e17c08

Request headers

Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 16 Jun 2023 15:15:58 GMT
server
nginx
vary
Accept-Encoding
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame D5C1 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
78005
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 17:35:53 GMT
l
www.google.com/ads/measurement/ Frame D5C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqSbMo1orwsBb5-mcTo8R5xm6rAJ5I6HX3P1AUed5FSFDnK-oNG1bYvSAJW9KUUW022Kt1ONH8PgK8QZ7O3KvGi1mmZg
Requested by
Host: 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D5C1 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 12:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
183362
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Jun 2024 12:19:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D5C1 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:15:58 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0CB1 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 12:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
183362
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Jun 2024 12:19:56 GMT
css
fonts.googleapis.com/ Frame 0CB1 		2 KB
979 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=en
Requested by
Host: 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 15:15:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 16 Jun 2023 13:49:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Jun 2023 15:15:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0CB1 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:15:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3E63 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRIpD0s3hwbgcuBFg4SWoCBCpx3c94ps0bIQN950X2xKdYWUOrN1MISDyzqadX4XxxhIvC0skptL4ES_yw2U-fJBYJaJzioK1ki0QjhVIleQG_xmNK7r1sEQ0j0pU74BMKWK2IIoWUBqW2MGePXPHaqGYL-G11gwoNOGysnavtx3ZEH99OHZK0jjgqFNZ8zJ2A7BqkC4LST7JNYbrwZRz9BGaajJDAmeCcY-bitEUBDWJ7d-1pUW0ZzB_4XbFgJVr4zdIBRKB1OmPbJIhz8wpj2uWWZBfhwy7GZuIpcfD1maSogoif7QznaEIGitzaB4u5D4WIXImH0a_loS9OoOdCkSLBG_AwsjUp8sUPbDS4JzVPAP5ZYhZ-EpfWBOaZBOmi5wT72dut0pfH6v-e_FRsQz_3paOLm9o9HPynsTVmizx5aCNU0kgjEZDXmwKIXdzcvGsoUtjk6jO5t0KvZ84fkSbu9vwBZH03zvFfl3bjZZ0K0_1GMHQW_19GaD98a6IWVrRlvZhtMi_OMnmhkrhsTLAy5emxegOi7Lh2ommfg8TxFru1GT_z3oL2dXiTJ_sWduKUCSnvYi56r7Qu4psy6udPA-dIQWfzFFMOypjC99mDQUXZoMPIs2xBGXCbAm4vrvU6Zd6juN2fCufR4VYUU3LE1xiTNUqJQr4-mKxF4lnGva1F5p2GiKX3ZL3K8ZKTJFgygluNMN3McrkoImYYhSwHsBFyfL25uE2V4PAVrNCYUD41hgHv8dnVtdJG60q9OsNvgHY2vvf5s3eMUcBje5rGNuerf7zPka9x3WnQTrB4s-ZNqEeIg0Mg-vruzRY_q0koUjHkM1Q2UgGzel-f8m2woonoKw5MpoqlDd0pnpEsaIAlXybs5m6Y_HMFrMmQMwa-OkcWcvrthddOSh_2i_k_ZYWwfnPyeOhr16nao1lcN561x_5YjK4WbJLnNKzn0zd0P-8jJ0XRNzutk2iZdKaNedbfZvFMLMT36Vzcu7p3ZLZ4Ewo6nqSGoNReaQQjWnN95jM32io22v0nYsPtWfWBeHfW_RnUwI2U4yKyUSGS-m0mEN2tqqvk-ryq-UiCsWgdqEDqVBVBbLbYaQpal2E7cjF6GMJG0NZm7hCOWL16GEQ-biYaURnaNsFG2w5qtibdC9M2OQ3KQp6PUMMF3TTVxlZRlXQSAJSrtAM8wCcFs9UINO1hn0V7drm28uV2wAsqoWAb6H__HYmRjh9oWZyvVLaM7Pvemnllv0zkKi97xa-y47ekDVz4XuK9ByPHcB5f_lcxqdffxU3FteOKqmjBxMTq0LKe2n0tKEdIkiDbooKwS0ltQRPibP1HilWjf9hiTULlt3XMBkmhWp1fzxjG6pPNMlNhVkLA7L2jH4K4vel3YAANqcuAzkTxv4AMS0vQfbRyLhMOJSBoehx1VrJViDh6ishi4y1l5n2keV-aySTK1gRFdesAKw8KUxU6o3BGiVJbqeqhNXl1raYWgbOUANEu-8nGQduW1DPGqQ&sai=AMfl-YTBqiaieJzyxFgg7FuMaWdCf7jUNPkvq7-uvbpl8xVNrh2Tj72zHEzJmASE8fDKuoXQFc5XzYj8awU47f3AF5TIhTFsFdDZWuPzcsFJAGYSoJ4h0CQ0kfTWuPOJe30aPSzn6wnGc0RUKbuez5Z__uJPaVPopSeYkGOWTntvpzvtdcnBUzvkGTNwyzNn6nRdA1f-v6ts_Pxtu4NPpSAkHix3mWAp_iMlJnA4BrrzJVaeFcpOp1M-ExZui2yJz0RvEDk24U_6LV-BiIbzzw&sig=Cg0ArKJSzKyXufGwWtQnEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 15:15:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
win
8proof.com/app/ Frame 3E63 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://8proof.com/app/win?id=509471561857&ap=ZIx8rgAAMyIKs8oPAA6IolFtIMmOqRA_6IC2mQ&t=b
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
96.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
content-length
0
server
nginx
5111
8proof.com/app/rtbmarkup/ Frame 591A 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8proof.com/app/rtbmarkup/5111?id=509471561857&ctd=51034&crid=1192&ap=ZIx8rgAAMyIKs8oPAA6IolFtIMmOqRA_6IC2mQ
Requested by
Host: 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
96.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
66e34af3791a63c399ab42b8611649b03e9f1151301733b84a31c46ac7044454

Request headers

Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 16 Jun 2023 15:15:58 GMT
server
nginx
vary
Accept-Encoding
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 3E63 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
78005
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 17:35:53 GMT
l
www.google.com/ads/measurement/ Frame 3E63 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMkqG7fridjt49SzjggYy4n3yqGRgqttpwcRqppZGGf2idj-IK2it-ULKI8TfkTaftOpH35-MlCKLHjnB0G8Es9UQhXg
Requested by
Host: 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3E63 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 12:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
183362
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Jun 2024 12:19:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3E63 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:15:58 GMT
usync.html
eus.rubiconproject.com/ Frame DF01 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.206.17 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-206-17.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:15:58 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 3E3F
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
693 B
723 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4eb8fc8c6733c923309b4cfc3edd8373aa588f8309a50c13638eba579bd40859

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
398
content-type
text/html
date
Fri, 16 Jun 2023 15:15:58 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 16 Jun 2023 15:15:58 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 4D43
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5454639609193321319&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5454639609193321319&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:15:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
Z4G4ZKF9RGSKWXJA69KR

Redirect headers

content-length
0
date
Fri, 16 Jun 2023 15:15:58 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5454639609193321319&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 13E2
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3822089690018205873899
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3822089690018205873899
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:15:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
FWJ1AS23YTTBDHMMH3B5

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 16 Jun 2023 15:15:59 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3822089690018205873899
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
increment
id5-sync.com/api/esp/ 		0
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
date
Fri, 16 Jun 2023 15:15:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
usersync
usersync.gumgum.com/ Frame 7989
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5821511692898312231
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5821511692898312231
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Fri, 16 Jun 2023 15:15:59 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5044f662-c769-4ebd-9d6e-94b8cada713c
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=5821511692898312231
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7989
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_207366bc-7b8e-4a47-8629-6b6a2523baae&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_207366bc-7b8e-4a47-8629-6b6a2523baae&gdpr=&gdpr_consent=&us_privacy=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=0a683625-483c-4bab-a4c0-f9cc6839db83&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=b8b1c5dd-311f-4b74-a5ab-3670119c0856&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=b8b1c5dd-311f-4b74-a5ab-3670119c0856&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:16:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=b8b1c5dd-311f-4b74-a5ab-3670119c0856&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 16 Jun 2023 15:16:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 7989
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-48fb3a85-af74-50a2-7ed8-37ab99324174$ip$96.9.249.44
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-48fb3a85-af74-50a2-7ed8-37ab99324174$ip$96.9.249.44
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-48fb3a85-af74-50a2-7ed8-37ab99324174$ip$96.9.249.44
Date
Fri, 16 Jun 2023 15:15:59 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 7989
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_207366bc-7b8e-4a47-8629-6b6a2523baae&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=qMXnGoDn0bCznGKqR65p&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVYU2WDOI5XUI3RQMJBXU3SHJNYVENRVOA
  • https://usersync.gumgum.com/usersync?b=zem&i=qMXnGoDn0bCznGKqR65p
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=qMXnGoDn0bCznGKqR65p
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:16:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:16:00 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=qMXnGoDn0bCznGKqR65p
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7989
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=APiRrPip1RCL&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=APiRrPip1RCL&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=APiRrPip1RCL&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-rfn2r
expires
-1
cookie-sync
sync.outbrain.com/ Frame 7989
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ewGfReY2kKGH1OSyG_v0GQQ64rMw3X-MMM9SxAVG5dyML4juI_vC2BhtlaIeN7cY%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_207366bc-7b8e-4a47-8629-6b6a2523baae&obuid=ENC(ewGfReY2kKGH1OSyG_v0GQQ64rMw3X-MMM9SxAVG5dyML4juI_vC2BhtlaIeN7cY)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=ewGfReY2kKGH1OSyG_v0GQQ64rMw3X-MMM9SxAVG5dyML4juI_vC2BhtlaIeN7cY
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=outbrain&bsw_custom_parameter=b8b1c5dd-311f-4b74-a5ab-3670119c0856
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=b8b1c5dd-311f-4b74-a5ab-3670119c0856&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=b8b1c5dd-311f-4b74-a5ab-3670119c0856&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6c568d48-7976-49d8-a2c4-12d0257d15ea%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=052146df-8fcd-4e08-8e97-b362036788f1&ttd_puid=6c568d48-7976-49d8-a2c4-12d0257d15ea%2Chttps%253A%252F%252Fx.bidswitch.net%...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=outbrain&bsw_param=b8b1c5dd-311f-4b74-a5ab-3670119c0856
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=b8b1c5dd-311f-4b74-a5ab-3670119c0856&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=b8b1c5dd-311f-4b74-a5ab-3670119c0856&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
64.202.112.63 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:16:00 GMT
Cache-Control
no-cache
X-TraceId
0f23bd4dbb1965a1b92805601c274f5d
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=b8b1c5dd-311f-4b74-a5ab-3670119c0856&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Fri, 16 Jun 2023 15:16:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 7989
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=998b8fef-fc78-0406-3309-813ad18a8e44
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=998b8fef-fc78-0406-3309-813ad18a8e44
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:15:59 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=998b8fef-fc78-0406-3309-813ad18a8e44
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 7989
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-PUyLkh5E2pdlKfAx1RCujRiEE1e.8232eLIp~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-PUyLkh5E2pdlKfAx1RCujRiEE1e.8232eLIp~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:15:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-PUyLkh5E2pdlKfAx1RCujRiEE1e.8232eLIp~A
content-length
0
usersync
usersync.gumgum.com/ Frame 7989
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=448fb763-103e-46f4-aae1-1f06086700b0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=448fb763-103e-46f4-aae1-1f06086700b0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=448fb763-103e-46f4-aae1-1f06086700b0
Date
Fri, 16 Jun 2023 15:15:59 GMT
Connection
keep-alive
X-CI-RTID
5790007e-e921-4fe2-aaee-106a234b5143
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 7989
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=A42684DA40694E48B36D7397BF65523E
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=A42684DA40694E48B36D7397BF65523E
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:15:59 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
834871960
location
https://usersync.gumgum.com/usersync?b=snc&i=A42684DA40694E48B36D7397BF65523E
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 7989 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 16 Jun 2023 15:15:59 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 7989
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=dfcc6c7e-e57c-4322-88aa-15d248f53001
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=dfcc6c7e-e57c-4322-88aa-15d248f53001
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:16:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=dfcc6c7e-e57c-4322-88aa-15d248f53001
access-control-allow-origin
*
date
Fri, 16 Jun 2023 15:16:00 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 7989
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=5454639609193321319
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=5454639609193321319
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=5454639609193321319
date
Fri, 16 Jun 2023 15:15:59 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 7989 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_207366bc-7b8e-4a47-8629-6b6a2523baae
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E9STKPR1CWAF3PFGDM0B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0CB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXBJqFRf-a1KryOHWDoXezP2HQIfZVgVJKY2yeYY5stiFwQWp6t8wPBNJTwrgYNQtDzBG6ONLwbEpC0nGKVpfxsYGRX3XdJdz19trGKxRjykcm5AlrKSAz5KE_PQzMEpCRSch5yImuEbvWBv3qvFgrv2VGUalUaSwE4zhqd-oV7VYhqqzvKohwjaLFHyUrwArrlx8T5zgsGd0GBeL0cNXNJqB55TYQ9o7UYCNedYbXGZclNxk10JZ3oIuKUjQ6E71xVm0FA84IUhzCkVNl1_FckZMVSb1CPeLMhf-xOM0aQbL_PzvKuWtFKQ_y1ULSl1xP1IPlxV7SOEa5ewfYn15A7JB8KDreT-GRPTf-N8hJsmgaHlr88ZE5eI0j9AQNJ5iVTy3DgxcgoVcw070iqjEtA4qZrIcTWZYVfLuZrpe390mkRZsPE3GSIWvFWek-LFo&sai=AMfl-YRlCnyR7Tqh9fSsFu2wHcO-KOc9UD24l7VCLiIsMV7fKfJMEVjUzGsxrteV06P_bFzanQhRs75ZlsaDksJwwQNQkmix6lXfUT55tyQ9w5QtfbEISid1wqqrh7KJqw&sig=Cg0ArKJSzBCdJxfIRgaUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dcm
s.amazon-adsystem.com/ Frame 9D8E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIx8rn0OvQdiiT36zlQXswAADtMAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DYBT6VX0N0CWKEJVP03N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 9D8E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIx8rn0OvQdiiT36zlQXswAADtMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIb8DdDqUGO1ttxcf4XqtYk&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIb8DdDqUGO1ttxcf4XqtYk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIb8DdDqUGO1ttxcf4XqtYk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9D8E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=052146df-8fcd-4e08-8e97-b362036788f1&expiration=1689520559&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=052146df-8fcd-4e08-8e97-b362036788f1&expiration=1689520559&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=052146df-8fcd-4e08-8e97-b362036788f1&expiration=1689520559&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 9D8E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIx8rn0OvQdiiT36zlQXswAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKbyySbCnhy43rL-IvgkbZY&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKbyySbCnhy43rL-IvgkbZY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKbyySbCnhy43rL-IvgkbZY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9D8E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3d89648c-7caf-4000-a6ca-4237ab0e8468
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3d89648c-7caf-4000-a6ca-4237ab0e8468
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 16 Jun 2023 15:15:59 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x56 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3d89648c-7caf-4000-a6ca-4237ab0e8468
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Jun 2023 15:15:58 GMT
crum
dsum-sec.casalemedia.com/ Frame 9D8E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5821511692898312231
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5821511692898312231
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 16 Jun 2023 15:15:59 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f336f0a3-cb38-4c5d-af29-cde509d65f8c
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5821511692898312231
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9D8E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4122164205742939257
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4122164205742939257
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4122164205742939257
pragma
no-cache
date
Fri, 16 Jun 2023 15:15:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
x.bidswitch.net/ Frame 9D8E 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:15:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 9D8E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZIx8rn0OvQdiiT36zlQXswAADtMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B26RR0VD0P94FJ8WDABZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
user-sync
sync.adkernel.com/ Frame 017A 		0
0
e9d4ff858b5e32317e843f5ed11b2659.gif
cs.iqzone.com/ Frame D13B 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3DD2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.173.8 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=61006
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:15:59 GMT
expires
Sat, 17 Jun 2023 08:12:45 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 229A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=052146df-8fcd-4e08-8e97-b362036788f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=052146df-8fcd-4e08-8e97-b362036788f1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:15:59 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Fri, 16 Jun 2023 15:15:59 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=052146df-8fcd-4e08-8e97-b362036788f1
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 6D6B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=eb9b648c-7caf-4f00-af0a-6ac16b6fedf4&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=eb9b648c-7caf-4f00-af0a-6ac16b6fedf4&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:15:59 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:15:59 GMT
Expires
Fri, 16 Jun 2023 15:15:58 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1031 59fd23a master ord ord-pixel-x28 config_version:"1969"
location
https://usersync.gumgum.com/usersync?b=mmh&i=eb9b648c-7caf-4f00-af0a-6ac16b6fedf4&gdpr=&gdpr_consent=
truncated
/ Frame D5C1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5802bd50e322e9ff01e5d5e85fe434dccc2c4f0e89ad2662d7095ca488a45fec

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame D5C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZ2WHQpN5Ap3d-n_M6jSpjtFWSZ0mor4sHFv_ULKVZYxKwQnqbhtt1BwARzx_66fjR84bnG10esdfvHW4ZN5Kya0vjCwfmns7HWObcrzPvfdNEz1xU_DTI7MYrVTrnEeQgrELZJXUGGaVoL7y5LFkHIIwMn4klNcyypVj7yDIlnndq5Y2gEJs74acWu4O08vszO0DJ_nMeUYijF4V_m0VKh0Lkxn-nRVmWGUa-YtQkEe1TPGTHlDpQqPv5nFYtIJdPe8pfferP-kYbhgxi2Kkzy9kJozSyID0eWw0lj0FA_oSxfyX7tKP_69ov4KDW5QDWRBLeA5mqkRxSstOIjT9ylCGbhelvvIOiaMzGO63jrtBhrnWrG0hMXF_mRRN_EYu6xtm9Rtt51mE2XG17AtZUkqVe1VRhZxKut08UbWrAHg&sai=AMfl-YSIwe2-j0dLPQDBxLDU9hNBXsWRHCJbt2VRRvokI7BlJ3Hr_NsDYvkMjqKmG-uQtvC2MbXu3wh1nlCLcT-0OW5qo0LzBlWc7hoCdjSRH6zHnXH_HyrDYxEvOPTAEg&sig=Cg0ArKJSzLtT8EwrfvSREAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:15:59 GMT
usync.js
eus.rubiconproject.com/ Frame DF01 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.206.17 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-206-17.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:15:59 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75576
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:35 GMT
montserrat-v25-latin-800.woff2
cdn.8proof.com/ads/assets/fonts/ Frame 591A 		0
0
montserrat-v25-latin-600.woff2
cdn.8proof.com/ads/assets/fonts/ Frame 591A 		0
0
montserrat-v25-latin-800.woff2
cdn.8proof.com/ads/assets/fonts/ Frame F739 		0
0
montserrat-v25-latin-600.woff2
cdn.8proof.com/ads/assets/fonts/ Frame F739 		0
0
chunk19-e49caf.mjs
sc.sftcdn.net/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk19-e49caf.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-f8c70.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
222ca1edf9c60d26bbd5bc21a09a5f255f12a8b51d09237edb59c19e455ed50f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Wed, 12 Jun 2024 10:05:09 GMT
date
Fri, 16 Jun 2023 15:15:59 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
277850
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1123
x-served-by
cache-ams21041-AMS, cache-yyz4539-YYZ
last-modified
Tue, 13 Jun 2023 08:32:11 GMT
server
istio-envoy
x-timer
S1686928559.234247,VS0,VE0
etag
W/"6488298b-8b9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
9, 436
ecm3
s.amazon-adsystem.com/ Frame 3E3F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=366057e2-c8c7-87aa-947c-134071e944e2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2HD8NBY3ZCFBT8CYN1Q4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
fa714ddb-44c1-ae19-65a5-8722e68d424b
pr-bh.ybp.yahoo.com/sync/openx/ Frame 3E3F 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/fa714ddb-44c1-ae19-65a5-8722e68d424b?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:38d4:5f6b:456c:5f55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 3E3F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=366057e2-c8c7-87aa-947c-134071e944e2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:15:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EXDK1JJT08SCRTF9FFMZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3E3F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=6eb62b9f-d46d-3c50-5472-91d719da8f02&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=052146df-8fcd-4e08-8e97-b362036788f1&ttd_puid=6eb62b9f-d46d-3c50-5472-91d719da8f02&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=052146df-8fcd-4e08-8e97-b362036788f1&ttd_puid=6eb62b9f-d46d-3c50-5472-91d719da8f02&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=052146df-8fcd-4e08-8e97-b362036788f1&ttd_puid=6eb62b9f-d46d-3c50-5472-91d719da8f02&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 3E3F 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDJkOWY4NTUtMWQxYS02MmY0LTQxOTItY2I2ZWQzMzg0MTYy
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3E3F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELquLRkt8uO-s1Q3QoAzNO4&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELquLRkt8uO-s1Q3QoAzNO4&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:15:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELquLRkt8uO-s1Q3QoAzNO4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7F32
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZIx8rwAICGzMHQBI
  • https://usersync.gumgum.com/usersync?b=atm&i=ZIx8rwAICGzMHQBI&gdpr=&gdpr_consent=&_test=ZIx8rwAICGzMHQBI
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZIx8rwAICGzMHQBI&gdpr=&gdpr_consent=&_test=ZIx8rwAICGzMHQBI
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:15:59 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 16 Jun 2023 15:15:59 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZIx8rwAICGzMHQBI&gdpr=&gdpr_consent=&_test=ZIx8rwAICGzMHQBI
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yyz4549-YYZ
x-timer
S1686928559.405260,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 73D7 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8yMDczNjZiYy03YjhlLTRhNDctODYyOS02YjZhMjUyM2JhYWU=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:15:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
truncated
/ Frame 3E63 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b8bf692f9186c129b084b2a85ae631b79255a85b8662fcb9722daced683762a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3E63 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKAgCnT06AOUNfmN2342NxRIBkCcQVaPdhirg5x19Wn7-8LG_rRPLxZGPTZJs2CP8EUcHZoA6vL2kseN4bFfEcZ9qtvkZm9SYjXo6qdnYl_q0Os31J-zKoXn3w8ZD3mzwqlpOzknATl3qOBJED6Ic6bQZ9wgeNZdf9zLckCWxIP3qgynXSwy9I5ByDVWSr2PPm2By1xFBBtY0L0dmwFHXB8OsFbatnqQetPgTVwFyh-fktxXzDMq-HUW24s_wfO9XFTAEHjtvP160VZCotQWQ0xeePzT64GPn-v5cfnvtoWLgbwn_SBGW_V2hpxvBtu18-ev9L_fUD9q7cuos-mvm-y_Fqa_m-ePhLlYZY5zcOjf504Mkr3eNogQqGHuCcxuq6bnhy80GQJ0xQ8iMxF1slUkVXDFaCYMTpAyHT-FgSsllivIvpK4pScw&sai=AMfl-YSWNP3u_OLi3C-s9jEd-hndn1PtTm2-vJHkFiHfVrchuJXFZW-_8FQgGrOax8sFNc_N7jX7PQQD2hw2mvTrLfBVjDfIokskDbyG3fXvsL6re0TSIAaWyCV_khMZuw&sig=Cg0ArKJSzEWKFT8WjIR2EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:15:59 GMT
ads-download-url
en.softonic.com/ Frame 0CB1 		0
0
usersync
usersync.gumgum.com/ Frame 1F74
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZIx8sMCo8XkAALcHl04AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZIx8sMCo8XkAALcHl04AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:16:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 16 Jun 2023 15:16:00 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZIx8sMCo8XkAALcHl04AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40268.dc2p.scaleout.jp
X-SO-IP
96.9.249.44
X-SO-Key
ZIx8sMCo8XkAALcHl04AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.44","key":"ZIx8sMCo8XkAALcHl04AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40268"}
X-SO-LB-Hostname
m-tgng21.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40268
usersync
usersync.gumgum.com/ Frame F8C7
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_207366bc-7b8e-4a47-8629-6b6a2523baae&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=c48efcb7-af23-486a-9bab-5bcb0335e19a
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=c48efcb7-af23-486a-9bab-5bcb0335e19a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:16:05 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Fri, 16 Jun 2023 15:16:05 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=c48efcb7-af23-486a-9bab-5bcb0335e19a
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usermatchredir
ssum-sec.casalemedia.com/ Frame 20FF 		43 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:15:59 GMT
Expires
0
Keep-Alive
timeout=1, max=497
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame C295
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=CSpya5oZkrqY6J6ZWBR8&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=CSpya5oZkrqY6J6ZWBR8&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:16:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 16 Jun 2023 15:16:00 GMT Fri, 16 Jun 2023 15:16:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=CSpya5oZkrqY6J6ZWBR8&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 91DA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.206.17 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-206-17.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:15:59 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 16 Jun 2023 15:15:59 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0CB1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 05:55:40 GMT
x-content-type-options
nosniff
age
552019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 05:55:40 GMT
usync.js
eus.rubiconproject.com/ Frame 91DA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.206.17 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-206-17.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:15:59 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75576
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:35 GMT
truncated
/ Frame 0CB1 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
786694dca8c44f7cb139d13c2e96c62afd9823fc609a9f75bf5fa547ee686e16

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0CB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhUeyb9nwZNM59H247GeoMdHdXAD8jDHQUEZiJBGiBTMKc9VLughGeMOMRhfSiXmCmTK7z16Yfc7_t1SzOl7lyhUoXap9tgeSbFRe1mec_Q_x3QswDzzxv7rVgtbDIqnJU2xKfUdWajcg0jofSLrha3UqdF9c4tyXqOUx9-FMveoNkJ12WywfWtmTD10gYWLbx6uXM1bdxh6CPdERkyZUqYluXdg02gFRpdrwbHlDXaRfYUkC0mxEjcO_c06K8goalTHijnWmdjxmm3OSGmxAWAG9bNFY_twDepwMQNI111bEB9Gai-gvEPo5C4WbS427TlOlPjJxxwE48aCHW9pB2s1o3goLmd3MML9Ve72eov5DXaKVgvItv-R1-r2FNHZhYyZyWif9MS1OZxesORVgIUoNVxa5FW6r-kU-zmIu3OPxC41I&sai=AMfl-YRRNHfCEcTcIiQO-japtrCHh_Di8rEeZLAAn1bC4EC3nN0rXsDdYhtqXybQtbZ1EghDHRx1l3Vulwj-wGnbAM8ZgZkcEakh_5tZfv9P2BR20vlaHaGSKNRKPJzmUQ&sig=Cg0ArKJSzD7scrgUWfAkEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:15:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:15:59 GMT
khaos.jpg
token.rubiconproject.com/ Frame DF01 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame DF01
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LIYPPJGL-E-ADNX
  • https://s.amazon-adsystem.com/ecm3?id=LIYPPJGL-E-ADNX&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LIYPPJGL-E-ADNX&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:16:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AN8NZBNMT8BJ7NE67C3Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LIYPPJGL-E-ADNX&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a414d61fde5a538d1bc5c621aec59518
Expires
0
usersync
usersync.gumgum.com/ Frame 91DA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LIYPPJGL-E-ADNX
  • https://usersync.gumgum.com/usersync?b=mag&i=LIYPPJGL-E-ADNX
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LIYPPJGL-E-ADNX
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:16:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LIYPPJGL-E-ADNX
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
Expires
0
gen_204
www.google.com/afs/ 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=softonic&output=uds_ads_only&zx=1okptgviy5v6&aqid=rXyMZLCtJJL7owaEr4WoBQ&psid=3261714721&pbt=bs&adbx=802&adby=1729.296875&adbh=246&adbw=290&adbah=56%2C56%2C56%2C56&adbn=master-1&eawp=partner-softonic&errv=537871741&csala=6%7C320%7C951%7C64%7C247&lle=1&ifv=0&usr=0
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-yQ0MiTXKXiy_fJuek08Ueg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-yQ0MiTXKXiy_fJuek08Ueg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Fri, 16 Jun 2023 15:16:00 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D5C1 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSxgbLRk7vxvft7o3Sk9ufZoCdNzAUF5D7dtKV_33Bqcr8yjnsND8BVTvby6hO4hv2kCt4HqLBFS8B6PRoC7CjhF2nPHxqDfDiUtR3OhnpECCXveHp9rxtLdD52r1CFqtT_LQl13sNgYZxeWq-qLfdikfEVBxaqB4ibPMD40PMKEB89QgfVjUsyA&sig=Cg0ArKJSzAAwmXo1FsoaEAE&id=lidar2&mcvt=1018&p=439,1116,1039,1416&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1913829646&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686928558489&rpt=672&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:16:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DF01
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzA4YjFiYjRjNDhmZDVjZGUxODc1YzAyNWYzMTEyZmNjNjVmMGJlOQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzA4YjFiYjRjNDhmZDVjZGUxODc1YzAyNWYzMTEyZmNjNjVmMGJlOQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:16:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzA4YjFiYjRjNDhmZDVjZGUxODc1YzAyNWYzMTEyZmNjNjVmMGJlOQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame DF01
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qJC_XSSpTUuyGWTx_3R0Iw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qJC_XSSpTUuyGWTx_3R0Iw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qJC_XSSpTUuyGWTx_3R0Iw
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:16:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SE6RZJW3HS26EX4TNHP0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qJC_XSSpTUuyGWTx_3R0Iw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DF01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO2RVw1_IoGY0kPxR4QCZCk&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO2RVw1_IoGY0kPxR4QCZCk&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:16:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO2RVw1_IoGY0kPxR4QCZCk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame DF01
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/uGp54woxy0afys1Pr-piBA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oyphXjFE2oKshVynmU8YtKxRmlDcVmS7v0fYDg--~A
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oyphXjFE2oKshVynmU8YtKxRmlDcVmS7v0fYDg--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 16 Jun 2023 15:16:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-oyphXjFE2oKshVynmU8YtKxRmlDcVmS7v0fYDg--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame DF01
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIYPPJGL-E-ADNX
0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIYPPJGL-E-ADNX
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:16:00 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D251A60F7CD44BA0B67338A8CA921CAC Ref B: NYCEDGE1712 Ref C: 2023-06-16T15:16:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX+QKmdvg4FVwcHTIMVxQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIYPPJGL-E-ADNX
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame DF01
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElZUFBKR0wtRS1BRE5Y
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJS07fCCY7c4eydFAqte2p4&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElZUFBKR0wtRS1BRE5Y&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElZUFBKR0wtRS1BRE5Y&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:16:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElZUFBKR0wtRS1BRE5Y&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame DF01 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:16:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8V19EKBQ4XRD2E3M8GV3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame DF01
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=052146df-8fcd-4e08-8e97-b362036788f1&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=052146df-8fcd-4e08-8e97-b362036788f1&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:16:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=052146df-8fcd-4e08-8e97-b362036788f1&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
activeview
pagead2.googlesyndication.com/pcs/ Frame 3E63 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiOaQD7Qi6d21Z-BJPS3OLtfohw8rvtbTusot43bG8YnHaRfxbjH5VYTwx3N5aJK1LzKyKg3HU1iwMeIFkuJN8W7kcOBF3JyFxbpUd0hzBYeG07xCsH4d-QKKLmw_RSZmKSs1Tj2AcOoRzuYr_YU-YztoBBBwtNIIatm_dudNkSoaWBAWFDkYnJA&sig=Cg0ArKJSzCdn3jfyYK6FEAE&id=lidar2&mcvt=1000&p=228,436,318,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3361797518&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686928558526&rpt=789&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:16:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
meta
api.assertcom.de/ 		0
328 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/meta
Requested by
Host: oth2kklpqszcjh2u2.ay.delivery
URL: https://oth2kklpqszcjh2u2.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.134.244 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.134.108.65.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:16:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
meta
api.assertcom.de/ 		0
328 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/meta
Requested by
Host: oth2kklpqszcjh2u2.ay.delivery
URL: https://oth2kklpqszcjh2u2.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.134.244 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.134.108.65.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:16:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
meta
api.assertcom.de/ 		0
328 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.assertcom.de/meta
Requested by
Host: oth2kklpqszcjh2u2.ay.delivery
URL: https://oth2kklpqszcjh2u2.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.134.244 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.134.108.65.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:16:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
https://payback-2-the-battle-sandbox.en.softonic.com
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Thu, 01 Jan 1980 00:00:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0CB1 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqjoGK-dlefCGJnSgSskbpJou4qBQBLsMLEva50llKnPUYTsa7QeNVqJ5eQS6PhaUnCc1scNf6QH35noYM87_4ABNuSlITOJ4-Qo8W6YLBy3LV379L&sig=Cg0ArKJSzPQMBvqwYceZEAE&id=lidar2&mcvt=1004&p=0,0,48,1600&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=3361850746&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686928558506&rpt=1154&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:16:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame E77A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=payback-2-the-battle-sandbox.en.softonic.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:16:05 GMT
server
Kestrel
server-processing-duration-in-ticks
605117
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
event
sslwidget.criteo.com/ 		20 B
365 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=49095&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D6238f67a-e6d4-11e6-a7ad-8a4597916e17&p3=e%3Ddis&adce=1&tld=softonic.com&fu=https%253A%252F%252Fpayback-2-the-battle-sandbox.en.softonic.com%252Fandroid&ceid=22eb7af3-461d-43cf-93ef-aaf776af37d2&dtycbr=11803
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1becc3540a3ea6804b73defa8cf1308bb04b2bce536b18cb9ac3b4eae6bbc21c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://payback-2-the-battle-sandbox.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:16:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3290590
timing-allow-origin
*
expires
0
sid
mug.criteo.com/ Frame E77A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=softonic.com&sn=ChromeSyncframe&so=0&topUrl=payback-2-the-battle-sandbox.en.softonic.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=TmskXXxZMVQ4aGJrVjJoQ0M3Y0EzZSsvRnBCNUdqMWlNNEdsc1o1MkM0dzZGZSt5bU5wNVc0aVB6R0lTU3Nsekl4MW1JZUNTdVh0dUZuVDU0LzZzSmNwMXFGYjFjcnU3WEE0b2JydWpUZW54MW0vTGZFQW1xRnY5elVaYj...
428 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TmskXXxZMVQ4aGJrVjJoQ0M3Y0EzZSsvRnBCNUdqMWlNNEdsc1o1MkM0dzZGZSt5bU5wNVc0aVB6R0lTU3Nsekl4MW1JZUNTdVh0dUZuVDU0LzZzSmNwMXFGYjFjcnU3WEE0b2JydWpUZW54MW0vTGZFQW1xRnY5elVaYjA0L0NsZVMxY25BVjBNUVFrZ3RweGg1VlhkNkhSeXRHWExIdGtQYmRTem1BV1N6OEVHZGZ2cW14RkEwTThkVGRHbHVydHhBaGQ2UjVEdWVZU3RBNXkzYnFnaUNKKzJ1SS9iYTlKS1NxakUxZmJWR2JUTHMvQkI0ZHhzZzdacS9vQzBlZm12a3F3RXBZeWhGMXRJVHRKclNlZXBwZkhYQT09fA&cppv=2
Requested by
Host: payback-2-the-battle-sandbox.en.softonic.com
URL: https://payback-2-the-battle-sandbox.en.softonic.com/android
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7ee80715d659ab0c4bebf281e5b14f7c8efcde31aa236731781d463e9237e560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:16:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2742386
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:16:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=TmskXXxZMVQ4aGJrVjJoQ0M3Y0EzZSsvRnBCNUdqMWlNNEdsc1o1MkM0dzZGZSt5bU5wNVc0aVB6R0lTU3Nsekl4MW1JZUNTdVh0dUZuVDU0LzZzSmNwMXFGYjFjcnU3WEE0b2JydWpUZW54MW0vTGZFQW1xRnY5elVaYjA0L0NsZVMxY25BVjBNUVFrZ3RweGg1VlhkNkhSeXRHWExIdGtQYmRTem1BV1N6OEVHZGZ2cW14RkEwTThkVGRHbHVydHhBaGQ2UjVEdWVZU3RBNXkzYnFnaUNKKzJ1SS9iYTlKS1NxakUxZmJWR2JUTHMvQkI0ZHhzZzdacS9vQzBlZm12a3F3RXBZeWhGMXRJVHRKclNlZXBwZkhYQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
303039
content-length
0
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.adkernel.com
URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=u_207366bc-7b8e-4a47-8629-6b6a2523baae&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Domain
cdn.8proof.com
URL
https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2
Domain
cdn.8proof.com
URL
https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2
Domain
cdn.8proof.com
URL
https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2
Domain
cdn.8proof.com
URL
https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2
Domain
en.softonic.com
URL
https://en.softonic.com/ads-download-url?appId=e9b8b260-96d0-11e6-98d4-00163ec9f5fa&appUrl=https://www.opera.com/partner%3Futm_medium%3Dpb%26utm_source%3Dsoftonic%26utm_campaign%3Doutdated_new

Verdicts & Comments Add Verdict or Comment

235 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 boolean| credentialless object| onbeforetoggle object| onscrollend boolean| gdprAppliesGlobally object| didomiConfig function| __uspapi object| dataLayer object| revamp function| gtag function| gtag_report_conversion function| _googCsa object| revampAdRendered object| eventTracker function| fbq function| _fbq string| deviceType object| criteo_q function| obApi string| GoogleAnalyticsObject function| ga object| uetq object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations function| apiObj object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue number| googleNDT_ number| googleAltLoader object| google object| google_tag_manager function| postscribe object| google_tag_manager_external object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| webpackJsonp function| UET function| UET_init function| UET_push object| ueto_31ace87a2c object| __uspapiBuffer function| hj object| _hjSettings function| onYouTubeIframeAPIReady object| webpackChunk_softonic_revamp_api function| tdDisplaySlots function| tdDisplayInterstitial object| apstag object| didomiEventListeners object| didomiOnReady object| webpackChunkDidomi object| Didomi function| __sasCookie undefined| google_measure_js_timing object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| GooglebQhCsO object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt object| DD_RUM object| _aps boolean| apstagLOADED object| apscustom function| __tcfapi object| DidomiSanitizing object| didomiState object| s object| r object| assertive object| globalParamsObj object| dataGlobalJson string| rawJson string| userId object| countryRegions string| countryCode string| countryNormalize string| regionNormalize string| userBrowserLanguage string| localeNormalize string| pageIdNormalize string| categoryNormalize string| platformIdNormalize function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id object| gaGlobal boolean| __bt_already_invoked object| gaplugins object| assertiveQueue boolean| _assertiveInitialized object| ntv object| adsbygoogle object| _taboola object| OBREvents object| gaData object| regeneratorRuntime object| ox_esp object| signal_decrypted object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 function| setImmediate function| clearImmediate object| ID5 object| _33across function| Waypoint

110 Cookies

Domain/Path Name / Value
.en.softonic.com/ Name: _usr_orgn
Value: direct
.en.softonic.com/ Name: _swo_pos
Value: 402
.softonic.com/ Name: _uetsid
Value: b0d2a8400c5811ee9d72637780a2e2de
.softonic.com/ Name: _uetvid
Value: b0d2d2300c5811ee8026674b5b69aed0
.softonic.com/ Name: _gcl_au
Value: 1.1.775637062.1686928556
.bing.com/ Name: MUID
Value: 17BEDA084CA764BD1ABDC93A4D2D6511
.bat.bing.com/ Name: MR
Value: 0
payback-2-the-battle-sandbox.en.softonic.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.softonic.com/ Name: rv_google_ppid
Value: 401dd6fd-9a67-4821-9c35-0c208c9a0122
.softonic.com/ Name: persistent.fpmUserId
Value: ac91a73f-7a7e-4789-a080-cdf637097903
.softonic.com/ Name: session.fpmSessionId
Value: fbd96371-a1d3-43bd-bccc-35cea70faa11
payback-2-the-battle-sandbox.en.softonic.com/ Name: outbrain_cid_fetch
Value: true
.softonic.com/ Name: _fbp
Value: fb.1.1686928556394.820645645
.softonic.com/ Name: __gsas
Value: ID=ac9a35923f248623:T=1686928556:RT=1686928556:S=ALNI_MZ_4jtqzw53cMeKJIZbQVrWxny6ug
.softonic.com/ Name: _hjSessionUser_424839
Value: eyJpZCI6Ijc2YTQ3YTdjLTE3ZTMtNTc2Ny04NjhhLThkOGIxNTRkYzg1NSIsImNyZWF0ZWQiOjE2ODY5Mjg1NTc1MzQsImV4aXN0aW5nIjpmYWxzZX0=
.softonic.com/ Name: _hjFirstSeen
Value: 1
.softonic.com/ Name: _hjIncludedInSessionSample_424839
Value: 1
.softonic.com/ Name: _hjSession_424839
Value: eyJpZCI6ImE2Nzc0MmJiLTBkNTMtNGQ4Mi05ZTg2LTBhN2FkZWZkY2ZmNyIsImNyZWF0ZWQiOjE2ODY5Mjg1NTc1NzUsImluU2FtcGxlIjp0cnVlfQ==
.softonic.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
payback-2-the-battle-sandbox.en.softonic.com/ Name: _hjHasCachedUserAttributes
Value: true
.doubleclick.net/ Name: IDE
Value: AHWqTUlDnI33kdPgBnDMVxNzC3WtOh2dyP3ecME3If8N00paeGk9CHdQR6Ove9JK2yk
.amazon-adsystem.com/ Name: ad-id
Value: A7iXunpiUEQTgIluzRPgSLI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.softonic.com/ Name: _ga_R5K71YRXMV
Value: GS1.1.1686928557.1.0.1686928557.60.0.0
.softonic.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.softonic.com/ Name: _ga
Value: GA1.2.2133169270.1686928557
.softonic.com/ Name: _gid
Value: GA1.2.670540500.1686928558
.id5-sync.com/ Name: id5
Value: 8e4dff00-415a-7cc6-8e85-9f024a6ad766#1686928558184#1
.softonic.com/ Name: _dc_gtm_UA-152357-1
Value: 1
.payback-2-the-battle-sandbox.en.softonic.com/ Name: _ga
Value: GA1.4.2133169270.1686928557
.payback-2-the-battle-sandbox.en.softonic.com/ Name: _gid
Value: GA1.4.670540500.1686928558
.softonic.com/ Name: lotame_domain_check
Value: softonic.com
.softonic.com/ Name: __gads
Value: ID=2b71071392bd4c1d:T=1686928557:RT=1686928557:S=ALNI_MYpek9SZFF3Sgi6TqI1fr23WPAbUw
.softonic.com/ Name: __gpi
Value: UID=00000c4fd51543db:T=1686928557:RT=1686928557:S=ALNI_MYIXCJQ3nWOUb6uQQYxfu2o7umYKA
.casalemedia.com/ Name: CMID
Value: ZIx8rn0OvQdiiT36zlQXswAA
.casalemedia.com/ Name: CMPS
Value: 3795
.casalemedia.com/ Name: CMPRO
Value: 3795
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: ef4cd5ee3af4764c4bd3bd77b38a78e5
.softonic.com/ Name: _cc_id
Value: ef4cd5ee3af4764c4bd3bd77b38a78e5
.softonic.com/ Name: panoramaId_expiry
Value: 1687014958796
.gumgum.com/ Name: vst
Value: u_207366bc-7b8e-4a47-8629-6b6a2523baae
.openx.net/ Name: i
Value: bd1a14c6-7dea-03a7-0ea4-593f7dfdbcff|1686928558
.3lift.com/ Name: tluid
Value: 3822089690018205873899
.smartadserver.com/ Name: pid
Value: 5454639609193321319
.openx.net/ Name: pd
Value: v2|1686928558|vMgavPkWgy
.bidswitch.net/ Name: tuuid
Value: b8b1c5dd-311f-4b74-a5ab-3670119c0856
.bidswitch.net/ Name: c
Value: 1686928559
.bidswitch.net/ Name: tuuid_lu
Value: 1686928559
.turn.com/ Name: uid
Value: 4122164205742939257
.adnxs.com/ Name: uuid2
Value: 5821511692898312231
.contextweb.com/ Name: V
Value: APiRrPip1RCL
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1l6y|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: a14522e88bc62cf1
.yahoo.com/ Name: A3
Value: d=AQABBK98jGQCEAzSgA55ehEV23xgeTMg17wFEgEBAQHOjWSWZAAAAAAA_eMAAA&S=AQAAApCT0OgHD2LoIVODSGJTZw0
.technoratimedia.com/ Name: tads_uidp_88
Value: 3824247375559484309452
.technoratimedia.com/ Name: tads_uidp_77
Value: mkQvpILxihqWfkLOTzgaNbz4D4eE_oNdTG2bD05veSI
.technoratimedia.com/ Name: tads_uidp_44
Value: LIY28C7H-1N-72XJ
.technoratimedia.com/ Name: tads_uidp_46
Value: 76892878629251516
.technoratimedia.com/ Name: tads_uidp_79
Value: 7f106513-402d-4964-922b-c72193c73ca0
.technoratimedia.com/ Name: tads_uidp_37
Value: 1e18af30-1a73-3804-9a85-e685ddbfe50f
.technoratimedia.com/ Name: tads_uidp_48
Value: 4e8c7b74-e48c-4979-953e-3bafdcfdedf7
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAL4YDc8UxecwMmdkOcAAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: fc740c88-cbd8-41a3-8db8-dbfef0863840
.technoratimedia.com/ Name: tads_uidp_80
Value: y-mhBbOJBE2uENq71dS8NlYQOQki0cJZ0K~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZIuyW5YQzkpMq0ddgUmvPgAA&046
.technoratimedia.com/ Name: tads_uidp_50
Value: 49ab4535-66db-4a65-9b7b-24788ca6be80
.technoratimedia.com/ Name: tads_uidp_61
Value: 212186620633987
.technoratimedia.com/ Name: tads_uidp_73
Value: AAB1nU7JGPkAACD_gfYx7w
.technoratimedia.com/ Name: tads_uidp_62
Value: 3298907316634610000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: eXQeduuHZ9gknAea3EaX7rxx6f98Jygo
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-dc45b790-4fca-4113-84ab-5f319740e31b-005
.technoratimedia.com/ Name: tads_uid
Value: A42684DA40694E48B36D7397BF65523E
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230604073159+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.mathtag.com/ Name: uuid
Value: eb9b648c-7caf-4f00-af0a-6ac16b6fedf4
.outbrain.com/ Name: obuid
Value: 8738d655-13f2-40a6-a6bc-791b99a78504
.zemanta.com/ Name: zuid
Value: qMXnGoDn0bCznGKqR65p
.adsrvr.org/ Name: TDID
Value: 052146df-8fcd-4e08-8e97-b362036788f1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-48fb3a85-af74-50a2-7ed8-37ab99324174.p4YZcsGqqWupSdNKFv8CbijZk%2FOP%2BGjf0YlCjoGA4G8
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ASPs6ha90UKJ-2DermTJBdGAJ-Sw.H2jUp6HYWJRtMcI0sSDyFeAK%2BrMK32fRL2Ce%2BqCsiQE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ASPs6ha90UKJ-2DermTJBdGAJ-Sw.H2jUp6HYWJRtMcI0sSDyFeAK%2BrMK32fRL2Ce%2BqCsiQE
.ipredictive.com/ Name: cu
Value: 448fb763-103e-46f4-aae1-1f06086700b0|1686928559266
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZIx8rwAICGzMHQBI
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7883e645-30bd-4b92-ac0e-160d050aa984-005%22%7D
.deepintent.com/ Name: CDIUSER
Value: di_952b47a37ad84e54a73a6
.openx.net/ Name: univ_id
Value: 537072971|052146df-8fcd-4e08-8e97-b362036788f1|1686928559639141
.360yield.com/ Name: tuuid
Value: dfcc6c7e-e57c-4322-88aa-15d248f53001
.360yield.com/ Name: tuuid_lu
Value: 1686928560
.rubiconproject.com/ Name: khaos
Value: LIYPPJGL-E-ADNX
ads.avct.cloud/ Name: uuid
Value: 0a683625-483c-4bab-a4c0-f9cc6839db83
.creativecdn.com/ Name: u
Value: CSpya5oZkrqY6J6ZWBR8
.creativecdn.com/ Name: ts
Value: 1686928560
.socdm.com/ Name: SOC
Value: ZIx8sMCo8XkAALcHl04AAAAA
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7883e645-30bd-4b92-ac0e-160d050aa984-005%22%7D
.tapad.com/ Name: TapAd_TS
Value: 1686928560224
.tapad.com/ Name: TapAd_DID
Value: 6c568d48-7976-49d8-a2c4-12d0257d15ea
.google.com/ Name: NID
Value: 511=rkD-6kWx2WUEjX8qZwHBT7zHHJXqsfzZvYtJAxsj6C53vtlh2j6mIvaJ8SGl0EN4hXFatvtunwzmWUCiUhx83_4lDUUXdeOoj87HNhcziZWU0hsmrkJ0YkSdfgDi1LaFob7UB5ifgmpKHM3yDPQRiQIZnXcC3HctjVb5Xiodfmg
.bluekai.com/ Name: bku
Value: ikG99nOXMsuWyXAZ
.bluekai.com/ Name: bkpa
Value: KJhz0XN03M9D9mY70Pl32SEOqo0miicx7Be0al9c/EBkhvQWadg67Vbbbw3qqIZctubOg+SFq6mdrVc+GAFGd74foTFKqN79gFXZtydE8ZrKg8fxnxamQczgdlOZXqE7NLl+ykpmOwM5tXAd7Yc9rdarEIN9QJ+tcnFV7cTK8EtCG53OiadYxLHNcMOjRcDDDuOEheovZPE/x/1LxLU6cNdgyTzWgcumH2ZQv312nxuVQ482ujs/3ikOCt71bMvZtuzZrf3ArDCDDhNDP3UqfyW97ABno9==
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIsp-999Oh9zsQBRIWCgdydWJpY29uEgsI9M2dgNSh9zsQBRIUCgV0YXBhZBILCJj4pIHUofc7EAUYASABKAIyCwiY8Keu6qH3OxAFOAFaBXRhcGFkYAI.
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!4023
.rubiconproject.com/ Name: audit
Value: 1|B6uts6p6q9lHRh7OL/G6GZCALDEU2NUj3e1WMKS6lpF+xL8LlrcUaMGREH9I8mfx9ZzDjL5bjt0iZ07GJqnMno4BjqNRGrmz
.linkedin.com/ Name: bcookie
Value: "v=2&289ef235-61f1-43b6-8b78-b8ab38dfc186"
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2547:u=1:x=1:i=1686928560:t=1687014960:v=2:sig=AQHRLdRi1WjeEJQ25iLOGsXz2SDcmnrQ"
.admanmedia.com/ Name: admtr
Value: c48efcb7-af23-486a-9bab-5bcb0335e19a
.admanmedia.com/ Name: ac_r
Value: CS71
.criteo.com/ Name: uid
Value: 0d6579b1-0f67-4757-abcf-808f7643d917
.softonic.com/ Name: cto_bundle
Value: PFevUl9rS0gxMVlHVExZN2k2V2pOM2hEcXZiQm9peFFaZzlTbzdrNFlVb3hyUG00SFNaZmN5anNJM2JXJTJGV25ZRVdDZUo1VVpTUnhqN1Fvcm4lMkZoS3BhTmlIa2FvM09PZFhhRk5rNm4lMkJyZlUwNkxjdFNzSE1tZzdwb2pLTFhLdktDU2dLWEN5a29FNzN3QVlHTFhnaUE2Y3A3JTJGQSUzRCUzRA
payback-2-the-battle-sandbox.en.softonic.com/ Name: _dd_s
Value: rum=0&expire=1686929456716

11 Console Messages

Source Level URL
Text
other warning URL: https://www.google.com/adsense/search/ads.js(Line 211)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript error URL: https://8proof.com/app/rtbmarkup/5111?id=509471561857&ctd=51034&crid=1192&ap=ZIx8rgAAMyIKs8oPAA6IolFtIMmOqRA_6IC2mQ
Message:
Access to font at 'https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://8proof.com/app/rtbmarkup/5111?id=509471515746&ctd=51034&crid=1212&ap=ZIx8rgAAMyAKs8oPAA6IoniFcE7wsCSmVJU83A
Message:
Access to font at 'https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://8proof.com/app/rtbmarkup/5111?id=509471561857&ctd=51034&crid=1192&ap=ZIx8rgAAMyIKs8oPAA6IolFtIMmOqRA_6IC2mQ
Message:
Access to font at 'https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-600.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://8proof.com/app/rtbmarkup/5111?id=509471515746&ctd=51034&crid=1212&ap=ZIx8rgAAMyAKs8oPAA6IoniFcE7wsCSmVJU83A
Message:
Access to font at 'https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.8proof.com/ads/assets/fonts/montserrat-v25-latin-800.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 21)
Message:
Access to XMLHttpRequest at 'https://en.softonic.com/ads-download-url?appId=e9b8b260-96d0-11e6-98d4-00163ec9f5fa&appUrl=https://www.opera.com/partner%3Futm_medium%3Dpb%26utm_source%3Dsoftonic%26utm_campaign%3Doutdated_new' from origin 'https://027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://en.softonic.com/ads-download-url?appId=e9b8b260-96d0-11e6-98d4-00163ec9f5fa&appUrl=https://www.opera.com/partner%3Futm_medium%3Dpb%26utm_source%3Dsoftonic%26utm_campaign%3Doutdated_new
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

027e28abfa7ad5d8a4e1e0655509483a.safeframe.googlesyndication.com
8proof.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.avct.cloud
ads.pubmatic.com
adservice.google.com
afs.googleusercontent.com
ampcid.google.com
amplify.outbrain.com
analytics.google.com
api.assertcom.de
api.btloader.com
api.privacy-center.org
b1sync.zemanta.com
bat.bing.com
bcp.crwdcntrl.net
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.8proof.com
cdn.id5-sync.com
cdn.prod.uidapi.com
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
cs.admanmedia.com
cs.iqzone.com
dsum-sec.casalemedia.com
eb2.3lift.com
en.softonic.com
esp.rtbhouse.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
images.sftcdn.net
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.deepintent.com
mug.criteo.com
oa.openxcdn.net
oth2kklpqszcjh2u2.ay.delivery
pagead2.googlesyndication.com
partner.googleadservices.com
payback-2-the-battle-sandbox.en.softonic.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
r.bidswitch.net
rtb.gumgum.com
s.amazon-adsystem.com
sc.sftcdn.net
script.hotjar.com
sdk.privacy-center.org
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
softonic.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
sslwidget.criteo.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.outbrain.com
u.openx.net
us-u.openx.net
usersync.gumgum.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cdn.8proof.com
cs.iqzone.com
en.softonic.com
sync.adkernel.com
104.127.84.215
104.18.35.34
108.138.106.49
108.138.107.138
108.138.128.34
124.146.215.44
13.225.224.171
130.211.23.194
141.95.98.65
142.250.65.198
142.250.80.98
15.197.193.217
151.101.129.91
151.101.130.49
162.19.138.118
169.197.150.7
18.164.107.227
18.164.96.77
184.28.206.17
185.184.8.90
192.40.39.223
198.148.27.140
199.127.204.171
2001:4860:4802:32::181
216.200.232.253
23.105.12.170
23.197.21.62
23.77.173.185
23.77.173.8
2600:1400:d:4a6::29cc
2600:1f18:4e9:5a07:38d4:5f6b:456c:5f55
2600:9000:2510:bc00:5:b7cc:d3c0:93a1
2600:9000:2511:5400:a:e047:753:be1
2600:9000:2512:9600:d:2044:5c40:93a1
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:10::6816:3456
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700:e2::ac40:8004
2607:f8b0:4004:c09::9d
2607:f8b0:4006:806::2001
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::2010
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2008
2607:f8b0:4006:820::200e
2607:f8b0:4006:821::2003
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.92.38.212
34.102.146.192
34.111.113.62
34.199.137.96
34.96.70.87
34.98.64.218
35.190.39.111
35.211.118.13
35.211.178.172
35.227.233.104
35.71.139.29
44.194.73.244
52.1.59.237
52.116.53.150
52.207.45.55
52.46.151.131
52.86.34.19
54.172.162.57
64.202.112.191
64.202.112.63
65.108.134.244
67.220.226.234
68.67.161.208
69.173.151.100
74.119.119.139
74.119.119.150
8.43.72.98
80.77.87.162
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
05699397165d3308edffb34d389180b73436daeb762b248c2fcd82703c07cea3
064403a47dbbd1a8c1dcee59b2859b70356faa90ba53fbb676798b8223fb6f83
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f01dc583b02be72189e6fa59533a981838f158862a65b0fb0e4d94c567db35
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd713f2d27bdb7993d0e492ee9c65529080343162c6cc11093a18bc3c911ec8
0d85f395cd46a59873728519df62c418447e4ad7fc9b1b77d3a8d31ed37d9ecc
11f5e4de72141a50d703cda705b8d506bef38703f7c3be8a89c5246e25e8ab7a
141d10901e6e6391e48a585cbeca990d65f628c2c3f0881f0cd1d3aa56c664cb
17291071ef8a4b9c674355fbe2e3945210d8cd572dc9eae27dcc7596162f3e2d
18215decdf58b38c1cb47c012eac437cab735cf36e0dde09e02807e47952cf9f
1a1d8ef69b5711dc60b097ac2c25aa45e65eb1baacd506cd4969140f03f821a5
1becc3540a3ea6804b73defa8cf1308bb04b2bce536b18cb9ac3b4eae6bbc21c
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73
1e8565c2fefd99bae229bf5912b8a400f64eed0f6e6762f7101771328ea1bd48
1f4e51ea9c561d5a9258d3e6185780f8255cdab21aa19f15650df545165c5c83
2088f5aa1ebfab0d8de47886b0418c34f5b36d5b19286b9c87616547dfa3562d
222ca1edf9c60d26bbd5bc21a09a5f255f12a8b51d09237edb59c19e455ed50f
23e536a6d1561890b1908b1396c6e7911eade6f3bb216fe40d1790f5cffdd271
26ca28a8776f1aef354f6f7e5b1a28cbcb7f8894a344fb01f02a37e7abba4fe8
2737d87f0b977ac0e5adc916c826b96b74ea37e1faf19b3afe2ee161ed700e3d
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
29a6e44de81a864485015f9623497c4729266f2be8244bf442caf96b53d43d82
2b4c451ec4299b927e1dbd2f83ce6e700791c6a5ae8006c2d7f570f75770f662
2ffd682978600218b840e3c6f9aeee91c676f7867e43723056e5873043332cb7
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3
325b8d161905c235788081e05224dbb09426286bd2429e15ef80d2d09675ead6
3402bfb0b178920cfafc6d76feb2e4d4e4c1c076c67a8ca29d0b16c55ebc7172
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
39c3dba88e456aced19ce22f0dc47fd7d6c163b6933c22fe6adeccfc492fbf2a
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3b8bf692f9186c129b084b2a85ae631b79255a85b8662fcb9722daced683762a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41bd0e4a51d3be6346b668247cbafc8e6d8c2d00884f243ec78e82669ff13b87
4242e7c20a9295b2ce15bda5e2f6ce7705bfa4177f9cb5473a37bd0d77ff4310
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
485d4fd0f7ce6ef94041b163efa4b8e9931b8ff3027e902cbfd740bc57429ead
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb8fc8c6733c923309b4cfc3edd8373aa588f8309a50c13638eba579bd40859
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5535b04ce57cc74aa8e305ed5c2255d14aeb1dc52d1ebe2081f75f9470babeb8
55905f7b3c0cb367751791a71d4c4c6518d40275f764685a0cbf00ffec6a8804
5802bd50e322e9ff01e5d5e85fe434dccc2c4f0e89ad2662d7095ca488a45fec
5a1fc5ea4f2dc7784214f3950b4f5542255198909655590e1fc181a909e73968
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60a87520e71b3795a6f6c1610a4c4f49f0f6ece6b09fd6851fac21f917e1195a
625a58209585a0233f023ab9973809edaf28b1446402edc069ff71d4533881b5
630b168c00ec2c79b90aa78252b416d12ed58cf5551f053f9c6aa6ca26ff206e
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
64a47dc31815a9e1707c28b59dd18e2a96a61be58026bf847de5420593ef7b02
65a5f06c8dff9cd0ceb7c0e4b48d917bdc8ed613a0cb281e1cc82a4cefb2a2ed
66e34af3791a63c399ab42b8611649b03e9f1151301733b84a31c46ac7044454
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c9e150fd78bf812a62ed5df3da6da56bbc4583dd66107099707fc5349679758
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a
6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e
6ef4ec79abf2124328933f87b397b40528f041cad0684e42b0b8c24bea5eac31
6fac00529b89548f560b8f75038066bf6dd1cb7c7ace9a9cf92719f8601ed89a
7131943767b60284e2cabc5078d9dca3e2b98287ef549916ce192b127afc5b33
719a4290222444c3739f27b7a72dedd00d3f63a2ee1c93448d46d5b80cef4245
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72f4838268cfb3fd2509c8fbe404788fcf6242d2d1a5c91b9c535257e2e9cf41
736eadfa15772323c2cf0655d6b9d82c5f1a439d232a8618e06102a21c07305a
74b9570dd1fea70495944638939e2fd842d03482a72d89e92e84a80fbd0a7c39
74cfe810b9c516f53664b35c4f89e90073fbbd03da994fc299636dc0bc3ae23d
74e9e0b0ddf0f5ca3ef65df8d565cce03a7612817ff6dde265f2222fb85a2525
7723a12707862ef77e0ef6ec14d57fca04486590ae9150eb2a3dd80749e17c08
786694dca8c44f7cb139d13c2e96c62afd9823fc609a9f75bf5fa547ee686e16
7942c071ba410cca851fd005dbe533d91d5ad5668c18bf6643991f69559f9416
7d01297b77a6e9e8b63de7649a17a2def504a2e6e125e91cc71857d5e51ae816
7dcb1f79911894171ef7b9d117bf29a31c86753b0abf72f2ea86e7484b2f4280
7ee80715d659ab0c4bebf281e5b14f7c8efcde31aa236731781d463e9237e560
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
80cd4bb42ae5db873104aef0b9cb4f6e55d72ea7440eae108640d9779d258c14
8117ea09b5caab594dd88ba8826f107ef9f3a5f91e36b1f89672b03dc33ae48e
81cb046ce8bc7d7a6cbf4f9f81eb242a810bb1575cde53828c31706c92304d51
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88236815fea74615dd07b84215acafddcbdbccc46d71ead4d96237b3e1270f04
8f1065a4ce53a0c495900c1e798206784f2a7842bf4462a74d97ca06f7c391a2
910d03b1a50b59a01914f2a1caa5aee09136041d1b76c8938c897ed38c95a460
9653fbd6ee7a03421660e98228c44951f599f58e01bfced389d8a8b587bf22ef
968740682f6a201a528345c3f2ba667031c6fa3ac0532b1ad50b135a05bbadf1
972cf12825e9215f90a0e643c653e9425754a9df60c0d1fb46c0ac2ea8a60d2c
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
991af7dd3de951ca288e28e445bb9bea1787505ee067ff4d871964c216fc430d
99d5644e31644faef79df33a6d89278140cb2c37a77046dfebb4cce51b2a05d5
9b0e664fc85cbb5f3fbdc5486c54cfa806b25d75ef9f2e8e329f813a8b9704fe
9e071a5a05a3dcbb99787852a3e52ccc0d7f49d4282627e6c9a7e3fc4183d156
9e495f6b1513fc3cb5a4b4ca17b38112028276aae572fdf565f64c47fe206130
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a62f22b1ea19141932bc6bcd209fa72a1c03094d1fc8b566d480051e3aae14ba
a6580e6713792edc7dd36a72c6af4f93d48bc4cf302525540ca10642d5206e37
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a7a970757782d15ebfb80f54b154d7e4845fb2226799b92bfaf6042e8e8243c3
a9664295397b85958955f42005ca77a9daccaeb55687cf4bc12ac781e41a9622
aa0a093e4ab14ef619b40f8211dff362caf855c317be5c26d93e4d8bec117aac
ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557
ab5a1701594d411ad6f76607be52f4b3b2708b2d2df9672573df9444bb693c61
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb1abd7116e473e8d0a3d27d6d003dc6a21f9b5ca234980067bd562e718d0f57
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c108d58def3510609995ed245508bf4c9eda3b759c6334d5c205690012d1a727
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
c9a66eec16aefcf23dc44d9456c9f0f0dd59cb08782c2195cd2732989a3911bc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb9e53ebc39f761bd77c3e13efcc9de1de04ca3746505c1bd7db0930ad923b81
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d087a32f4de498511f850c5e7153477592176494f017589bae73d08f7f384178
d1de0cd6592676cec0da073e3946ea3a467a0a15e282b7a6c6067183bb2f5b65
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a
d635d09bda9708c5a14649270950e0943edab5443eb2b2ff0ba1c7ff16bde09f
d8dac4dfb15299ed2b7c3b13a3ee6ad080342ee87638f44190dea188ea674120
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b543e367e5cb57d282d87ab6cc568510b6096ebbbad83d7c24127e76ee1ce1
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
ec95e323d7f3f6d2ae5c9286a60b74f00fdc3348d66605256e7ecb83093384f7
eeee43b23cd416865291bfeb5e5a65801359299d50aca81ac4f202016baa2d4f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b5ea69552a73783cf6f676dbfeb9e9dcdda4041f8735d626a2ed649cd4664
f04c6a33be37053de4e7dfafd9cf5e783874d4b11190a7e02bd01adf971ffa2d
f3669b0e93eb4d2fd43ef750b28394d113554adafec90bacdaecb994e73f436a
f51f8b58bdb64d159ae18b0221b696e94f8eb4f2714b6cd1362b2b6f65ca7ed0
f5b6e38f1d9784f32daed2ddd7bb37aca41b2cc6f0e33f846dceeb7b9d2a5950
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f799ebf29f04ec59dd3c4f76fce9bb2be188ff9cfbf7721df303f15a4570df50
f8cb3417715e1f98e281c70c4a0cfa4d8b2934bea25ac91bc9f0682259a8f3e1
f9dc00a29bb76d8400dcdc45c36a160d3e5bd4b3b376712f0673279f0bf84ddb
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719
ff73107a302cf5e5b2939f47b86fcf27e9f25c679cd5b05dd8a39d17ddedf4ca