apkfun.com Open in urlscan Pro
2606:4700:3108::ac42:2892 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://downloadapk.net/ECB-iMobile.html
Effective URL:
https://apkfun.com/ECB-iMobile.html
Submission: On February 06 via api (February 6th 2023, 9:25:15 am UTC) from IN — Scanned from NL

Summary HTTP 150 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 19 domains to perform 150 HTTP transactions. The main IP is 2606:4700:3108::ac42:2892, located in United States and belongs to CLOUDFLARENET, US. The main domain is apkfun.com. The Cisco Umbrella rank of the primary domain is 447604.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.

This is the only time apkfun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2606:4700:310... 2606:4700:3108::ac42:2892	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:400d:80c::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2008	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:310... 2606:4700:3108::ac42:2884	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	142.251.208.130 142.251.208.130	15169 (GOOGLE) (GOOGLE)
1 2	34.240.83.138 34.240.83.138	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:400d:808::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:9000:230... 2600:9000:2304:a400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f18:1ac... 2600:1f18:1aca:4282:3b68:43e7:2814:3754	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
150	30

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

downloadapk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3108::ac42:2892 (United States)

ASN13335 (CLOUDFLARENET, US)

apkfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:80c::2016 (Ireland)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2884 (United States)

ASN13335 (CLOUDFLARENET, US)

xpusher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.208.130 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.83.138 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-83-138.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:808::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2304:a400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:1aca:4282:3b68:43e7:2814:3754 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	477 KB
22	apkfun.com apkfun.com — Cisco Umbrella Rank: 447604	141 KB
13	criteo.net static.criteo.net — Cisco Umbrella Rank: 647 pix.eu.criteo.net — Cisco Umbrella Rank: 7989 csm.eu.criteo.net — Cisco Umbrella Rank: 7891	1 MB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 283	219 KB
12	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 400	89 KB
11	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 325 ad.doubleclick.net — Cisco Umbrella Rank: 184	132 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 764 static.adsafeprotected.com — Cisco Umbrella Rank: 616 dt.adsafeprotected.com — Cisco Umbrella Rank: 557	98 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	86 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	193 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14173 ads.eu.criteo.com — Cisco Umbrella Rank: 7817 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9740	49 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google.nl adservice.google.nl — Cisco Umbrella Rank: 14078	696 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 198	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	602 B
1	xpusher.com xpusher.com	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	43 KB
1	downloadapk.net 1 redirects downloadapk.net	522 B
150	19

	Domain	Requested by
23	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net apkfun.com
22	apkfun.com	apkfun.com
16	pagead2.googlesyndication.com	apkfun.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	s0.2mdn.net	apkfun.com s0.2mdn.net googleads.g.doubleclick.net
12	play-lh.googleusercontent.com	apkfun.com
9	static.criteo.net	ads.eu.criteo.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	googleads.g.doubleclick.net s0.2mdn.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	pix.eu.criteo.net	ads.eu.criteo.com
2	ad.doubleclick.net	1 redirects ads.eu.criteo.com
2	fw.adsafeprotected.com	1 redirects apkfun.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.nl	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdnjs.cloudflare.com	apkfun.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	apkfun.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	xpusher.com	apkfun.com
1	www.googletagmanager.com	apkfun.com
1	downloadapk.net	1 redirects
150	30

This site contains links to these domains. Also see Links.

Domain
play-lh.googleusercontent.com
play.google.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-07` - `2023-03-12`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-24`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://apkfun.com/ECB-iMobile.html
Frame ID: 0D08D1BCCF2DDF0E8A7F310B64CAC711
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
Frame ID: B418EE6C7B19210B95B87CDD9344BC59
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&adk=1812271804&adf=3025194257&lmt=1675666388&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508950&bpp=4&bdt=472&idt=348&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7080049413303&frm=20&pv=2&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=381
Frame ID: E728332414D118DC01EF870D919F3021
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=514359217&adf=3115031309&pi=t.ma~as.4327763561&w=1200&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=1200x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508954&bpp=2&bdt=477&idt=387&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Iy28TwIsu&p=https%3A//apkfun.com&dtd=393
Frame ID: D030F5A4DD781D0EBC2168D7B017F234
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=1911565477&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508956&bpp=1&bdt=479&idt=394&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gmH3YhIWHY&p=https%3A//apkfun.com&dtd=397
Frame ID: A6609E5EA7F26FCE5ABFF86B4A0C0F93
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=3855964555&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508957&bpp=1&bdt=480&idt=403&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C724x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=f650aFsiCC&p=https%3A//apkfun.com&dtd=412
Frame ID: DE84B18870A5678E4720C47E05A32261
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7EE650438B82DD69A3F2222DA621EB11
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EB2D33B06B3E53073CBE0F78354446E8
Requests: 2 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBgFs2dK-R7pWR2P-Va3P22gvEhxodbI-bLUx-_8zar5HQtRQ0qLgc0pOQaZBGzak2bryL8XQz8tIy_tIlERqNWhr6Mrj1bLkLt3F9XaCmYAdPbC4ZvbmQCl445E4b2yZz7rC3GmjNySG7kRVDFh7tMlQu3QkTBLTu0kMLT7xV0T_XVAQ5HLotRXwQQiW9WPFGZwjTKBRkvkvQQrm9Wezmw0qbjZhBwSMKqYYCQ7FCAbJUox40YWsKgbyou3qZ3moKP3yC07Yhjl9_0K2NdYXfKiE6Vvcbn1DYE4FTO7ztrEPp_RJsRacYeAaOu27JGx2CUo2yQ1ZHR4dH5n-vUwxwd0Xh10EeOdzLvIMojqkqKrjP71NTeZUr7KsZtAvKl7ffrxFsvGBzZcxDfSEHbnq8itsv8831_8pYKD3iDTtqnHfZg3yXuVSN91EiIOtEB3okrdofxpC6XTOjGtERjl1202mhS4rXepRDybWVRrzfuDsTnqIZ0syO8od3yq9AZvyDlWQKbCpypy-8Gc5uH0AZhSd-et4xPrhSKiRJwfWaRP9Tt5m4qfQDwelhe3KOKHyKgFrc0lOYf3nwHLkVDkd7Pb6aTHGEvLdPKs5F6YwUnVo2LHaM8imO7DSV92u_mDy5qywPw1HQUYwmyKkW5Wz7IMFkNg3z3cjyqMxdmo2LhqAaVH0_oKEs4QYhg8Gc_z7nblbDFIS48rWHYuGZ6Szl2sMd-dpj9B7bnhbQZj8ID5nxbOs8Mn2A8YSB_PhO8Aqef8g2c6BpwZ-Lohb6owstZRWIV26pcHLSfVojpoBFYwRthaBkln3UE2j8v2rulOjWSZz0T-zRK4BZ_GjCRzMl51JMYCJVYYVgLO2Jy_tVhLlST6lmiYe9tGmHiIOmYdJPC0651EtLpTR6GmaTTA_scTuHn7a_JRDFNTAKSZ31yAtbEQoK_k63UL5JZMArT3oJsk_LwgCay-z7ODDYe7ITI7sg9arPuFwh38NWad76jNvOkKWQaDb637DizjT8MDUGOPCPfw&sai=AMfl-YSjHORRyKfZfEa7I_svv-efvLiPeIVGQrpG8ltt1Bb_285XcwkiQHHqvlv5vmYQDvP40oPOWn4fG_9LqggYsOQ49_DWAx9aYerZCZ74i_gKNsuq0b_B6dTPVgaDM1bVq7I2Gi98wUl3buazeHTMFy8HHoU4dfLROcmodsHdgWYyqH2b-hlbMreUKn6MnnIVWPJeJL-W6DJWCOnrEmujyKWPxwMjBqjhsUBY67bge0A&sig=Cg0ArKJSzPhFI9CihlgKEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: D4EADC8A1B097607B93C18A22FB5B13C
Requests: 17 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-DHdQAGJp8CO8whAAPcjzC16QO7VlHKSNqltw&u=%7C4xXlFBK7WSHtIFTwGbWrhpsFx8TGWhepjevF2x1WWpQ%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCRr10tlpRuaBWOkc1r1HF9WjffMApX-Sl7yBBQpBjQn5qiE7PoGxEtZCX119z8oQKgiJb4o9jEbZQAIaLnXmyflMa9v2f62sut5o_Atr3qwScFMmQw-iOIZZkgnjDJawjEbp16Z6hoLQx4LCRUfSLFYZLYixz_z-PpWh-XKK21SX6tw0FaSQLHJEO92WGSeoFX-Q9H4nG58kDct6JcviszFET5isOunpPyDR_CF_4OEoUckPpnKBFd8vMtWuVk-gMaqKSlD7mw5cUdG2HDYcp-dvbxn4kqT_Q5-YVuUkBj4IVSBJQVrLxeaQMuvNjV0NeCX8ZW65icqIOBAqUcFen1Ip5NwixNIrIAe_Wl18o5oeoXtS6uB93bCDmO-NHxvyNpL87ZpeYj3oeZy671ueR5saZ1ZOiBt4djL4xCpFK_SOhq3yh__T5w_VfBITI7k_pPmq7Tc6Ig0VShB4ZUFeABdKqgNr9aE3mBhnowqyLgDzD022RBw0dJ2EIReeiewtIdnhOLPu7njrzcYpnUi8p0eZBNvmzyj8UhFFhcMzMIdgCcytCHuZcyNpKxSekOdzgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy7YedcfgY5_NGKGY78EPj7mPyA_JntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi04ODk3NzIzNTA4ODcxMzQ1yAEJqQLecM3xcByyPqgDAaoEyQFP0GoKc1cKWmHxEJG35NtvdwPL65WabUYEcq1YVNt59nXZ2YHZ6uFBWY7hZeuJ8oFtBTA9ue5xImOfoyqGGgT-aYQkH9VSMbv-qeX5UglOFCmK2N6jncvFomCzlm79TEST9hgIpyNt_73xb0jOfKsAQ6P3uGaOSev8eDFR9IVFiupghdBnC0zmVqPL8_4BjtqDEUwhq-AbYPGa8zRWV3vANyNyjwqFfcKpebWcJQ4U1Pebu7F3ojT1OEK42kG0Ccy09OegcoHjdJaABvSVmK_q6r7gW6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ylYJsScplqAtcNFB0rz_J7IbSdA%26client%3Dca-pub-8897723508871345%26adurl%3D
Frame ID: FDB3CD02DACC7FB6FA2303E949B016C4
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 34AC0B8295971DEB1DB34E209C76CD2A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html
Frame ID: 6216DC21E49EFE88B68C44C0829553EF
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
Frame ID: 55F9D7D4CC2C7A9B5E95F88C94CFE26A
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2A27DBCB0E2E34AA4E779F8DE9FDFE45
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 2524CBDEF5C12428EADCA3604EBE4DC3
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js
Frame ID: 136F883A2A08E8ABBBB8B801B4637C19
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js
Frame ID: E001F8480052E145EFA97C1C08BD6DC3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ECB iMobile APK - Download for Android | APKfun.com

Page URL History Show full URLs

https://downloadapk.net/ECB-iMobile.html HTTP 301
https://apkfun.com/ECB-iMobile.html Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

150
Requests

99 %
HTTPS

87 %
IPv6

19
Domains

30
Subdomains

30
IPs

4
Countries

2935 kB
Transfer

6815 kB
Size

7
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://play-lh.googleusercontent.com/cr423ibclZRu4R5_UHtqnKLj-yCrJKR45MrbqWSRTADidEv8dwmE2IE6KIY89AwIDE8=w1024-h768

Search URL Search Domain Scan URL

URL: https://play-lh.googleusercontent.com/XVwOifOt5b4WXjl_atmt0vwzWdqyn_zjDSOG5khqvVq53O6K3iSeHLFcKoS6UzH3eEc=w1024-h768

Search URL Search Domain Scan URL

URL: https://play-lh.googleusercontent.com/-Lqs-ahyMKcxPOoLi2BUAn6bLZC_UYDz-hU95zAfzdFrRFWqU46tQq5CeuD9ytXxdQ=w1024-h768

Search URL Search Domain Scan URL

URL: https://play-lh.googleusercontent.com/vuRMN3B5NCvoTdMbyS4Di52V1412zjx_lDWEKLrKgX0INA5EQKfEs_fc-Y2cIMVdaA=w1024-h768

Search URL Search Domain Scan URL

URL: https://play-lh.googleusercontent.com/YtkvGC3m_VqdIjnBFhpz3vymgvqXMsX1zC6jHVCw0TsneUhXceuz0SUYYb99T-o-yJs=w1024-h768

Search URL Search Domain Scan URL

URL: https://play-lh.googleusercontent.com/8H3fWlGEftjsvcsvg9fpE42khcHnD-Dacn5Q0nBX11B9_3OtXZFx5yAcS-gkWALaPA4=w1024-h768

Search URL Search Domain Scan URL

URL: https://play-lh.googleusercontent.com/Y8otpINEwBX_1AJkPYhBRtFssqXPP1X_pHHxiAhjpIIarLbVBpG1BlSz5SuQChrx8Q=w1024-h768

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.everettbank.imobile

Search URL Search Domain Scan URL

URL: https://www.facebook.com/APKfun.official

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://downloadapk.net/ECB-iMobile.html HTTP 301
https://apkfun.com/ECB-iMobile.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://ad.doubleclick.net/ddm/trackimp/N295801.154378CRITEO/B28625941.348062085;dc_trk_aid=545659306;dc_trk_cid=183960552;dcopt=anid;ord=63e0c7756f3496c30c533b961b429945;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N295801.154378CRITEO/B28625941.348062085;dc_pre=CN_vsNzJgP0CFc4Hiwod_f0IDg;dc_trk_aid=545659306;dc_trk_cid=183960552;dcopt=anid;ord=63e0c7756f3496c30c533b961b429945;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=

Request Chain 105

https://fw.adsafeprotected.com/rfw/st/953900/61623476/4.js?adContainerId=brand_safety_dcfgY5PiGcPB6gSfuIK4Cw&cbFunctionName=goog_wrapCb_dcfgY5PiGcPB6gSfuIK4Cw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fapkfun.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fapkfun.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8897723508871345%26output%3Dhtml%26h%3D280%26slotname%3D4327763561%26adk%3D1251080768%26adf%3D3855964555%26pi%3Dt.ma~as.4327763561%26w%3D724%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1675666388%26rafmt%3D1%26format%3D724x280%26url%3Dhttps%253A%252F%252Fapkfun.com%252FECB-iMobile.html%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1675675508957%26bpp%3D1%26bdt%3D480%26idt%3D403%26shv%3Dr20230201%26mjsv%3Dm202301190101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C724x280%26nras%3D1%26correlator%3D7080049413303%26frm%3D20%26pv%3D1%26ga_vid%3D934315416.1675675509%26ga_sid%3D1675675509%26ga_hid%3D1576806751%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D383%26ady%3D1977%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31071766%252C44779794%26oid%3D2%26pvsid%3D3766259181113785%26tmod%3D1058002568%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26xpc%3Df650aFsiCC%26p%3Dhttps%253A%2F%2Fapkfun.com%26dtd%3D412&adsafe_type=bed&adsafe_jsinfo=,id:4bf6c227-ab7e-cce2-3ba2-7dc86d5cc9ac,c:3qNcIt,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-846cfdc89d-glt25,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.414.345,am:sp,cc:0.0.414.345,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tv4DFHD+11%7C12%7C13%7C141%7C151*.953900-61623476%7C1511%7C1512%7C16%7C17%7C18,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:17,oid:26d6b80d-a600-11ed-b5ba-b6c860b1d01a,v:19.8.390,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_dcfgY5PiGcPB6gSfuIK4Cw&cbFunctionName=goog_wrapCb_dcfgY5PiGcPB6gSfuIK4Cw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js

150 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ECB-iMobile.html Show response
apkfun.com/
Redirect Chain

https://downloadapk.net/ECB-iMobile.html
https://apkfun.com/ECB-iMobile.html

61 KB
13 KB

118ms
59ms

Document
text/html

2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apkfun.com/ECB-iMobile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03faa8cd255e13cae862449c149b7e166342ef3efe25694e8262c54741498c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 8961
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=144000, s-maxage=144000
cf-cache-status: HIT
cf-ray: 7952d637ac6e1afe-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 06 Feb 2023 09:25:08 GMT
last-modified: Mon, 06 Feb 2023 06:53:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zC%2BRxaI5J8P7GI6p7Np94YrR6vM9g2CZUdCAbqrWxiOcY8nq%2BR%2BLPFDKuMAtRHdOyLmtqG%2FYYrsUU05iY3Fj%2FoUDKe23dX1wW61%2FWynMrf9Fy388yWbYx%2F2Yo8DI9DFlP8I3ZDN2bu8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=7776000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 7952d6371c3e0bb4-AMS
date: Mon, 06 Feb 2023 09:25:08 GMT
expires: Mon, 06 Feb 2023 10:25:08 GMT
location: https://apkfun.com/ECB-iMobile.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXHiqDpHz7umKYv8qGb4A1J6wloUgnXDouMIxjnsy%2F82DWQC3QEEcstKBw5UvViWLlCytIIt998wt16twM6NmpUGTTRwvP449whfgrTg9ZAd58s1PvShAAr%2FNxS%2F3v8z3In%2Fmdo5sH4mgyk0wPk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 style.css
apkfun.com/cssjs/ 62 KB
11 KB 35ms
34ms Stylesheet
text/css 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apkfun.com/cssjs/style.css?2022046

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

973305c149db5176aa238d32bd4264c4c625d05a0c015065c7be845fb4ecd4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/ECB-iMobile.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979681
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-f9de"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9ydQvTHOUR7itOBT3LOT0r47AzuTswRiWyqfi3y0FIyz0pH0bbpIdN6mzyppZrlcWY2UnwUv0sDuvDkQrZMSVMDSl%2B%2FVvuToOPUTkjV0y0ZQbM27ueIFUVlYcDw49Xc%2FIqo41PTlqw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=15552000
cf-ray: 7952d6381cdc1afe-AMS
expires: Tue, 20 Jun 2023 07:53:02 GMT

GET
H2 200 flags.css
apkfun.com/cssjs/ 12 KB
2 KB 37ms
36ms Stylesheet
text/css 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apkfun.com/cssjs/flags.css

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0b7f0a72331d147a2412ca9f5cac111891ee1c7b2a3c73cc8df07b65038626f

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/ECB-iMobile.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979681
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-2eeb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tm9vPErIzur98GxDtz3JVIZE6aRcm%2BrwrqhFSndEF%2B0tbP4Xwk7UGNSM62Hwum%2Fee%2B9a%2FX5V7cQHTiEcErC5sRL9yL9oahd4VA6YGSsdoP3QuzHM%2F2D%2FMkuy8vozbDb%2FNLNs1bSVzyg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=15552000
cf-ray: 7952d6381cde1afe-AMS
expires: Tue, 20 Jun 2023 07:53:02 GMT

GET
H2 200 baguetteBox.min.css
cdnjs.cloudflare.com/ajax/libs/baguettebox.js/1.11.1/ 4 KB
1 KB 109ms
38ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/baguettebox.js/1.11.1/baguetteBox.min.css

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70b31859862eb4792df8aa4daa383b355918490f84d956eb5ec12f3aa53b98bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 206197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 804
last-modified: Mon, 04 May 2020 16:06:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d72-e19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRKqAuZ0upIBhdi81Ndk0nxLlz3UNCjmUgDPAHvqJsMcQJraalMtIvO5lJm%2BW8XiDJzgqqVjsQ5E0QMMvbEDDSQ6lMuIyGk8C3S2XrI2x5PAcBERSfMMkJnyRGV87GKp8kB5T%2BZcrsR67%2Fhf1Cyhc5Yo"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7952d6388e1c0dfb-AMS
expires: Sat, 27 Jan 2024 09:25:08 GMT

GET
H2 200 x1JcQamJhRLkrou6SiU-0vfmaO4ZkYYBbGKikuqit0Ah8my7XZ3FRqgrNShr8B1cyQ=s150-rw
play-lh.googleusercontent.com/ 2 KB
3 KB 175ms
47ms Image
image/webp 2a00:1450:400d:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/x1JcQamJhRLkrou6SiU-0vfmaO4ZkYYBbGKikuqit0Ah8my7XZ3FRqgrNShr8B1cyQ=s150-rw

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

591dc09d5e7e73df098d68b1e5e86ee48512ffc56d253a19e5795b370b92d73f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:05:09 GMT
x-content-type-options: nosniff
age: 8399
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2482
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Feb 2023 07:05:09 GMT

GET
H2 200 shield.svg
apkfun.com/image/svg/ 892 B
840 B 39ms
37ms Image
image/svg+xml 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkfun.com/image/svg/shield.svg

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1251b72ab801370c57593f48ec381ee9ac411a0c7e4bf64d5756f4d38883a5e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/ECB-iMobile.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979681
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-37c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0mbdnayUoehg2XNGIeJUeUDB%2B7QGasdk%2BqymeG5CdiotwQz5wklhiXVcxrDtbOrlGTtw7L2AEvhDl3TaekEH%2FXYSHM1z0UNVN2WNeuQyZU9YPGva1EO1XKHPxHnGRenuO4L6Uv%2B2Hg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=15552000
cf-ray: 7952d6383d051afe-AMS
expires: Tue, 20 Jun 2023 07:53:03 GMT

GET
H2 200 empty.gif
apkfun.com/image/ 53 B
431 B 34ms
32ms Image
image/gif 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkfun.com/image/empty.gif

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/ECB-iMobile.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979681
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: "62dfae47-35"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmITAL17xSdsEytmqtBo%2BN%2Fe3xZef2KbsV6myy392Ej1N2pbR1BPEjPosKob%2BXsZub%2BqHCJ2djXjWVsZhYYqTZWXx1Y5ZU5UHALCC26EtQF5FtYRhn0RMwe0%2BYN3SPHBI1d8xd6AqSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 7952d6383d081afe-AMS
expires: Tue, 20 Jun 2023 07:53:03 GMT

GET
H2 200 google-play.svg
apkfun.com/image/svg/ 1 KB
922 B 51ms
50ms Image
image/svg+xml 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkfun.com/image/svg/google-play.svg

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d627eed8c2e19c983fcf5c9f247de481647540a6895d76eba1375856058e89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/ECB-iMobile.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979681
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-4be"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjtzzCnQ7UsP%2FSpVm5QCTUT0UljH5ftjsUDnpQHy896uUJ%2B4zeSlCGptjPkwVL4yijVTEKWpmKo1dJycq0R3VJXrr%2FsEjYaVBk%2FrbP1XWVGOwMDtcuCPCWb4XP6QZPdMl6MWy%2FFfn34%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=15552000
cf-ray: 7952d6383d0a1afe-AMS
expires: Tue, 20 Jun 2023 07:53:05 GMT

GET
H2 200 fbicon.png
apkfun.com/image/ 831 B
1 KB 35ms
35ms Image
image/png 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkfun.com/image/fbicon.png

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff69b563a74d94a1e4f276c156c6151ac173e0ee542ad877b48a931bbaf78c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/ECB-iMobile.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1890275
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 831
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: "62dfae47-33f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntxv1GqFuJtTLVOqpT8cQvQhQZsQ6vCFDWQp%2B9Z3ky2trpXlD0foHhrvdjYrNaYqijiiiaFL5USCOwlHUITwUdBT0D5Ei2Emq8Fhl0JXmBJjCA1meU9gDvqJ6AzBcLLB0XL8YHHf41I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 7952d6383d0c1afe-AMS
expires: Tue, 20 Jun 2023 07:53:02 GMT

GET
H2 200 email-decode.min.js Show response
apkfun.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 31ms
30ms Script
application/javascript 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apkfun.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/ECB-iMobile.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 17:12:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"63dd4099-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFS3Kw7xUYa9K9HofHpX4%2Fh8B30HKw39lesugm%2BIhLZ%2BpOtv7DBH99nPW4Qq4WnH83L9UMt%2FePeYvxZJhgR3bVzdGEXAjF67WGBNRiid74zuL4vNwOAmSKMvPqpOFEfCjlgPhddsRb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7952d6383d011afe-AMS
expires: Wed, 08 Feb 2023 09:25:08 GMT

GET
H2 200 rocket-loader.min.js Show response
apkfun.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 30ms
30ms Script
application/javascript 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apkfun.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/ECB-iMobile.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
last-modified: Fri, 03 Feb 2023 17:12:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"63dd4099-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h98jKm35oic9uhbPlo69Za56dcl7rJXKzrio7dy1enhMAWjLLeEOfG0IH6L329xpgbtJ8ZQsd%2FsTqkX0g3mcvAvW5AE%2BK7uH3RQeEwtJm4tqtYxbu9G90TIhiv7V%2BLwGJggKhL0nADs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7952d6383d0d1afe-AMS
expires: Wed, 08 Feb 2023 09:25:08 GMT

GET
H2 200 allsvg.svg
apkfun.com/image/ 25 KB
7 KB 37ms
37ms Other
image/svg+xml 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apkfun.com/image/allsvg.svg

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b9cbd3aad22afc8a5094d5630b0d8ca6eaca272a265000a4a18594cd1dc3979

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/ECB-iMobile.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979681
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-62f4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpbeZgF87%2BEuDFqF1F939926BHk4%2BGLbl6XSO4lVLhIYE4IqrlLARDhsD3kCOozS%2BfuQHnS0%2F%2FjExU6sxRs4cG4lSaTq53tD%2FCQge3j8vrzHWK34Wjsr3%2FfgftEB3j6h%2F0WZBznQp%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=15552000
cf-ray: 7952d6383d0e1afe-AMS
expires: Tue, 20 Jun 2023 07:53:02 GMT

GET
H3 200 open-menu-white.svg
apkfun.com/image/svg/ 960 B
913 B 60ms
59ms Image
image/svg+xml 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkfun.com/image/svg/open-menu-white.svg

Requested by

Host: apkfun.com
URL: https://apkfun.com/cssjs/style.css?2022046

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

711ae8d5d6faad3a2d76f1ee9405dd69c42e95205cbe713ac75f5faf36bc4146

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/cssjs/style.css?2022046
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979322
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-3c0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afa1uwni0z5jp5piwVXzuqcrXwiBbova6m3DbSrgT2wnWbvxpy7P%2BU3VOH8YoDgfMmHOis6Rj0Qkr4yOtqw%2FtMzwP%2FPu4hbNTCf4tV0rICx%2BVONmd0xTl3TOTirZjHwuMRqCzSxNbic%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=15552000
cf-ray: 7952d638dc4d1c84-AMS
expires: Tue, 20 Jun 2023 07:53:02 GMT

GET
H3 200 search.svg
apkfun.com/image/svg/ 1 KB
1 KB 65ms
65ms Image
image/svg+xml 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkfun.com/image/svg/search.svg

Requested by

Host: apkfun.com
URL: https://apkfun.com/cssjs/style.css?2022046

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d18d50657efd2259557798f356a098576ea4f24080c0c6fb742cbffc8712b049

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/cssjs/style.css?2022046
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3978981
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-469"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxsssqPQUJ0znVKY55hV7luBHSAdi7fNjhaGLGVNAAK5wIIlUD%2FBNwUfGSETFMIPEyE2wNj8wMKe00SA6XUb5r58zzEGQHmSTwO1QHliMNeZ5GdTjmfL08UNqN4lit6BIUea3CTiLGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=15552000
cf-ray: 7952d638dc501c84-AMS
expires: Tue, 20 Jun 2023 07:53:02 GMT

GET
H3 200 return.svg
apkfun.com/image/svg/ 1 KB
1 KB 32ms
32ms Image
image/svg+xml 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkfun.com/image/svg/return.svg

Requested by

Host: apkfun.com
URL: https://apkfun.com/cssjs/style.css?2022046

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b83a2f72c8a1dc18caa994152c3ccf333ed52b160115a09437f4a15781838d91

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/cssjs/style.css?2022046
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3978981
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-4f3"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwcbeugI28Y3hnp3C%2FivbT3pvM8205DiYzc2MeZHQB9tqau8cXnkJMuZ9V2jnQLNt8VcFBnIau9FUDKx7%2B9MaJ4Ty5LDiuZXMpidYHJzENH1lvZj61Vox2xSuEejRfQEzk87YHMXybo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=15552000
cf-ray: 7952d638dc521c84-AMS
expires: Tue, 20 Jun 2023 07:53:02 GMT

GET
H3 200 flags.png
apkfun.com/image/ 26 KB
26 KB 33ms
33ms Image
image/png 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkfun.com/image/flags.png

Requested by

Host: apkfun.com
URL: https://apkfun.com/cssjs/flags.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9d15757f2a9f00eac64207b3e4042a4c791e8116dcc8e0ab9aa9fdb3a86dab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/cssjs/flags.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3978981
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26115
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: "62dfae47-6603"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNzxVUQYjOJTju6oKx%2B0j9nyqqDIAXt40Stihe291%2BURqj3OcPCWdBhxTrN%2BIaOTuYNloyG6DeopdaZOI1gc6MsaDGWyqDFf4%2F%2Bnv%2Fnm5MJJQXXdrCxn8KR4Gm3FlorjfDWzWt2VYpo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 7952d638dc541c84-AMS
expires: Tue, 20 Jun 2023 07:53:02 GMT

GET
H3 200 cate_icons.webp
apkfun.com/image/ 62 KB
62 KB 59ms
58ms Image
image/webp 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkfun.com/image/cate_icons.webp

Requested by

Host: apkfun.com
URL: https://apkfun.com/cssjs/style.css?2022046

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fd7ef3032d1c636747cf3a47260dd7f6aedbe5d2afdfaddb3dc97049d01fc88

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/cssjs/style.css?2022046
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979322
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62984
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: "62dfae47-f608"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tULpyrPQYKOBS%2Fs%2B8Jx2TomIkF7LQeDsEP1OcegwSL89oDm8zfYnGyjiefwNy7pQgtNamGJf2M9TzDp8dRFLrIrSkXEVDexb16NGyDefQj2gGJdu%2FX5DHy2cRMjjErvBSAph1a95vgk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 7952d638dc551c84-AMS
expires: Tue, 20 Jun 2023 07:53:04 GMT

GET
H3 200 star_fill.svg
apkfun.com/image/svg/ 628 B
960 B 109ms
108ms Image
image/svg+xml 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkfun.com/image/svg/star_fill.svg

Requested by

Host: apkfun.com
URL: https://apkfun.com/cssjs/style.css?2022046

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adac638183569b9d006459c7dd4951167272d28a76ee8f2c32c7bd8c086a28c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/cssjs/style.css?2022046
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979322
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-274"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYeOeb1qDHzTrMgDPgN%2BiEQy7XL90c9dmGs%2F%2B3qESA%2F7JXLxg%2FZemUn7rVXJoOZ03bnWhnqYMib0NjWU97db3pudhmMHcbixq%2BFvtrgyrq%2B%2Ba2PF3v2tBAojz4gwkRJK8MEQpaJXO6g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=15552000
cf-ray: 7952d638dc581c84-AMS
expires: Tue, 20 Jun 2023 07:53:04 GMT

GET
H3 200 star_rate.svg
apkfun.com/image/svg/ 780 B
950 B 110ms
109ms Image
image/svg+xml 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkfun.com/image/svg/star_rate.svg

Requested by

Host: apkfun.com
URL: https://apkfun.com/cssjs/style.css?2022046

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

778ac3aae01acd834b063303900f30376d2f1c62417c0d7ada06d80dc2e1970f

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/cssjs/style.css?2022046
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979322
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-30c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djnzTuQFojIr1aFdefvJgICW8koCsBE7eEJacUjCSp2xJ1mImlG8LsLLFgyvmCfEjhUm996Z5bgSYJpk7M9yESl0jXIPJC7NFP4ZYZ8BipScJorF27iy41fmM6YpDkbHe0rMUqzHOZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=15552000
cf-ray: 7952d638dc5b1c84-AMS
expires: Tue, 20 Jun 2023 07:53:04 GMT

GET
H3 200 download-white.svg
apkfun.com/image/svg/ 1 KB
1 KB 110ms
109ms Image
image/svg+xml 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkfun.com/image/svg/download-white.svg

Requested by

Host: apkfun.com
URL: https://apkfun.com/cssjs/style.css?2022046

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25d7c98ad107f8f481cf6ad5500e1066fe93d180565be494196235c7e829d725

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/cssjs/style.css?2022046
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979322
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-4e8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOTldzL8pVfXjPecji3QJS42%2BhNViIGdoRJd4KlSTj45dv7LPgr9ziSwXH8X9K1BdNO6VKGVQRCqtGfmxlF2iSBGTM5ZhiK0Evtw6e00y1Jb13D95oQJxBi3BW6ZdnMUB3OeFmH8l4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=15552000
cf-ray: 7952d638dc5e1c84-AMS
expires: Tue, 20 Jun 2023 07:53:04 GMT

GET
H3 200 showmore-green.svg
apkfun.com/image/svg/ 1 KB
1 KB 110ms
110ms Image
image/svg+xml 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkfun.com/image/svg/showmore-green.svg

Requested by

Host: apkfun.com
URL: https://apkfun.com/cssjs/style.css?2022046

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ea6aad37ef3bf2cbb774bcfbc54bcbe38c2145c0a09aac7b6cd1c8744c7b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/cssjs/style.css?2022046
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979322
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-472"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3w%2FA%2Fh5%2BEPMZBVYtUYHdo4CWg2Qx4aUg9wCrDJqYHsGEHLW%2FXrcCbPqDQE6YzUmybPhy%2Fbe9IvxoBKZ6xWZVh1n%2FeVPETU4%2Fwsq%2B0%2Fry2rD9NNowK3wH3E%2BGasadxc1m3beQ0Sy3e6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=15552000
cf-ray: 7952d638dc611c84-AMS
expires: Tue, 20 Jun 2023 07:53:04 GMT

GET
H3 200 download.svg
apkfun.com/image/svg/ 1 KB
1 KB 110ms
110ms Image
image/svg+xml 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkfun.com/image/svg/download.svg

Requested by

Host: apkfun.com
URL: https://apkfun.com/cssjs/style.css?2022046

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b2ff7f4830ae27fd0bb9809a109063825742e62e1b643902dbfe6ac530b8d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/cssjs/style.css?2022046
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979322
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-513"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQol78FWAMTwvZX8XDtezLE5CsPu653nwCDCCJhdtOzX%2BI5Eimin2BKzvARzBeUNejGow9NK8uLBRHCvuL9dQIOPqieMzMNw3OIlm39YYUYh7sCvMM3qIJsMF40J8l%2BhYR9EDHX2t9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=15552000
cf-ray: 7952d638dc631c84-AMS
expires: Tue, 20 Jun 2023 07:53:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 196ms
78ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-199299877-1

Requested by

Host: apkfun.com
URL: https://apkfun.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7153b2354da7984aa2a5319e6dabceefb9c2f27f7d6f32d9128c325ad13d735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43887
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Feb 2023 09:25:08 GMT

GET
H2 200 baguetteBox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/baguettebox.js/1.11.1/ 9 KB
3 KB 36ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/baguettebox.js/1.11.1/baguetteBox.min.js

Requested by

Host: apkfun.com
URL: https://apkfun.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50b415d35552f4b088d9e3e92ec9a46be5b499ac05a44034aedc677b3523e00e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 982323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3048
last-modified: Mon, 04 May 2020 16:06:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d72-2569"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIm3yeO03IvCz%2FyfUtuQcSWML2mJ0JujRPGGNbVGkxNS%2B0uEZZ%2FbkME68BeOvASu8GNxo16CAgVkmC26Y%2F%2BgBCkVJOeZebFp51eLhBC7rbz4zE5DTXq%2F7%2FdhDz5ODSxrCflk6RzyMkRK8xhavkxqjK6j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7952d6391ef60dfb-AMS
expires: Sat, 27 Jan 2024 09:25:08 GMT

GET
H3 200 instant.page.min.js Show response
apkfun.com/cssjs/ 2 KB
1 KB 78ms
75ms Script
application/javascript 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apkfun.com/cssjs/instant.page.min.js

Requested by

Host: apkfun.com
URL: https://apkfun.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d716dd8c299f39ef4260fc72046f3a6c2cc155a1e7d0cb580e55572a9f4fc726

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/ECB-iMobile.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979550
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-927"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NRFZA3pJDRhqgn1xil5y0wqTHK7BJwAdqURxYqn2FkfKLOC0adrcbU%2B4XdUse2i%2BM%2B9Z3loKkj6IIT8Lhln8yRCp6olN%2FxCwF8R%2Bg3lyae8szOztbj7O1HJb9mrsR2uLRkYdu5mBOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=15552000
cf-ray: 7952d6390cce1c84-AMS
expires: Tue, 20 Jun 2023 07:53:02 GMT

GET
H3 200 app.js Show response
apkfun.com/cssjs/ 2 KB
1 KB 78ms
76ms Script
application/javascript 2606:4700:3108::ac42:2892
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apkfun.com/cssjs/app.js?2022046

Requested by

Host: apkfun.com
URL: https://apkfun.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2892 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78afbba2a4b9d900781007e33ebfda113d829baf4258dfdd7da241363a78bfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/ECB-iMobile.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=7776000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3979550
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jul 2022 09:05:11 GMT
server: cloudflare
etag: W/"62dfae47-8a2"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwEO6jiw0hAv8rTyNEBBp2AbsRDwneIrGjnvXo1Nbl52fa4iHe0cJ0GwLTQeEXzcDMBGseaUW2Js0fVi%2BBuBX8g3X%2BgYEnNtEyIf4DSQrl2h7GjgP4gwEH1EdFUNlk0xCp1vi7T%2BBdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=15552000
cf-ray: 7952d6390cd01c84-AMS
expires: Tue, 20 Jun 2023 07:53:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 222ms
92ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8897723508871345

Requested by

Host: apkfun.com
URL: https://apkfun.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

818ba645bfa617271ecfb35c83264090b00e8590cf100cd38255fa6a416e6d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkfun.com/
Origin: https://apkfun.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49971
x-xss-protection: 0
server: cafe
etag: 8102513020666457674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 09:25:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 291ms
162ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: apkfun.com
URL: https://apkfun.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631de588cfe598b50846c4dda3d2d7e50f75bf4d59fd8b725b60acb95e693061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkfun.com/
Origin: https://apkfun.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50154
x-xss-protection: 0
server: cafe
etag: 4952454846546861910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 09:25:08 GMT

GET
H2 200 app.js Show response
xpusher.com/ 9 KB
3 KB 93ms
36ms Script
application/javascript 2606:4700:3108::ac42:2884
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xpusher.com/app.js?v=2022046

Requested by

Host: apkfun.com
URL: https://apkfun.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2884 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9338dcab7a8cdc94939f6d340a0a1ef02d18d8e8c661abcd7dc6b8b34b84e469

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:08 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 402439
cf-polished: origSize=18488
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 24 Apr 2021 03:18:13 GMT
server: cloudflare
etag: W/"60838df5-4838"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qa%2Bwuy1nG26psEwbOcMhquAPm3o7tlwZ%2FGldtxN%2BGahOzIjU9jByinw0t7lUuYMZ0JPs9e%2FOdN2KTH%2FwzPlFzBX2gUPMupCsYbGzDDEk5p5JrhrEb%2BZ0V2ZDfAP%2Bd%2BRbT7c9BzlqbyrTYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=15552000
cf-ray: 7952d6396bbfb944-AMS
expires: Mon, 01 May 2023 17:39:02 GMT

GET
H2 200 cr423ibclZRu4R5_UHtqnKLj-yCrJKR45MrbqWSRTADidEv8dwmE2IE6KIY89AwIDE8=h300-rw
play-lh.googleusercontent.com/ 9 KB
9 KB 77ms
74ms Image
image/webp 2a00:1450:400d:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/cr423ibclZRu4R5_UHtqnKLj-yCrJKR45MrbqWSRTADidEv8dwmE2IE6KIY89AwIDE8=h300-rw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

330f8ce89f341fa18567e30d0c14fb5ebc699d6156cc71a4f11eac82c5e6d915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:05:09 GMT
x-content-type-options: nosniff
age: 8399
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9546
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 31 Jan 2023 05:51:12 GMT

GET
H2 200 XVwOifOt5b4WXjl_atmt0vwzWdqyn_zjDSOG5khqvVq53O6K3iSeHLFcKoS6UzH3eEc=h300-rw
play-lh.googleusercontent.com/ 16 KB
16 KB 60ms
57ms Image
image/webp 2a00:1450:400d:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/XVwOifOt5b4WXjl_atmt0vwzWdqyn_zjDSOG5khqvVq53O6K3iSeHLFcKoS6UzH3eEc=h300-rw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0a0c52411b08da326b60651acbe25fa6b95c4d03efe69575a3726130c45963d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:05:09 GMT
x-content-type-options: nosniff
age: 8399
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16178
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Feb 2023 07:05:09 GMT

GET
H2 200 -Lqs-ahyMKcxPOoLi2BUAn6bLZC_UYDz-hU95zAfzdFrRFWqU46tQq5CeuD9ytXxdQ=h300-rw
play-lh.googleusercontent.com/ 10 KB
11 KB 119ms
117ms Image
image/webp 2a00:1450:400d:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/-Lqs-ahyMKcxPOoLi2BUAn6bLZC_UYDz-hU95zAfzdFrRFWqU46tQq5CeuD9ytXxdQ=h300-rw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c15b7415b460795dd163510ed25959ef2cc2b323bd3d1bf39e27fa58185792fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:05:09 GMT
x-content-type-options: nosniff
age: 8399
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10730
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 31 Jan 2023 05:51:12 GMT

GET
H2 200 mlsVnauvVntRa5ic-vSKvRQIRDFS0bXaLfQrXBXkEOPZ8YX4XFR130Qv2zj5byTpS-5Z=s76-rw
play-lh.googleusercontent.com/ 10 KB
10 KB 50ms
48ms Image
image/webp 2a00:1450:400d:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/mlsVnauvVntRa5ic-vSKvRQIRDFS0bXaLfQrXBXkEOPZ8YX4XFR130Qv2zj5byTpS-5Z=s76-rw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3bdfe0a35af247e034ce11b2302233742ca6833c3656a350e7d2d700150a49dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:05:09 GMT
x-content-type-options: nosniff
age: 8399
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10048
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Feb 2023 14:55:29 GMT

GET
H2 200 nYmFK-sjQd29ekPcgSa82WFiWs6c2WbCJJB4uN3pkpz1_K4RixMiIqK6eXOOIWW6dN8=s76-rw
play-lh.googleusercontent.com/ 8 KB
8 KB 110ms
108ms Image
image/webp 2a00:1450:400d:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/nYmFK-sjQd29ekPcgSa82WFiWs6c2WbCJJB4uN3pkpz1_K4RixMiIqK6eXOOIWW6dN8=s76-rw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6b14b9a298b8edee1ac5325520e97e512e845cfd3947da9982d2791e955c9e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:05:09 GMT
x-content-type-options: nosniff
age: 8399
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7964
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 27 Jan 2023 11:11:35 GMT

GET
H2 200 Fvled-zLfL8ER0EBNIk-FnunJCcH2u_T6rdITclOFdU2jpEopdMstZOHP-PtuhP_5coZ=s76-rw
play-lh.googleusercontent.com/ 430 B
516 B 98ms
96ms Image
image/webp 2a00:1450:400d:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/Fvled-zLfL8ER0EBNIk-FnunJCcH2u_T6rdITclOFdU2jpEopdMstZOHP-PtuhP_5coZ=s76-rw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f3d7323480a7405f0c26c9d5e5e084846ec571f792634a5db2e47775c8a103ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:05:09 GMT
x-content-type-options: nosniff
age: 8399
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 430
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 05 Feb 2023 12:45:17 GMT

GET
H2 200 QoiGnvynjBjtraueo9bqoSceqfJb6oMRmHl4qMd3D6qXzb5egnqS2HPmSVK0eSoUQIQ=s76-rw
play-lh.googleusercontent.com/ 2 KB
2 KB 118ms
117ms Image
image/webp 2a00:1450:400d:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/QoiGnvynjBjtraueo9bqoSceqfJb6oMRmHl4qMd3D6qXzb5egnqS2HPmSVK0eSoUQIQ=s76-rw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bafc45ab1ff1080727effc90c1d3b7e1ca7b2c35544b71ed5e133fbb98cf2c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:05:09 GMT
x-content-type-options: nosniff
age: 8399
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1660
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 05 Feb 2023 12:45:17 GMT

GET
H2 200 v0UW49SrkxIzfRRhYArIJvP456-QeKT9-1Yxk19gwJESPidGAnJS7n7_sHZe81NpX_E=s76-rw
play-lh.googleusercontent.com/ 3 KB
3 KB 109ms
107ms Image
image/webp 2a00:1450:400d:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/v0UW49SrkxIzfRRhYArIJvP456-QeKT9-1Yxk19gwJESPidGAnJS7n7_sHZe81NpX_E=s76-rw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2bcc52d73e741575e21947d6fd63bf3f2b85e656556ff83f2e458d29da2e0be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:05:09 GMT
x-content-type-options: nosniff
age: 8399
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2784
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 03 Feb 2023 10:29:27 GMT

GET
H2 200 ae-_WU8rZQ9xWesJo_ngZUFHk-ZGGIw4xFJjWlYEmTrl_S-XV-i0HpQv_LWlO3fCBt0=s76-rw
play-lh.googleusercontent.com/ 2 KB
2 KB 108ms
107ms Image
image/webp 2a00:1450:400d:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/ae-_WU8rZQ9xWesJo_ngZUFHk-ZGGIw4xFJjWlYEmTrl_S-XV-i0HpQv_LWlO3fCBt0=s76-rw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

77f59db9b5cc3b14921d2808bba732e2a38ad8e783fd1d3095aa4ba01369b780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:05:09 GMT
x-content-type-options: nosniff
age: 8399
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1980
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 30 Jan 2023 09:32:47 GMT

GET
H2 200 vRd2gg6XmC3TRTM5wZZ8qwEc5LMUROh4whycLuiCSPB40tIxDYLT6V0BdCn486XiKQ0=s76-rw
play-lh.googleusercontent.com/ 7 KB
8 KB 98ms
97ms Image
image/webp 2a00:1450:400d:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/vRd2gg6XmC3TRTM5wZZ8qwEc5LMUROh4whycLuiCSPB40tIxDYLT6V0BdCn486XiKQ0=s76-rw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5a80d395604cb19a861575ba8c8a0ddfc682a715215222a201c62fdd214c16db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:05:09 GMT
x-content-type-options: nosniff
age: 8399
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7656
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 30 Jan 2023 16:01:41 GMT

GET
H3 200 vuRMN3B5NCvoTdMbyS4Di52V1412zjx_lDWEKLrKgX0INA5EQKfEs_fc-Y2cIMVdaA=h300-rw
play-lh.googleusercontent.com/ 18 KB
18 KB 48ms
47ms Image
image/webp 2a00:1450:400d:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/vuRMN3B5NCvoTdMbyS4Di52V1412zjx_lDWEKLrKgX0INA5EQKfEs_fc-Y2cIMVdaA=h300-rw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

71cd9839daf53bc4985bd4d13e94c0fe94ca48f4f6394e859d3069686ed7f0e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:05:09 GMT
x-content-type-options: nosniff
age: 8399
content-disposition: inline;filename="unnamed.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18206
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 31 Jan 2023 05:51:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 107ms
32ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-199299877-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 08:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1818
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 06 Feb 2023 10:54:50 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/ 360 KB
118 KB 197ms
103ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8897723508871345&plah=apkfun.com&bust=31071766

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8897723508871345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b5d24770f60892010cd207a91bcd7cf7c38e801f632a456826fb281f838b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121046
x-xss-protection: 0
server: cafe
etag: 7240602178015163231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 09:25:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/ Frame B418 10 KB
5 KB 123ms
31ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8897723508871345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 42045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 21:44:24 GMT
etag: 10353107486223812946
expires: Sun, 19 Feb 2023 21:44:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
203 B 39ms
38ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1576806751&t=pageview&_s=1&dl=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&ul=en-us&de=UTF-8&dt=ECB%20iMobile%20APK%20-%20Download%20for%20Android%20%7C%20APKfun.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=646118033&gjid=1367298011&cid=934315416.1675675509&tid=UA-199299877-1&_gid=1514781935.1675675509&_r=1&_slc=1&gtm=457e3210&z=682537141

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://apkfun.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apkfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
602 B 182ms
67ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=apkfun.com&callback=_gfp_s_&client=ca-pub-8897723508871345

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8897723508871345&plah=apkfun.com&bust=31071766

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

558d8c5506958dc02cebe7b1a29b081674c4c7aa7e76b8a501a34d2e0448a69d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 197ms
68ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=apkfun.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 186ms
71ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=apkfun.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 80ms
79ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&tn=ASIDE&id=main-nav&cls=main-sidebar%20bg-grey&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
78ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&tn=HEADER&cls=layout-navbar-fixed&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E728 159 KB
45 KB 553ms
551ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&adk=1812271804&adf=3025194257&lmt=1675666388&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508950&bpp=4&bdt=472&idt=348&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7080049413303&frm=20&pv=2&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=381

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ae5c25d178565a02b3e24d00183598b881b82bb8055669e684ecabc3010c092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45532
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:25:09 GMT
expires: Mon, 06 Feb 2023 09:25:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 92ms
91ms XHR
application/json 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e168a84748394e33d032d683107b84147213f6b7c61ca90a22dfb8cf0cd3871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11295
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D030 84 KB
30 KB 511ms
511ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=514359217&adf=3115031309&pi=t.ma~as.4327763561&w=1200&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=1200x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508954&bpp=2&bdt=477&idt=387&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Iy28TwIsu&p=https%3A//apkfun.com&dtd=393

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a0942bf022829e66188b9d44ef938c1847b7b33bf5b9210a8fa408511451915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30953
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:25:09 GMT
expires: Mon, 06 Feb 2023 09:25:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A660 23 KB
10 KB 477ms
477ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=1911565477&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508956&bpp=1&bdt=479&idt=394&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gmH3YhIWHY&p=https%3A//apkfun.com&dtd=397

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bced7f300a5eb795f4f7e14f62d306d2e04d032f253a83175cfa5c3f3acf9b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10056
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:25:09 GMT
expires: Mon, 06 Feb 2023 09:25:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DE84 97 KB
37 KB 418ms
417ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=3855964555&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508957&bpp=1&bdt=480&idt=403&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C724x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=f650aFsiCC&p=https%3A//apkfun.com&dtd=412

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

347a25c4ad6afed5380c987683689d8f8fc7c9544e8c700958e6165acdcb2666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38079
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:25:09 GMT
expires: Mon, 06 Feb 2023 09:25:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 217ms
101ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 09:25:09 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7EE6 13 KB
5 KB 46ms
45ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:19:40 GMT
expires: Tue, 06 Feb 2024 09:19:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EB2D 783 B
1 KB 187ms
73ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

977a8d22356bc803519cf8b16f31602e6e563bd3da873c1f362dcbfe79952737

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ylle0XDRLk0k7CNExUIiWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://apkfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ylle0XDRLk0k7CNExUIiWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:25:09 GMT
expires: Mon, 06 Feb 2023 09:25:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7EE6 36 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 08:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 08:21:29 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame DE84 67 B
91 B 48ms
47ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=3855964555&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508957&bpp=1&bdt=480&idt=403&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C724x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=f650aFsiCC&p=https%3A//apkfun.com&dtd=412

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 21:42:00 GMT
x-content-type-options: nosniff
server: cafe
age: 42189
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Mon, 06 Feb 2023 21:42:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D4EA 0
0 228ms
91ms Fetch
image/gif 142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBgFs2dK-R7pWR2P-Va3P22gvEhxodbI-bLUx-_8zar5HQtRQ0qLgc0pOQaZBGzak2bryL8XQz8tIy_tIlERqNWhr6Mrj1bLkLt3F9XaCmYAdPbC4ZvbmQCl445E4b2yZz7rC3GmjNySG7kRVDFh7tMlQu3QkTBLTu0kMLT7xV0T_XVAQ5HLotRXwQQiW9WPFGZwjTKBRkvkvQQrm9Wezmw0qbjZhBwSMKqYYCQ7FCAbJUox40YWsKgbyou3qZ3moKP3yC07Yhjl9_0K2NdYXfKiE6Vvcbn1DYE4FTO7ztrEPp_RJsRacYeAaOu27JGx2CUo2yQ1ZHR4dH5n-vUwxwd0Xh10EeOdzLvIMojqkqKrjP71NTeZUr7KsZtAvKl7ffrxFsvGBzZcxDfSEHbnq8itsv8831_8pYKD3iDTtqnHfZg3yXuVSN91EiIOtEB3okrdofxpC6XTOjGtERjl1202mhS4rXepRDybWVRrzfuDsTnqIZ0syO8od3yq9AZvyDlWQKbCpypy-8Gc5uH0AZhSd-et4xPrhSKiRJwfWaRP9Tt5m4qfQDwelhe3KOKHyKgFrc0lOYf3nwHLkVDkd7Pb6aTHGEvLdPKs5F6YwUnVo2LHaM8imO7DSV92u_mDy5qywPw1HQUYwmyKkW5Wz7IMFkNg3z3cjyqMxdmo2LhqAaVH0_oKEs4QYhg8Gc_z7nblbDFIS48rWHYuGZ6Szl2sMd-dpj9B7bnhbQZj8ID5nxbOs8Mn2A8YSB_PhO8Aqef8g2c6BpwZ-Lohb6owstZRWIV26pcHLSfVojpoBFYwRthaBkln3UE2j8v2rulOjWSZz0T-zRK4BZ_GjCRzMl51JMYCJVYYVgLO2Jy_tVhLlST6lmiYe9tGmHiIOmYdJPC0651EtLpTR6GmaTTA_scTuHn7a_JRDFNTAKSZ31yAtbEQoK_k63UL5JZMArT3oJsk_LwgCay-z7ODDYe7ITI7sg9arPuFwh38NWad76jNvOkKWQaDb637DizjT8MDUGOPCPfw&sai=AMfl-YSjHORRyKfZfEa7I_svv-efvLiPeIVGQrpG8ltt1Bb_285XcwkiQHHqvlv5vmYQDvP40oPOWn4fG_9LqggYsOQ49_DWAx9aYerZCZ74i_gKNsuq0b_B6dTPVgaDM1bVq7I2Gi98wUl3buazeHTMFy8HHoU4dfLROcmodsHdgWYyqH2b-hlbMreUKn6MnnIVWPJeJL-W6DJWCOnrEmujyKWPxwMjBqjhsUBY67bge0A&sig=Cg0ArKJSzPhFI9CihlgKEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 09:25:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Feb 2023 09:25:10 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/953900/61623476/ Frame D4EA 242 KB
72 KB 184ms
48ms Script
application/javascript 34.240.83.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/953900/61623476/skeleton.js
Requested by: Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.83.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-83-138.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fbf89e668ec49f1e41fe278f768905075bd097059a6368d8c6c434afdf168070

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame D4EA 106 KB
37 KB 182ms
46ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 22:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Feb 2023 22:35:08 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D4EA 41 KB
15 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 19:54:08 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame D4EA 36 KB
14 KB 66ms
65ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1094eadb46901a39ead18f781a296d1b3372b6dae8e949c1be8fefe72d90ddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 20:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14338
x-xss-protection: 0
server: cafe
etag: 14252078138805870944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 20:18:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame D4EA 3 KB
1 KB 108ms
108ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 16:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 16:02:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame D4EA 18 KB
7 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 09:19:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D4EA 157 KB
49 KB 237ms
103ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 09:25:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame D4EA 22 KB
9 KB 59ms
58ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:49:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A660 3 KB
1 KB 96ms
94ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=1911565477&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508956&bpp=1&bdt=479&idt=394&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gmH3YhIWHY&p=https%3A//apkfun.com&dtd=397

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 16:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 16:02:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A660 18 KB
7 KB 67ms
66ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=1911565477&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508956&bpp=1&bdt=479&idt=394&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gmH3YhIWHY&p=https%3A//apkfun.com&dtd=397

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 09:19:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A660 157 KB
48 KB 292ms
173ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=1911565477&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508956&bpp=1&bdt=479&idt=394&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gmH3YhIWHY&p=https%3A//apkfun.com&dtd=397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 09:25:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D030 6 KB
1 KB 195ms
68ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=514359217&adf=3115031309&pi=t.ma~as.4327763561&w=1200&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=1200x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508954&bpp=2&bdt=477&idt=387&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Iy28TwIsu&p=https%3A//apkfun.com&dtd=393

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 08:39:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 09:25:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame D030 2 KB
765 B 79ms
77ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=514359217&adf=3115031309&pi=t.ma~as.4327763561&w=1200&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=1200x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508954&bpp=2&bdt=477&idt=387&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Iy28TwIsu&p=https%3A//apkfun.com&dtd=393

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 16:02:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 16:02:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame D030 22 KB
9 KB 54ms
52ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=514359217&adf=3115031309&pi=t.ma~as.4327763561&w=1200&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=1200x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508954&bpp=2&bdt=477&idt=387&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Iy28TwIsu&p=https%3A//apkfun.com&dtd=393

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:49:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame D030 3 KB
1 KB 53ms
50ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=514359217&adf=3115031309&pi=t.ma~as.4327763561&w=1200&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=1200x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508954&bpp=2&bdt=477&idt=387&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Iy28TwIsu&p=https%3A//apkfun.com&dtd=393

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 16:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 16:02:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame D030 18 KB
7 KB 67ms
66ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=514359217&adf=3115031309&pi=t.ma~as.4327763561&w=1200&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=1200x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508954&bpp=2&bdt=477&idt=387&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Iy28TwIsu&p=https%3A//apkfun.com&dtd=393

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 09:19:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D030 157 KB
48 KB 298ms
198ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=514359217&adf=3115031309&pi=t.ma~as.4327763561&w=1200&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=1200x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508954&bpp=2&bdt=477&idt=387&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Iy28TwIsu&p=https%3A//apkfun.com&dtd=393

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 09:25:10 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame D030 33 KB
14 KB 188ms
57ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=514359217&adf=3115031309&pi=t.ma~as.4327763561&w=1200&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=1200x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508954&bpp=2&bdt=477&idt=387&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Iy28TwIsu&p=https%3A//apkfun.com&dtd=393

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 21:44:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A660 0
0 74ms
74ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXIiedcfgY5_NGKGY78EPj7mPyA_JntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi04ODk3NzIzNTA4ODcxMzQ1yAEJqQLecM3xcByyPqgDAaoExgFP0GoKc1cKWmHxEJG35NtvdwPL65WabUYEcq1YVNt59nXZ2YHZ6uFBWY7hZeuJ8oFtBTA9ue5xImOfoyqGGgT-aYQkH9VSMbv-qeX5UglOFCmK2N6jncvFomCzlm79TEST9hgIpyNt_73xb0jOfKsAQ6P3uGaOSev8eDFR9IVFiupghdBnC0zmVqPL8_4BjtqDEUwhq-AbYPGa8zRWV3vAdSFTHY0K4dEW5aE_9TOyLP6PsQd9jCx3jIqFfLMLF-CscU0kYT6ABvSVmK_q6r7gW6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODg5NzcyMzUwODg3MTM0NRgA&sigh=K1xpRjREHds&uach_m=[UACH]&cid=CAQSGwDUE5ymNbS5_aB3OtEdfAIZzGQpv1IsQRDSFRgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=1911565477&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508956&bpp=1&bdt=479&idt=394&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gmH3YhIWHY&p=https%3A//apkfun.com&dtd=397

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=1911565477&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508956&bpp=1&bdt=479&idt=394&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gmH3YhIWHY&p=https%3A//apkfun.com&dtd=397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 09:25:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Feb 2023 09:25:09 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame A660 0
0 93ms
30ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kMC_Fbz6RNQFmAKdg2ICAgAAAObCficHZwQmEHTH4GOlbmQOvzbBUPglUwASAAAKDkFRVUJCUVlCQlFFQkJR&wp=Y-DHdQAGJp8CO8whAAPcjzC16QO7VlHKSNqltw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=1911565477&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508956&bpp=1&bdt=479&idt=394&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gmH3YhIWHY&p=https%3A//apkfun.com&dtd=397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 243453
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame FDB3 144 KB
48 KB 188ms
131ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-DHdQAGJp8CO8whAAPcjzC16QO7VlHKSNqltw&u=%7C4xXlFBK7WSHtIFTwGbWrhpsFx8TGWhepjevF2x1WWpQ%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCRr10tlpRuaBWOkc1r1HF9WjffMApX-Sl7yBBQpBjQn5qiE7PoGxEtZCX119z8oQKgiJb4o9jEbZQAIaLnXmyflMa9v2f62sut5o_Atr3qwScFMmQw-iOIZZkgnjDJawjEbp16Z6hoLQx4LCRUfSLFYZLYixz_z-PpWh-XKK21SX6tw0FaSQLHJEO92WGSeoFX-Q9H4nG58kDct6JcviszFET5isOunpPyDR_CF_4OEoUckPpnKBFd8vMtWuVk-gMaqKSlD7mw5cUdG2HDYcp-dvbxn4kqT_Q5-YVuUkBj4IVSBJQVrLxeaQMuvNjV0NeCX8ZW65icqIOBAqUcFen1Ip5NwixNIrIAe_Wl18o5oeoXtS6uB93bCDmO-NHxvyNpL87ZpeYj3oeZy671ueR5saZ1ZOiBt4djL4xCpFK_SOhq3yh__T5w_VfBITI7k_pPmq7Tc6Ig0VShB4ZUFeABdKqgNr9aE3mBhnowqyLgDzD022RBw0dJ2EIReeiewtIdnhOLPu7njrzcYpnUi8p0eZBNvmzyj8UhFFhcMzMIdgCcytCHuZcyNpKxSekOdzgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy7YedcfgY5_NGKGY78EPj7mPyA_JntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi04ODk3NzIzNTA4ODcxMzQ1yAEJqQLecM3xcByyPqgDAaoEyQFP0GoKc1cKWmHxEJG35NtvdwPL65WabUYEcq1YVNt59nXZ2YHZ6uFBWY7hZeuJ8oFtBTA9ue5xImOfoyqGGgT-aYQkH9VSMbv-qeX5UglOFCmK2N6jncvFomCzlm79TEST9hgIpyNt_73xb0jOfKsAQ6P3uGaOSev8eDFR9IVFiupghdBnC0zmVqPL8_4BjtqDEUwhq-AbYPGa8zRWV3vANyNyjwqFfcKpebWcJQ4U1Pebu7F3ojT1OEK42kG0Ccy09OegcoHjdJaABvSVmK_q6r7gW6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ylYJsScplqAtcNFB0rz_J7IbSdA%26client%3Dca-pub-8897723508871345%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=1911565477&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508956&bpp=1&bdt=479&idt=394&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gmH3YhIWHY&p=https%3A//apkfun.com&dtd=397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

15337219ea307103a697adfd30838d2e7a042a9ff43b7488908f178f5791ffcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:25:09 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=CLLH86HAjI7H1Ic2LoM2EeLUFpuL1Fw95UV_hZQBNRsxS2W5IQaMVizIsYcuvjx3u7jJ6d6bojO0MCciJXS8d0bB0gcAqMx4TZ5v4BuRo65m3Q5eMlU4vOjpiY7hKsMZ1yt8-SrrT3FX2mHXdaDcODYu5H6gYT7aWDRObkUibghtTRSnwTg8iYysuEdgSrVxvuEnMB2p0xSCXKzvY9bdbKUnk6r8CYOeJ5X0a6KWfmaUBDI-v2e5pQOuLRGY2rLSieItRA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 98831908
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D030 0
0 77ms
76ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9wqudcfgY7ChGMaN78EP-4KC4AGGrarhY5GYl73zDdrZHhABINK-x3NgkYSghYwYoAHq-aO2AsgBCakC3nDN8XAcsj6oAwHIA8sEqgTZAU_QgNK1BieGPi5lkl3bT_--V3BNoRTJcpEm9AmFqUz4kYovzWeGKpVbq8zbqVSi9S1H4rmwDwN_tiqJJBQhOVGULuawVKN8isE0aknFIOIjiuUnJzaZoghsHJd_Vn7ruwQvgM-IUtC3v6DLpCmE65uNUzTF1NvNKjNxwaZKNSa6PclCk5ASpBfuwVtP1LyyIwR4lCjqlAewFPQ3uJvwimtHl_v7owxvPnAwlPv8pIcFtGWxW4pRSscnckyLg-bGFkHrttcM4P6T5JPWIUUdcxMrsUozDsnkre3ABJai5ZnWA5IFBAgEGAGSBQQIBRgEoAYugAf-hdzJAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKGwDdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi04ODk3NzIzNTA4ODcxMzQ1GAA&sigh=olInzQvZmmc&uach_m=[UACH]&cid=CAQSGwDUE5ymexTgVnAz10cDYczT8oD9O2TC9YbA7hgB&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=514359217&adf=3115031309&pi=t.ma~as.4327763561&w=1200&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=1200x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508954&bpp=2&bdt=477&idt=387&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Iy28TwIsu&p=https%3A//apkfun.com&dtd=393

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=514359217&adf=3115031309&pi=t.ma~as.4327763561&w=1200&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=1200x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508954&bpp=2&bdt=477&idt=387&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Iy28TwIsu&p=https%3A//apkfun.com&dtd=393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 09:25:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Feb 2023 09:25:09 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14426420808661279485/ Frame D030 22 KB
22 KB 47ms
46ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14426420808661279485/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=514359217&adf=3115031309&pi=t.ma~as.4327763561&w=1200&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=1200x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508954&bpp=2&bdt=477&idt=387&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Iy28TwIsu&p=https%3A//apkfun.com&dtd=393

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30c82d429e865db50f3e155c25546cc48fd324c296e3d7c26ae74c6ca203c6b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 08:47:09 GMT
x-content-type-options: nosniff
age: 2280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22118
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 14:01:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 06 Feb 2024 08:47:09 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9228592606416741938/ Frame D030 584 B
611 B 60ms
60ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9228592606416741938/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=514359217&adf=3115031309&pi=t.ma~as.4327763561&w=1200&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=1200x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508954&bpp=2&bdt=477&idt=387&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Iy28TwIsu&p=https%3A//apkfun.com&dtd=393

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eeba883ebfdb0570fe8fc10f4a8d7c9eaa0800df7ae3882e9b8700d682e5d5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 08:55:03 GMT
x-content-type-options: nosniff
age: 1806
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 584
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 02:43:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 06 Feb 2024 08:55:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EB2D 0
0 78ms
78ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=3766259181113785&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/ 150 KB
51 KB 130ms
130ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/reactive_library_fy2021.js?bust=31071766

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5bb7628738dbb57bd28eee27cfb8cd04e9da1136081ee11806ac0c727bc2e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52192
x-xss-protection: 0
server: cafe
etag: 7221860341187460247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 09:25:10 GMT

GET
DATA 200
OK truncated
/ Frame D4EA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afed7294a7628abda72c5cfee97f641c668f00735dc93ef4bfc492bcd6b3acf2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7EE6 0
10 B 46ms
46ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?i2yfUQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame A660 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8d28c6e0461f1be61d250a2e8fd10aa2baa16437049403c41ebe296855ce838

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 34AC 22 KB
8 KB 47ms
46ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 210803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:51:47 GMT
expires: Sat, 03 Feb 2024 22:51:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D030 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed9241d555ce84975f20295ec237a8090b3a6491883f2be2368d877191351375

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame FDB3 2 KB
1 KB 154ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-DHdQAGJp8CO8whAAPcjzC16QO7VlHKSNqltw&u=%7C4xXlFBK7WSHtIFTwGbWrhpsFx8TGWhepjevF2x1WWpQ%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWYg8h5DGKhCYavayMK6vuCRr10tlpRuaBWOkc1r1HF9WjffMApX-Sl7yBBQpBjQn5qiE7PoGxEtZCX119z8oQKgiJb4o9jEbZQAIaLnXmyflMa9v2f62sut5o_Atr3qwScFMmQw-iOIZZkgnjDJawjEbp16Z6hoLQx4LCRUfSLFYZLYixz_z-PpWh-XKK21SX6tw0FaSQLHJEO92WGSeoFX-Q9H4nG58kDct6JcviszFET5isOunpPyDR_CF_4OEoUckPpnKBFd8vMtWuVk-gMaqKSlD7mw5cUdG2HDYcp-dvbxn4kqT_Q5-YVuUkBj4IVSBJQVrLxeaQMuvNjV0NeCX8ZW65icqIOBAqUcFen1Ip5NwixNIrIAe_Wl18o5oeoXtS6uB93bCDmO-NHxvyNpL87ZpeYj3oeZy671ueR5saZ1ZOiBt4djL4xCpFK_SOhq3yh__T5w_VfBITI7k_pPmq7Tc6Ig0VShB4ZUFeABdKqgNr9aE3mBhnowqyLgDzD022RBw0dJ2EIReeiewtIdnhOLPu7njrzcYpnUi8p0eZBNvmzyj8UhFFhcMzMIdgCcytCHuZcyNpKxSekOdzgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy7YedcfgY5_NGKGY78EPj7mPyA_JntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi04ODk3NzIzNTA4ODcxMzQ1yAEJqQLecM3xcByyPqgDAaoEyQFP0GoKc1cKWmHxEJG35NtvdwPL65WabUYEcq1YVNt59nXZ2YHZ6uFBWY7hZeuJ8oFtBTA9ue5xImOfoyqGGgT-aYQkH9VSMbv-qeX5UglOFCmK2N6jncvFomCzlm79TEST9hgIpyNt_73xb0jOfKsAQ6P3uGaOSev8eDFR9IVFiupghdBnC0zmVqPL8_4BjtqDEUwhq-AbYPGa8zRWV3vANyNyjwqFfcKpebWcJQ4U1Pebu7F3ojT1OEK42kG0Ccy09OegcoHjdJaABvSVmK_q6r7gW6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ylYJsScplqAtcNFB0rz_J7IbSdA%26client%3Dca-pub-8897723508871345%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:25:10 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame FDB3 2 KB
1 KB 131ms
33ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:25:10 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame FDB3 308 B
637 B 125ms
29ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 01 Feb 2024 09:25:10 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame FDB3 293 B
621 B 130ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 01 Feb 2024 09:25:10 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame FDB3 43 B
348 B 117ms
29ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=hpRhNBjgJGGsLjZjDbPt75t6QklZo5Erekuf8Zb9uxo6S-xiSasVQ9guqzbO6wahA2_JZTsGGzKvhk6m7x3AHTYTo77Ud1KfyOP7ciwhJ09Z3pY5O8a8bw-Uu6ZjvoyrQTu5fHU3DxnxOW9RLhV14qGT3SCdGP4gDM2_QAax2G3DImOTHCJKa_1Ka7K5rfjavDE-5WNaRyaum2B3GEbwe3slj5mQNboGcCIJwfr3ItxXfUPDXCh46lFtyzAEQ4uGwVJvNzkJE_-jG0-wYQ1kqANFNuxw6YguTh4DDyAOLVoLUnZsYQG6ebbAhiPNTGHQBeZYhgDFE5nFF8R7K7JG2E-LyZwWwCgcGYf3pggJUcpa0ww6PEeNSllp8DKxtVes0I_-IIGeZ2Py8BV7JeYHFKkDRuAnrRIte8YitCB77phxafYO

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3422207
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

B28625941.348062085;dc_pre=CN_vsNzJgP0CFc4Hiwod_f0IDg;dc_trk_aid=545659306;dc_trk_cid=183960552;dcopt=anid;ord=63e0c7756f3496c30c533b961b429945;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N295801.154378CRITEO/ Frame FDB3
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N295801.154378CRITEO/B28625941.348062085;dc_trk_aid=545659306;dc_trk_cid=183960552;dcopt=anid;ord=63e0c7756f3496c30c533b961b429945;dc_lat=;dc_rdid=;tag_for_c...
https://ad.doubleclick.net/ddm/trackimp/N295801.154378CRITEO/B28625941.348062085;dc_pre=CN_vsNzJgP0CFc4Hiwod_f0IDg;dc_trk_aid=545659306;dc_trk_cid=183960552;dcopt=anid;ord=63e0c7756f3496c30c533b961...

42 B
118 B

84ms
81ms

Image
image/gif

142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N295801.154378CRITEO/B28625941.348062085;dc_pre=CN_vsNzJgP0CFc4Hiwod_f0IDg;dc_trk_aid=545659306;dc_trk_cid=183960552;dcopt=anid;ord=63e0c7756f3496c30c533b961b429945;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=?

Requested by

Protocol

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N295801.154378CRITEO/B28625941.348062085;dc_pre=CN_vsNzJgP0CFc4Hiwod_f0IDg;dc_trk_aid=545659306;dc_trk_cid=183960552;dcopt=anid;ord=63e0c7756f3496c30c533b961b429945;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/ Frame 6216 68 KB
18 KB 144ms
47ms Document
text/html 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

623090824b8c2735ff757527327c5248445437bb1bc45a93d8ddfe396ca24ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 49321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18636
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 19:43:09 GMT
expires: Mon, 05 Feb 2024 19:43:09 GMT
last-modified: Tue, 06 Dec 2022 21:35:33 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 71ms
70ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=apkfun.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 70ms
69ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=apkfun.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/ Frame 55F9 10 KB
4 KB 32ms
31ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 49221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 19:44:49 GMT
etag: 10353107486223812946
expires: Sun, 19 Feb 2023 19:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame FDB3 12 KB
6 KB 65ms
32ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:25:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FDB3 33 KB
34 KB 128ms
74ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19899&q=80&r=2&u=https%3A%2F%2Fnewsletter.pierreetvacances.com%2FCenterParcs%2F2021%2FNetherlands%2FOnline%2520Media%2FNetherlands%2FHB140700-1.jpg&v=3&w=400&s=4onA6myWK2WR748MZZm_6TQu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

7d4fe95745f9a11758b8bde4545197c26865c4af1fc74ca6dd777a9a6b15e86f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34196
expires: Mon, 06 Feb 2023 09:25:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FDB3 32 KB
32 KB 101ms
48ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19899&q=80&r=2&u=https%3A%2F%2Fnewsletter.pierreetvacances.com%2FCenterParcs%2F2021%2FNetherlands%2FOnline%2520Media%2FNetherlands%2FMD114897-1.jpg&v=3&w=400&s=ejWkwDHsoHV2eWWsIQCDLkfI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5f00ef78ada6bf5c1e13270b062c3586c9dd5864052d368ad7da838c390e36f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32490
expires: Mon, 06 Feb 2023 09:25:10 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FDB3 0
128 B 78ms
25ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=CLLH86HAjI7H1Ic2LoM2EeLUFpuL1Fw95UV_hZQBNRsxS2W5IQaMVizIsYcuvjx3u7jJ6d6bojO0MCciJXS8d0bB0gcAqMx4TZ5v4BuRo65m3Q5eMlU4vOjpiY7hKsMZ1yt8-SrrT3FX2mHXdaDcODYu5H6gYT7aWDRObkUibghtTRSnwTg8iYysuEdgSrVxvuEnMB2p0xSCXKzvY9bdbKUnk6r8CYOeJ5X0a6KWfmaUBDI-v2e5pQOuLRGY2rLSieItRA&sds=2&rev=84569&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 Feb 2023 09:25:09 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame FDB3 2 KB
1 KB 55ms
35ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:25:10 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame D4EA
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/953900/61623476/4.js?adContainerId=brand_safety_dcfgY5PiGcPB6gSfuIK4Cw&cbFunctionName=goog_wrapCb_dcfgY5PiGcPB6gSfuIK4Cw&true_pb=https%3A%2F%2Fstatic.adsafepro...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_dcfgY5PiGcPB6gSfuIK4Cw&cbFunctionName=goog_wrapCb_dcfgY5PiGcPB6gSfuIK4Cw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassba...

1 KB
1 KB

80ms
60ms

Script
application/javascript

2600:9000:2304:a400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_dcfgY5PiGcPB6gSfuIK4Cw&cbFunctionName=goog_wrapCb_dcfgY5PiGcPB6gSfuIK4Cw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=3855964555&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508957&bpp=1&bdt=480&idt=403&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C724x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=f650aFsiCC&p=https%3A//apkfun.com&dtd=412
Protocol: H2
Server: 2600:9000:2304:a400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 18:40:39 GMT
x-amz-version-id: bl_DZv7EoIjCRhbVwC6.RCuKzEoZoEqS
content-encoding: gzip
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 312272
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 02 Feb 2023 18:40:32 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: SILLOa5TZkdFdZqazYOjRHxR1G2eZestj6ntljuvCTAcJZbfss99wg==

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:10 GMT
server: nginx
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_dcfgY5PiGcPB6gSfuIK4Cw&cbFunctionName=goog_wrapCb_dcfgY5PiGcPB6gSfuIK4Cw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 2A27 91 KB
23 KB 138ms
51ms Script
application/javascript 2600:9000:2304:a400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=3855964555&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508957&bpp=1&bdt=480&idt=403&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C724x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=f650aFsiCC&p=https%3A//apkfun.com&dtd=412
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 11900934
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: PuWmesRnM4ZAv-mZoe2GieLv0wVmCjrREhV14k4h5gF0_Eg9JiVgLg==

GET
H2 206 d62e54a4923240888260ee5d15cb8b70_kam2_display_criteo_cpbn-1920x1080-nl.mp4
static.criteo.net/design/dt/19899/230103/ Frame FDB3 2 MB
0 38ms
37ms Media
video/mp4 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/19899/230103/d62e54a4923240888260ee5d15cb8b70_kam2_display_criteo_cpbn-1920x1080-nl.mp4?ibv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 Jan 2023 11:30:23 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63b411cf-20e1e4"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-2154979/2154980
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 2154980
expires: Thu, 01 Feb 2024 09:25:10 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D4EA 43 B
216 B 458ms
101ms Image
image/gif 2600:1f18:1aca:4282:3b68:43e7:2814:3754
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=953900&asId=4bf6c227-ab7e-cce2-3ba2-7dc86d5cc9ac&tv=%7Bc:3qNcJC,pingTime:-3,time:88,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:414,h:345,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:88,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.414.345,am:sp,cc:0.0.414.345,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~414.345%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tv4DFHD+11%7C12%7C13%7C141%7C151*.953900-61623476%7C1511%7C1512%7C16%7C17%7C18,idMap:151*,rmeas:1,rend:0,renddet:DIV,siq:17%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=3855964555&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508957&bpp=1&bdt=480&idt=403&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C724x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=f650aFsiCC&p=https%3A//apkfun.com&dtd=412
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:3b68:43e7:2814:3754 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:10 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D4EA 43 B
215 B 458ms
103ms Image
image/gif 2600:1f18:1aca:4282:3b68:43e7:2814:3754
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=953900&asId=4bf6c227-ab7e-cce2-3ba2-7dc86d5cc9ac&tv=%7Bc:3qNcJE,pingTime:-6,time:89,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:89,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.414.345,am:sp,cc:0.0.414.345,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B84~0%5D,as:%5B84~414.345%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tv4DFHD+11%7C12%7C13%7C141%7C151*.953900-61623476%7C1511%7C1512%7C16%7C17%7C18,idMap:151*,rmeas:1,rend:0,renddet:DIV,siq:17%7D&tpiLookup=ao:apkfun.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=3855964555&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508957&bpp=1&bdt=480&idt=403&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C724x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=f650aFsiCC&p=https%3A//apkfun.com&dtd=412
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:3b68:43e7:2814:3754 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:10 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame 34AC 36 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 08:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 08:21:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 55F9 4 KB
709 B 70ms
70ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 08:07:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 09:25:10 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 55F9 205 B
518 B 36ms
35ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:47:10 GMT
x-content-type-options: nosniff
age: 5880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 06 Feb 2024 07:47:10 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 55F9 604 B
693 B 37ms
37ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:24:48 GMT
x-content-type-options: nosniff
age: 22
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 06 Feb 2024 09:24:48 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame 55F9 20 KB
8 KB 51ms
51ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

675575eb734b5114526cdc1cc9116bea0e2189e9351700944375af81e226f62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 20:41:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45800
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8365
x-xss-protection: 0
server: cafe
etag: 8727046649480766555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 20:41:50 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D4EA 43 B
215 B 385ms
104ms Image
image/gif 2600:1f18:1aca:4282:3b68:43e7:2814:3754
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=953900&asId=4bf6c227-ab7e-cce2-3ba2-7dc86d5cc9ac&tv=%7Bc:3qNcKR,pingTime:-2,time:164,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:44,mdZ:320,beA:365,beZ:366,mfA:368,cmA:369,inA:369,inZ:372,prA:372,prZ:378,si:382,poA:383,poZ:402,cmZ:402,mfZ:402,loA:454,loZ:456,ltA:529,ltZ:529%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:414,h:345,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:164,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.414.345,am:sp,cc:0.0.414.345,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B159~0%5D,as:%5B159~414.345%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tv4DFHD+11%7C12%7C13%7C141%7C151*.953900-61623476%7C1511%7C1512%7C16%7C17%7C18,idMap:151*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:17,sinceFw:146,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=3855964555&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508957&bpp=1&bdt=480&idt=403&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C724x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=f650aFsiCC&p=https%3A//apkfun.com&dtd=412
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:3b68:43e7:2814:3754 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:10 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 css
fonts.googleapis.com/ Frame 6216 289 B
343 B 71ms
70ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:regular&text=Slide%20ntoCavurswhgfc%2E

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a71301d664888a57ff1965b850bb6659872f4fa14c8ea33beb469055589d028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 09:25:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 09:25:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6216 284 B
361 B 70ms
68ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:800&text=TORN%2C%20I%27SPLAYMECD

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4bb7f3d17b2531ea8bb4ce8e482ee0dc04d83b9f7b55682ed579211bdd20b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 09:25:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 09:25:10 GMT

GET
H3 200 AirCanadaHorizontal.svg.js Show response
s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/ Frame 6216 3 KB
2 KB 50ms
49ms Script
application/x-javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/AirCanadaHorizontal.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

868f6cb4cab777b867157e92119467e303afa7c66522aaeaa1ee98f743cfeba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49321
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1545
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 21:35:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Feb 2024 19:43:09 GMT

GET
H3 200 BOOK-NOW-CTA.svg.js Show response
s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/ Frame 6216 2 KB
1 KB 47ms
46ms Script
application/x-javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/BOOK-NOW-CTA.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0db0f564fa7a2aa114493434210aa888aa030c005420d1ed335c3cc7951bfce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49321
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1140
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 21:35:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Feb 2024 19:43:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D030 15 KB
16 KB 166ms
46ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 01:58:46 GMT
x-content-type-options: nosniff
age: 372384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 01:58:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D030 15 KB
16 KB 177ms
57ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:49:45 GMT
x-content-type-options: nosniff
age: 470125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 22:49:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D030 15 KB
15 KB 216ms
98ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 11:48:56 GMT
x-content-type-options: nosniff
age: 596174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 11:48:56 GMT

GET
H2 206 d62e54a4923240888260ee5d15cb8b70_kam2_display_criteo_cpbn-1920x1080-nl.mp4
static.criteo.net/design/dt/19899/230103/ Frame FDB3 24 KB
25 KB 37ms
37ms Media
video/mp4 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/19899/230103/d62e54a4923240888260ee5d15cb8b70_kam2_display_criteo_cpbn-1920x1080-nl.mp4?ibv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

22f962adaa3aa7fbb2bf52bbcb32a60b60236a45a4cdc9d872eca96042c8a561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=2129920-

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 Jan 2023 11:30:23 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63b411cf-20e1e4"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 2129920-2154979/2154980
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 25060
expires: Thu, 01 Feb 2024 09:25:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2524 6 KB
672 B 71ms
71ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 08:23:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 09:25:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 2524 2 KB
770 B 47ms
46ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 16:02:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 16:02:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 2524 22 KB
9 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:49:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 2524 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 16:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 16:02:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 2524 18 KB
8 KB 50ms
49ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 09:19:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2524 157 KB
48 KB 194ms
193ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 09:25:10 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 2524 33 KB
14 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 21:44:27 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 6216 5 KB
6 KB 150ms
114ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4ie0Ie6-pDH1Ij_XtZduGHbdxbKKPU1gY&skey=62c1cbfccc78b4b2&v=v34

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:regular&text=Slide%20ntoCavurswhgfc%2E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27baceb297ae8992314e07521f44a49052ea277a661ec1355cebb01fda03d083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:37:37 GMT
x-content-type-options: nosniff
age: 64053
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5496
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 05:27:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 05 Feb 2023 15:37:37 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D4EA 43 B
215 B 142ms
103ms Image
image/gif 2600:1f18:1aca:4282:3b68:43e7:2814:3754
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=953900&asId=4bf6c227-ab7e-cce2-3ba2-7dc86d5cc9ac&tv=%7Bc:3qNcOK,time:405,type:e,im:%7Bimprf:%7Bttecl:578,ecd:167,tsecr:72%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:405,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.414.345,am:sp,cc:0.0.414.345,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B400~0%5D,as:%5B400~414.345%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tv4DFHD+11%7C12%7C13%7C141%7C151*.953900-61623476%7C1511%7C1512%7C16%7C17%7C18,idMap:151*,rmeas:1,rend:0,renddet:DIV,siq:17,sis:257%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=3855964555&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508957&bpp=1&bdt=480&idt=403&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C724x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=f650aFsiCC&p=https%3A//apkfun.com&dtd=412
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:3b68:43e7:2814:3754 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:10 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 81ms
80ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=3766259181113785&bg=!9fal9rLNAAaq5O5FiuQ7ACkAdvg8Wo8EUgMAv3E1e8hq7xh_8sJoPbgBHSloORNd_wA-keECJXwwJAIAAAEyUgAAAAJoAQeZAqCH2itO2_N84qWVPaTG4mH5Fm8dLrv7OCLt1iwa63dlKrKVK8YJoF2lTR5sTXJoZkkavlSigOqQiumuWhVZyhupMnS13xnNqp-tcSfLHbFsYDQWjEZ_cnkS-ROQiEnDXtU_iRHd0lJT937OYd1cTdDtMEV9P4pVPzuOWTrNsAHpMxW-EBd5xNZtQYZd0agXrfM1wPnICoq3urJMuGKOCp4HiACRPYnfs9tPrDdLprfaqAqV7Gx9LTk49qoLZIlHp1u4JDcnXdteH3GOO7Mr8jkfsjWHM__bn3FOJC40TQ6mViLSISR1NsYXKvgPvlqRueqvcBvCp5yOPPNEvJBgf2DAr38ayvbnnaAE5BUMQPqPCJNQDCk1jBf3PxmI8fC8exdlcTCvZPfKMDELQ7DGwalMLEV5sq6Oz-dTTwW75nyrC4wXLewmXfT4dw-z1j5FtgoRnPjM1jFh3iV-SzRUJ7fkcAbMzO0vJujO7ItKFEyQQmVJZm3iLJj-IlgS2SGm3CCzJP73rmn5zzb1oWvd4SLDM0p9LzFPh0cTPhKkCcvaIf3xtoRetNERTCYu7Dvut5v9qlQos5kAy7ArfR94OHLyFMRLmtUT2ILPr4OIYpxqUOCrrpTLwx7UhYIsbBp5nWhUVFwfxBWKq1hJuRzBMMU3J3QjJnGNnPrY6R_iZUXsrRIw1zg7G2ssmXcgAA1DU7qOjxThiEiQDWfIjAXwi4kexzZiKFh7aNwYK7mgoKDnsGAnuRXbbbl3AI9zST6FlzhGmh0-tyNnDmE_bkTxdfmJb6lcA7JtgK0CHYbs5gmuhVXxIn_S8r47yG24XnBkpvML8-3PIUhL7TvRMJbqZAW1uFuNR8JiqLOYIvIJAtpUhYiKuJBr3sMfcm7tIQiKcPU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://apkfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34AC 0
20 B 82ms
81ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BReHrdcfgY5PiGcPB6gSfuIK4CwAAAAA4AeAEAg&bg=!MTKlMnbNAAaq5O5FiuQ7ACkAdvg8Wmgxg1h8FEOuVSDtnTEppx8qOIVzsn6eRrqfOq5FEE8185-aEAIAAAC4UgAAAANoAQcKAFBsJ9ezAJ3JQBNGMygc0qfomNFq63T3d9IM5ZKshbuKyyq_dYXczxJYmouovoVDQz5pAbve1UdC8m4Eky5OoFbOeKzSnz43I2Emnzmx9WAyWZkC549vJxYdM7a85stWVMEOWA9wa3TXYDC7Rr3H69LTTy_xXZCPBq4zu5Q-ocGi-1qGOZeca48n0b3jdiCYJb6VJAxNaurrKWRenuyEDkhb-HWJ_Vkxa9LiUtOaWH9nWGI-KDST3i_clFMlk5vNU7PxQ0EFn9GCOvLSEFpAZGYT4mRg_Tiu0N4ZGmrYgdiZ2GTdlK_t-VmK9vO4qgT3by869FufbGlzNJhBmvByVrgBtGo7ycIchy3po13SJ3u6j_bDFj-h9SWbf22lkz2LfH2Svi6KQieB5QOjd3ZxKqwNx-7h1Gafu07wCXjvJku1-S6dsSi6fwdCqRmOXjsYCNa0ySlJfN5qHDq-dWmtlBvw-3XQsxGzsUGQZo3zKgzGmEZdBFu3pDRBjrbVYSI9qvGtxh1jsQLSCF561zgyw75ZbMkhx6g0dgs6ROP3SFbxEeHXPYZTE7qs7ICKzMhThYBVent9EOKgj4RZ9E54Dmw18olOrEosYmfYMpxnQMd2mJ14aRfrzAzH-ibJGGDH7DeMA9s3i3aePkmTmVrN0QmdJH9hGpsnPAsKjkOTWcluw7hVUI-ARCEMWMI5TU6cxfNqqzTR2ANR1df_Zo_2IYIKTlXrgKQzFrUQetwLJ9ehimtN0BhLmVCgdcT_V4Y1eWSzgn_OZI-RCgl4naj3L7AKioqrzX3V5pNKKcEC3PYxXrWQz-wTDE-KkC3njH1_7LebuzrzwPnmsodYV3PGyXupAPbWPlHmUNN4m2_xNWNgrRR0eyMVN_OCy7utZjUOmxYNTb-DjIn1xRXuEIpTpITQ3-S-KzjZrSAWWgRsZtCnaTXo1VUzXZNyI8LFrnZYRx24deRcNKEu7DAvmuWcsrT8cSBPnrR7lL4TwIg8D5W9rX4KTzqPInU-XUcBT6LJnQIArzGBxXbg4Hp587wbkxa7NicPQcBRLNf_8MBb6EK7ywG_wfIuwQYYjA5DtZ4_MSKDXtyt9opVZ49B

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame 136F 36 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=514359217&adf=3115031309&pi=t.ma~as.4327763561&w=1200&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=1200x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508954&bpp=2&bdt=477&idt=387&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8Iy28TwIsu&p=https%3A//apkfun.com&dtd=393

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 08:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 08:21:29 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 6216 5 KB
5 KB 47ms
46ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1y4ie0Ye4oVRPXUC0VFzUMe7UeB9Ag&skey=62c1cbfccc78b4b2&v=v34

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:800&text=TORN%2C%20I%27SPLAYMECD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbabd8977db5c48f888281b977815c5794a07e2284dd846621a3d3671c4b7df8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 12:21:01 GMT
x-content-type-options: nosniff
age: 75849
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4676
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 05:27:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 05 Feb 2023 12:21:01 GMT

GET
H3 200 f4.jpg
s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/ Frame 6216 17 KB
17 KB 47ms
47ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/f4.jpg?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c43cfd55e96e46322603ab7ee012a9ed3f5070d44b710f65e3522bdb8493e59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:27:25 GMT
x-content-type-options: nosniff
age: 7065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16926
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 21:35:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Feb 2024 07:27:25 GMT

GET
H3 200 f3.jpg
s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/ Frame 6216 16 KB
16 KB 95ms
94ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/f3.jpg?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dbbb295b8eb1fc4384fa8fd0d0df1b3cba35c27fc313a88caed617c1f52cc46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16675
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 21:35:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Feb 2024 09:25:10 GMT

GET
H3 200 f2.jpg
s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/ Frame 6216 27 KB
27 KB 75ms
74ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/f2.jpg?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

863b27093ac3570e021ff1d06bffc17e1824b32a7ea35d0742007c5651189867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 08:32:30 GMT
x-content-type-options: nosniff
age: 348760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27212
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 21:35:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 08:32:30 GMT

GET
H3 200 f1.jpg
s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/ Frame 6216 21 KB
21 KB 58ms
58ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/f1.jpg?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cad450c992e6d2532f781acb43e0a6c1c34cf4f085680319014c917c963876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 08:32:30 GMT
x-content-type-options: nosniff
age: 348760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21385
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 21:35:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 08:32:30 GMT

GET
DATA 200
OK truncated
/ Frame 6216 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1978d41a29e665990bf01c0b33675c95ac6073a5539bf5355138a8180b68382

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 6216 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84c0a02fcec49da51362c2e9fa73efbc9db917880cb11b2805d559c397f25663

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D4EA 43 B
215 B 103ms
102ms Image
image/gif 2600:1f18:1aca:4282:3b68:43e7:2814:3754
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=953900&asId=4bf6c227-ab7e-cce2-3ba2-7dc86d5cc9ac&tv=%7Bc:3qNcRt,pingTime:-10,time:574,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1675675510746%7C%7C89ad07c0625a436d3d4a3ee9e48c6164%7C%7C2e8a6538fa2d69b650a00d23a95123ee%7C%7C3df71c063201540b6e9d6a57d118e225%7C%7C283478e31da6b34072fc607ec6bc5b6b%7C%7Cd185fb48340227cd3699a933907f55a8%7C%7Cd712da1ac9f5776b7d99bba9afba6747%7C%7C8272cbfdb3b2f690a4c017822b55e1f6%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=3855964555&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508957&bpp=1&bdt=480&idt=403&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C724x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=f650aFsiCC&p=https%3A//apkfun.com&dtd=412
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:3b68:43e7:2814:3754 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:10 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 f4.jpg
s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/ Frame 6216 17 KB
17 KB 47ms
46ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/f4.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c43cfd55e96e46322603ab7ee012a9ed3f5070d44b710f65e3522bdb8493e59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:27:25 GMT
x-content-type-options: nosniff
age: 7065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16926
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 21:35:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Feb 2024 07:27:25 GMT

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame E001 36 KB
14 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: apkfun.com
URL: https://apkfun.com/ECB-iMobile.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 08:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 08:21:29 GMT

GET
H3 200 f2.jpg
s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/ Frame 6216 27 KB
27 KB 48ms
46ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/f2.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

863b27093ac3570e021ff1d06bffc17e1824b32a7ea35d0742007c5651189867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 08:32:30 GMT
x-content-type-options: nosniff
age: 348760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27212
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 21:35:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 08:32:30 GMT

GET
H3 200 f1.jpg
s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/ Frame 6216 21 KB
21 KB 56ms
54ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/f1.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cad450c992e6d2532f781acb43e0a6c1c34cf4f085680319014c917c963876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 08:32:30 GMT
x-content-type-options: nosniff
age: 348760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21385
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 21:35:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 08:32:30 GMT

GET
H3 200 f3.jpg
s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/ Frame 6216 16 KB
16 KB 61ms
59ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/f3.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dbbb295b8eb1fc4384fa8fd0d0df1b3cba35c27fc313a88caed617c1f52cc46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17684549516832067088/2022_POS_INTL_WinterCanadaCampaign_300x250_11800039_EN_NL/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:25:10 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16675
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 21:35:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Feb 2024 09:25:10 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D4EA 43 B
215 B 102ms
101ms Image
image/gif 2600:1f18:1aca:4282:3b68:43e7:2814:3754
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=953900&asId=4bf6c227-ab7e-cce2-3ba2-7dc86d5cc9ac&tv=%7Bc:3qNcZ9,time:1050,type:e,im:%7Bpci:%7Btdr:1004%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1050,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.414.345,am:sp,cc:0.0.414.345,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1045~0%5D,as:%5B1045~414.345%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:163,fm:tv4DFHD+11%7C12%7C13%7C141%7C151*.953900-61623476%7C1511%7C1512%7C16%7C17%7C18,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:17,sis:257%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:3b68:43e7:2814:3754 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:11 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 all
csm.eu.criteo.net/ Frame FDB3 0
127 B 26ms
25ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 Feb 2023 09:25:10 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A660 42 B
64 B 79ms
79ms Fetch
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMhSI5p4IdNwVUft4kZkiArsjDEMw0puppcDUwktM738fO8I9wzLWwP-iUrsSx5haQChb7CjIbWWDqeNRA5i6UCchq&sig=Cg0ArKJSzPiacaqclGxkEAE&id=lidar2&mcvt=1000&p=0,0,280,724&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1251080768&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675675509354&rpt=980&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D030 42 B
64 B 81ms
81ms Fetch
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvOrf3lohRoygiGkM2wQczByvjGbGBFBDrRj2Vf9DagSWNFSYvNLbnb6nnPuh-NNb-vkW7Qi8xitP1jvq69gxTJPPO-N-r-BGc4TftVORQcGEm84VqNUkuaoO9BlXycAGTbS5E7A&sai=AMfl-YRygyWoVi31BjtYndLy-pTwCTiq1E1oHIfwLw3Av6kolXM7qzpVQdtiOnmEn4oOGKVobLdZJ6LcpTWV&sig=Cg0ArKJSzKYwk-1A36eTEAE&cid=CAQSGwDUE5ymexTgVnAz10cDYczT8oD9O2TC9YbA7hgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=514359217&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675675509348&rpt=1318&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:25:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 d62e54a4923240888260ee5d15cb8b70_kam2_display_criteo_cpbn-1920x1080-nl.mp4
static.criteo.net/design/dt/19899/230103/ Frame FDB3 1 MB
1 MB 30ms
30ms Media
video/mp4 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/19899/230103/d62e54a4923240888260ee5d15cb8b70_kam2_display_criteo_cpbn-1920x1080-nl.mp4?ibv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b8c072b20329aac393dba47014174a6c592f0cbc4ce4cb958f4fedac4a1befc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=851968-

Response headers

date: Mon, 06 Feb 2023 09:25:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 Jan 2023 11:30:23 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63b411cf-20e1e4"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 851968-2154979/2154980
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 1303012
expires: Thu, 01 Feb 2024 09:25:12 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
apkfun.com/	1970-01-20 19:03:55	Name: viewerKey Value: ii30NyAUCmDkQtf
.apkfun.com/	1970-01-20 19:03:55	Name: _ga Value: GA1.2.934315416.1675675509
.apkfun.com/	1970-01-20 09:29:21	Name: _gid Value: GA1.2.1514781935.1675675509
.apkfun.com/	1970-01-20 09:27:55	Name: _gat_gtag_UA_199299877_1 Value: 1
.apkfun.com/	1970-01-20 18:49:31	Name: __gads Value: ID=cbcb61f08b0c195f-2231ffe59cdb0053:T=1675675509:RT=1675675509:S=ALNI_MZzLbHiKChVwCbsbZwFJ5WFUvoYww
.apkfun.com/	1970-01-20 18:49:31	Name: __gpi Value: UID=00000bb1035b18c2:T=1675675509:RT=1675675509:S=ALNI_Ma8cURiCf2Fa7OmG_pXWZ4lemq8ng
.doubleclick.net/	1970-01-20 18:49:31	Name: IDE Value: AHWqTUm0vI9Uv_MzC1Z311IhsVZiGfXiQBNI8NRLGNAc13nkyDA9GHpNcGy2nTyfOfs

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8897723508871345&output=html&h=280&slotname=4327763561&adk=1251080768&adf=1911565477&pi=t.ma~as.4327763561&w=724&fwrn=4&fwrnh=100&lmt=1675666388&rafmt=1&format=724x280&url=https%3A%2F%2Fapkfun.com%2FECB-iMobile.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675675508956&bpp=1&bdt=479&idt=394&shv=r20230201&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7080049413303&frm=20&pv=1&ga_vid=934315416.1675675509&ga_sid=1675675509&ga_hid=1576806751&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071766%2C44779794&oid=2&pvsid=3766259181113785&tmod=1058002568&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gmH3YhIWHY&p=https%3A//apkfun.com&dtd=397 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=7776000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.eu.criteo.com
adservice.google.com
adservice.google.nl
apkfun.com
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
downloadapk.net
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
play-lh.googleusercontent.com
rtb.fr.eu.criteo.com
s0.2mdn.net
static.adsafeprotected.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
xpusher.com
142.250.180.230
142.251.208.130
178.250.2.148
2600:1f18:1aca:4282:3b68:43e7:2814:3754
2600:9000:2304:a400:8:48e:53c0:93a1
2606:4700:3108::ac42:2884
2606:4700:3108::ac42:2892
2606:4700::6811:180e
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:829::200e
2a00:1450:400d:802::2002
2a00:1450:400d:802::200a
2a00:1450:400d:803::2002
2a00:1450:400d:804::2008
2a00:1450:400d:806::2002
2a00:1450:400d:808::2003
2a00:1450:400d:808::2006
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::2016
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2002
2a02:2638:1::17
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::2
2a02:2638::3
2a06:98c1:3121::3
34.240.83.138
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03faa8cd255e13cae862449c149b7e166342ef3efe25694e8262c54741498c40
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a0c52411b08da326b60651acbe25fa6b95c4d03efe69575a3726130c45963d3
1094eadb46901a39ead18f781a296d1b3372b6dae8e949c1be8fefe72d90ddc7
1251b72ab801370c57593f48ec381ee9ac411a0c7e4bf64d5756f4d38883a5e6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15337219ea307103a697adfd30838d2e7a042a9ff43b7488908f178f5791ffcf
1b9cbd3aad22afc8a5094d5630b0d8ca6eaca272a265000a4a18594cd1dc3979
1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a
1eeba883ebfdb0570fe8fc10f4a8d7c9eaa0800df7ae3882e9b8700d682e5d5c
21cad450c992e6d2532f781acb43e0a6c1c34cf4f085680319014c917c963876
22f962adaa3aa7fbb2bf52bbcb32a60b60236a45a4cdc9d872eca96042c8a561
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25d7c98ad107f8f481cf6ad5500e1066fe93d180565be494196235c7e829d725
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27baceb297ae8992314e07521f44a49052ea277a661ec1355cebb01fda03d083
2bcc52d73e741575e21947d6fd63bf3f2b85e656556ff83f2e458d29da2e0be4
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2ff69b563a74d94a1e4f276c156c6151ac173e0ee542ad877b48a931bbaf78c0
30c82d429e865db50f3e155c25546cc48fd324c296e3d7c26ae74c6ca203c6b7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
330f8ce89f341fa18567e30d0c14fb5ebc699d6156cc71a4f11eac82c5e6d915
347a25c4ad6afed5380c987683689d8f8fc7c9544e8c700958e6165acdcb2666
3ae5c25d178565a02b3e24d00183598b881b82bb8055669e684ecabc3010c092
3bdfe0a35af247e034ce11b2302233742ca6833c3656a350e7d2d700150a49dd
3c43cfd55e96e46322603ab7ee012a9ed3f5070d44b710f65e3522bdb8493e59
3fd7ef3032d1c636747cf3a47260dd7f6aedbe5d2afdfaddb3dc97049d01fc88
47b5d24770f60892010cd207a91bcd7cf7c38e801f632a456826fb281f838b8a
4b2ff7f4830ae27fd0bb9809a109063825742e62e1b643902dbfe6ac530b8d3a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b415d35552f4b088d9e3e92ec9a46be5b499ac05a44034aedc677b3523e00e
558d8c5506958dc02cebe7b1a29b081674c4c7aa7e76b8a501a34d2e0448a69d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
591dc09d5e7e73df098d68b1e5e86ee48512ffc56d253a19e5795b370b92d73f
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a80d395604cb19a861575ba8c8a0ddfc682a715215222a201c62fdd214c16db
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dbbb295b8eb1fc4384fa8fd0d0df1b3cba35c27fc313a88caed617c1f52cc46
5f00ef78ada6bf5c1e13270b062c3586c9dd5864052d368ad7da838c390e36f0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623090824b8c2735ff757527327c5248445437bb1bc45a93d8ddfe396ca24ef7
631de588cfe598b50846c4dda3d2d7e50f75bf4d59fd8b725b60acb95e693061
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
675575eb734b5114526cdc1cc9116bea0e2189e9351700944375af81e226f62d
6b14b9a298b8edee1ac5325520e97e512e845cfd3947da9982d2791e955c9e8e
6d627eed8c2e19c983fcf5c9f247de481647540a6895d76eba1375856058e89a
70b31859862eb4792df8aa4daa383b355918490f84d956eb5ec12f3aa53b98bd
711ae8d5d6faad3a2d76f1ee9405dd69c42e95205cbe713ac75f5faf36bc4146
71cd9839daf53bc4985bd4d13e94c0fe94ca48f4f6394e859d3069686ed7f0e7
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
778ac3aae01acd834b063303900f30376d2f1c62417c0d7ada06d80dc2e1970f
77f59db9b5cc3b14921d2808bba732e2a38ad8e783fd1d3095aa4ba01369b780
78afbba2a4b9d900781007e33ebfda113d829baf4258dfdd7da241363a78bfe5
7d4fe95745f9a11758b8bde4545197c26865c4af1fc74ca6dd777a9a6b15e86f
7e168a84748394e33d032d683107b84147213f6b7c61ca90a22dfb8cf0cd3871
818ba645bfa617271ecfb35c83264090b00e8590cf100cd38255fa6a416e6d91
84c0a02fcec49da51362c2e9fa73efbc9db917880cb11b2805d559c397f25663
863b27093ac3570e021ff1d06bffc17e1824b32a7ea35d0742007c5651189867
868f6cb4cab777b867157e92119467e303afa7c66522aaeaa1ee98f743cfeba5
8a0942bf022829e66188b9d44ef938c1847b7b33bf5b9210a8fa408511451915
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9338dcab7a8cdc94939f6d340a0a1ef02d18d8e8c661abcd7dc6b8b34b84e469
973305c149db5176aa238d32bd4264c4c625d05a0c015065c7be845fb4ecd4fe
977a8d22356bc803519cf8b16f31602e6e563bd3da873c1f362dcbfe79952737
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1978d41a29e665990bf01c0b33675c95ac6073a5539bf5355138a8180b68382
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71301d664888a57ff1965b850bb6659872f4fa14c8ea33beb469055589d028f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8d28c6e0461f1be61d250a2e8fd10aa2baa16437049403c41ebe296855ce838
adac638183569b9d006459c7dd4951167272d28a76ee8f2c32c7bd8c086a28c8
afed7294a7628abda72c5cfee97f641c668f00735dc93ef4bfc492bcd6b3acf2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4bb7f3d17b2531ea8bb4ce8e482ee0dc04d83b9f7b55682ed579211bdd20b41
b5bb7628738dbb57bd28eee27cfb8cd04e9da1136081ee11806ac0c727bc2e1c
b7153b2354da7984aa2a5319e6dabceefb9c2f27f7d6f32d9128c325ad13d735
b83a2f72c8a1dc18caa994152c3ccf333ed52b160115a09437f4a15781838d91
b8c072b20329aac393dba47014174a6c592f0cbc4ce4cb958f4fedac4a1befc7
bafc45ab1ff1080727effc90c1d3b7e1ca7b2c35544b71ed5e133fbb98cf2c79
bced7f300a5eb795f4f7e14f62d306d2e04d032f253a83175cfa5c3f3acf9b94
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c15b7415b460795dd163510ed25959ef2cc2b323bd3d1bf39e27fa58185792fe
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3ea6aad37ef3bf2cbb774bcfbc54bcbe38c2145c0a09aac7b6cd1c8744c7b98
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
cbabd8977db5c48f888281b977815c5794a07e2284dd846621a3d3671c4b7df8
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0b7f0a72331d147a2412ca9f5cac111891ee1c7b2a3c73cc8df07b65038626f
d18d50657efd2259557798f356a098576ea4f24080c0c6fb742cbffc8712b049
d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53
d716dd8c299f39ef4260fc72046f3a6c2cc155a1e7d0cb580e55572a9f4fc726
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0db0f564fa7a2aa114493434210aa888aa030c005420d1ed335c3cc7951bfce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
ed9241d555ce84975f20295ec237a8090b3a6491883f2be2368d877191351375
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f3d7323480a7405f0c26c9d5e5e084846ec571f792634a5db2e47775c8a103ed
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9d15757f2a9f00eac64207b3e4042a4c791e8116dcc8e0ab9aa9fdb3a86dab7
fbf89e668ec49f1e41fe278f768905075bd097059a6368d8c6c434afdf168070

apkfun.com Open in urlscan Pro 2606:4700:3108::ac42:2892 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

150 Requests

99 %HTTPS

87 %IPv6

19 Domains

30 Subdomains

30 IPs

4 Countries

2935 kBTransfer

6815 kBSize

7 Cookies

9 Outgoing links

Page URL History

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

apkfun.com Open in urlscan Pro
2606:4700:3108::ac42:2892 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

99 %
HTTPS

87 %
IPv6

19
Domains

30
Subdomains

30
IPs

4
Countries

2935 kB
Transfer

6815 kB
Size

7
Cookies

150 HTTP transactions
5 data transactions