apk2me.com Open in urlscan Pro
43.225.53.77 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://apk2me.com/gift-of-hedone-apk/
Submission: On August 28 via manual (August 28th 2023, 8:41:10 pm UTC) from CA — Scanned from CA

Summary HTTP 286 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 59 IPs in 8 countries across 66 domains to perform 286 HTTP transactions. The main IP is 43.225.53.77, located in United Arab Emirates and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is apk2me.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 5th 2023. Valid for: a year.

This is the only time apk2me.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	43.225.53.77 43.225.53.77	394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY)
43	172.217.13.194 172.217.13.194	15169 (GOOGLE) (GOOGLE)
4	172.217.13.168 172.217.13.168	15169 (GOOGLE) (GOOGLE)
9	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1 19	172.217.13.130 172.217.13.130	15169 (GOOGLE) (GOOGLE)
5	172.217.13.142 172.217.13.142	15169 (GOOGLE) (GOOGLE)
1	173.237.16.20 173.237.16.20	7979 (SERVERS-COM) (SERVERS-COM)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
5	172.217.13.163 172.217.13.163	15169 (GOOGLE) (GOOGLE)
6	80.211.42.243 80.211.42.243	31034 (ARUBA-ASN) (ARUBA-ASN)
1	72.21.81.200 72.21.81.200	15133 (EDGECAST) (EDGECAST)
1	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.160.4.198 3.160.4.198	16509 (AMAZON-02) (AMAZON-02)
1	108.156.184.123 108.156.184.123	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	74.119.119.131 74.119.119.131	19750 (AS-CRITEO) (AS-CRITEO)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
1	3.160.22.7 3.160.22.7	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	172.217.13.161 172.217.13.161	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10 11	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1 2	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
10	23.215.41.73 23.215.41.73	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.209.38.85 18.209.38.85	14618 (AMAZON-AES) (AMAZON-AES)
6	2.22.41.153 2.22.41.153	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4	142.251.40.202 142.251.40.202	15169 (GOOGLE) (GOOGLE)
14	172.217.13.195 172.217.13.195	15169 (GOOGLE) (GOOGLE)
38	172.217.13.193 172.217.13.193	15169 (GOOGLE) (GOOGLE)
1	146.75.38.132 146.75.38.132	54113 (FASTLY) (FASTLY)
24	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
6 12	172.217.13.162 172.217.13.162	15169 (GOOGLE) (GOOGLE)
3 5	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 5	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
1	66.225.223.95 66.225.223.95	3949 (NTTA-3946) (NTTA-3946)
15	172.217.13.198 172.217.13.198	15169 (GOOGLE) (GOOGLE)
5	142.251.32.97 142.251.32.97	15169 (GOOGLE) (GOOGLE)
4 5	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	64.74.236.191 64.74.236.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 2	52.55.229.173 52.55.229.173	14618 (AMAZON-AES) (AMAZON-AES)
1	23.49.250.160 23.49.250.160	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	3.211.144.247 3.211.144.247	14618 (AMAZON-AES) (AMAZON-AES)
1	3.160.22.128 3.160.22.128	16509 (AMAZON-02) (AMAZON-02)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
5 5	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
2 2	52.20.6.194 52.20.6.194	14618 (AMAZON-AES) (AMAZON-AES)
1 1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 3	199.127.204.142 199.127.204.142	26120 (RHYTHMONE) (RHYTHMONE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	54.156.26.12 54.156.26.12	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
3 3	8.28.7.82 8.28.7.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.28.7.84 8.28.7.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	34.236.43.18 34.236.43.18	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.160.5.24 3.160.5.24	16509 (AMAZON-02) (AMAZON-02)
1 1	23.105.12.170 23.105.12.170	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	207.198.113.90 207.198.113.90	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	192.184.68.134 192.184.68.134	14618 (AMAZON-AES) (AMAZON-AES)
1 1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	69.166.1.35 69.166.1.35	27630 (AS-XFERNET) (AS-XFERNET)
1 1	74.121.140.211 74.121.140.211	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	34.239.10.179 34.239.10.179	14618 (AMAZON-AES) (AMAZON-AES)
2 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 1	104.21.68.74 104.21.68.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.211.159.119 3.211.159.119	14618 (AMAZON-AES) (AMAZON-AES)
14	172.217.13.110 172.217.13.110	15169 (GOOGLE) (GOOGLE)
2 3	172.217.13.196 172.217.13.196	15169 (GOOGLE) (GOOGLE)
1	108.156.184.71 108.156.184.71	16509 (AMAZON-02) (AMAZON-02)
1	172.217.13.202 172.217.13.202	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
286	59

11 43.225.53.77 (United Arab Emirates)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: ns1.stefab.com

apk2me.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.13.168 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.217.13.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.13.142 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.237.16.20 (United States)

ASN7979 (SERVERS-COM, US)

jn.dyewoodtigua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.13.163 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 80.211.42.243 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: host243-42-211-80.serverdedicati.aruba.it

telegram.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.81.200 (United States)

ASN15133 (EDGECAST, US)

adncdnend.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.98 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.4.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-4-198.cmh68.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.184.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-184-123.cmh68.r.cloudfront.net

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.22.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-22-7.cmh68.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.13.161 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f1.1e100.net

54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 162.19.138.83 (Frankfurt am Main, Germany) 10 redirects

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.215.41.73 (McAllen, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-41-73.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.209.38.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-38-85.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.22.41.153 (Liljeholmen, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: a2-22-41-153.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.202 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.13.195 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 172.217.13.193 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.38.132 (Reston, United States)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.13.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.40.39.223 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.179.166 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.225.223.95 (Sacramento, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com

mcdp-sadc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.217.13.198 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.32.97 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.60.146 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.191 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.55.229.173 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-229-173.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.49.250.160 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-250-160.deploy.static.akamaitechnologies.com

sync-jp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.144.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-144-247.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.22.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-22-128.cmh68.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.211.178.172 (North Charleston, United States) 5 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.20.6.194 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-6-194.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.127.204.142 (United States) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Weil am Rhein, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.26.12 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-26-12.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.229.3.43 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.82 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.84 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.236.43.18 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-43-18.compute-1.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.5.24 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-160-5-24.cmh68.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.170 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.198.113.90 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.184.68.134 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.166.1.35 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.211 (Reston, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.81 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.10.179 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-10-179.compute-1.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 2 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.68.74 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.rtbsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.159.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-159-119.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.13.110 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.13.196 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.184.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-184-71.cmh68.r.cloudfront.net

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.202 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155 ade.googlesyndication.com — Cisco Umbrella Rank: 339	640 KB
32	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1595 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3711 odb.outbrain.com — Cisco Umbrella Rank: 2616 mcdp-sadc1.outbrain.com — Cisco Umbrella Rank: 4855 sync.outbrain.com — Cisco Umbrella Rank: 765	113 KB
28	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371	430 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com	262 KB
17	google.com 2 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1585 www.google.com — Cisco Umbrella Rank: 2	61 KB
15	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	719 KB
13	wp.com c0.wp.com — Cisco Umbrella Rank: 8197 i0.wp.com — Cisco Umbrella Rank: 3729 stats.wp.com — Cisco Umbrella Rank: 2753 pixel.wp.com — Cisco Umbrella Rank: 2673	161 KB
12	id5-sync.com 10 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 795 id5-sync.com — Cisco Umbrella Rank: 411	42 KB
11	apk2me.com apk2me.com	94 KB
10	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 9624 log.outbrainimg.com — Cisco Umbrella Rank: 2678 images.outbrainimg.com — Cisco Umbrella Rank: 2350	53 KB
6	pubmatic.com 6 redirects image8.pubmatic.com — Cisco Umbrella Rank: 685 image2.pubmatic.com — Cisco Umbrella Rank: 875 image4.pubmatic.com — Cisco Umbrella Rank: 1183 image6.pubmatic.com — Cisco Umbrella Rank: 769	3 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	339 KB
6	telegram.im telegram.im — Cisco Umbrella Rank: 229764	21 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 352	3 KB
5	rlcdn.com 4 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 394 id.rlcdn.com — Cisco Umbrella Rank: 766	1 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	110 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	4 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 484	4 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 ajax.googleapis.com — Cisco Umbrella Rank: 366	38 KB
5	openx.net 2 redirects oajs.openx.net — Cisco Umbrella Rank: 1331 google-bidout-d.openx.net — Cisco Umbrella Rank: 1336 us-u.openx.net — Cisco Umbrella Rank: 481 u.openx.net — Cisco Umbrella Rank: 702	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	279 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 360	1 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 435 dis.criteo.com — Cisco Umbrella Rank: 626	7 KB
3	creativecdn.com 2 redirects invstatic101.creativecdn.com — Cisco Umbrella Rank: 1478 creativecdn.com — Cisco Umbrella Rank: 570	2 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 852 bcp.crwdcntrl.net — Cisco Umbrella Rank: 813 sync.crwdcntrl.net — Cisco Umbrella Rank: 803	13 KB
3	yahoo.com 1 redirects connectid.analytics.yahoo.com — Cisco Umbrella Rank: 15921 ups.analytics.yahoo.com — Cisco Umbrella Rank: 325	9 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120 www.googleadservices.com — Cisco Umbrella Rank: 150	599 B
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1182	1 KB
2	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1007	1 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 489	1 KB
2	360yield.com 2 redirects ice.360yield.com — Cisco Umbrella Rank: 2358	871 B
2	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 1539	2 KB
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1070	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 565	964 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 571	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1087	926 B
2	agkn.com aa.agkn.com — Cisco Umbrella Rank: 532 d.agkn.com — Cisco Umbrella Rank: 750	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 553	2 KB
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 755	879 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	35 KB
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1255	285 B
1	rtbsystem.com 1 redirects cm.rtbsystem.com — Cisco Umbrella Rank: 4174	1 KB
1	gumgum.com 1 redirects rtb.gumgum.com — Cisco Umbrella Rank: 1564	274 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1116	670 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 569	973 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 798	567 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	187 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 236	689 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 814	379 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 783	615 B
1	rubiconproject.com 1 redirects pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1144	854 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1700	473 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1251	435 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 648	338 B
1	im-apps.net sync-jp.im-apps.net — Cisco Umbrella Rank: 4183	740 B
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 4865	390 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 334	897 B
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1129	9 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1496	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1677	2 KB
1	azureedge.net adncdnend.azureedge.net — Cisco Umbrella Rank: 49074	2 KB
1	dyewoodtigua.com jn.dyewoodtigua.com	1 KB
0	geistm.com Failed id.geistm.com Failed
286	66

	Domain	Requested by
38	tpc.googlesyndication.com	apk2me.com 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com cdn.ampproject.org s0.2mdn.net pagead2.googlesyndication.com
35	pagead2.googlesyndication.com	apk2me.com pagead2.googlesyndication.com www.gstatic.com 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com s0.2mdn.net
20	sync.outbrain.com	widgets.outbrain.com
15	s0.2mdn.net	apk2me.com s0.2mdn.net
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com apk2me.com
14	www.gstatic.com	apk2me.com 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com googleads.g.doubleclick.net apk2me.com
11	id5-sync.com	10 redirects cdn.id5-sync.com
11	apk2me.com	apk2me.com c0.wp.com
9	widgets.outbrain.com	adncdnend.azureedge.net widgets.outbrain.com apk2me.com
9	c0.wp.com	apk2me.com
7	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	securepubads.g.doubleclick.net	apk2me.com securepubads.g.doubleclick.net
6	www.googletagservices.com	apk2me.com 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	telegram.im	apk2me.com telegram.im
5	images.outbrainimg.com	widgets.outbrain.com
5	x.bidswitch.net	5 redirects
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	fonts.gstatic.com	apk2me.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	idsync.rlcdn.com	3 redirects widgets.outbrain.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	log.outbrainimg.com	widgets.outbrain.com
4	fonts.googleapis.com	54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com apk2me.com googleads.g.doubleclick.net
4	www.googletagmanager.com	apk2me.com adncdnend.azureedge.net www.googletagmanager.com
3	ade.googlesyndication.com	apk2me.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	image8.pubmatic.com	3 redirects
3	match.adsrvr.org	3 redirects
3	54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	apk2me.com
2	uipglob.semasio.net	2 redirects
2	sync.go.sonobi.com	1 redirects widgets.outbrain.com
2	pixel.tapad.com	2 redirects
2	ice.360yield.com	2 redirects
2	loadus.exelator.com	2 redirects
2	creativecdn.com	2 redirects
2	ps.eyeota.net	1 redirects widgets.outbrain.com
2	sync.1rx.io	2 redirects
2	match.prod.bidr.io	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	dpm.demdex.net	1 redirects widgets.outbrain.com
2	b1sync.zemanta.com	2 redirects
2	pippio.com	2 redirects
2	www.googleadservices.com	googleads.g.doubleclick.net
2	ups.analytics.yahoo.com	1 redirects connectid.analytics.yahoo.com
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	oajs.openx.net	1 redirects apk2me.com
2	i0.wp.com	apk2me.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	ajax.googleapis.com	s0.2mdn.net
1	d.agkn.com	54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
1	rtb.adentifi.com	widgets.outbrain.com
1	cm.rtbsystem.com	1 redirects
1	rtb.gumgum.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	sync.mathtag.com	1 redirects
1	bh.contextweb.com	1 redirects
1	cms.quantserve.com	1 redirects
1	pixel-sync.sitescout.com	widgets.outbrain.com
1	id.rlcdn.com	1 redirects
1	c.bing.com	widgets.outbrain.com
1	ssbsync.smartadserver.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	u.openx.net	1 redirects
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	us-u.openx.net	widgets.outbrain.com
1	sync.crwdcntrl.net	widgets.outbrain.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync.targeting.unrulymedia.com	widgets.outbrain.com
1	dis.criteo.com	1 redirects
1	aa.agkn.com	widgets.outbrain.com
1	beacon.krxd.net	widgets.outbrain.com
1	sync-jp.im-apps.net	widgets.outbrain.com
1	tags.rd.linksynergy.com	1 redirects
1	mcdp-sadc1.outbrain.com	widgets.outbrain.com
1	odb.outbrain.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	apk2me.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	pixel.wp.com	apk2me.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	adncdnend.azureedge.net	apk2me.com
1	stats.wp.com	apk2me.com
1	jn.dyewoodtigua.com	apk2me.com
0	id.geistm.com Failed	widgets.outbrain.com
286	100

This site contains links to these domains. Also see Links.

Domain
t.me
www.facebook.com
twitter.com
themeisle.com
www.uniqlo.com
financialhackz.com
seeitwll.com
www.thedecorideas.com

Subject Issuer	Validity	Valid
apk2me.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-05` - `2024-02-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
jn.dyewoodtigua.com R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
telegram.im R3	`2023-08-15` - `2023-11-13`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2023-08-15` - `2024-02-08`	6 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.id5-sync.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://apk2me.com/gift-of-hedone-apk/
Frame ID: 00599A7107C301306B776A6BD1664E6D
Requests: 108 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html
Frame ID: 1AC70E667E1785182B7EE06837BBD915
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3231120278665793&output=html&adk=1812271804&adf=3025194257&lmt=1693256152&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693255256435&bpp=693&bdt=195&idt=1070&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=921787697105&frm=20&pv=2&ga_vid=1647964.1693255257&ga_sid=1693255258&ga_hid=802707405&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077370%2C31077350%2C21065724&oid=2&pvsid=516923798558681&tmod=1518353953&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1152
Frame ID: 45F017EC8D38FBFD9E8F030AEFFCEF9B
Requests: 1 HTTP requests in this frame

Frame: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3D5E06F04355027ADBAE2096EEFD355D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3231120278665793&output=html&h=188&slotname=9052031349&adk=3667577507&adf=2706166137&pi=t.ma~as.9052031349&w=750&fwrn=4&lmt=1693256152&rafmt=11&format=750x188&url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693255257135&bpp=37&bdt=895&idt=550&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=921787697105&frm=20&pv=1&ga_vid=1647964.1693255257&ga_sid=1693255258&ga_hid=802707405&ga_fc=1&rplot=4&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077370%2C31077350%2C21065724&oid=2&pvsid=516923798558681&tmod=1518353953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9b5WZIAmhT&p=https%3A//apk2me.com&dtd=592
Frame ID: 22F5E5E937C7273E6C0F609020280639
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=apk2me.com
Frame ID: 6BE6B40476C1A594A1719F8348439FBE
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: BBDB1D50A830CE5D08B92DB86770E47D
Requests: 1 HTTP requests in this frame

Frame: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EA43BF7759D06246E522EA1D096F451F
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019
Frame ID: 85BE57A2B2C56129B6B4823DE7A6F3E7
Requests: 16 HTTP requests in this frame

Frame: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C187916F95A3B12D10298062C9F0174D
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Frame ID: DADDB73FDFCCB9BA01295BF071B3B007
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIG4RxCxzGkY8JDH8gEwAQ&v=APEucNXPFekGQdcunErAPzpvMx3w7VFxE-r1V9vh2BUZyDHIxxOQckuAZHAtfIMeg6vWer6pNlmQ7T3_MKw6Zwzpe3ZAZg1mEQ
Frame ID: 8AB96CFCD9309B85544595064CB8F578
Requests: 5 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=3a7bcfbf-fa0d-4524-9a25-4236b7137054
Frame ID: F87E7B71D27866BFF5AAFC2C13EE1FC3
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 7C847A4945AA075EF1534BEE9CEF5BB2
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: DB92875E4E39C0CB5DE98C96AA1587F3
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1187ECB55D0EF1C045D765A02E625658
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 7FE81FEBE20D5C4938A85D20F2EBAA73
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250
Frame ID: 178F6F4B29A8FCA081DB7837814DBF93
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 28F85D2EC98FFC607FC1AB242AA9C4DA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: DA8BBCCDF248D4D18E82234FE2933C98
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: FBD664DD70543A06293A4F15660C8FA6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1C72B42FDD1C2F77773B1EF535F29F29
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Frame ID: 422ECC52698E16718B1B1507B9835751
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019
Frame ID: 2E13CBC65976A876DC04389E9EA6C8C9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Frame ID: 08FF3DC0A153C8D7C01D276D43199A56
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Frame ID: 5BEE43E05D24231F6517A2EAF6F98277
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Frame ID: 319AD2D1BF560C17C8B12B958870C57F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Frame ID: A1D36AC5B75413D9CBA4D39232D05378
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E30AF83E44916B054218B464BF4A21C8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 897E132C4ADDBC29DD128D7F60165C03
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gift of Hedone Apk 1.3 Free Download Latest For Android [MOD]

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

286
Requests

88 %
HTTPS

0 %
IPv6

66
Domains

100
Subdomains

59
IPs

8
Countries

3479 kB
Transfer

9049 kB
Size

107
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/apk2memods
Title: Join Telegram Channel

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://apk2me.com/gift-of-hedone-apk/

Search URL Search Domain Scan URL

URL: http://twitter.com/share?url=https://apk2me.com/gift-of-hedone-apk/&text=Gift%20of%20Hedone%20Apk%201.3%20Free%20Download%20Latest%20For%20Android%20%5BMOD%5D

Search URL Search Domain Scan URL

URL: https://themeisle.com/
Title: ThemeIsle

Search URL Search Domain Scan URL

URL: https://www.uniqlo.com/ca/en/special-feature/back-to-school/women?utm_source=outbrain&utm_medium=native&utm_campaign=DAC_UNIQLO-CA_Back-To-School_Outbrain_Native_Ad-Hoc_Conversions_Desktop_x_August2023&utm_content=DAC_UNIQLO-CA_Back-To-School_Outbrain_Native_Ad-Hoc_Conversions_Desktop_x_August2023_Unisex_AI-Audience-Image&obOrigUrl=true
Title: These Back To School Essentials Will Last All Year. Promise. Sponsored: UNIQLO Read Next Story

Search URL Search Domain Scan URL

URL: https://financialhackz.com/?utm_source=outbrain&utm_medium=referral&campaign_id=003abdb53ef009fd164a0f260908375a4b&publisher_id=$publisher_id$&publisher_name=$publisher_name$&ad_id=0007f3552cf82547b5c4bc74775b6b8fb7&ad_title=%24%7Bcity%7D%24+Residents+Should+Claim+This+Benefit&section_id=$section_id$&section_name=$section_name$&req_id=$req_id$&keyword=CA_Dis_Lead_Desktop_August24&ob_click_id=$ob_click_id$&obOrigUrl=true
Title: Toronto Residents Should Claim This Benefit Sponsored: financialhackz.com Read Next Story

Search URL Search Domain Scan URL

URL: https://seeitwll.com/view/AreKoNoGnUYSkwTk6jUifKJIDyEfw9usULpUzsfEHzh66g?c=41221&pid=4443&tid=$ob_click_id$&ob_marketer=Vi_all3&ob_publisher_id=$publisher_id$&ob_section_id=$section_id$&ob_ad_id=00612c94af6d0ad76c6a0b3979c4863420&ob_timestamp=$time_stamp$&ob_platform=WEB&ob_campaign_id=008096cb101aa2b201f6fbe6d66eda5418&ob_doc_title=Do+This+To+Restore+Perfect+Eyesight+Overnight&site=VisionUSAll_$publisher_name$_$section_name$_00612c94af6d0ad76c6a0b3979c4863420&mavcid=41221&ob_marketer_id=00a07ec2b3dbe6ac208aa87322c5d04579&ob_cpc=$cpc$&obOrigUrl=true
Title: Simple Trick Helps Restore Vision So Fast, You’ll Throw Away Your Glasses Sponsored: visionntie.com Read Next Story

Search URL Search Domain Scan URL

URL: https://www.thedecorideas.com/peek-inside-the-obamas-12m-waterfront-estate/?utm_source=$section_name$&utm_medium=outbrain&utm_campaign=0035a8f1af427e2640e8f57859482447fc&utm_content=$publisher_name$&utm_term=$section_id$&itm_term=tdiios&obOrigUrl=true
Title: [Pics] At 61, Obama Moves To This Modest House With Partner, Take A Look Inside Sponsored: TheDecorIdeas Read Next Story

Search URL Search Domain Scan URL

URL: https://www.thedecorideas.com/from-grandmas-cupboard-vintage-kitchen-items-that-hold-value/?utm_source=$section_name$&utm_medium=outbrain&utm_campaign=00a194089869ffb3b232ba326980446cc5&utm_content=$publisher_name$&utm_term=$section_id$&itm_term=tdiios&obOrigUrl=true
Title: [Pics] 10 Dishes That Are Worth More Than Your Property Sponsored: TheDecorIdeas Read Next Story

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://oajs.openx.net/esp?url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&rid=esp&cc=1

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKizTxM2_k3sm9GwxPmEUGg&google_cver=1

Request Chain 112

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO0GW0zdySINDFQImdq2DAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKizTxM2_k3sm9GwxPmEUGg&google_cver=1

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMoZn1fdJLlkN7IVI6pltFw&google_cver=1

Request Chain 114

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM2MDQ4NjM1NjEyMjU5NzI4Nw%3D%3D

Request Chain 130

https://googleads.g.doubleclick.net/pagead/adview?ai=Cm20aWQbtZNeCMdClngXyjJHYDqvisZxx19DLud4RqY_8wgMQASCrpd-VAWD9oJmB6AOgAffim7QoyAECqAMByAPJhICABKoE3AFP0A3M9IBXt9p82NB84ltkCjsRnF4zGkspiYJ05W1eI2aPM2k_etyjSTVwgIxLksf7hUzq72EyO0Ox7hVZuyBK-reYH_UU5Ykak4dvZi6V2-RLHfIk7ntctYBrxb_H-HIa9sgd6bIMXDiAGz2a43IsImwrtcs-djZiLE16EwQ2hclL5sDu6GkIPsBXcCcZr41SgwnmiilMmnmPAkt_seorZjC5E8JQgfecJR3PPh3VwpPoUoZk6RsFqS-6_UyxF78_IKPAYkm5j60exCd838aSGsyXxjGLh0jweZJ9wASnyfDZmgSIBfjWpoVEkgUECAQYAZIFBAgFGASgBgKAB_ea7JMDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQrb000ggUCIBhEAEYHzICigI6AoBASL39wTqaCTpodHRwczovL2ZyZWUud2ViY29tcGFuaW9uLmNvbS9taW5pbWUvP2NhbXBhaWduPTE4MjY0NzMwNDg4gAoByAsB2gwRCgsQgOyx7u7MhMjXARICAQPYEw3QFQGAFwGyFxwKGggAEhRwdWItMzIzMTEyMDI3ODY2NTc5MxgA&sigh=7JubmTP2pLA&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWqJXTT6Vg00YRGvqZLoBVh_MqnTDcIhgB&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x24a1b3a5637c2b180000000000000000%22,%222%22:%220x5315880022c67fe60000000000000000%22,%223%22:%220x148a44afb9540e7b0000000000000000%22,%224%22:%220xe5fb416925575dc0000000000000000%22,%225%22:%220x4be084b1766e20e80000000000000000%22},%22debug_key%22:%2216341606720591475507%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2208-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210585575832506456897%22}&andc=true

Request Chain 146

https://idsync.rlcdn.com/420046.gif?partner_uid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQERXVXZEVFo4bG53amtRWGNxS3FFU3gwUWRnTk5aUzJhbmpRRTByVk40V2ZEMjJFdUlfZkU4MG8xNml2a19VQTcQABoNCNyMtKcGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=6f5e58cad2debee4878a93d708836fb293d49967b6e07d8eae7df63a26c17b9c791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2ZjVlNThjYWQyZGViZWU0ODc4YTkzZDcwODgzNmZiMjkzZDQ5OTY3YjZlMDdkOGVhZTdkZjYzYTI2YzE3YjljNzkxNDI2YjU0MTdkY2UyMRAAGgwI3Iy0pwYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2ZjVlNThjYWQyZGViZWU0ODc4YTkzZDcwODgzNmZiMjkzZDQ5OTY3YjZlMDdkOGVhZTdkZjYzYTI2YzE3YjljNzkxNDI2YjU0MTdkY2UyMRAAGgwI3Iy0pwYSBAgCEABCAEoA&google_gid=CAESEJkCg3bTZflGef8NPJY9vN8&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=8daa0143-932a-4857-86af-b80ee7ba7ed7

Request Chain 147

https://b1sync.zemanta.com/usersync/outbrain/?puid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&initiator=ob&puid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&s=2&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=vBoGk7TqIcQamSFKZKdZ&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&initiator=ob&gdpr=0&us_privacy=1---

Request Chain 148

https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=2360486356122597287&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

Request Chain 149

https://dpm.demdex.net/ibs:dpid=133726&dpuuid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_pd=1&gdpr_consent=

Request Chain 151

https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=ttd&uid=807d1f16-0ef7-4426-9ac4-b77fb80cbace&gdpr=0&gdpr_consent=

Request Chain 154

https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=7ea59c13-ae95-4d41-b918-7ea78ec15ef1&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 155

https://x.bidswitch.net/sync?ssp=outbrain&user_id=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=outbrain&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 303
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---&_bee_ppp=1 HTTP 303
https://x.bidswitch.net/sync?user_id=AAEJck7J2g0AACkQZ1dzuQ&dsp_id=269&expires=5&ssp=outbrain&gdpr=0&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=c2b85291-29d1-4530-9a77-642b9181513e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---

Request Chain 156

https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26uid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync.outbrain.com/cookie-sync?p=criteo&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&uid=b4bc5099-0600-4805-a06b-209acc1cd6fa

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBo5tLBIjdFyoWRBTvxdxPk&google_cver=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=16&user_id=CAESEBo5tLBIjdFyoWRBTvxdxPk&google_cver=1 HTTP 302
https://sync.1rx.io/usersync/bidswitch/c2b85291-29d1-4530-9a77-642b9181513e?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/c2b85291-29d1-4530-9a77-642b9181513e?zcc=1&cb=1693255262004 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-75a53ce8-3451-4a69-a665-5907bd2e9a8d-005

Request Chain 158

https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7272475965508679829&gdpr=0&gdpr_consent=

Request Chain 159

https://ps.eyeota.net/match?bid=1mpn7m0&uid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7 HTTP 302
https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7

Request Chain 161

https://creativecdn.com/cm-notify?pi=outbrain&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
https://creativecdn.com/cm-notify?pi=outbrain&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1 HTTP 302
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=VplDRn7dlbknfmyIIb3Z&pi=outbrain&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1

Request Chain 162

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LLVCGPV0-H-GU4L&obUid=&initiator=&gdpr=0&us_privacy=1---

Request Chain 164

https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7 HTTP 302
https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&xl8blockcheck=1 HTTP 302
https://idsync.rlcdn.com/397416.gif?partner_uid=3e29fa71a87dad67ee66f992b9316609 HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D

Request Chain 165

https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZO0GW0zdySINDFQImdq2DAAADosAAAAB&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

Request Chain 166

https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7%2526gdpr%253D0%2526initiator%253Dob%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7%2526gdpr%253D0%2526initiator%253Dob%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUNEQTZBNEMtQzAyNy00NjNELUI3ODgtMEIyN0NENENENTg5&gdpr=-1&gdpr_consent=PM_CONSENT HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=PM_CONSENT HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=PM_CONSENT&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7%26gdpr%3D0%26initiator%3Dob%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D5CDA6A4C-C027-463D-B788-0B27CD4CD589&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=5CDA6A4C-C027-463D-B788-0B27CD4CD589

Request Chain 167

https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7%26uid%3D HTTP 302
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&uid=749c0550-df9a-4dfd-838b-629d17bd3520

Request Chain 168

https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true HTTP 302
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-F3lTxpFE2uHfetYoFfyhWyTh3FbvJ8diaAXfCRY-~A&gdpr=0

Request Chain 169

https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=8b982a9c-acbf-49a0-8eb1-037602fc944b&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

Request Chain 170

https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
https://sync.outbrain.com/cookie-sync?p=smaato&uid=9d8555093c&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

Request Chain 171

https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
https://sync.outbrain.com/cookie-sync?p=smart&uid=3330658597789645301&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

Request Chain 173

https://id.rlcdn.com/711945.gif?ct=4&cv= HTTP 307
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&

Request Chain 175

https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&uid=brLHwWiwl8B1vpDBPraPkzqxmpN1sZqWa-cq97Oq

Request Chain 176

https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%25%25VGUID%25%25%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=6fUhKsIf8Xga&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&ev=1&us_privacy=${us_privacy}&pid=562709

Request Chain 177

https://id5-sync.com/s/164/9.gif?puid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://id5-sync.com/c/164/164/9/1.gif?puid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/164/108/8/2.gif?puid=d5b8370b-c702-4e84-8d82-a2d2b6988505&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F434%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
https://id5-sync.com/c/164/434/7/3.gif?puid=3b441adf-3242-47c8-832d-bd71167599f6&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-5ba9mabYSSu9tcdb_JeNT9XV-_MzIv95kXj4FDzJmw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/164/3/6/4.gif?puid=998d64ed-0660-4700-a712-6756a41e0dcb&gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F429%2F5%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/164/429/5/5.gif?puid=5CDA6A4C-C027-463D-B788-0B27CD4CD589&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=807d1f16-0ef7-4426-9ac4-b77fb80cbace&ttl=%%TTL%% HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F441%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/164/441/3/7.gif?puid=u_e7485bee-cb33-4dc1-a747-ec6eb5aa1f37&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/164/112/2/8.gif?puid=3DF45A40D4F87084&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/164/2/1/9.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/164/2/1/9.gif?puid=2360486356122597287&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=998d64ed-0660-4700-a712-6756a41e0dcb&gdpr=0&consent=&id5id=ID5-5ba9mabYSSu9tcdb_JeNT9XV-_MzIv95kXj4FDzJmw

Request Chain 178

https://cm.rtbsystem.com/usermatch/ob?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drtbsystem%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%7Buserid%7D%26initiator%3Dob%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7 HTTP 302
https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=0&gdpr_consent=&us_privacy=1---&uid=04c177bd-f52a-55b3-b633-0cc9ef9254df&initiator=ob&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7

Request Chain 192

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 208

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

286 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
apk2me.com/gift-of-hedone-apk/ 81 KB
19 KB 1198ms
307ms Document
text/html 43.225.53.77
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL

https://apk2me.com/gift-of-hedone-apk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.225.53.77 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),

Reverse DNS

ns1.stefab.com

Software

Apache /

Resource Hash

55b32ad050502d84444fde8b65bcbf3933b98f5cc4e8388417aaaa180d0958f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests;
Content-Type: text/html; charset=UTF-8
Date: Mon, 28 Aug 2023 20:40:55 GMT
Keep-Alive: timeout=10, max=100
Last-Modified: Mon, 28 Aug 2023 13:55:52 GMT
Server: Apache
Transfer-Encoding: chunked
Vary: User-Agent
WPO-Cache-Status: cached

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
51 KB 133ms
63ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3231120278665793

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

97cc67ccdd4d42b68b5c224918d9007b06f286a91115917b9707368d1de54b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Origin: https://apk2me.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51754
x-xss-protection: 0
server: cafe
etag: 6073966091028174529
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:40:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
82 KB 135ms
65ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PJKLJWW6RW

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c3ecff2df7803f4443ba8e97300f0802fd919b20904fb24ac6eff277effa0b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83437
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 28 Aug 2023 20:40:56 GMT

GET
H2 200 style.min.css
c0.wp.com/c/6.3/wp-includes/css/dist/block-library/ 102 KB
13 KB 66ms
17ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.3/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 28 Aug 2023 20:40:56 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 19 Jul 2023 11:13:55 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 20:40:56 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.3/wp-includes/js/mediaelement/ 11 KB
2 KB 67ms
18ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 28 Aug 2023 20:40:56 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 20:40:56 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.3/wp-includes/js/mediaelement/ 4 KB
1 KB 67ms
19ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.3/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 28 Aug 2023 20:40:56 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 20:40:56 GMT

GET
H/1.1 200
OK wpo-minify-header-e7fb141e.min.css
apk2me.com/wp-content/cache/wpo-minify/1691832685/assets/ 223 KB
38 KB 592ms
315ms Stylesheet
text/css 43.225.53.77
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL

https://apk2me.com/wp-content/cache/wpo-minify/1691832685/assets/wpo-minify-header-e7fb141e.min.css

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.225.53.77 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),

Reverse DNS

ns1.stefab.com

Software

Apache /

Resource Hash

5388fbc5a6cb49d12efa1c30933e3801dca79f5ee32c8d30aa808770a8b944ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/gift-of-hedone-apk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:56 GMT
Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: gzip
Last-Modified: Sat, 12 Aug 2023 09:31:27 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 38463

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/12.5/css/ 98 KB
17 KB 67ms
19ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/12.5/css/jetpack.css

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b819dcb40958b1ef2e74f72fa5ba96f9370c421b31ecccabf7683f24372b80a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 28 Aug 2023 20:40:56 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 19:14:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 20:40:56 GMT

GET
H2 200 related-posts.min.js Show response
c0.wp.com/p/jetpack/12.5/_inc/build/related-posts/ 6 KB
2 KB 68ms
19ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/12.5/_inc/build/related-posts/related-posts.min.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a68827190bc01a61ee0a62ec59efa74497a6bc5aa8586f1fac50a58d0cf42d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 28 Aug 2023 20:40:56 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 19 Jun 2023 19:16:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 20:40:56 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.3/wp-includes/js/jquery/ 85 KB
29 KB 68ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.3/wp-includes/js/jquery/jquery.min.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 28 Aug 2023 20:40:56 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 26 May 2023 11:33:35 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 20:40:56 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.3/wp-includes/js/jquery/ 13 KB
5 KB 68ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.3/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 28 Aug 2023 20:40:56 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 20:40:56 GMT

GET
H2 200 cropped-20200305_175636.png
i0.wp.com/apk2me.com/wp-content/uploads/2020/03/ 76 KB
77 KB 95ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/apk2me.com/wp-content/uploads/2020/03/cropped-20200305_175636.png?fit=1035%2C197&ssl=1

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

9846e8c00af45bffb627274fce43a37ed85419f0ce19b364750cbaa19e53f7f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-nc: HIT yyz 3
date: Mon, 28 Aug 2023 20:40:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 May 2022 19:29:20 GMT
server: nginx
etag: "482981a666e91bd7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://apk2me.com/wp-content/uploads/2020/03/cropped-20200305_175636.png>; rel="canonical"
content-length: 78110
expires: Mon, 06 May 2024 07:29:20 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/ 391 KB
131 KB 159ms
85ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077350

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3231120278665793

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f04c103865cc36143d3bae95987dd86cfbb9c47f783343e1d1c6c1cf7e9707d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134464
x-xss-protection: 0
server: cafe
etag: 1797944610403587375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:40:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/ Frame 1AC7 10 KB
5 KB 135ms
56ms Document
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3231120278665793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 21931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 14:35:25 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 14:35:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
241 B 367ms
48ms Ping
text/plain 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PJKLJWW6RW&gtm=45je38n0&_p=802707405&cid=1647964.1693255257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1693255256&sct=1&seg=0&dl=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&dt=Gift%20of%20Hedone%20Apk%201.3%20Free%20Download%20Latest%20For%20Android%20%5BMOD%5D&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PJKLJWW6RW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s05-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apk2me.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK placeholder.jpg
apk2me.com/wp-content/themes/hestia/assets/img/ 1016 B
1 KB 859ms
295ms Image
image/jpeg 43.225.53.77
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apk2me.com/wp-content/themes/hestia/assets/img/placeholder.jpg

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.225.53.77 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),

Reverse DNS

ns1.stefab.com

Software

Apache /

Resource Hash

6cc04dd212f4315760b1f7fb7a7799dabbe8d02980282253ae33c8df54392fee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/gift-of-hedone-apk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:57 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Fri, 16 Jun 2023 09:19:37 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 1016

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 72ms
70ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

bfee8305dafa9279461d58a36a92b00129ff1b7a62132c10fbcac2337852c350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29244
x-xss-protection: 0
server: cafe
etag: 30 / 19597 / m202308230101 / config-hash: 14738816488110199320
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:40:57 GMT

GET
H/1.1 200
OK wagrV Show response
jn.dyewoodtigua.com/rVGXcSvLkwhXagadk/ 0
1 KB 401ms
85ms Script
application/javascript 173.237.16.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://jn.dyewoodtigua.com/rVGXcSvLkwhXagadk/wagrV

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

173.237.16.20 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://apk2me.com
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H/1.1 200
OK image-cdn.js Show response
apk2me.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 701 B
750 B 519ms
304ms Script
application/javascript 43.225.53.77
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL

https://apk2me.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.225.53.77 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),

Reverse DNS

ns1.stefab.com

Software

Apache /

Resource Hash

27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/gift-of-hedone-apk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:56 GMT
Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 21:51:53 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 383

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/6.3/wp-includes/js/ 3 KB
1 KB 20ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.3/wp-includes/js/comment-reply.min.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 28 Aug 2023 20:40:57 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 20:40:57 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
apk2me.com/wp-content/themes/hestia/assets/bootstrap/js/ 23 KB
7 KB 318ms
316ms Script
application/javascript 43.225.53.77
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL

https://apk2me.com/wp-content/themes/hestia/assets/bootstrap/js/bootstrap.min.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.225.53.77 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),

Reverse DNS

ns1.stefab.com

Software

Apache /

Resource Hash

4ebecd8afd2424508ba7ee31ec8cf590613f0f316548badaf2c11d3be79b2d89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/gift-of-hedone-apk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:56 GMT
Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: gzip
Last-Modified: Fri, 16 Jun 2023 09:19:37 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=98
Content-Length: 6529

GET
H2 200 core.min.js Show response
c0.wp.com/c/6.3/wp-includes/js/jquery/ui/ 21 KB
7 KB 27ms
23ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.3/wp-includes/js/jquery/ui/core.min.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 28 Aug 2023 20:40:57 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 20:40:57 GMT

GET
H/1.1 200
OK script.min.js Show response
apk2me.com/wp-content/themes/hestia/assets/js/ 21 KB
6 KB 330ms
301ms Script
application/javascript 43.225.53.77
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL

https://apk2me.com/wp-content/themes/hestia/assets/js/script.min.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.225.53.77 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),

Reverse DNS

ns1.stefab.com

Software

Apache /

Resource Hash

fae8d3cc8ea231dfe5f28dbfb82b186ebd61f9a02139af7318c1bbc70209d702

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/gift-of-hedone-apk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:56 GMT
Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: gzip
Last-Modified: Fri, 16 Jun 2023 09:19:37 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 6108

GET
H/1.1 200
OK intersection-observer.js Show response
apk2me.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
3 KB 615ms
297ms Script
application/javascript 43.225.53.77
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL

https://apk2me.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.225.53.77 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),

Reverse DNS

ns1.stefab.com

Software

Apache /

Resource Hash

9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/gift-of-hedone-apk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:57 GMT
Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 21:51:53 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=97
Content-Length: 3057

GET
H/1.1 200
OK lazy-images.js Show response
apk2me.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 649ms
317ms Script
application/javascript 43.225.53.77
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL

https://apk2me.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=2e29137590434abf5fbe

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.225.53.77 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),

Reverse DNS

ns1.stefab.com

Software

Apache /

Resource Hash

c8be1269a134d7df5a75a02b0fce70d409e6d6984554acef232eabdaa4c39d66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/gift-of-hedone-apk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:57 GMT
Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 21:51:53 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=98
Content-Length: 1054

GET
H2 200 e-202335.js Show response
stats.wp.com/ 7 KB
3 KB 92ms
18ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202335.js
Requested by: Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT yyz
date: Mon, 28 Aug 2023 20:40:57 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1684465059757.7075
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 26 Aug 2024 16:28:19 GMT

GET
H/1.1 200
OK main.min.js Show response
apk2me.com/wp-content/plugins/luckywp-table-of-contents/front/assets/ 4 KB
2 KB 710ms
293ms Script
application/javascript 43.225.53.77
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL

https://apk2me.com/wp-content/plugins/luckywp-table-of-contents/front/assets/main.min.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.225.53.77 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),

Reverse DNS

ns1.stefab.com

Software

Apache /

Resource Hash

995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/gift-of-hedone-apk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:57 GMT
Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: gzip
Last-Modified: Sat, 08 Aug 2020 08:23:42 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 1476

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK Gift-of-Hedone.webp
apk2me.com/wp-content/uploads/2023/07/ 10 KB
11 KB 366ms
307ms Image
image/webp 43.225.53.77
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apk2me.com/wp-content/uploads/2023/07/Gift-of-Hedone.webp

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.225.53.77 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),

Reverse DNS

ns1.stefab.com

Software

Apache /

Resource Hash

52b106e7cc6e91c5f29203a3e0d4c5a9e90c424e221953d52d1dad30fbba4256

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/gift-of-hedone-apk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:56 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Fri, 07 Jul 2023 15:40:02 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 10730

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 117ms
29ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Origin: https://apk2me.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 01:08:15 GMT
x-content-type-options: nosniff
age: 243162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 01:08:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 122ms
34ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Origin: https://apk2me.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:35:05 GMT
x-content-type-options: nosniff
age: 432352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11040
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 20:35:05 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v25/ 34 KB
34 KB 140ms
54ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v25/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

35da1bf6d3deecd091e6a29886c2499f1b784e5b361493ad966f130871155c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Origin: https://apk2me.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 01:13:37 GMT
x-content-type-options: nosniff
age: 242840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34772
x-xss-protection: 0
last-modified: Tue, 02 May 2023 17:02:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 01:13:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 136ms
50ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

8d3251f4935896ec37ada153d20d0109828ad08523127f136415355b3fca2dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Origin: https://apk2me.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:29:42 GMT
x-content-type-options: nosniff
age: 432675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11160
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 20:29:42 GMT

GET
H/1.1 200
OK index.php Show response
telegram.im/widget-button/ 4 KB
1 KB 559ms
138ms Script
text/javascript 80.211.42.243
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.im/widget-button/index.php?id=@Apk2me

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),

Reverse DNS

host243-42-211-80.serverdedicati.aruba.it

Software

nginx /

Resource Hash

db1f461314ae65f94583f6c4c7953c8e8aaa4db12372c6b0a8e95d22ae170114

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 20:40:56 GMT
Strict-Transport-Security: max-age=0
Content-Encoding: gzip
Last-Modified: Mon, 28 Aug 2023 20:40:56 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 apkme.adn.js Show response
adncdnend.azureedge.net/adtags/ 5 KB
2 KB 212ms
67ms Script
text/javascript 72.21.81.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adncdnend.azureedge.net/adtags/apkme.adn.js
Requested by: Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (cha/819D) /
Resource Hash: 239dfd26b0ab21a1c37a7da859fa6b0d675b58bca389ace449143d0df23f16fb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 20:40:57 GMT
content-encoding: gzip
content-md5: h4L1zqrfq7F76jFap+muzA==
age: 35052
x-cache: HIT
content-length: 1831
x-ms-lease-status: unlocked
last-modified: Mon, 15 May 2023 08:00:50 GMT
server: ECAcc (cha/819D)
etag: 0x8DB551A7FB350EA
vary: Accept-Encoding
content-type: text/javascript
x-ms-request-id: a785004f-601e-000a-339e-d9acea000000
cache-control: max-age=86400
x-ms-version: 2009-09-19
expires: Tue, 29 Aug 2023 20:40:57 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/ 404 KB
127 KB 29ms
27ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:55:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2718
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129911
x-xss-protection: 0
server: cafe
etag: 14269624574612719477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 19:55:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 41ms
29ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Origin: https://apk2me.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 01:18:39 GMT
x-content-type-options: nosniff
age: 242538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11072
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 01:18:39 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
599 B 124ms
44ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=apk2me.com&callback=_gfp_s_&client=ca-pub-3231120278665793

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

f8413abfad666edd28a3d1829edc03c7b10ae5a1e1616653fef42db42e9ab750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 45F0 511 KB
93 KB 1685ms
1684ms Document
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3231120278665793&output=html&adk=1812271804&adf=3025194257&lmt=1693256152&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693255256435&bpp=693&bdt=195&idt=1070&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=921787697105&frm=20&pv=2&ga_vid=1647964.1693255257&ga_sid=1693255258&ga_hid=802707405&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077370%2C31077350%2C21065724&oid=2&pvsid=516923798558681&tmod=1518353953&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1152

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077350

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b3aa56c9cd536c51fb4c95c2dfaf81cf4bce15ab2025df6ebde9a6ec4b295dae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 95183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 20:40:59 GMT
expires: Mon, 28 Aug 2023 20:40:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
54ms Image
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=BUTTON&cls=hestia-scroll-to-top&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 59ms
58ms Image
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed-top%20%20hestia_right%20navbar-not-transparent&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 119 KB
26 KB 100ms
51ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
x-amz-request-id: 7RJ6F0E4SRH5GQ04
age: 1628
etag: W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7fdf5f50dea6544f-YYZ
x-amz-id-2: bjtVPBRxq2N8278RW6vXZTrHS/QQyEiC/ZYyfPKiF9lfzbM3SUfy5m95CrP26Eh81EWEH7lmADY6OgxiYwHO1A==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 139ms
37ms Script
text/javascript 3.160.4.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.4.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-4-198.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 13:22:40 GMT
x-amz-version-id: null
Via: 1.1 487ba6b05e2aadd48605a5135a3ee94a.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: CMH68-P4
Age: 26298
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: DZrvs05okVnylSQPxkfZB5m2MXEWJGb0f7ADsq3gEd__Te3ZQMl-kg==

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 7 KB
8 KB 165ms
52ms Script
application/javascript 108.156.184.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.184.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-184-123.cmh68.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a5531a7467f0e324959b8c056c8ada8709116598b07d560936ff787ad7d5818b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:26:43 GMT
via: 1.1 2da8dd4c67461e73843e03d8fb933e64.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: CMH68-P2
age: 855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 7504
x-amz-expiration: expiry-date="Mon, 31 Jul 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Mon, 31 Jul 2023 15:05:44 GMT
server: AmazonS3
etag: "831ad85cf4ef2e916bda07dc20b4cc5d"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: CALDYKIamoap0mrDtE59Ie0CtOawqg5QNzkTE6g2zvg2hVJ-cL6HdA==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 65ms
17ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 21:54:45 GMT
content-encoding: gzip
age: 945972
x-guploader-uploadid: ADPycdtHo1Jwqxjn4N9nGhpnf4IKPmjt5SB04-GnMjQabLteBpXXoZcMbRIlASopK0kvsrJE9zlLPG3BcAG7IerJOct1Qcr84p0m
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 16 Aug 2024 21:54:45 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 137ms
39ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 29 Aug 2023 20:40:57 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 40 KB
9 KB 127ms
29ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Aug 2023 18:38:49 GMT
server: cloudflare
age: 360386
etag: W/"64cd45b9-a13f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7fdf5f518cbf39f6-YYZ
expires: Thu, 31 Aug 2023 20:40:57 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
897 B 89ms
17ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 28 Aug 2023 20:40:57 GMT
x-content-type-options: nosniff
content-encoding: br
age: 33633
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4568-YYZ
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 123ms
31ms Script
text/javascript 3.160.22.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.22.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-22-7.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:55:10 GMT
content-encoding: gzip
via: 1.1 d2443244f47a8abd5e3553ee1e29d0a8.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2023 15:52:21 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P3
age: 17148
x-amz-server-side-encryption: AES256
etag: W/"abaee4c7a9cdd5e5098ecb24384e9e09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 3q1F5cBKjdz2u6pnOOJJqFv9ntJJwBix6R1gSuTa5IfHhUMm4Hv4Lg==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 194ms
121ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:57 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: f7b66a563812d8fcff4af7efacc83cb8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 203 KB
54 KB 737ms
736ms Fetch
text/plain 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=516923798558681&correlator=504403300160350&eid=31076474%2C31077365%2C31070232%2C21065724&output=ldjh&gdfp_req=1&vrg=202308230101&ptt=17&impl=fif&iu_parts=339474670%3A22474744041%2Capk2me%2Capk_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&didk=2940590301&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1693255257657&lmt=1693256152&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1647964.1693255257&ga_sid=1693255258&ga_hid=802707405&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYr5yD76MxSABSAghkEhsKDDMzYWNyb3NzLmNvbRivnIPvozFIAFICCGQSGQoKcHViY2lkLm9yZxivnIPvozFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yr5yD76MxSABSAghkEhcKCHJ0YmhvdXNlGK-cg--jMUgAUgIIZBIZCgp1aWRhcGkuY29tGK6cg--jMUgAUgIIZBIUCgVvcGVueBivnIPvozFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGK6cg--jMUgAUgIIZA..&dlt=1693255256241&idt=1370&adks=1084154545&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

5fa28654ae63426d43f44705464b110ab6fec8e083e4265ae46d73624b362e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55141
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://apk2me.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3D5E 6 KB
3 KB 175ms
70ms Document
text/html 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 20:40:57 GMT
expires: Tue, 27 Aug 2024 20:40:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/ 37 KB
13 KB 29ms
29ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9aabc95877405be6d241a9c2aac270eb9f0da56062d1cbc78c922eaf9004c8b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 00:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73092
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13172
x-xss-protection: 0
server: cafe
etag: 7949494514302333357
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 00:22:45 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 22F5 99 KB
36 KB 1418ms
1416ms Document
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3231120278665793&output=html&h=188&slotname=9052031349&adk=3667577507&adf=2706166137&pi=t.ma~as.9052031349&w=750&fwrn=4&lmt=1693256152&rafmt=11&format=750x188&url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693255257135&bpp=37&bdt=895&idt=550&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=921787697105&frm=20&pv=1&ga_vid=1647964.1693255257&ga_sid=1693255258&ga_hid=802707405&ga_fc=1&rplot=4&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077370%2C31077350%2C21065724&oid=2&pvsid=516923798558681&tmod=1518353953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9b5WZIAmhT&p=https%3A//apk2me.com&dtd=592

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077350

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

5864da48f12f63ba53802264719f69472d901c92d21a857ac685f311cbf730df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37131
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 20:40:59 GMT
expires: Mon, 28 Aug 2023 20:40:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&rid=esp&cc=1

85 B
201 B

42ms
40ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&rid=esp&cc=1
Requested by: Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 0699eecfdf4a053accd129e16cf8f08d2585648cddbd3b47bca004e71abe7d7a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:57 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-vO3NfgH3Glt2o3p3WFNea0h1jtw"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://apk2me.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 28 Aug 2023 20:40:57 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://apk2me.com
location: /esp?url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 381ms
117ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://apk2me.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://apk2me.com
date: Mon, 28 Aug 2023 20:40:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H/1.1 200
OK widget-button.css.php
telegram.im/widget-button/ 2 KB
823 B 134ms
133ms Stylesheet
text/css 80.211.42.243
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.im/widget-button/widget-button.css.php

Requested by

Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@Apk2me

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),

Reverse DNS

host243-42-211-80.serverdedicati.aruba.it

Software

nginx /

Resource Hash

1c3a8aaa4b0a051f9ca1f0aef8c9e2cbb22a38d1ccfb0792df67519df883352c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:56 GMT
Strict-Transport-Security: max-age=0
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: keep-alive

GET
H/1.1 200
OK fonts.css
telegram.im/widget-button/ 4 KB
1 KB 269ms
134ms Stylesheet
text/css 80.211.42.243
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.im/widget-button/fonts.css

Requested by

Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@Apk2me

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),

Reverse DNS

host243-42-211-80.serverdedicati.aruba.it

Software

nginx /

Resource Hash

29d1a4d4ff04f4985edac2ff2f76c900d7dd6727fbb9e2f4b8256c2f47d41c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:56 GMT
Strict-Transport-Security: max-age=0
Content-Encoding: gzip
Last-Modified: Sun, 26 Feb 2017 09:05:17 GMT
Server: nginx
ETag: W/"58b29a4d-f47"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Mon, 04 Sep 2023 20:40:56 GMT

GET
H/1.1 200
OK style.css
telegram.im/widget-button/ico/ 1 KB
795 B 404ms
133ms Stylesheet
text/css 80.211.42.243
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.im/widget-button/ico/style.css

Requested by

Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@Apk2me

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),

Reverse DNS

host243-42-211-80.serverdedicati.aruba.it

Software

nginx /

Resource Hash

7b67fc13bf4d8f7458ffc48cdd38c49c5bd36794916c70e77c5346ec79c39235

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:57 GMT
Strict-Transport-Security: max-age=0
Content-Encoding: gzip
Last-Modified: Sun, 26 Feb 2017 09:02:08 GMT
Server: nginx
ETag: W/"58b29990-42b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Mon, 04 Sep 2023 20:40:57 GMT

GET
H/1.1 200
OK WidgetTelegramButton.min.js Show response
telegram.im/widget-button/ 49 KB
15 KB 527ms
258ms Script
application/x-javascript 80.211.42.243
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.im/widget-button/WidgetTelegramButton.min.js

Requested by

Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@Apk2me

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),

Reverse DNS

host243-42-211-80.serverdedicati.aruba.it

Software

nginx /

Resource Hash

c87d9ded7d493e779fca78d1ff9b3fdd46c42487c9a78723e71b8557c79f0b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:57 GMT
Strict-Transport-Security: max-age=0
Content-Encoding: gzip
Last-Modified: Sun, 26 Feb 2017 21:40:46 GMT
Server: nginx
ETag: W/"58b34b5e-c56c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Mon, 04 Sep 2023 20:40:57 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6BE6 15 KB
6 KB 102ms
34ms Document
text/html 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=apk2me.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 20:40:57 GMT
server: Kestrel
server-processing-duration-in-ticks: 283673
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 400 fed Show response
ups.analytics.yahoo.com/ups/58813/ 0
361 B 122ms
39ms XHR
application/json 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?v=1&url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://apk2me.com
content-type: application/json
access-control-allow-credentials: true
content-length: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 28ms
19ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=109893324&post=35410&tz=5.5&srv=apk2me.com&j=1%3A12.5&host=apk2me.com&ref=&fcp=2300&rand=0.5822276175785159
Requested by: Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Aug 2023 20:40:57 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H/1.1 200
OK / Show response
apk2me.com/gift-of-hedone-apk/ 4 KB
5 KB 826ms
817ms XHR
application/json 43.225.53.77
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL

https://apk2me.com/gift-of-hedone-apk/?relatedposts=1

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/12.5/_inc/build/related-posts/related-posts.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.225.53.77 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),

Reverse DNS

ns1.stefab.com

Software

Apache /

Resource Hash

dca79181b4ed80cd1f4321c09fc89537b1f3792b4c8eb57e07f29830e01dbaa5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff

Request headers

Referer: https://apk2me.com/gift-of-hedone-apk/
x-requested-with: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:57 GMT
Content-Security-Policy: upgrade-insecure-requests;
X-Content-Type-Options: nosniff
Server: Apache
X-Pingback: https://apk2me.com/xmlrpc.php
Vary: User-Agent
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
WPO-Cache-Status: not cached
WPO-Cache-Message: In the settings, caching is disabled for matches for one of the current request's GET parameters
Connection: Keep-Alive
Keep-Alive: timeout=10, max=98

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 232 KB
84 KB 262ms
96ms Script
application/x-javascript 23.215.41.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/apkme.adn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.41.73 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-41-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4bea17f30f5f11f2c1e1c8556bcde6a6221bfdb0a59103dee2ba88e659702715

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:58 GMT
content-encoding: gzip
last-modified: Sun, 27 Aug 2023 08:24:39 GMT
etag: "23-tAphn6zWe2j7CnM/1OyU/G6TTm8"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: c5f5f342752605ece61e797cfdf08364
timing-allow-origin: *, *
content-length: 85843
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
12 KB 1341ms
1340ms Fetch
text/plain 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=516923798558681&correlator=504403300160350&eid=31076474%2C31077365%2C31070232%2C21065724&output=ldjh&gdfp_req=1&vrg=202308230101&ptt=17&impl=fif&iu_parts=339474670%3A22474744041%2Capk2me%2CInContent&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&didk=3659701812&sfv=1-0-40&sc=1&cookie=ID%3Dd0874e0e3101bb76-22c77563b7e30071%3AT%3D1693255257%3ART%3D1693255257%3AS%3DALNI_MbmlCag0cfQm5_OcbjML1lDoAnCAQ&gpic=UID%3D00000d8e6688a8dd%3AT%3D1693255257%3ART%3D1693255257%3AS%3DALNI_Mb3rsBrcHf-1NcPGLv2-ulMQTtukg&abxe=1&dt=1693255257940&lmt=1693256152&adxs=230&adys=433&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&vis=1&psz=750x0&msz=750x0&fws=4&ohw=1600&ga_vid=1647964.1693255257&ga_sid=1693255258&ga_hid=802707405&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYr5yD76MxSABSAghkEhsKDDMzYWNyb3NzLmNvbRivnIPvozFIAFICCGQSGQoKcHViY2lkLm9yZxipnoPvozFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Yr5yD76MxSABSAghkEhcKCHJ0YmhvdXNlGK-cg--jMUgAUgIIZBIZCgp1aWRhcGkuY29tGK6cg--jMUgAUgIIZBIUCgVvcGVueBivnIPvozFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGK6cg--jMUgAUgIIZA..&dlt=1693255256241&idt=1370&adks=3606927699&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

58da84cda48852de4c82e6f99e906e926101fc4731baca10b834c55f31e0b46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11988
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://apk2me.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 858ms
857ms Fetch
text/plain 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=516923798558681&correlator=504403300160350&eid=31076474%2C31077365%2C31070232%2C21065724&output=ldjh&gdfp_req=1&vrg=202308230101&ptt=17&impl=fif&iu_parts=339474670%3A22474744041%2Capk2me%2CSticky_Footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&didk=409282747&sfv=1-0-40&sc=1&cookie=ID%3Dd0874e0e3101bb76-22c77563b7e30071%3AT%3D1693255257%3ART%3D1693255257%3AS%3DALNI_MbmlCag0cfQm5_OcbjML1lDoAnCAQ&gpic=UID%3D00000d8e6688a8dd%3AT%3D1693255257%3ART%3D1693255257%3AS%3DALNI_Mb3rsBrcHf-1NcPGLv2-ulMQTtukg&abxe=1&dt=1693255257950&lmt=1693256152&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&vis=1&psz=1600x9334&msz=1600x-1&fws=516&ohw=1600&ga_vid=1647964.1693255257&ga_sid=1693255258&ga_hid=802707405&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYr5yD76MxSABSAghkEhsKDDMzYWNyb3NzLmNvbRivnIPvozFIAFICCGQSGQoKcHViY2lkLm9yZxipnoPvozFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Yr5yD76MxSABSAghkEhcKCHJ0YmhvdXNlGK-cg--jMUgAUgIIZBIZCgp1aWRhcGkuY29tGK6cg--jMUgAUgIIZBIUCgVvcGVueBivnIPvozFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGK6cg--jMUgAUgIIZA..&dlt=1693255256241&idt=1370&adks=377546238&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9f433f4843e95f5116368cf1cdbe1312b52355211470c487886a8d6a5074de33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9287
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://apk2me.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 68ms
66ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-213652305-71

Requested by

Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/apkme.adn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8595370db337a82ca84bd737f0a443ea7f6a65b126b6ac03ca3476e96249d0ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62513
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 19:37:02 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Aug 2023 20:40:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 99ms
98ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-213652305-71&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PJKLJWW6RW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

61c1f3476a65f7eb245b7179fefefc54a3455891e394944a1be1f0bbf5b61dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62471
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:59:45 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Aug 2023 20:40:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 98ms
97ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PVZGH7YTYG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PJKLJWW6RW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f1a8263adc0b1e2844c9998f3290c60d6bf0a28c2b9443e08bb15c5ab3464066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76771
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 28 Aug 2023 20:40:58 GMT

GET
H2 200 Gift-of-Hedone-Apk-1.webp
i0.wp.com/apk2me.com/wp-content/uploads/2023/07/ 5 KB
5 KB 18ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/apk2me.com/wp-content/uploads/2023/07/Gift-of-Hedone-Apk-1.webp?w=512&ssl=1

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b188c077a4afca55bb0a2e9d849ac1300acc4a1b15240de70ea9d8b26d4fa9c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-nc: HIT yyz 4
date: Mon, 28 Aug 2023 20:40:58 GMT
x-content-type-options: nosniff
last-modified: Sat, 22 Jul 2023 22:06:31 GMT
server: nginx
etag: "81a9153d7cb01cb5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://apk2me.com/wp-content/uploads/2023/07/Gift-of-Hedone-Apk-1.webp>; rel="canonical"
content-length: 4620
expires: Tue, 22 Jul 2025 10:06:31 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 6BE6 419 B
546 B 37ms
36ms Fetch
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=apk2me.com&sn=ChromeSyncframe&so=0&topUrl=apk2me.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=apk2me.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1e4580e910a624e7a73b550b1df947da9dfa8c688f9d5a797e41a7674513ae8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=apk2me.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1927643
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame BBDB 0
176 B 129ms
57ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 28 Aug 2023 20:40:58 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 154 B
608 B 134ms
47ms XHR
application/json 18.209.38.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.38.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-38-85.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 9b9d658a845b73c72925e904fcde8bdbd3097384ce98697d1fe4f85b22c4fd00

Request headers

Referer: https://apk2me.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:58 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://apk2me.com
cache-control: no-cache
x-server: 10.40.7.220
access-control-allow-credentials: true
content-length: 154
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 25ms
24ms Script
text/javascript 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-213652305-71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Aug 2023 19:33:53 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4025
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 28 Aug 2023 21:33:53 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 54ms
53ms Ping
text/plain 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PVZGH7YTYG&gtm=45je38n0&_p=802707405&cid=1647964.1693255257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693255258&sct=1&seg=0&dl=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&dt=Gift%20of%20Hedone%20Apk%201.3%20Free%20Download%20Latest%20For%20Android%20%5BMOD%5D&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PVZGH7YTYG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s05-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apk2me.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 48ms
47ms XHR
text/plain 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=802707405&t=pageview&_s=1&dl=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&ul=en-us&de=UTF-8&dt=Gift%20of%20Hedone%20Apk%201.3%20Free%20Download%20Latest%20For%20Android%20%5BMOD%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1051464537&gjid=1613435620&cid=1647964.1693255257&tid=UA-213652305-71&_gid=748528848.1693255258&_r=1&gtm=457e38n0&jsscut=1&z=613419185

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://apk2me.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apk2me.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK YXBrMm1lLmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 395ms
113ms XHR
application/json 2.22.41.153
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/YXBrMm1lLmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.41.153 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: a2-22-41-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:58 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=36693
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 97974a9732c7200bf48326c31e257db8
Content-Length: 16
Expires: Tue, 29 Aug 2023 06:52:31 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 66ms
64ms Image
image/gif 23.215.41.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.41.73 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-41-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Wed, 27 Sep 2023 20:40:58 GMT
date: Mon, 28 Aug 2023 20:40:58 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK telegramimfont.ttf
telegram.im/widget-button/ico/fonts/ 1 KB
2 KB 530ms
141ms Font
application/octet-stream 80.211.42.243
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram.im/widget-button/ico/fonts/telegramimfont.ttf?7b24fo
Requested by: Host: telegram.im
URL: https://telegram.im/widget-button/ico/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host243-42-211-80.serverdedicati.aruba.it
Software: nginx /
Resource Hash: c890091815994db924443b1f4c5fbd0d3674a8b8bd53b8da1b7e9a014ce7ef4e

Request headers

Referer: https://telegram.im/widget-button/ico/style.css
Origin: https://apk2me.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:57 GMT
Last-Modified: Sun, 26 Feb 2017 09:02:02 GMT
Server: nginx
ETag: "58b2998a-59c"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1436

GET
H2 200 container.html Show response
54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EA43 6 KB
3 KB 28ms
27ms Document
text/html 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 20:40:57 GMT
expires: Tue, 27 Aug 2024 20:40:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame EA43 4 KB
1 KB 117ms
46ms Stylesheet
text/css 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
URL: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Aug 2023 20:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 20:04:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Aug 2023 20:40:58 GMT

GET
H2 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame 85BE 9 KB
4 KB 105ms
28ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 22:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:43:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 22:33:24 GMT

GET
H2 200 188ef0ef38d8ff16fdc6a661ce0bb9c4.js Show response
www.gstatic.com/mysidia/ Frame 85BE 142 KB
52 KB 124ms
47ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/188ef0ef38d8ff16fdc6a661ce0bb9c4.js?tag=video_mra/web_interstitial_raspberry_ms

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

69cb605f0a4a781056612fe26df57089a48b6f8e96a19a5ab954dd9b900d77c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53329
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:26:36 GMT

GET
H2 200 6b2333ff0b6a934f314e6b5957720264.js Show response
www.gstatic.com/mysidia/ Frame 85BE 19 KB
8 KB 117ms
40ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6b2333ff0b6a934f314e6b5957720264.js?tag=pingback

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

36ef63420f2a82374d016a378bf127ba8d3c761c8dcad295188b1690a17a0108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7824
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:23:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 85BE 21 KB
1 KB 93ms
48ms Stylesheet
text/css 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

ESF /

Resource Hash

76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Aug 2023 20:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 20:17:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Aug 2023 20:40:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 85BE 2 KB
973 B 101ms
27ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:19:29 GMT

GET
H2 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame 85BE 6 KB
2 KB 121ms
46ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 23:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:43:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 23:21:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 85BE 23 KB
9 KB 101ms
27ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:19:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 85BE 3 KB
1 KB 115ms
41ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:14:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 85BE 20 KB
8 KB 97ms
23ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:18:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85BE 181 KB
57 KB 151ms
63ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:40:58 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 85BE 36 KB
15 KB 103ms
30ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:06:15 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame EA43 20 KB
8 KB 104ms
42ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
URL: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:22:10 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EA43 205 B
520 B 97ms
39ms Image
image/png 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
URL: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 01:12:32 GMT
x-content-type-options: nosniff
age: 242906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 25 Aug 2024 01:12:32 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EA43 604 B
696 B 48ms
48ms Image
image/png 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
URL: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 16:07:17 GMT
x-content-type-options: nosniff
age: 534821
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 21 Aug 2024 16:07:17 GMT

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ 34 KB
11 KB 399ms
293ms Script
text/javascript 146.75.38.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&idx=0&rand=793&widgetJSId=READNXT_1&va=true&et=true&format=html&px=0&py=9066&vpd=7866&cw=1600&settings=true&recs=true&key=ADNIMKAJDGAG4GAO6AGG6H5KP&adblck=false&abwl=false&ab=0&wl=0&umv=0&activeTab=true&version=2010428&sig=rWNHFodO&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.38.132 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 381dd92f0e27a4d42c5b316c5955ef6ce82ed0eeb92a71e0723402cdcce046e7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 28 Aug 2023 20:40:58 GMT
content-encoding: br
via: 1.1 varnish
traffic-path: SADC1, IAD, North_America
x-cache: MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid: cbd00fc2063f73b91a99eff58311d693
content-length: 10704
x-served-by: cache-iad-kcgs7200146-IAD
pragma: no-cache
x-timer: S1693255259.738002,VS0,VE258
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
cache-control: no-cache
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85BE 0
20 B 78ms
78ms Ping
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/6b2333ff0b6a934f314e6b5957720264.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85BE 0
20 B 76ms
75ms Ping
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/6b2333ff0b6a934f314e6b5957720264.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 170ms
34ms XHR
application/json 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1693255258799&sessionId=4c1293d3-d33a-f573-7517-2241d6d7b10f&url=apk2me.com&cheqSource=1&cheqEvent=3&responseTime=422
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 20:40:58 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: ab27005f66c56726fcd3e2564886b2d5
Content-Length: 4
Expires: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85BE 0
20 B 85ms
57ms Ping
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoSCAEqDmxhbmRzY2FwZVZpZGVvCgoIAioGc2VydmVyCjEIBCotbXlzaWRpYV9hbmFseXRpY3NfZXhwMSxteXNpZGlhX3JlbGVhc2VfY2FuYXJ5Cg0QKyEAAAAAAABNQDAECg0QECEAAAAAAAAAADAECg0QESEAAAAAEDjzQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAAA0M_tyQDAEEhpDS3Z1bTdHYmdJRURGWXl6bndvZGxZa0R6ZyIndmlkZW9fbXJhL3dlYl9pbnRlcnN0aXRpYWxfcmFzcGJlcnJ5X21zKBI=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/6b2333ff0b6a934f314e6b5957720264.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85BE 0
20 B 70ms
56ms Ping
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/6b2333ff0b6a934f314e6b5957720264.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C187 6 KB
3 KB 27ms
26ms Document
text/html 172.217.13.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 20:40:57 GMT
expires: Tue, 27 Aug 2024 20:40:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame DADD 37 KB
14 KB 26ms
26ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
URL: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 454996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:17:42 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85BE 0
20 B 57ms
56ms Ping
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoSCAEqDmxhbmRzY2FwZVZpZGVvCgoIAioGc2VydmVyCjEIBCotbXlzaWRpYV9hbmFseXRpY3NfZXhwMSxteXNpZGlhX3JlbGVhc2VfY2FuYXJ5Cg0QMiEAAAAAAAAAADAECg0QMyEAAAAAAAAAADAECg0QNCEAAAAAAAAAADAECg0QNSEAAAAAAAAAADAECg0QNiEAAAAAAAAAADAECg0QNyEAAAAAAAAAADAECg0QOCEAAAAAAAAAADAECg0QOSEAAAAAAAAAADAECg0QOiEAAAAAmJnpPzAECg0QOyEAAAAAmJnpPzAECg0QPCEAAAAAmJnpPzAECg0QPSEAAAAAmJnpPzAECg0QPiEAAAAAAADwPzAECg0QPyEAAAAAAADwPzAECg0QQCEAAAAAAADwPzAEEhpDS3Z1bTdHYmdJRURGWXl6bndvZGxZa0R6ZyIndmlkZW9fbXJhL3dlYl9pbnRlcnN0aXRpYWxfcmFzcGJlcnJ5X21zKBI=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/6b2333ff0b6a934f314e6b5957720264.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8AB9 624 B
246 B 57ms
55ms Document
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIG4RxCxzGkY8JDH8gEwAQ&v=APEucNXPFekGQdcunErAPzpvMx3w7VFxE-r1V9vh2BUZyDHIxxOQckuAZHAtfIMeg6vWer6pNlmQ7T3_MKw6Zwzpe3ZAZg1mEQ

Requested by

Host: 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
URL: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 20:40:59 GMT
expires: Mon, 28 Aug 2023 20:40:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C187 86 KB
29 KB 75ms
75ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
URL: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:40:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C187 42 B
63 B 66ms
57ms Image
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CjNAXh8jX5YQb9SfNia5lYg1y5cRmZhriY8zTqP7OhBd5AKg4TrO2e3lAVFpFf81RFI8rIms9E0ZBT5Jw3A40RsE4qsNYmo7fHI51To4VljTi0H2U

Requested by

Host: 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
URL: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C187 0
20 B 67ms
64ms Image
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14234577998305934630&x=1&ct=76

Requested by

Host: 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
URL: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame C187 3 KB
1 KB 31ms
28ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
URL: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:14:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame C187 20 KB
8 KB 29ms
26ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
URL: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:18:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C187 181 KB
56 KB 78ms
75ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
URL: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:40:59 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8AB9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKizTxM2_k3sm9GwxPmEUGg&google_cver=1

43 B
766 B

34ms
33ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKizTxM2_k3sm9GwxPmEUGg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIG4RxCxzGkY8JDH8gEwAQ&v=APEucNXPFekGQdcunErAPzpvMx3w7VFxE-r1V9vh2BUZyDHIxxOQckuAZHAtfIMeg6vWer6pNlmQ7T3_MKw6Zwzpe3ZAZg1mEQ
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 20:40:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKizTxM2_k3sm9GwxPmEUGg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8AB9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO0GW0zdySINDFQImdq2DAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKizTxM2_k3sm9GwxPmEUGg&google_cver=1

43 B
766 B

32ms
31ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKizTxM2_k3sm9GwxPmEUGg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIG4RxCxzGkY8JDH8gEwAQ&v=APEucNXPFekGQdcunErAPzpvMx3w7VFxE-r1V9vh2BUZyDHIxxOQckuAZHAtfIMeg6vWer6pNlmQ7T3_MKw6Zwzpe3ZAZg1mEQ
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 20:40:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKizTxM2_k3sm9GwxPmEUGg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8AB9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMoZn1fdJLlkN7IVI6pltFw&google_cver=1

43 B
844 B

38ms
38ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMoZn1fdJLlkN7IVI6pltFw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIG4RxCxzGkY8JDH8gEwAQ&v=APEucNXPFekGQdcunErAPzpvMx3w7VFxE-r1V9vh2BUZyDHIxxOQckuAZHAtfIMeg6vWer6pNlmQ7T3_MKw6Zwzpe3ZAZg1mEQ

Protocol

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:59 GMT
an-x-request-uuid: a375563b-6542-4ad1-bfd2-67ca72ae01e8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 86.48.14.146; 86.48.14.146; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMoZn1fdJLlkN7IVI6pltFw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8AB9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM2MDQ4NjM1NjEyMjU5NzI4Nw%3D%3D

170 B
243 B

58ms
53ms

Image
image/png

172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM2MDQ4NjM1NjEyMjU5NzI4Nw%3D%3D

Requested by

Protocol

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:59 GMT
an-x-request-uuid: 24456135-4a84-47b5-9c9d-92d1974ec769
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM2MDQ4NjM1NjEyMjU5NzI4Nw%3D%3D
x-proxy-origin: 86.48.14.146; 86.48.14.146; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C187 0
20 B 62ms
62ms Ping
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3365990652588&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C187 0
20 B 70ms
69ms Ping
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3365990652588&version=m202307240101&ct=76&x=1&cor=14234577998305935000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C187 99 KB
39 KB 101ms
100ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXjBr8a0W3YozYefyr7eG_5DAn0mInV8uWJ6SFXG4VBPludkNNy31gPLGggr19gSgL7j1GqojiRGPs_JTPgByF6avHm39Rnmsx7appg1ELk9hcHLM&cry=1&dbm_d=AKAmf-DRQZR08EMoSaYnwJ3a-oGdDB5sBO6OWkCfz6ebbvY-39nK8PKxh5SQ-wJg3mrsuh3o1S5svWiAlefVsGHX6RurPqpYr1WbuMW8Z53vAemQryJwzM4UFDNyYtn20JLb849vowe00Pr8x8suCurc7i8gU4_CF8hBAIb9sYcdAHCGQqy1LxtoIfxnpAqrlN4FeQ1hy84dFqQkcUwuPKLndfCI5RmVfsZCA9_EOxKSdlHIYa4dMmjsYkE1qsFOxIqyKpPctVExZdDwozGK7VMUseKgH5_0AvJw83gvSF6fSCQTGlXGJl0O7AqO2eejKLMOPEjSflOO3zt3Ei7qxFbQ-S1o-7A8LB6JPXBTl4KjOuVOdI_3O-ERW4fMEn7klJFq9QnNF7U3aveuteJxsTyIWTygdoWMw10-KmCTrGonR49DAKGC919bQthE-GtiFWlDsBAGvQ5rcqymAb5SJG1JbrIHln5Si0X3fjDb86tVr4WTtgJSeEJ-_y1sQr1FlXU7Cg-4fQTr--4aY-b3qFul7kQ1QqUF_qWtxKfR7yTwOPqtCKF9rkVyKFiqymb8XNhjTKkI7OhBbVt_X5ibghz6ziQFIWSJi-92lDPXTaXxaA3QQybfm8E9erI0pwynzFzEoXrw0BIksNZwYGa7e6DBjiIDjgOpJTif6g8eXKTG3G9waI2MuWpnFRrF0EFa2FCmYsXRPuPTbD4mNE2d2Xz8KGvW-Q0rStfgqfNHQ5PAaFaI8vcM3s-O7UKtOO5Gaa10Dw5-5kxQsRH4-jJ2h1zfr9I5B4KmwDogV6DBI9SBsPJ0IsLSroMDUxykmYBGeHPrY_tOROeoYktmccw4rj0Bi4rzQgWKd7nCqQf51it27F14yjsK__wRPpUCvT6r_I57t_WwROe1gLfcnna_2s1tYLbEpgrodGFvHnJT1ZYD6aJecE25DlCKSJz_rsY7jDgL6-BFzYjsOgKmEvVokTTnDnlIcHCZ-ZmrLIRe_sqrwD6oUVQNJOROz0x1uvF6NVO2VJOsRfkXgwf-vD6yy_g6RZh7g3Fh7mbMPctwOBKkVLrAXDM7hm75NFS8i98JZe8OcrKVxAG_Xb-yFn83AGcG8EJ9HlyMPa4jlggQWAA-WXCRzTSQCLgFvzEziV5Bcw8XPHVwzozp6Ckje5eYFxY5VHCRjYKMwqoeRO0Lovc5VFcLsr2-CucRZZkmAO-OgBNo7GQS1uC8Oq_Q3sk2tIbP213j1Oqp1LLgFk-Wpv3yd0UYKQiH__S6QRZCmrSy3cn7tiF7e9nNz_46RtE2C8_xzjDU1X5GwyQ4pKgSDCKb6vPRNw7uk3yf-VlOrpG8BZsnJnoY1jp4tzcHesGnSaOB_0Q5oWL5lpzoNL4Hyb3qlPD46udKRlK9B1lRfE29K_L6q7PDAeZmHW6CI6lwTMcbtl4ZfH9PmHkQjo3x8s53pxapgSF48s-bDDQ5DkRLx4NxnpQYbVUNDg6gbRJoqmZCXFoxONuAad0JYzFn3BdukTexDNFMNytpCxJlxVkCU2xLfcJhzEW1pNoJlmR3NQfWorFbbcQOHJS-vVinx72Wlk1k0Y5-HnIy84j8t6C2aOEAReYEaRlmbutcCmL4cZXUt2SWzWo0J1uD1M5CFhvzZah_H5gszH8E96rntC--tN59Qch18AURCJksH0IKWf3naZMLjPL4YvvLUuYFxKatE8K_sMxVXkmtbxvgXhtiDZLrhNTzLO5eZZm9fdjhdmP7bbnmwDy8a6IP94ANrPn4tqvB2BGwUGRPLp8Ad14I4QyArqnL0KNnHhgU1p-U5Z_gNpJ35uwvyxnZ3wcYx7M2DEiSi1cMf_V2JbDjt7_axdGXHwwdBX6jyeNu1v6pyeKZs3zRLoqsqZMA5dDMITF6EZyBgvjwtgUMFLPQ_TkkHaQyKHa4YlYv0mbWhdypJvJiWVTBfUi1QAtYwT5wXjoAB95LTKLm_ifkw27FtHPprxKUu4Wbf3Inwaex_EbVvOb-RtQ8zlCQZLXJ37IYnpEUN1szvIvbshv33tnrvLWN8TZOhvqN40EIi-NCNJ-jQxmBBLrXfsvHaejpkF63ikmbhaMxjk2YTpMpP4HtzbS3EXYDtBOyA0jQ8-prw4_4fSOE4-m1NR8XGJBjnAwfB-pT-EZY9DdJ7gT9bsoPcPoEPYzkUVUhCSBVZDei-GGWwrQo3ahLW7RigtjgN7_a-1EJOFg5dxX8vUK4o2WT8raLN3hgDqMuTnIDKWan_mLq0HS6FOiOZOTkZWZIVV3HW7tWkMWQ7tsWRsAfHWuTt4AlIe_8v_5mZUwMwj9MxZfaH3WTw0UiwO_PZlF9Vw0A4BwlS_o6UFzbSIW9s6G2wFrvgbf19DkJ-LmDoE39NUMz1mPSdBqXpTRBeNYI27r94BfYdz5YrAN4NDcOTTREK_do7pKF8RrnbnwUQccnx_HpcCKi6SLf222PRIYetEEOTUYL0B0-cJ43mvP9PLRe6GMNNUBSOAdGY5RqrtPiKqr_JHMBc9Z_Q8HZAfQlgX998rACgop999UBuMLa_wfhAENcOLiTeFAxlOA6VP9QPR595UQwwg2zQyz_ROPm2imI22uoSjiKeZ3VqteuDxuhHCC1aGlvl0IzpwgowRK9ye2dyuEjme1cW7A9nLUqmKnqobCd1rFF2WsO4WSbwCysrQTZuvz2AuovrQ2GXQye2Bre-ZdPbKKubN9AHaHYFoRoQUWT3c8HKuql9djKFgPf-LH72s-P2n_DjjP1pTZiHmNLhVFG6PBypSA-NnAXprLJQWR9EjC8Bm3IxUihYNSWSjOwGye-GroH8esXBOvglQCH-Iyq1ELBBAvHRRzAy0d2tMO3chZkRTQHCfIj1SIf5LUNhxkqXgpjUxBJnziozGmJndEwz-u2LvEybkYNiTUO1vwPj4y9Ym_DOsErDP2Q7P2fqH8Hk7pAgG3kQZNtZI4gwsYavFORalUluDhDBBVSiCjye5c8WZ_6dEg9N0ipdG8TQfRT6xpU20GLP5h4KTUsJ_jjAWu_LH_bXn5qA_urt2UvAPCNqSk1LUF6yWlrpdlrmYHrozFEvs2aj7u2CjScOcLuMDKyYugBF30yNAMvQVpgyUfuQoUzVygxTwssgV8iblK4Rfi6Dc92trEY2wnOhk9aL0OGV0fllTieQOL1UzPuCjNKZvBMFs1pKBXHyVmslAklgnHp8TvF8IQeMVCKzVKqk-BF_0Pbpgf3asn9tcqnmWThcQnAVPxydekH5iTb-rdAcqJoA__hvCheyvE2dTZErdhZ2Ib8JYSbzBl8dfYnx0T1QEXGRE4vE_0LT3vv7N3gxHXKbbKWl-QnOPpVy0NFiXivgYAaDw5AjfxBveX9MOHs2fzyD4S6oASD8Ap4YApygTiYmqolvbE1IwpHIORBNy6ea-dp0OUYAz0wK4FpPA09LSEoRiD9pl8fYClHbB1zKk6E4iXT&cid=CAQSTABpAlJW84r3qRmRXgIAhpQl6fsSZXZYu7Pxeog2D7sDWRxKq3JV3rWaEHATvdcT-2aeZW6RiqUCnCiOClOldy2_H7zmXJ5-smkNDbEYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fapk2me.com%2F&ds=l&xdt=1&iif=1&cor=14234577998305935000&adk=2857193498&idt=77&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

7b0e9f2bdf95ade611e0d1defb44c908324b714dbe065bdb8b53ab1fac0dce31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39443
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame F87E 2 KB
1 KB 76ms
74ms Document
text/html 23.215.41.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=3a7bcfbf-fa0d-4524-9a25-4236b7137054
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.41.73 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-41-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 686
content-type: text/html
date: Mon, 28 Aug 2023 20:40:59 GMT
etag: "1e015194a0e596827cb8971f884eb43c:1693127407.13859"
expires: Mon, 04 Sep 2023 20:40:59 GMT
last-modified: Sun, 27 Aug 2023 08:23:48 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 7C84 416 B
744 B 73ms
71ms Document
text/html 23.215.41.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.41.73 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-41-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-length: 416
content-type: text/html
date: Mon, 28 Aug 2023 20:40:59 GMT
etag: "c0311cf15c21ddda054005e92fad3f9e:1693127403.910187"
expires: Mon, 04 Sep 2023 20:40:59 GMT
last-modified: Sun, 27 Aug 2023 08:23:48 GMT
server: AkamaiNetStorage
timing-allow-origin: * *

GET
H/1.1 200
OK l Show response
mcdp-sadc1.outbrain.com/ 2 B
356 B 359ms
104ms Fetch
text/plain 66.225.223.95
NTTA-3946

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-sadc1.outbrain.com/l?token=c3004bbe2555030ba9e54d79c49871d1_10621_1693255258953&tm=825&eT=0&widgetWidth=1600&widgetHeight=0&widgetX=0&widgetY=9397&wRV=2010428&pVis=0&lsd=3a7bcfbf-fa0d-4524-9a25-4236b7137054&eIdx=&cheq=0&rtt=569&oo=false&lo=3255&obreq=3063&odbreq=3582&odbres=4149&cet=4g&to=1693255255029.2&umv=1&ll=0&chs=2&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.225.223.95 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:40:59 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 39f2d56bedcc3f25d967d4a92003f5b9
Content-Length: 6

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame DB92 19 KB
6 KB 82ms
64ms Document
text/html 23.215.41.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.41.73 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-41-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 593d82ff318ed811c9d35bd63c0590a870e08eab1f7b2bb8e7ccff5e74b42bdb

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 5977
content-type: text/html
date: Mon, 28 Aug 2023 20:40:59 GMT
etag: "94f2637953a539c6ef12d7b65a33e550:1693118456.207843"
expires: Mon, 04 Sep 2023 20:40:59 GMT
last-modified: Sun, 27 Aug 2023 06:35:04 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 readNext.js Show response
widgets.outbrain.com/nanoWidget/2010428/module/ 5 KB
3 KB 84ms
66ms Script
application/x-javascript 23.215.41.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2010428/module/readNext.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.41.73 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-41-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3afe7f41a1e7441a7df8cac942be6750c0bca673f0bec9acba983d378084ab70

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Mon, 28 Aug 2023 20:40:59 GMT
content-encoding: gzip
content-length: 2353
last-modified: Sun, 27 Aug 2023 08:23:48 GMT
server: AkamaiNetStorage
etag: "b26e51e2a424aba6da2ba29449b16110:1693127389.351078"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Mon, 04 Sep 2023 20:40:59 GMT

GET
H2 200 admiralApi.js Show response
widgets.outbrain.com/nanoWidget/2010428/module/ 764 B
1 KB 81ms
63ms Script
application/x-javascript 23.215.41.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2010428/module/admiralApi.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.41.73 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-41-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3d34ac5cee8dcdf83684bfdf55641356487894a202f73a19055378abd77e2658

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Mon, 04 Sep 2023 20:40:59 GMT
date: Mon, 28 Aug 2023 20:40:59 GMT
last-modified: Sun, 27 Aug 2023 08:23:48 GMT
server: AkamaiNetStorage
etag: "ade38d555f4c93ff71c538cf7bc3c2bc:1693127373.255857"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 764
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 14087321286235145769
tpc.googlesyndication.com/simgad/ Frame 22F5 14 KB
14 KB 37ms
36ms Image
image/png 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14087321286235145769?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmBMXtJxpQ44y-TBHG9DQeFWaOtlA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3231120278665793&output=html&h=188&slotname=9052031349&adk=3667577507&adf=2706166137&pi=t.ma~as.9052031349&w=750&fwrn=4&lmt=1693256152&rafmt=11&format=750x188&url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693255257135&bpp=37&bdt=895&idt=550&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=921787697105&frm=20&pv=1&ga_vid=1647964.1693255257&ga_sid=1693255258&ga_hid=802707405&ga_fc=1&rplot=4&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077370%2C31077350%2C21065724&oid=2&pvsid=516923798558681&tmod=1518353953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9b5WZIAmhT&p=https%3A//apk2me.com&dtd=592

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

89390aa15f564984205c4c57ac6a72148c2d40f8943c28b0b28349fe1bb4e2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 04:34:28 GMT
x-content-type-options: nosniff
age: 230791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13923
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 19:14:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Aug 2024 04:34:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 22F5 23 KB
9 KB 35ms
34ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:19:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 22F5 3 KB
1 KB 39ms
35ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:14:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 22F5 20 KB
8 KB 36ms
33ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:18:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22F5 181 KB
56 KB 78ms
75ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:40:59 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 22F5 35 KB
14 KB 40ms
35ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

01e8be122ac87eb4686d3bdad82d7e241a721dd3381699cc71423626ee7d7a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:31:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14411
x-xss-protection: 0
server: cafe
etag: 4500582243027856586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:31:08 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 22F5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cm20aWQbtZNeCMdClngXyjJHYDqvisZxx19DLud4RqY_8wgMQASCrpd-VAWD9oJmB6AOgAffim7QoyAECqAMByAPJhICABKoE3AFP0A3M9IBXt9p82NB84ltkCjsRnF4zGkspiYJ05W1eI2a...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x24a1b3a5637c2b180000000000000000%22,%222%22:%220x5315880022c67fe60000000000000000%22,%223%22:%220x148a44...

0
0

62ms
54ms

Fetch
text/css

172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x24a1b3a5637c2b180000000000000000%22,%222%22:%220x5315880022c67fe60000000000000000%22,%223%22:%220x148a44afb9540e7b0000000000000000%22,%224%22:%220xe5fb416925575dc0000000000000000%22,%225%22:%220x4be084b1766e20e80000000000000000%22},%22debug_key%22:%2216341606720591475507%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2208-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210585575832506456897%22}&andc=true

Requested by

Protocol

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:59 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x24a1b3a5637c2b180000000000000000","2":"0x5315880022c67fe60000000000000000","3":"0x148a44afb9540e7b0000000000000000","4":"0xe5fb416925575dc0000000000000000","5":"0x4be084b1766e20e80000000000000000"},"debug_key":"16341606720591475507","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["08-28"],"6":["true"]},"priority":"500","source_event_id":"10585575832506456897"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 28 Aug 2023 20:40:59 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Aug 2023 20:40:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x24a1b3a5637c2b180000000000000000","2":"0x5315880022c67fe60000000000000000","3":"0x148a44afb9540e7b0000000000000000","4":"0xe5fb416925575dc0000000000000000","5":"0x4be084b1766e20e80000000000000000"},"debug_key":"16341606720591475507","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["08-28"],"6":["true"]},"priority":"500","source_event_id":"10585575832506456897"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1187 143 B
166 B 32ms
32ms Document
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3231120278665793&output=html&h=188&slotname=9052031349&adk=3667577507&adf=2706166137&pi=t.ma~as.9052031349&w=750&fwrn=4&lmt=1693256152&rafmt=11&format=750x188&url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693255257135&bpp=37&bdt=895&idt=550&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=921787697105&frm=20&pv=1&ga_vid=1647964.1693255257&ga_sid=1693255258&ga_hid=802707405&ga_fc=1&rplot=4&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077370%2C31077350%2C21065724&oid=2&pvsid=516923798558681&tmod=1518353953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9b5WZIAmhT&p=https%3A//apk2me.com&dtd=592
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 20:21:35 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 7C84 610 B
937 B 69ms
63ms Document
text/html 23.215.41.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.41.73 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-41-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-length: 610
content-type: text/html
date: Mon, 28 Aug 2023 20:40:59 GMT
etag: "48053d50141031b1511dbd30f9a31288:1693127404.550506"
expires: Mon, 04 Sep 2023 20:40:59 GMT
last-modified: Sun, 27 Aug 2023 08:23:48 GMT
server: AkamaiNetStorage
timing-allow-origin: * *

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C187 172 KB
61 KB 104ms
19ms Script
text/javascript 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
Origin: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 21:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Aug 2023 21:05:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame C187 11 KB
4 KB 31ms
29ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXjBr8a0W3YozYefyr7eG_5DAn0mInV8uWJ6SFXG4VBPludkNNy31gPLGggr19gSgL7j1GqojiRGPs_JTPgByF6avHm39Rnmsx7appg1ELk9hcHLM&cry=1&dbm_d=AKAmf-DRQZR08EMoSaYnwJ3a-oGdDB5sBO6OWkCfz6ebbvY-39nK8PKxh5SQ-wJg3mrsuh3o1S5svWiAlefVsGHX6RurPqpYr1WbuMW8Z53vAemQryJwzM4UFDNyYtn20JLb849vowe00Pr8x8suCurc7i8gU4_CF8hBAIb9sYcdAHCGQqy1LxtoIfxnpAqrlN4FeQ1hy84dFqQkcUwuPKLndfCI5RmVfsZCA9_EOxKSdlHIYa4dMmjsYkE1qsFOxIqyKpPctVExZdDwozGK7VMUseKgH5_0AvJw83gvSF6fSCQTGlXGJl0O7AqO2eejKLMOPEjSflOO3zt3Ei7qxFbQ-S1o-7A8LB6JPXBTl4KjOuVOdI_3O-ERW4fMEn7klJFq9QnNF7U3aveuteJxsTyIWTygdoWMw10-KmCTrGonR49DAKGC919bQthE-GtiFWlDsBAGvQ5rcqymAb5SJG1JbrIHln5Si0X3fjDb86tVr4WTtgJSeEJ-_y1sQr1FlXU7Cg-4fQTr--4aY-b3qFul7kQ1QqUF_qWtxKfR7yTwOPqtCKF9rkVyKFiqymb8XNhjTKkI7OhBbVt_X5ibghz6ziQFIWSJi-92lDPXTaXxaA3QQybfm8E9erI0pwynzFzEoXrw0BIksNZwYGa7e6DBjiIDjgOpJTif6g8eXKTG3G9waI2MuWpnFRrF0EFa2FCmYsXRPuPTbD4mNE2d2Xz8KGvW-Q0rStfgqfNHQ5PAaFaI8vcM3s-O7UKtOO5Gaa10Dw5-5kxQsRH4-jJ2h1zfr9I5B4KmwDogV6DBI9SBsPJ0IsLSroMDUxykmYBGeHPrY_tOROeoYktmccw4rj0Bi4rzQgWKd7nCqQf51it27F14yjsK__wRPpUCvT6r_I57t_WwROe1gLfcnna_2s1tYLbEpgrodGFvHnJT1ZYD6aJecE25DlCKSJz_rsY7jDgL6-BFzYjsOgKmEvVokTTnDnlIcHCZ-ZmrLIRe_sqrwD6oUVQNJOROz0x1uvF6NVO2VJOsRfkXgwf-vD6yy_g6RZh7g3Fh7mbMPctwOBKkVLrAXDM7hm75NFS8i98JZe8OcrKVxAG_Xb-yFn83AGcG8EJ9HlyMPa4jlggQWAA-WXCRzTSQCLgFvzEziV5Bcw8XPHVwzozp6Ckje5eYFxY5VHCRjYKMwqoeRO0Lovc5VFcLsr2-CucRZZkmAO-OgBNo7GQS1uC8Oq_Q3sk2tIbP213j1Oqp1LLgFk-Wpv3yd0UYKQiH__S6QRZCmrSy3cn7tiF7e9nNz_46RtE2C8_xzjDU1X5GwyQ4pKgSDCKb6vPRNw7uk3yf-VlOrpG8BZsnJnoY1jp4tzcHesGnSaOB_0Q5oWL5lpzoNL4Hyb3qlPD46udKRlK9B1lRfE29K_L6q7PDAeZmHW6CI6lwTMcbtl4ZfH9PmHkQjo3x8s53pxapgSF48s-bDDQ5DkRLx4NxnpQYbVUNDg6gbRJoqmZCXFoxONuAad0JYzFn3BdukTexDNFMNytpCxJlxVkCU2xLfcJhzEW1pNoJlmR3NQfWorFbbcQOHJS-vVinx72Wlk1k0Y5-HnIy84j8t6C2aOEAReYEaRlmbutcCmL4cZXUt2SWzWo0J1uD1M5CFhvzZah_H5gszH8E96rntC--tN59Qch18AURCJksH0IKWf3naZMLjPL4YvvLUuYFxKatE8K_sMxVXkmtbxvgXhtiDZLrhNTzLO5eZZm9fdjhdmP7bbnmwDy8a6IP94ANrPn4tqvB2BGwUGRPLp8Ad14I4QyArqnL0KNnHhgU1p-U5Z_gNpJ35uwvyxnZ3wcYx7M2DEiSi1cMf_V2JbDjt7_axdGXHwwdBX6jyeNu1v6pyeKZs3zRLoqsqZMA5dDMITF6EZyBgvjwtgUMFLPQ_TkkHaQyKHa4YlYv0mbWhdypJvJiWVTBfUi1QAtYwT5wXjoAB95LTKLm_ifkw27FtHPprxKUu4Wbf3Inwaex_EbVvOb-RtQ8zlCQZLXJ37IYnpEUN1szvIvbshv33tnrvLWN8TZOhvqN40EIi-NCNJ-jQxmBBLrXfsvHaejpkF63ikmbhaMxjk2YTpMpP4HtzbS3EXYDtBOyA0jQ8-prw4_4fSOE4-m1NR8XGJBjnAwfB-pT-EZY9DdJ7gT9bsoPcPoEPYzkUVUhCSBVZDei-GGWwrQo3ahLW7RigtjgN7_a-1EJOFg5dxX8vUK4o2WT8raLN3hgDqMuTnIDKWan_mLq0HS6FOiOZOTkZWZIVV3HW7tWkMWQ7tsWRsAfHWuTt4AlIe_8v_5mZUwMwj9MxZfaH3WTw0UiwO_PZlF9Vw0A4BwlS_o6UFzbSIW9s6G2wFrvgbf19DkJ-LmDoE39NUMz1mPSdBqXpTRBeNYI27r94BfYdz5YrAN4NDcOTTREK_do7pKF8RrnbnwUQccnx_HpcCKi6SLf222PRIYetEEOTUYL0B0-cJ43mvP9PLRe6GMNNUBSOAdGY5RqrtPiKqr_JHMBc9Z_Q8HZAfQlgX998rACgop999UBuMLa_wfhAENcOLiTeFAxlOA6VP9QPR595UQwwg2zQyz_ROPm2imI22uoSjiKeZ3VqteuDxuhHCC1aGlvl0IzpwgowRK9ye2dyuEjme1cW7A9nLUqmKnqobCd1rFF2WsO4WSbwCysrQTZuvz2AuovrQ2GXQye2Bre-ZdPbKKubN9AHaHYFoRoQUWT3c8HKuql9djKFgPf-LH72s-P2n_DjjP1pTZiHmNLhVFG6PBypSA-NnAXprLJQWR9EjC8Bm3IxUihYNSWSjOwGye-GroH8esXBOvglQCH-Iyq1ELBBAvHRRzAy0d2tMO3chZkRTQHCfIj1SIf5LUNhxkqXgpjUxBJnziozGmJndEwz-u2LvEybkYNiTUO1vwPj4y9Ym_DOsErDP2Q7P2fqH8Hk7pAgG3kQZNtZI4gwsYavFORalUluDhDBBVSiCjye5c8WZ_6dEg9N0ipdG8TQfRT6xpU20GLP5h4KTUsJ_jjAWu_LH_bXn5qA_urt2UvAPCNqSk1LUF6yWlrpdlrmYHrozFEvs2aj7u2CjScOcLuMDKyYugBF30yNAMvQVpgyUfuQoUzVygxTwssgV8iblK4Rfi6Dc92trEY2wnOhk9aL0OGV0fllTieQOL1UzPuCjNKZvBMFs1pKBXHyVmslAklgnHp8TvF8IQeMVCKzVKqk-BF_0Pbpgf3asn9tcqnmWThcQnAVPxydekH5iTb-rdAcqJoA__hvCheyvE2dTZErdhZ2Ib8JYSbzBl8dfYnx0T1QEXGRE4vE_0LT3vv7N3gxHXKbbKWl-QnOPpVy0NFiXivgYAaDw5AjfxBveX9MOHs2fzyD4S6oASD8Ap4YApygTiYmqolvbE1IwpHIORBNy6ea-dp0OUYAz0wK4FpPA09LSEoRiD9pl8fYClHbB1zKk6E4iXT&cid=CAQSTABpAlJW84r3qRmRXgIAhpQl6fsSZXZYu7Pxeog2D7sDWRxKq3JV3rWaEHATvdcT-2aeZW6RiqUCnCiOClOldy2_H7zmXJ5-smkNDbEYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fapk2me.com%2F&ds=l&xdt=1&iif=1&cor=14234577998305935000&adk=2857193498&idt=77&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:11:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame C187 30 KB
11 KB 29ms
28ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:11:35 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C187 41 KB
13 KB 33ms
25ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 15:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 15:11:43 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 7FE8 222 KB
62 KB 1109ms
42ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Aug 2023 05:37:38 GMT
age: 399802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 23 Aug 2024 05:37:38 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 7FE8 15 KB
5 KB 1161ms
94ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Aug 2023 01:44:27 GMT
age: 413793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 23 Aug 2024 01:44:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 7FE8 94 KB
28 KB 1158ms
91ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 23 Aug 2023 06:36:39 GMT
age: 482661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Aug 2024 06:36:39 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 7FE8 5 KB
2 KB 1158ms
93ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 23 Aug 2023 16:31:34 GMT
age: 446966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Aug 2024 16:31:34 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 7FE8 40 KB
13 KB 1159ms
95ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 23 Aug 2023 22:58:05 GMT
age: 423775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Aug 2024 22:58:05 GMT

GET
DATA 200
OK truncated
/ Frame 7FE8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5481c3353b1060ce05db093bb50e70f5177cef010aa62f35c031f479feaefbe9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 8705789078262744522
tpc.googlesyndication.com/simgad/ Frame 7FE8 9 KB
9 KB 35ms
34ms Image
image/png 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8705789078262744522?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn0mH67d9sa5l8gbMyalh6Bq0dltg

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

c4e7cf9cb45738f94c0379ce9353b7d193289378cc248563537abf73230aba17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 17:40:33 GMT
x-content-type-options: nosniff
age: 183626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9414
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 13:09:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Aug 2024 17:40:33 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7FE8 2 KB
2 KB 33ms
32ms Image
image/png 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 01:34:36 GMT
x-content-type-options: nosniff
server: cafe
age: 68783
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 29 Aug 2023 01:34:36 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7FE8 295 B
319 B 33ms
33ms Image
image/png 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 01:11:47 GMT
x-content-type-options: nosniff
server: cafe
age: 70152
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 29 Aug 2023 01:11:47 GMT

GET
H3

200

458249.gif
idsync.rlcdn.com/ Frame DB92
Redirect Chain

https://idsync.rlcdn.com/420046.gif?partner_uid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQERXVXZEVFo4bG53amtRWGNxS3FFU3gwUWRnTk5aUzJhbmpRRTByVk40V2ZEMjJFdUlfZkU4MG8xNml2a19VQTcQABoNCNyMtKcGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=6f5e58cad2debee4878a93d708836fb293d49967b6e07d8eae7df63a26c17b9c791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2ZjVlNThjYWQyZGViZWU0ODc4YTkzZDcwODgzNmZiMjkzZDQ5OTY3YjZlMDdkOGVhZTdkZjYzYTI2YzE3YjljNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2ZjVlNThjYWQyZGViZWU0ODc4YTkzZDcwODgzNmZiMjkzZDQ5OTY3YjZlMDdkOGVhZTdkZjYzYTI2YzE3YjljNzkxNDI2YjU0MTdkY2UyMRAAGgwI3Iy0pwYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=8daa0143-932a-4857-86af-b80ee7ba7ed7

42 B
60 B

41ms
41ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=8daa0143-932a-4857-86af-b80ee7ba7ed7
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:02 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=8daa0143-932a-4857-86af-b80ee7ba7ed7
date: Mon, 28 Aug 2023 20:41:02 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://b1sync.zemanta.com/usersync/outbrain/?puid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&initiator=ob&puid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&s=2&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=vBoGk7TqIcQamSFKZKdZ&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&initiator=ob&gdpr=0&us_privacy=1---

0
145 B

68ms
68ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=zemanta&uid=vBoGk7TqIcQamSFKZKdZ&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&initiator=ob&gdpr=0&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:01 GMT
Cache-Control: no-cache
X-TraceId: 37234a84a2c321298fa08c64fab25c04
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 20:41:00 GMT
Content-Type: text/html; charset=utf-8
Location: https://sync.outbrain.com/cookie-sync?p=zemanta&uid=vBoGk7TqIcQamSFKZKdZ&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&initiator=ob&gdpr=0&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 222
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&ini...
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=2360486356122597287&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

0
145 B

935ms
34ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=2360486356122597287&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:00 GMT
Cache-Control: no-cache
X-TraceId: cf1959637920f11b745124e50a1c225d
Content-Length: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:59 GMT
an-x-request-uuid: 69f029c9-0948-4177-9e9a-b726fb8ccbec
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=2360486356122597287&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
x-proxy-origin: 86.48.14.146; 86.48.14.146; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame DB92
Redirect Chain

https://dpm.demdex.net/ibs:dpid=133726&dpuuid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_pd=1&gdpr_consent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_pd=1&gdpr_consent=

42 B
940 B

48ms
44ms

Image
image/gif

52.55.229.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_pd=1&gdpr_consent=

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

HTTP/1.1

Server

52.55.229.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-229-173.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v049-0273b4722.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ZiogdrmwTk0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-1-v049-0db6ce49b.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nTk/3bD7QME=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_pd=1&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK set
sync-jp.im-apps.net/imid/ Frame DB92 43 B
740 B 1433ms
252ms Image
image/gif 23.49.250.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.250.160 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-250-160.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:00 GMT
Cache-Control: private, max-age=3000
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1---
https://match.adsrvr.org/track/cmb/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=ttd&uid=807d1f16-0ef7-4426-9ac4-b77fb80cbace&gdpr=0&gdpr_consent=

0
145 B

54ms
53ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=ttd&uid=807d1f16-0ef7-4426-9ac4-b77fb80cbace&gdpr=0&gdpr_consent=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:01 GMT
Cache-Control: no-cache
X-TraceId: 9d4a8533cfc0e96910c90395582c7dc0
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=ttd&uid=807d1f16-0ef7-4426-9ac4-b77fb80cbace&gdpr=0&gdpr_consent=
date: Mon, 28 Aug 2023 20:41:00 GMT
server: Kestrel
content-length: 241

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame DB92 0
338 B 1189ms
36ms Image
text/plain 3.211.144.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.144.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-144-247.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: beacon-n001-ash-prod.krxd.net
date: Mon, 28 Aug 2023 20:41:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1693255260
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame DB92 43 B
655 B 1222ms
43ms Image
image/gif 3.160.22.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.22.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-22-128.cmh68.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:00 GMT
via: 1.1 1e130cea96c42ad5e26aa46c0cf9ac1a.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: CMH68-P3
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: NQRW4fa8GaxiM3nsSNW74f9LY-hQOT4qJEpUvgSnFbzBsLSpedpAkA==
expires: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=7ea59c13-ae95-4d41-b918-7ea78ec15ef1&gdpr=0&gdpr_consent=&us_privacy=1---

0
145 B

49ms
49ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=7ea59c13-ae95-4d41-b918-7ea78ec15ef1&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:01 GMT
Cache-Control: no-cache
X-TraceId: 170966cc263fdcbfe2b19ae0b041f3f0
Content-Length: 0

Redirect headers

location: //sync.outbrain.com/cookie-sync?p=mediaforce&uid=7ea59c13-ae95-4d41-b918-7ea78ec15ef1&gdpr=0&gdpr_consent=&us_privacy=1---
date: Mon, 28 Aug 2023 20:41:01 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://x.bidswitch.net/sync?ssp=outbrain&user_id=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---&_bee_ppp=1
https://x.bidswitch.net/sync?user_id=AAEJck7J2g0AACkQZ1dzuQ&dsp_id=269&expires=5&ssp=outbrain&gdpr=0&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=c2b85291-29d1-4530-9a77-642b9181513e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---

0
145 B

35ms
34ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=c2b85291-29d1-4530-9a77-642b9181513e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:02 GMT
Cache-Control: no-cache
X-TraceId: 6c3c361e8a09faa17e2f5c1c2cd314bf
Content-Length: 0

Redirect headers

Location: //sync.outbrain.com/cookie-sync?p=bidswitch&uid=c2b85291-29d1-4530-9a77-642b9181513e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
Date: Mon, 28 Aug 2023 20:41:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o...
https://sync.outbrain.com/cookie-sync?p=criteo&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&uid=b4bc5099-0600-4805-a06b-2...

0
145 B

42ms
41ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&uid=b4bc5099-0600-4805-a06b-209acc1cd6fa
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:00 GMT
Cache-Control: no-cache
X-TraceId: 6c86e545ac6d1b764ee16d61737d2a56
Content-Length: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:59 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync.outbrain.com/cookie-sync?p=criteo&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&uid=b4bc5099-0600-4805-a06b-209acc1cd6fa
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3714275
content-length: 0
expires: Mon, 28 Aug 2023 00:00:00 GMT

GET
H/1.1

200
OK

RX-75a53ce8-3451-4a69-a665-5907bd2e9a8d-005
sync.targeting.unrulymedia.com/csync/ Frame DB92
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBo5tLBIjdFyoWRBTvxdxPk&google_cver=1
https://x.bidswitch.net/ul_cb/sync?dsp_id=16&user_id=CAESEBo5tLBIjdFyoWRBTvxdxPk&google_cver=1
https://sync.1rx.io/usersync/bidswitch/c2b85291-29d1-4530-9a77-642b9181513e?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/c2b85291-29d1-4530-9a77-642b9181513e?zcc=1&cb=1693255262004
https://sync.targeting.unrulymedia.com/csync/RX-75a53ce8-3451-4a69-a665-5907bd2e9a8d-005

43 B
435 B

187ms
38ms

Image
image/gif

199.127.204.142
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-75a53ce8-3451-4a69-a665-5907bd2e9a8d-005
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:02 GMT
Connection: keep-alive
Content-Length: 43
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 20:41:02 GMT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.targeting.unrulymedia.com/csync/RX-75a53ce8-3451-4a69-a665-5907bd2e9a8d-005
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7272475965508679829&gdpr=0&gdpr_consent=

0
145 B

37ms
36ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7272475965508679829&gdpr=0&gdpr_consent=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:01 GMT
Cache-Control: no-cache
X-TraceId: 161a67c2c42a389531cb95f6aef992c0
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7272475965508679829&gdpr=0&gdpr_consent=
Date: Mon, 28 Aug 2023 20:41:00 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame DB92
Redirect Chain

https://ps.eyeota.net/match?bid=1mpn7m0&uid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7

70 B
440 B

57ms
57ms

Image
image/gif

54.156.26.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-26-12.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 28 Aug 2023 20:41:01 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?bid=1mpn7m0&uid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
Date: Mon, 28 Aug 2023 20:41:00 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
id.geistm.com/m/OB/ Frame DB92 0
0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://creativecdn.com/cm-notify?pi=outbrain&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
https://creativecdn.com/cm-notify?pi=outbrain&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=VplDRn7dlbknfmyIIb3Z&pi=outbrain&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&ini...

0
145 B

32ms
32ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=VplDRn7dlbknfmyIIb3Z&pi=outbrain&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:02 GMT
Cache-Control: no-cache
X-TraceId: 616827855eee9ee582abb2370e1f0fc9
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=VplDRn7dlbknfmyIIb3Z&pi=outbrain&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
pragma: no-cache
date: Mon, 28 Aug 2023 20:41:02 GMT, Mon, 28 Aug 2023 20:41:02 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=0&gdpr_consent=&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LLVCGPV0-H-GU4L&obUid=&initiator=&gdpr=0&us_privacy=1---

0
145 B

52ms
52ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LLVCGPV0-H-GU4L&obUid=&initiator=&gdpr=0&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:02 GMT
Cache-Control: no-cache
X-TraceId: 706423c73c2b906f4ad052d32520044d
Content-Length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LLVCGPV0-H-GU4L&obUid=&initiator=&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b3266a43228eaeab48f59934ee9159da
Expires: 0

GET
H2 403 tpid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame DB92 49 B
268 B 49ms
39ms Image
image/gif 18.209.38.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.38.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-38-85.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.35.65
content-length: 49
expires: 0

GET
H2

200

cm
us-u.openx.net/w/1.0/ Frame DB92
Redirect Chain

https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&xl8blockcheck=1
https://idsync.rlcdn.com/397416.gif?partner_uid=3e29fa71a87dad67ee66f992b9316609
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D

43 B
181 B

85ms
83ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:02 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 28 Aug 2023 20:41:01 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD...
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZO0GW0zdySINDFQImdq2DAAADosAAAAB&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&ini...

0
145 B

38ms
35ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZO0GW0zdySINDFQImdq2DAAADosAAAAB&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:02 GMT
Cache-Control: no-cache
X-TraceId: 6f4f45cd12b149c6689a73495620439a
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 20:41:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZO0GW0zdySINDFQImdq2DAAADosAAAAB&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUNEQTZBNEMtQzAyNy00NjNELUI3ODgtMEIyN0NENENENTg5&gdpr=-1&gdpr_consent=PM_CONSENT
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=PM_CONSENT
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=PM_CONSENT&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQ...
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=5CDA6A4C-C027-463D-B788...

0
145 B

33ms
32ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=5CDA6A4C-C027-463D-B788-0B27CD4CD589
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:03 GMT
Cache-Control: no-cache
X-TraceId: 7a9316d3683323e4fe408e97fb461d2e
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=5CDA6A4C-C027-463D-B788-0B27CD4CD589
date: Mon, 28 Aug 2023 15:48:13 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26...
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&uid=749c0550-df9a-4dfd-838b-62...

0
145 B

46ms
36ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&uid=749c0550-df9a-4dfd-838b-629d17bd3520
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:02 GMT
Cache-Control: no-cache
X-TraceId: 815f18de82b53e9c709e2afec2229e73
Content-Length: 0

Redirect headers

date: Mon, 28 Aug 2023 20:41:01 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&uid=749c0550-df9a-4dfd-838b-629d17bd3520
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-F3lTxpFE2uHfetYoFfyhWyTh3FbvJ8diaAXfCRY-~A&gdpr=0

0
145 B

955ms
42ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=oath&uid=y-F3lTxpFE2uHfetYoFfyhWyTh3FbvJ8diaAXfCRY-~A&gdpr=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:00 GMT
Cache-Control: no-cache
X-TraceId: e6afe5f94e1402cdec53cb609c17e8cc
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=oath&uid=y-F3lTxpFE2uHfetYoFfyhWyTh3FbvJ8diaAXfCRY-~A&gdpr=0
date: Mon, 28 Aug 2023 20:40:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0...
https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2...
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=8b982a9c-acbf-49a0-8eb1-037602fc944b&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_priva...

0
145 B

44ms
38ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=8b982a9c-acbf-49a0-8eb1-037602fc944b&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:02 GMT
Cache-Control: no-cache
X-TraceId: 0460a69b029d189179df3522687abd40
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=8b982a9c-acbf-49a0-8eb1-037602fc944b&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
access-control-allow-origin: *
date: Mon, 28 Aug 2023 20:41:02 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7%26gd...
https://sync.outbrain.com/cookie-sync?p=smaato&uid=9d8555093c&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

0
145 B

55ms
53ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=smaato&uid=9d8555093c&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:02 GMT
Cache-Control: no-cache
X-TraceId: 260c9783507561697f2cf52856d4d891
Content-Length: 0

Redirect headers

date: Mon, 28 Aug 2023 20:41:01 GMT
via: 1.1 3553261692b84388f31d013fa1d022f0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CMH68-P4
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.outbrain.com/cookie-sync?p=smaato&uid=9d8555093c&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: hmlqtGuis_6so6rSu0rXcKjRM9AoYZ2x40ZGsKdcl9JE1PjZnhqhmg==

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DDWUvDTZ8lnwjkQ...
https://sync.outbrain.com/cookie-sync?p=smart&uid=3330658597789645301&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob

0
145 B

35ms
34ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=smart&uid=3330658597789645301&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:02 GMT
Cache-Control: no-cache
X-TraceId: c4569eb55280ad2c4c51cab37abdba6c
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=smart&uid=3330658597789645301&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
date: Mon, 28 Aug 2023 20:41:01 GMT
content-length: 0

GET
H2 200 c.gif
c.bing.com/ Frame DB92 42 B
689 B 129ms
49ms Image
image/gif 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?red3=MSOB_pd&uid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:01 GMT
last-modified: Tue, 06 Jun 2023 17:34:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 219E2327C81A48FE873E0DB35DC86161 Ref B: YTO01EDGE0422 Ref C: 2023-08-28T20:41:02Z
etag: "4729cb259d98d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://id.rlcdn.com/711945.gif?ct=4&cv=
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&

0
145 B

30ms
30ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:02 GMT
Cache-Control: no-cache
X-TraceId: 1285200a627d0de8bb4e9110e09cf1f7
Content-Length: 0

Redirect headers

date: Mon, 28 Aug 2023 20:41:02 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame DB92 0
187 B 170ms
40ms Image
text/plain 207.198.113.90
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 207.198.113.90 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 28 Aug 2023 20:41:01 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&uid=brLHwWiwl8B1vpDBPraPkzqxmpN1sZqWa-cq97Oq

0
145 B

42ms
42ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&uid=brLHwWiwl8B1vpDBPraPkzqxmpN1sZqWa-cq97Oq
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:02 GMT
Cache-Control: no-cache
X-TraceId: 540f2d32372f3a13861300f0eb03179d
Content-Length: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&uid=brLHwWiwl8B1vpDBPraPkzqxmpN1sZqWa-cq97Oq
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

400
Bad Request

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%25%25VGUID%25%25%26obUid%3DDWUvDTZ8lnwjkQXcq...
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=6fUhKsIf8Xga&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&ev=1&us_...

0
84 B

29ms
28ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=6fUhKsIf8Xga&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&ev=1&us_privacy=${us_privacy}&pid=562709
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:02 GMT
Content-Length: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-CA
location: https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=6fUhKsIf8Xga&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&ev=1&us_privacy=${us_privacy}&pid=562709
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-cdb79dd64-cmsdd
expires: -1

GET
H2

200

us.gif
sync.go.sonobi.com/ Frame DB92
Redirect Chain

https://id5-sync.com/s/164/9.gif?puid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---
https://id5-sync.com/c/164/164/9/1.gif?puid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
https://id5-sync.com/c/164/108/8/2.gif?puid=d5b8370b-c702-4e84-8d82-a2d2b6988505&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F434%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
https://id5-sync.com/c/164/434/7/3.gif?puid=3b441adf-3242-47c8-832d-bd71167599f6&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-5ba9mabYSSu9tcdb_JeNT9XV-_MzIv95kXj4FDzJmw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/164/3/6/4.gif?puid=998d64ed-0660-4700-a712-6756a41e0dcb&gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F429%2F5%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/164/429/5/5.gif?puid=5CDA6A4C-C027-463D-B788-0B27CD4CD589&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=807d1f16-0ef7-4426-9ac4-b77fb80cbace&ttl=%%TTL%%
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F441%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://id5-sync.com/c/164/441/3/7.gif?puid=u_e7485bee-cb33-4dc1-a747-ec6eb5aa1f37&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F164%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/164/112/2/8.gif?puid=3DF45A40D4F87084&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/164/2/1/9.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/164/2/1/9.gif?puid=2360486356122597287&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=998d64ed-0660-4700-a712-6756a41e0dcb&gdpr=0&consent=&id5id=ID5-5ba9mabYSSu9tcdb_JeNT9XV-_MzIv95kXj4FDzJmw

49 B
583 B

149ms
55ms

Image
image/gif

69.166.1.35
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=998d64ed-0660-4700-a712-6756a41e0dcb&gdpr=0&consent=&id5id=ID5-5ba9mabYSSu9tcdb_JeNT9XV-_MzIv95kXj4FDzJmw

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

Server

69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:06 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-148
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=998d64ed-0660-4700-a712-6756a41e0dcb&gdpr=0&consent=&id5id=ID5-5ba9mabYSSu9tcdb_JeNT9XV-_MzIv95kXj4FDzJmw
date: Mon, 28 Aug 2023 20:41:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame DB92
Redirect Chain

https://cm.rtbsystem.com/usermatch/ob?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drtbsystem%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%7Buserid%7D%26initiator%3Dob%2...
https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=0&gdpr_consent=&us_privacy=1---&uid=04c177bd-f52a-55b3-b633-0cc9ef9254df&initiator=ob&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_...

0
145 B

265ms
264ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=0&gdpr_consent=&us_privacy=1---&uid=04c177bd-f52a-55b3-b633-0cc9ef9254df&initiator=ob&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 20:41:04 GMT
Cache-Control: no-cache
X-TraceId: e4e8d696732edf9f52c95c41f463b207
Content-Length: 0

Redirect headers

date: Mon, 28 Aug 2023 20:41:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5YEqK60ekGs9ol0K%2B8xgsmALq60jD74cZSKPAELnSDlrttRgqEbec7yr5%2Ftv65BtlYzTNgwG3dme%2BKhRlC1oyf4NJdFgVz0R3%2FlQiVIl5t9FXnfpxP%2FYvwqxp0QvxWVt0UE"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=0&gdpr_consent=&us_privacy=1---&uid=04c177bd-f52a-55b3-b633-0cc9ef9254df&initiator=ob&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
cf-ray: 7fdf5f6f589f36b7-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 204 CookieOutbrain
rtb.adentifi.com/ Frame DB92 0
285 B 375ms
42ms Image
text/plain 3.211.159.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieOutbrain?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dadtheorent%26uid%3D%24%7BUSER%7D%26obUid%3DDWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%0A%0A
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.159.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-159-119.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:02 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 70ms
65ms Preflight
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 28 Aug 2023 20:40:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C187 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a70ef200da9d0f6aeee32891bcdb357c771a9a3b8304e789d77920adbe210fcb

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 eyJpdSI6Ijk3M2JmODExYjhlNGU1YjhlYTM2MDdlZGZlZWYwNWE1ZDMwOTk5OWI4MzllNTIyOGE5MWUxMTQ1YWMzZTRmOTQiLCJ3IjoyNDAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 10 KB
11 KB 1058ms
98ms Image
image/webp 2.22.41.153
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijk3M2JmODExYjhlNGU1YjhlYTM2MDdlZGZlZWYwNWE1ZDMwOTk5OWI4MzllNTIyOGE5MWUxMTQ1YWMzZTRmOTQiLCJ3IjoyNDAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2010428/module/readNext.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.41.153 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: a2-22-41-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0fd8234999ac0bf34e6a281424c7eb19597dfaf03be2329567dff0c534793b28

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:00 GMT
last-modified: Thu, 03 Aug 2023 22:01:09 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=753600
access-control-allow-credentials: false
x-traceid: 56f50569a2da952fe03e4fb0a8bf242e
timing-allow-origin: *, *
content-length: 10674

GET
H2 200 eyJpdSI6IjExMGZjN2M4YjkyYjc3NjU5NjUzMmQ0N2UyOTEwNjRmZmQ5MTA4MDhlMTI5MDdiNzgzMWM1MTY4MzdmYjJlZTUiLCJ3IjoyNDAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 8 KB
8 KB 1178ms
218ms Image
image/webp 2.22.41.153
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjExMGZjN2M4YjkyYjc3NjU5NjUzMmQ0N2UyOTEwNjRmZmQ5MTA4MDhlMTI5MDdiNzgzMWM1MTY4MzdmYjJlZTUiLCJ3IjoyNDAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2010428/module/readNext.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.41.153 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: a2-22-41-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a8bd5e98d57068f936c2f271290d33e4796e02c491d77e147dd816430b3c8e2d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:00 GMT
last-modified: Wed, 23 Aug 2023 13:24:44 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2103596
access-control-allow-credentials: false
x-traceid: b4f13e8944aa2d25e064527edfca7402
timing-allow-origin: *, *
content-length: 7952

GET
H2 200 eyJpdSI6IjdlYzI1YTgyYmEzYWI1OGU1ODQ1YmY5OGJjNmI4MmM1Y2VjNjAwM2JkODA3MWM4ZmU1NDI0NTFkNmEwMWQ5ZTMiLCJ3IjoyNDAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 6 KB
7 KB 1064ms
104ms Image
image/webp 2.22.41.153
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjdlYzI1YTgyYmEzYWI1OGU1ODQ1YmY5OGJjNmI4MmM1Y2VjNjAwM2JkODA3MWM4ZmU1NDI0NTFkNmEwMWQ5ZTMiLCJ3IjoyNDAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2010428/module/readNext.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.41.153 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: a2-22-41-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4bb42237f510d70c7cbf4f42d28ce93d1ab3d0d6d1275ad0aa2afe8ec1bbdad9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:00 GMT
last-modified: Mon, 28 Aug 2023 16:27:09 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2447191
access-control-allow-credentials: false
x-traceid: 2c307822afa35a1a2da4abee62c36962
timing-allow-origin: *, *
content-length: 6566

GET
H2 200 eyJpdSI6IjUzN2M5ZmJkMTE0OTZlZGFjNGQ1M2YzZDFjYWE3NDA1MjBiNGE5OTg0YWNiYjUxOGFiMDE3NWJiNmM4OWRlNWQiLCJ3IjoyNDAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 15 KB
16 KB 1149ms
189ms Image
image/webp 2.22.41.153
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjUzN2M5ZmJkMTE0OTZlZGFjNGQ1M2YzZDFjYWE3NDA1MjBiNGE5OTg0YWNiYjUxOGFiMDE3NWJiNmM4OWRlNWQiLCJ3IjoyNDAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2010428/module/readNext.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.41.153 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: a2-22-41-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2acacc9cffe8e7a57dce64bf9914c66ea766ac3ed5f5daa299605488d2c36949

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:00 GMT
last-modified: Tue, 01 Aug 2023 11:23:14 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2199979
access-control-allow-credentials: false
x-traceid: 52cd6575ad19e51e7e3d180d324670ff
timing-allow-origin: *, *
content-length: 15730

GET
H2 200 eyJpdSI6IjhiMDE2Y2IyYmU4YzZjZWJlNzUyMjA4OGViM2ZkZmQzMTdkYmJmNTFmY2Q0MzkwZDRlNTlkMjk3MzMzNjI0MzQiLCJ3IjoyNDAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 10 KB
11 KB 1169ms
210ms Image
image/webp 2.22.41.153
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhiMDE2Y2IyYmU4YzZjZWJlNzUyMjA4OGViM2ZkZmQzMTdkYmJmNTFmY2Q0MzkwZDRlNTlkMjk3MzMzNjI0MzQiLCJ3IjoyNDAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2010428/module/readNext.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.41.153 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: a2-22-41-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bfa6f64ca2042a77247e9920c90477bca62fde58345bd87e461d94934c3e6380

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:00 GMT
last-modified: Thu, 27 Jul 2023 09:56:03 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1405848
access-control-allow-credentials: false
x-traceid: 55d85e5d54b6bbc56340e50892cc1868
timing-allow-origin: *, *
content-length: 10722

GET
H2 200 icon-x.svg
widgets.outbrain.com/images/widgetIcons/ 497 B
830 B 74ms
73ms Image
image/svg+xml 23.215.41.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/icon-x.svg
Requested by: Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.41.73 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-41-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68f9042a03dfb106098795785893fa607d2c51151b3abcb8d03484025f8eb3ee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Wed, 27 Sep 2023 20:40:59 GMT
date: Mon, 28 Aug 2023 20:40:59 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "087fa4fcfa58595ea95459f109778065:1673369404.98484"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 497
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 icon-chevron.svg
widgets.outbrain.com/images/widgetIcons/ 579 B
912 B 72ms
72ms Image
image/svg+xml 23.215.41.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/icon-chevron.svg
Requested by: Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.41.73 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-41-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0aa0acb01b3dad7e2951b7c5d394ed8f4260b17ee26e41db30ceefbe579b3020

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Wed, 27 Sep 2023 20:40:59 GMT
date: Mon, 28 Aug 2023 20:40:59 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "6766e0b105f8d44fb6b14b081c5dd045:1673369402.19157"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 579
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/ 154 KB
52 KB 70ms
69ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/reactive_library_fy2021.js?bust=31077350

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077350

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

810a1e594e490a5316854f12cc1536ec6999c149af3aea2bfc49981e0bae368b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:40:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53632
x-xss-protection: 0
server: cafe
etag: 16638008264156880747
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:40:59 GMT

GET
H2 200 ca-pub-3231120278665793 Show response
fundingchoicesmessages.google.com/i/ 151 KB
50 KB 1008ms
82ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3231120278665793?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

a9e7165f5372bc98a6ef65a6cd9b2526e9ea71ed13041592c675908c4017db98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cJJGc_3v62wc-MnBhVSLOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-cJJGc_3v62wc-MnBhVSLOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 22F5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8d0c511a442ab86c456d557ff28c5eb0a80b6794f5a742e0c3ce6cf9d7088ed

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1187
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

67ms
64ms

Document
text/html

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 20:41:00 GMT
expires: Mon, 28 Aug 2023 20:41:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 20:41:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 56ms
56ms Fetch
application/json 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=c3004bbe2555030ba9e54d79c49871d1&pvId=c3004bbe2555030ba9e54d79c49871d1&sid=8751555&pid=10621&idx=0&wId=1890&pad=5&org=0&tm=1421&eT=3&wRV=2010428&pVis=0&lsd=3a7bcfbf-fa0d-4524-9a25-4236b7137054&eIdx=0&oo=false&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 20:40:59 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 74460d0376b10a400f83795847151082
Content-Length: 4
Expires: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4214858595737940445/ Frame 178F 187 KB
44 KB 131ms
56ms Document
text/html 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

383f32fa6baaab26fc0a313af9c0e0a57b20e298a598d85d23c39d3982cf735c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 20:41:00 GMT
expires: Tue, 27 Aug 2024 20:41:00 GMT
last-modified: Mon, 31 Jul 2023 21:21:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C187 0
0 750ms
82ms Fetch
image/gif 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFd8vsOc0x03Yqx41yDZXGYpRNrJLobvBRmkfl-pUZ8p_gLlkgvRR694vGfZcFEylZFLdlW_jrbVT3w-4ecT-S7iGR9tMXuScWqubJ2ariss9rU-vfUd7W8RHynottTs7Sd5QBHuKsjVBllno5tZ1EzUih1J3ckyapKFGgKYksryvZON3rzQ-hBUYGRWpmufDhHIHKmrGbcaLAqgkCc8HNPeHGiQqbmsKxWDM1cYBryDaVIw5F1oqvx4yn5EkiMNJXhNTHfFfMi1afaDFAiDkC5KTUREgz4-fJMcBG4-ROoz7NAGHBkQBdWdCvCuAjJ2H04keJFZ3FLSR6uQS4ccmyTgSGMW7ucTGMY4BMoYakZdh2Ag2H0K4Vic7E_uKZpMmp2xeljotU18_hs0JsjZi0RGwvfGPWwHE8wUdBUAeTy1hcQljNiDyvUILSfKiE9aILgNYhdyKBQt01RBMBZoos0xZ6FM_ezZu3Vw-1DgN6eAeP_ZIgta4936eUc0arl66wyYgmcDOmSWT0bXA5VYJWayNRaRpuqYkWf7pPAPEBen6MXoQf-F5xj9_xdGtU3pgRpSIjYlbwQj5i11AfDHtOa_EnOq7_Tf5UG_GdbxfZfReVuUDwfq6hNRPIN4vmgVAkeGQVWvKgqOLVwgikGeKkx_IPslPyQSwcFqiqH8GRQWHW_ZcW8rk_d-A2OhZTxiikHgzqY-HQA0wfZZS8de68jlNs2C8WgrOjVytF4cPWSJ8CdVNCrYuireZ1ahmfuKfxSPa4n4pynhfHtc33AsYrR-akgDgzKPmKXSUc7tpajW4IykfUjhoNL99pstNYa_KLkiSshMbGJi_suMCSP9xpIwMMRpOESB19d0Zi3I2ilCK_lk_2h3Xp9Sz5dhQX3c4s8oc-s3u_tsexmCX8ODRp4IPB0s2xMSn0KtTMaTcGyuqqa_bMlQlQAY5XxH6xz2p1sbHnAfHvVRn8zJfXoBHXArn5M9AK2gQNjA691_yOqPABMqwiux-IPwjXDZI51xRcjANsdoHu1P7C0QDFKOKi4RFji_wguUpoAJHmBzO7u67ezOT1bEmeJwhb9CpXvKN7GzsUKgyAcX_DkPKzQkwhdo_kvHLxOYxMLugtmqzQPYXFlh9VW6zGQZGMImET2BznP9U-uRJ0cfFtBKnn17LnzgYSkgSPWFBSXTqF05pJUkKwNndjSXw55g0yHLpVCNJzqrBaw3IhEGITw-0b2UHaQrtwQdsNbbEkhb1nQnWq_f_R8a4bJvO9XLt6GqvlHxMKIbvN5kfM5uwbZ5w0xnBjPX0afYuXlN7aT4XKACK5Kpzo-P8BCgvZtHvbkoaDI71Wzvj2&sai=AMfl-YQoUfICb69S0F139qYLPbeoDomEEz6ILfjTg79rsSBn5nrJqKgptHl2TkgRzY9mykYrt0cpi1HvaZcthYLgINeQpW0DbY2FWmLPi9t1oKTTDgUu7mI5CxZe-FOAiAb3rkpqCqMEAT1SniYsAxf1eqf-Vy-8eCRMC8kKHPkzs2SVHQywa2nPOz8Y4ak7k5RZZtcTSeK9tDkO-i6U_VxrWBFH8TObCor8boVj2dIN__pGtysvWvJdCV-xY_ZjW6F_WyceKv1aKZZmqVPb7WzeM14xmSfW60nAU9qQ9Edpm8CCW3TdHiEOYaE1DEn7&sig=Cg0ArKJSzOlasCVvKqjaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=422&cbvp=1&cstd=392&cisv=r20230823.03233&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Aug 2023 20:41:00 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:41:00 GMT

GET
H2 200 /
d.agkn.com/pixel/2387/ Frame C187 43 B
629 B 764ms
51ms Image
image/gif 108.156.184.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/2387/?ct=CA&st=ON&city=1829&dma=0&zp=&bw=4&che=2628979618&col=30302797,3083823,372665888,563779261,196343757
Requested by: Host: 54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
URL: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.184.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-184-71.cmh68.r.cloudfront.net
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:40:59 GMT
via: 1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: PZBMApmGUbhxwMZsro3A-ILtD0Q2ih2Rpgxh47HJF_edu9YoQ8e5cg==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 28F8 22 KB
8 KB 58ms
26ms Document
text/html 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 94390
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 18:27:50 GMT
expires: Mon, 26 Aug 2024 18:27:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C187 42 B
174 B 107ms
100ms Fetch
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst--m_mKFJQSxuN47tPrGxe7gkBgVO4XFMKB1YOYwgXuhNXmzrjnmMaznETUr9MZ-x6gFe88vs7OOe09YaOmcje9w7tec1fgn1_QO4WvfkHOxXHdn9DA1BClge65IV6oznil68wu11YKA&sai=AMfl-YRZ-UuYVDXCtd0fR8vacnT7bCAspMnW8RH6yzIGnpa71D03DzM6V5606S5NleyDkF9alJrsHSoIAI2-Tym8sPJoTCicO6BymfD626K4aiQf1u4r5ljNUvak4Nd5x9NTWGYXCacnjoF5nHpBLw&sig=Cg0ArKJSzJO6rOxRrmjiEAE&cid=CAQSTABpAlJW84r3qRmRXgIAhpQl6fsSZXZYu7Pxeog2D7sDWRxKq3JV3rWaEHATvdcT-2aeZW6RiqUCnCiOClOldy2_H7zmXJ5-smkNDbEYAQ&id=lidar2&mcvt=1069&p=1110,436,1200,1164&mtos=1069,1069,1069,1069,1069&tos=1069,0,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=377546238&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693255258945&rpt=618&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 178F 120 KB
41 KB 29ms
27ms Script
text/javascript 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 20:31:24 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 178F 94 KB
33 KB 395ms
34ms Script
text/javascript 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 14:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 14:54:39 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/ Frame 178F 114 KB
35 KB 1250ms
171ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2859386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 34866
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a86-8832"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58%2FpHctagdSindkOXZMpkaeelfpTwAL6m10mgZyujRx2Dg62bEz5NAdkkBrJxMO5ispmc1wOAemENNhMGLQAwMPcbuxc%2BIiLnDT9EQKsx0%2FwG5Tkwi5UYs2LFQYOqY1XC1OeotlZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fdf5f6a598f39dd-YYZ
expires: Sat, 17 Aug 2024 20:41:01 GMT

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame 28F8 37 KB
14 KB 35ms
33ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 454998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:17:42 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 22F5 42 B
64 B 77ms
67ms Fetch
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1LK8ATg0_1Pbz1TPpdMNK0BGu3wbbinxhHMAocXS8qjDmedI8AKmfRHKw3hb11vsZGn7yPIgpV1JniTJvrN8vhaDJQ3QywQrSVYI4HYnZNfoYEZmka5ulIaQdBGCOU3FL03SQXIvsPg&sai=AMfl-YRh2rEQS_x4jQkAwWjIn5DRoLCD8EY35ypc4QQO8cp6RUVadcF23XdAu0YszrHB78ToWe0HQHQAOlmq&sig=Cg0ArKJSzJNU0O9jWLQFEAE&cid=CAQSGwBpAlJWqJXTT6Vg00YRGvqZLoBVh_MqnTDcIhgB&id=lidar2&mcvt=1127&p=0,11,188,740&mtos=0,1127,1127,1127,1127&tos=0,1127,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&vu=1&app=0&itpl=4&adk=3667577507&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693255257729&rpt=1971&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame DA8B 10 KB
4 KB 45ms
44ms Document
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077350

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 11928
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 17:22:13 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 17:22:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame FBD6 10 KB
4 KB 27ms
27ms Document
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077350

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 11928
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 17:22:13 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 17:22:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame 1C72 10 KB
4 KB 29ms
25ms Document
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077350

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 11928
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 17:22:13 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 17:22:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUYhuINRKvZT2zw44fhbI1QJXljuBTmCi-g6kZHPYMcPfja_XVR7FELsW3kJyilqGPS9wCseOvxNx6mowIBTrS6G4sxbSmBRMY6XFKNlVxC7XxBFnLBaMZvj3OcQURHOgto-mz-KQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 78ms
77ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUYhuINRKvZT2zw44fhbI1QJXljuBTmCi-g6kZHPYMcPfja_XVR7FELsW3kJyilqGPS9wCseOvxNx6mowIBTrS6G4sxbSmBRMY6XFKNlVxC7XxBFnLBaMZvj3OcQURHOgto-mz-KQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkzMjU1MjYxLDU0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hcGsybWUuY29tL2dpZnQtb2YtaGVkb25lLWFway8iLG51bGwsW1s4LCJQcDMtRkF3M2RzdyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Pp3-FAw3dsw.es5.O/d=1/rs=AJlcJMw3kg0UaX88pv0AgMJ_o6rjdSm4mg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

a7e750dcfc141cb62abf84f5b15b8ae8688121945db0f37c443ad50ac6595ea5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7Ml6ewwPCJOdGsK0PFl-SQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7Ml6ewwPCJOdGsK0PFl-SQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7FE8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

60ms
59ms

Image
text/html

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/
Protocol: H3
Server: 172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Redirect headers

date: Mon, 28 Aug 2023 20:41:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 8705789078262744522
tpc.googlesyndication.com/simgad/ Frame 7FE8 9 KB
9 KB 31ms
29ms Image
image/png 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8705789078262744522?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn0mH67d9sa5l8gbMyalh6Bq0dltg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

c4e7cf9cb45738f94c0379ce9353b7d193289378cc248563537abf73230aba17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 17:40:33 GMT
x-content-type-options: nosniff
age: 183628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9414
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 13:09:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Aug 2024 17:40:33 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7FE8 2 KB
2 KB 35ms
25ms Image
image/png 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 01:34:36 GMT
x-content-type-options: nosniff
server: cafe
age: 68785
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 29 Aug 2023 01:34:36 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7FE8 295 B
323 B 35ms
25ms Image
image/png 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 01:11:47 GMT
x-content-type-options: nosniff
server: cafe
age: 70154
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 29 Aug 2023 01:11:47 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 46ms
45ms Ping
text/plain 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PJKLJWW6RW&gtm=45je38n0&_p=802707405&cid=1647964.1693255257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1693255256&sct=1&seg=0&dl=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F&dt=Gift%20of%20Hedone%20Apk%201.3%20Free%20Download%20Latest%20For%20Android%20%5BMOD%5D&en=scroll&epn.percent_scrolled=90&_et=18
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PJKLJWW6RW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s05-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apk2me.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame 422E 37 KB
14 KB 29ms
29ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 454999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:17:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame DA8B 4 KB
767 B 46ms
45ms Stylesheet
text/css 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Aug 2023 20:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 20:02:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Aug 2023 20:41:01 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DA8B 205 B
270 B 26ms
24ms Image
image/png 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 01:12:32 GMT
x-content-type-options: nosniff
age: 242909
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 25 Aug 2024 01:12:32 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DA8B 604 B
669 B 26ms
25ms Image
image/png 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 16:07:17 GMT
x-content-type-options: nosniff
age: 534824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 21 Aug 2024 16:07:17 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame DA8B 15 KB
6 KB 29ms
28ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

328cb29271341963f1503c02d0d00d7d67f60396961e4fdac73b74ebbe16d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:43:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6521
x-xss-protection: 0
server: cafe
etag: 18225085782652855565
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:43:55 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame DA8B 20 KB
8 KB 26ms
26ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:22:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame FBD6 2 KB
901 B 37ms
36ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:19:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame FBD6 23 KB
9 KB 40ms
39ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:19:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame FBD6 3 KB
1 KB 42ms
41ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:14:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame FBD6 20 KB
8 KB 41ms
40ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22968
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:18:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FBD6 181 KB
56 KB 68ms
68ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:41:01 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame FBD6 35 KB
15 KB 26ms
26ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 01:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:43:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 01:19:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 1C72 2 KB
901 B 26ms
25ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:19:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 1C72 23 KB
9 KB 28ms
25ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:19:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 1C72 3 KB
1 KB 51ms
32ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:14:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 1C72 20 KB
8 KB 44ms
25ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22968
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:18:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C72 181 KB
56 KB 103ms
86ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:41:02 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 1C72 35 KB
15 KB 47ms
30ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 01:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:43:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 01:19:52 GMT

GET
H3 200 AGSKWxXkjUn-MIScijm9OGKTul3F4OJzTpa262THs61OLkHf5pY3KFa7oA3hBwgphAz2nIbEOa8IcF3MyvDkfy3PfYohoWvJVr2j3gGrmeWIPfJVJXuy6ajDPOdr5gc3XPdqs1q5KCZsvQ== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 97ms
97ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXkjUn-MIScijm9OGKTul3F4OJzTpa262THs61OLkHf5pY3KFa7oA3hBwgphAz2nIbEOa8IcF3MyvDkfy3PfYohoWvJVr2j3gGrmeWIPfJVJXuy6ajDPOdr5gc3XPdqs1q5KCZsvQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkzMjU1MjYyLDEyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vYXBrMm1lLmNvbS9naWZ0LW9mLWhlZG9uZS1hcGsvIixudWxsLFtbOCwiUHAzLUZBdzNkc3ciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

39080afa8618544cb9f11767979aeb785751821a1740f0147dfab3ba803c745c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BNsW9dztstYyEPDsDIPgeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-BNsW9dztstYyEPDsDIPgeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 178F 7 KB
6 KB 61ms
61ms XHR
application/json 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4f0b49a07933bcfc6b0e0761611eda2fa038bf49c628b8428b4fc45b7f5bf9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5633
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C187 0
0 60ms
57ms Fetch
image/gif 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFd8vsOc0x03Yqx41yDZXGYpRNrJLobvBRmkfl-pUZ8p_gLlkgvRR694vGfZcFEylZFLdlW_jrbVT3w-4ecT-S7iGR9tMXuScWqubJ2ariss9rU-vfUd7W8RHynottTs7Sd5QBHuKsjVBllno5tZ1EzUih1J3ckyapKFGgKYksryvZON3rzQ-hBUYGRWpmufDhHIHKmrGbcaLAqgkCc8HNPeHGiQqbmsKxWDM1cYBryDaVIw5F1oqvx4yn5EkiMNJXhNTHfFfMi1afaDFAiDkC5KTUREgz4-fJMcBG4-ROoz7NAGHBkQBdWdCvCuAjJ2H04keJFZ3FLSR6uQS4ccmyTgSGMW7ucTGMY4BMoYakZdh2Ag2H0K4Vic7E_uKZpMmp2xeljotU18_hs0JsjZi0RGwvfGPWwHE8wUdBUAeTy1hcQljNiDyvUILSfKiE9aILgNYhdyKBQt01RBMBZoos0xZ6FM_ezZu3Vw-1DgN6eAeP_ZIgta4936eUc0arl66wyYgmcDOmSWT0bXA5VYJWayNRaRpuqYkWf7pPAPEBen6MXoQf-F5xj9_xdGtU3pgRpSIjYlbwQj5i11AfDHtOa_EnOq7_Tf5UG_GdbxfZfReVuUDwfq6hNRPIN4vmgVAkeGQVWvKgqOLVwgikGeKkx_IPslPyQSwcFqiqH8GRQWHW_ZcW8rk_d-A2OhZTxiikHgzqY-HQA0wfZZS8de68jlNs2C8WgrOjVytF4cPWSJ8CdVNCrYuireZ1ahmfuKfxSPa4n4pynhfHtc33AsYrR-akgDgzKPmKXSUc7tpajW4IykfUjhoNL99pstNYa_KLkiSshMbGJi_suMCSP9xpIwMMRpOESB19d0Zi3I2ilCK_lk_2h3Xp9Sz5dhQX3c4s8oc-s3u_tsexmCX8ODRp4IPB0s2xMSn0KtTMaTcGyuqqa_bMlQlQAY5XxH6xz2p1sbHnAfHvVRn8zJfXoBHXArn5M9AK2gQNjA691_yOqPABMqwiux-IPwjXDZI51xRcjANsdoHu1P7C0QDFKOKi4RFji_wguUpoAJHmBzO7u67ezOT1bEmeJwhb9CpXvKN7GzsUKgyAcX_DkPKzQkwhdo_kvHLxOYxMLugtmqzQPYXFlh9VW6zGQZGMImET2BznP9U-uRJ0cfFtBKnn17LnzgYSkgSPWFBSXTqF05pJUkKwNndjSXw55g0yHLpVCNJzqrBaw3IhEGITw-0b2UHaQrtwQdsNbbEkhb1nQnWq_f_R8a4bJvO9XLt6GqvlHxMKIbvN5kfM5uwbZ5w0xnBjPX0afYuXlN7aT4XKACK5Kpzo-P8BCgvZtHvbkoaDI71Wzvj2&sai=AMfl-YQoUfICb69S0F139qYLPbeoDomEEz6ILfjTg79rsSBn5nrJqKgptHl2TkgRzY9mykYrt0cpi1HvaZcthYLgINeQpW0DbY2FWmLPi9t1oKTTDgUu7mI5CxZe-FOAiAb3rkpqCqMEAT1SniYsAxf1eqf-Vy-8eCRMC8kKHPkzs2SVHQywa2nPOz8Y4ak7k5RZZtcTSeK9tDkO-i6U_VxrWBFH8TObCor8boVj2dIN__pGtysvWvJdCV-xY_ZjW6F_WyceKv1aKZZmqVPb7WzeM14xmSfW60nAU9qQ9Edpm8CCW3TdHiEOYaE1DEn7&sig=Cg0ArKJSzOlasCVvKqjaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3012&vt=11&dtpt=2590&dett=3&cstd=392&cisv=r20230823.03233&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 28 Aug 2023 20:41:02 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 178F 17 KB
6 KB 143ms
142ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 20:41:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7FE8 0
0 59ms
58ms Image
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHXQsWgbtZKu3MM6IoPMPoaGhsAGr4rGccY78jOHtEamP_MIDEAEg5Z_uLGD9oJmB6AOgAffim7QoyAEC4AIAqAMByAMIqgT8AU_QMiBzn4SSXYqvmXK0JWZEnbsSCnyf8PZt4hx_AsTg3I_zrADBEQ4Vrhc4Pbsq1dvW2j_4MF0qpCPyRwug36HQrvSJHHyJ9yPtbNwFS0Z9mhuzPjLjRCaWj8tgOSAyAmxMPuzWIGj2lXVkHc3W27Yqdce5HZxUonylH7iEgUmredTXT0Ev2rQB9h597TlU8xhSlwxU85CDFhnvkoyzQOZAKIImFLRi-Bqf0u-qTKZY2dWNpKptUIX5Xd_r0F9oXwLSKRrUrEdt-wukpVaTTU6LsnxdycFKRqRc5nQjyhWomavkASlbZAqWR8alf4Bv0ddR1GlSIgDF0CpWxMAEp8nw2ZoE4AQBiAX41qaFRJIFBAgEGAGSBQQIBRgEoAYCgAf3muyTA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELOuFtIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgk6aHR0cHM6Ly9mcmVlLndlYmNvbXBhbmlvbi5jb20vbWluaW1lLz9jYW1wYWlnbj0xODI2NDczMDQ4OIAKA8gLAdoMEAoKENCbzZG_nq30dBICAQPYEw3QFQGAFwGyFx4KHAgAEhRwdWItNzUyODk0OTM4NTkwOTA5ORiuiyI&sigh=670YJbgv-Nc&uach_m=[]&ase=2&cid=CAQSTABpAlJWVW646_tgxfmgoyDNrcWvq8YwVsfDLL3yKGNG1JKY4tVPQg_ymBitm1CS-5BbyXF_COFfNgbUm7BRDgGfS5vXyAge0IB3Z7IYAQ&cbvp=2
Requested by: Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame 2E13 9 KB
4 KB 34ms
31ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 22:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:43:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 22:33:24 GMT

GET
H3 200 0979332f55b7a6feda3ce3359b4f09db.js Show response
www.gstatic.com/mysidia/ Frame 2E13 142 KB
52 KB 33ms
32ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0979332f55b7a6feda3ce3359b4f09db.js?tag=video_mra/web_interstitial_raspberry_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

be3162082c9bbf1a7eb9bd0bdb51f3b00298d805b424ffec1399539a49ac9a91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 03:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53294
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:43:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 03:12:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2E13 21 KB
1 KB 61ms
49ms Stylesheet
text/css 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.202 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

ESF /

Resource Hash

76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Aug 2023 20:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 20:16:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Aug 2023 20:41:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 2E13 2 KB
901 B 41ms
29ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:19:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 2E13 23 KB
9 KB 50ms
38ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:19:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 2E13 3 KB
1 KB 52ms
40ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:14:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 2E13 20 KB
8 KB 49ms
37ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:18:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E13 181 KB
56 KB 73ms
69ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 20:41:02 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 2E13 35 KB
15 KB 48ms
46ms Script
text/javascript 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 01:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:43:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 01:19:52 GMT

GET
H3 200 arrow_left.svg
s0.2mdn.net/sadbundle/4214858595737940445/ Frame 178F 585 B
435 B 39ms
36ms Image
image/svg+xml 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4214858595737940445/arrow_left.svg

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

1b126bc5eff2c4664de9d2aaf51d20149aba2f8862cf12e00749ae1613919a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 05:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399055
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 21:21:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 05:50:07 GMT

GET
H3 200 arrow_right.svg
s0.2mdn.net/sadbundle/4214858595737940445/ Frame 178F 583 B
430 B 38ms
36ms Image
image/svg+xml 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4214858595737940445/arrow_right.svg

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

2e71993e4d7a11cd72b5ba7364f220e3c854d7f99c294f698676824e06b48286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 17:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 21:21:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Aug 2024 17:40:45 GMT

GET
H3 200 10274132.jpg_1692891873332_10274132.jpg
s0.2mdn.net/dynamic/2/11095790/www.medianet.com/preview_links/Walmart_Dynamic_Product_Images/Resize_Test/Resize_App/upload/ Frame 178F 64 KB
64 KB 39ms
37ms Image
image/png 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11095790/www.medianet.com/preview_links/Walmart_Dynamic_Product_Images/Resize_Test/Resize_App/upload/10274132.jpg_1692891873332_10274132.jpg

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

b752aa576195cda8b100ce3d3fd57a026b0203ae627d887ef9093d8b4712574d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 21:52:32 GMT
x-content-type-options: nosniff
age: 341310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65921
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 15:44:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 21:52:32 GMT

GET
H3 200 buy_now_cta.svg
s0.2mdn.net/sadbundle/4214858595737940445/ Frame 178F 2 KB
948 B 74ms
72ms Image
image/svg+xml 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4214858595737940445/buy_now_cta.svg

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

05521bd9a735dad86e7b4340ee175b5be42878077eaf6fa6ff269b30a70a1b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 17:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 919
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 21:21:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Aug 2024 17:59:06 GMT

GET
H3 200 206807.jpg_1692891873332_206807.jpg
s0.2mdn.net/dynamic/2/11095790/www.medianet.com/preview_links/Walmart_Dynamic_Product_Images/Resize_Test/Resize_App/upload/ Frame 178F 80 KB
80 KB 61ms
60ms Image
image/png 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11095790/www.medianet.com/preview_links/Walmart_Dynamic_Product_Images/Resize_Test/Resize_App/upload/206807.jpg_1692891873332_206807.jpg

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

6f2d0028564d143618e004e3e658e349bc924de4fe1b7cefc758af535abf3831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 21:52:32 GMT
x-content-type-options: nosniff
age: 341310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82354
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 15:44:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 21:52:32 GMT

GET
H3 200 6000192948168.jpg_1692893846876_6000192948168.jpg
s0.2mdn.net/dynamic/2/11095790/www.medianet.com/preview_links/Walmart_Dynamic_Product_Images/Resize_Test/Resize_App/upload/ Frame 178F 39 KB
39 KB 70ms
68ms Image
image/jpeg 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11095790/www.medianet.com/preview_links/Walmart_Dynamic_Product_Images/Resize_Test/Resize_App/upload/6000192948168.jpg_1692893846876_6000192948168.jpg

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d96ad124555be5e95a3e324cae461dbf14c8c286dace1a7725932097bf99dbbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 21:52:32 GMT
x-content-type-options: nosniff
age: 341310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39795
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 16:17:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 21:52:32 GMT

GET
H3 200 6000198309111.jpg_1692891873332_6000198309111.jpg
s0.2mdn.net/dynamic/2/11095790/www.medianet.com/preview_links/Walmart_Dynamic_Product_Images/Resize_Test/Resize_App/upload/ Frame 178F 86 KB
86 KB 74ms
73ms Image
image/png 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11095790/www.medianet.com/preview_links/Walmart_Dynamic_Product_Images/Resize_Test/Resize_App/upload/6000198309111.jpg_1692891873332_6000198309111.jpg

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

5ccaf28c20bd5c7ea751215af2d3f3c1dc512f9a4a041b2fe59ab293332bcdd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 21:52:32 GMT
x-content-type-options: nosniff
age: 341310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87909
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 15:44:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 21:52:32 GMT

GET
H3 200 6000196847678.jpg_1692891873332_6000196847678.jpg
s0.2mdn.net/dynamic/2/11095790/www.medianet.com/preview_links/Walmart_Dynamic_Product_Images/Resize_Test/Resize_App/upload/ Frame 178F 88 KB
88 KB 52ms
50ms Image
image/png 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11095790/www.medianet.com/preview_links/Walmart_Dynamic_Product_Images/Resize_Test/Resize_App/upload/6000196847678.jpg_1692891873332_6000196847678.jpg

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

5157d69d45b2cf7c79667aab99d59c2e0fb2c579e5cd132fb0007f242d449768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 21:52:32 GMT
x-content-type-options: nosniff
age: 341310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89951
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 15:44:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 21:52:32 GMT

GET
H3 200 6000191584387.jpg_1692891873332_6000191584387.jpg
s0.2mdn.net/dynamic/2/11095790/www.medianet.com/preview_links/Walmart_Dynamic_Product_Images/Resize_Test/Resize_App/upload/ Frame 178F 79 KB
79 KB 47ms
45ms Image
image/png 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11095790/www.medianet.com/preview_links/Walmart_Dynamic_Product_Images/Resize_Test/Resize_App/upload/6000191584387.jpg_1692891873332_6000191584387.jpg

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

5fe45a6e96286cacb9fbdd1b85e9df6da5387900fae6ac9198e93e29a01726a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 21:52:32 GMT
x-content-type-options: nosniff
age: 341310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81077
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 15:44:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 21:52:32 GMT

GET
H3 200 34509719_20230721095448000_header_728x90_EN.jpg
s0.2mdn.net/ads/richmedia/studio/34509719/ Frame 178F 70 KB
70 KB 48ms
46ms Image
image/jpeg 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/34509719/34509719_20230721095448000_header_728x90_EN.jpg

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

0ea6c8b90bb8d07a664305bc08ea007276108f0da24a10a76e45babe09af6a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 04:00:46 GMT
x-content-type-options: nosniff
age: 60016
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71324
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 16:54:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 04:00:46 GMT

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ 4 B
371 B 134ms
33ms Ping
application/json 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://apk2me.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 20:41:02 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 4e7626664be1860fbbeb93df186b7990
Content-Length: 4
Expires: 0

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame 08FF 37 KB
14 KB 27ms
26ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 455000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:17:42 GMT

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5BEE 37 KB
14 KB 30ms
29ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 455000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:17:42 GMT

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame 319A 37 KB
14 KB 28ms
27ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 455001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:17:42 GMT

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame A1D3 37 KB
14 KB 36ms
30ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 455001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:17:42 GMT

GET
H3 200 buy_now_cta.svg
s0.2mdn.net/sadbundle/4214858595737940445/ Frame 178F 2 KB
948 B 27ms
26ms Image
image/svg+xml 172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4214858595737940445/buy_now_cta.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

05521bd9a735dad86e7b4340ee175b5be42878077eaf6fa6ff269b30a70a1b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 17:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182517
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 919
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 21:21:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Aug 2024 17:59:06 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11095790/www.medianet.com/preview_links/Walmart_Dynamic_Product_Images/Resize_Test/Resize_App/upload/10274132.jpg_1692891873332_10274132.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

sffe /

Resource Hash

b752aa576195cda8b100ce3d3fd57a026b0203ae627d887ef9093d8b4712574d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4214858595737940445/index.html?e=69&leftOffset=0&topOffset=0&c=4vj8tAmRWg&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 21:52:32 GMT
x-content-type-options: nosniff
age: 341311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65921
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 15:44:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 21:52:32 GMT

GET
H2 200 dc_oe=ChMIoLP1sZuAgQMVWVgNCh2fyQo9EAAYACDN789dQhMIgYbAsZuAgQMVkTQMCh1EsAgB;stragg=1;&timestamp=1693255263421;str=impression%20-%20auto%20-%20undefined%20-%20Nestea%20Lemon%20Iced%20Tea%2010%20X%202...
ade.googlesyndication.com/ddm/activity/ Frame C187 42 B
251 B 62ms
51ms Image
image/gif 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoLP1sZuAgQMVWVgNCh2fyQo9EAAYACDN789dQhMIgYbAsZuAgQMVkTQMCh1EsAgB;stragg=1;&timestamp=1693255263421;str=impression%20-%20auto%20-%20undefined%20-%20Nestea%20Lemon%20Iced%20Tea%2010%20X%20200%26nbsp%3BMl;strtype=1

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7FE8 42 B
66 B 70ms
68ms Image
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvH2XLV5Q3xcJscv2xU-GibWyqs_Q-MohZAKqdbnBbMRjxC9myDo0KIPylH5lQEbG0aRoYYmbemocWEy9ODcd5-w0SnU795YRQlNg0nE_ynkFSGJBM1BBC3hj9SsPkzrax9fniGmNCXVg&sai=AMfl-YSSLrzEva9FQD6ORVuW3oNzKnrdHFh-3PCP2Zr1j2NPZ0rKvnNEqXmz18ZuRbIEadxtBZrvyTFI4vxn2xrqO4CMwfSmlvRfPC9v1M9qMHIN8KCAg6lzkagR_N3pH9n-aWLI8SI9HVgeBLss-w&sig=Cg0ArKJSzP9fdIImJhoCEAE&cid=CAQSTABpAlJWVW646_tgxfmgoyDNrcWvq8YwVsfDLL3yKGNG1JKY4tVPQg_ymBitm1CS-5BbyXF_COFfNgbUm7BRDgGfS5vXyAge0IB3Z7IYAQ&id=ampim&o=230,478&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1182&mtos=0,0,1182,1182,1182&tos=0,0,1182,0,0&tfs=2767&tls=3949&g=100&h=100&tt=3950&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C187 0
22 B 62ms
61ms Ping
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3365990652588&version=m202307240101&ct=76&x=1&cor=14234577998305935000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 63ms
62ms Image
image/gif 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=7.179643882861637

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F5tRaV1Y6_pR1D1-vA_gdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-F5tRaV1Y6_pR1D1-vA_gdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 60ms
59ms Image
image/gif 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=3.1027103529431086

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-1rlh5n8pgEVTqX4N6Qgr5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:03 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-1rlh5n8pgEVTqX4N6Qgr5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 28F8 0
22 B 78ms
77ms Image
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlPGfWwbtZOCZDdmwNZ-Tq-gDAAAAADgB4AQC&bg=!hYalhsnNAAYkVgHwBFY7ADQBe5WfOOnSIMk6jR1HtFhjYhV8Yas-k-XX3Sod7zUIvun2iPjQIh5ANDX7mE2zH3QDravBAgAABixSAAAAkmgBB5kC781hLi-HOnXtp4EzUb4VO8zw6GAb61UFi7NjABrp9KihIaSVmwB193OgctUrDVKS4AoqvkoRBHcMBEw-iL3RhZuzWTaM3cK1ykG0TImEPGl_ayJ5oNG7ned0YX_0vP7H3nCsT1gJU_fTxfhyl6JbGTZSL810anvEbGqA0IR0-Qem6rsQErJDDAdHTeS6Ei2XjOwSTrR2Q4ykrZE8Lsyr3tWldKrxS25MF9SMt5FnTnstiJMAYtUL-Oo0fJ8ZAZ77ac-H4voZAU87XbLV8Cx0KUPc-rhu1MSaSrv62x795t2RDHap3zWA497dWDg7eqj_kUdhA6uvSAetPavJmF2971K3i4-nzUkyklO6XaNRIHocXmRqUHq0aNulhhAYeNtwU5KuiF-lYZB4QP7VcaHLU84W_tjtNmqbGMOVJsU_v2fpjtqHMRbgWKzolC8bwT_RHU7dZ-K3wROREB4McuONwKiSs1yT9gPAl96-cr_sdZ0x1R-aN7eUIgrMdgTygO4dbs5S-YpSdg-cBElLRwEjBvKm1r5x4fjZk-e-Vsn3NxNIxRHlLsbshJpeRwgEaDipdzlGEORaIvkGjx-ywap1q6tbrE90fpee7h8sTV434WL11LJGQS_MZWxIhnCDcMTOEGtPgLNBB-mrP1YyKB6HBaI_wbzPlpDk9w9sd8aRet6EWtUR-7vfSlz6WhH6ibSTYxzFpMaTt9zVN8DsTSvFf_-Pvnu9dBmZl-KMb9KYIN06ZzgZgLdLuUOcV7ECeT6yJbiRWbfZ831nigiUWsJzvNPWhsK2IOiSCNwA-rfXLjfx2c9Yj0EU8RjM0O4Y8rtRV3wPSP7aFLA6mbNAPe93Teai7L32K9oJn0bZo5qG0E4oJuQjj8QbaFkcsme0cuT_Nd1UhKAcLonlucsfAW8ry5q9ATNZvXIz83yyWodoR0KDlYoc7-VjjwBIi_YnHwAV5ytBSUDGpSEw733LSv5IYbR-IJEGs4DrJhOaT9z7avU

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXuSqrveVYzxMIOljLAKVUNM0CbpvbJjsuQWQvdN3TYFh252FlmrF5EPW5NMl7_th_ZkVkOHYvH6TDneUvBhHp6MB_P2dnSEcOI92u-LOpGOnAIAR7FdWRooEaeycv1rgWzikL1qg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 117ms
59ms XHR
text/html 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXuSqrveVYzxMIOljLAKVUNM0CbpvbJjsuQWQvdN3TYFh252FlmrF5EPW5NMl7_th_ZkVkOHYvH6TDneUvBhHp6MB_P2dnSEcOI92u-LOpGOnAIAR7FdWRooEaeycv1rgWzikL1qg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UIjc7FZbB1Nf9avIlFL4Dw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Aug 2023 20:41:03 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UIjc7FZbB1Nf9avIlFL4Dw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://apk2me.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 advertising Show response
fundingchoicesmessages.google.com/f/AGSKWxX9Tk6ym82xhlPEasz3PCLmdXZlPeGDehn8gwSz8YhxVwTcbpoDJCCRehyHHlGH2LyhDvESBY-fskf7zYEXpTMvw6QIZTFpZ_2p39pTcaITSt7tz9HVs8lnfUAzPx6IfQPbbo_emDWTelSDL6A50-U5fVEd7... 54 B
109 B 77ms
77ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX9Tk6ym82xhlPEasz3PCLmdXZlPeGDehn8gwSz8YhxVwTcbpoDJCCRehyHHlGH2LyhDvESBY-fskf7zYEXpTMvw6QIZTFpZ_2p39pTcaITSt7tz9HVs8lnfUAzPx6IfQPbbo_emDWTelSDL6A50-U5fVEd77di-yCs-M0L_ksncjT2XPTr2sMi7wtc/_/Javascripts/SBA-/ad290x60_/advertising?/ads/writecapture./700x250.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Pp3-FAw3dsw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw3kg0UaX88pv0AgMJ_o6rjdSm4mg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

d1c0096ca999c26bdf628c38667b0d6bc1319c928ed6f2f772dd562b47c10f5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X7necnwBSQ020DqshDf9ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-X7necnwBSQ020DqshDf9ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
71 B 40ms
39ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Pp3-FAw3dsw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw3kg0UaX88pv0AgMJ_o6rjdSm4mg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 20:38:17 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXuSqrveVYzxMIOljLAKVUNM0CbpvbJjsuQWQvdN3TYFh252FlmrF5EPW5NMl7_th_ZkVkOHYvH6TDneUvBhHp6MB_P2dnSEcOI92u-LOpGOnAIAR7FdWRooEaeycv1rgWzikL1qg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IaSEEHfbYFypsC-UNc97kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Aug 2023 20:41:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IaSEEHfbYFypsC-UNc97kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://apk2me.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXuSqrveVYzxMIOljLAKVUNM0CbpvbJjsuQWQvdN3TYFh252FlmrF5EPW5NMl7_th_ZkVkOHYvH6TDneUvBhHp6MB_P2dnSEcOI92u-LOpGOnAIAR7FdWRooEaeycv1rgWzikL1qg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a81OgOOGEl9idagxei58ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Aug 2023 20:41:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-a81OgOOGEl9idagxei58ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://apk2me.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXuSqrveVYzxMIOljLAKVUNM0CbpvbJjsuQWQvdN3TYFh252FlmrF5EPW5NMl7_th_ZkVkOHYvH6TDneUvBhHp6MB_P2dnSEcOI92u-LOpGOnAIAR7FdWRooEaeycv1rgWzikL1qg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iY96jE0jWR-7tyCunA8TSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Aug 2023 20:41:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iY96jE0jWR-7tyCunA8TSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://apk2me.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXuSqrveVYzxMIOljLAKVUNM0CbpvbJjsuQWQvdN3TYFh252FlmrF5EPW5NMl7_th_ZkVkOHYvH6TDneUvBhHp6MB_P2dnSEcOI92u-LOpGOnAIAR7FdWRooEaeycv1rgWzikL1qg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-S_4f9qs4_Io3Zb5LVxtIwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Aug 2023 20:41:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-S_4f9qs4_Io3Zb5LVxtIwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://apk2me.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXjy_NzJrXTi3AOfLxBIZ7lqTVeFswBYTd3pHN9nK6W9utpwuL4TVYRMrbzffgYtruUufHO1Dqi5NWkahC5SYzh4_ww8sIg5Lao17LfVCbzqGTlOvD7lBoE8b7qvRRWduKZRasgSA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 117ms
117ms Script
application/javascript 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXjy_NzJrXTi3AOfLxBIZ7lqTVeFswBYTd3pHN9nK6W9utpwuL4TVYRMrbzffgYtruUufHO1Dqi5NWkahC5SYzh4_ww8sIg5Lao17LfVCbzqGTlOvD7lBoE8b7qvRRWduKZRasgSA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkzMjU1MjY0LDU1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9hcGsybWUuY29tL2dpZnQtb2YtaGVkb25lLWFway8iLG51bGwsW1s4LCJQcDMtRkF3M2RzdyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

536e0002bdd9f74365542bc5ce5ed178ebdda0dbd654c184c37e04f057fd661e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-krGvlCq8jBmNvvM55n42ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-krGvlCq8jBmNvvM55n42ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXfij35iM4UAMEVcn9GFnbSezNIuStjrmSFpCa2bJZcAQYAkf7bojNSImnJi1LVEenq90h9YobclR3aAA2axEkDtumQ8YXjgDb-9D-sPTtd5F-xyYdo9P8yu2kBbEanFWk9UX5_Rg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 94ms
94ms XHR
text/html 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXfij35iM4UAMEVcn9GFnbSezNIuStjrmSFpCa2bJZcAQYAkf7bojNSImnJi1LVEenq90h9YobclR3aAA2axEkDtumQ8YXjgDb-9D-sPTtd5F-xyYdo9P8yu2kBbEanFWk9UX5_Rg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GBuRSpEXkj5WJlIQHAPXig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Aug 2023 20:41:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-GBuRSpEXkj5WJlIQHAPXig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://apk2me.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXuSqrveVYzxMIOljLAKVUNM0CbpvbJjsuQWQvdN3TYFh252FlmrF5EPW5NMl7_th_ZkVkOHYvH6TDneUvBhHp6MB_P2dnSEcOI92u-LOpGOnAIAR7FdWRooEaeycv1rgWzikL1qg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GiLiaij8e28O11hn2UG_Wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Aug 2023 20:41:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-GiLiaij8e28O11hn2UG_Wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://apk2me.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIoLP1sZuAgQMVWVgNCh2fyQo9EAAYACDN789dQhMIgYbAsZuAgQMVkTQMCh1EsAgB;stragg=1;&timestamp=1693255266151;str=impression%20-%20auto%20-%20undefined%20-%20Jell-O%20Refrigerated%20Gelatin%20Snacks...
ade.googlesyndication.com/ddm/activity/ Frame C187 42 B
63 B 61ms
60ms Image
image/gif 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoLP1sZuAgQMVWVgNCh2fyQo9EAAYACDN789dQhMIgYbAsZuAgQMVkTQMCh1EsAgB;stragg=1;&timestamp=1693255266151;str=impression%20-%20auto%20-%20undefined%20-%20Jell-O%20Refrigerated%20Gelatin%20Snacks%26nbsp%3BStrawberry;strtype=1

Requested by

Host: apk2me.com
URL: https://apk2me.com/gift-of-hedone-apk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 87ms
86ms XHR
application/json 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230823&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077350

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

5745d2a8b42da05bd3fa97794b4ef8ae200d2be4d8300be3b59253eb65f9d563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11728
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 118ms
118ms Script
text/javascript 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077350

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 20:41:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E30A 13 KB
5 KB 51ms
49ms Document
text/html 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 215501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Aug 2023 08:49:26 GMT
expires: Sun, 25 Aug 2024 08:49:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 897E 829 B
560 B 82ms
81ms Document
text/html 172.217.13.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f4.1e100.net

Software

GSE /

Resource Hash

159ccf77f9b58e52b7aa6181341ca49627568cf03e938eac5fa628f387f2ec4c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ppUkBZticUHjAVNjDZL3Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://apk2me.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-ppUkBZticUHjAVNjDZL3Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 20:41:07 GMT
expires: Mon, 28 Aug 2023 20:41:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame E30A 37 KB
14 KB 106ms
105ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 455005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:17:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 897E 0
0 87ms
86ms Image
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230823&jk=516923798558681&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E30A 0
12 B 52ms
51ms Image
text/plain 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZLtSPA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 20:41:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 81ms
80ms Image
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230823&jk=516923798558681&bg=!jo2ljcLNAAYkVgHwBFY7ADQBe5WfOAX7oDJqS0YOqfl65uK9FJVNws2TiEK0PJhsHBBCt7fM7jNkVUK9leXmAhSu8-VnAgAAAIhSAAAACGgBB5kCqoKJXgSjfHGcR0bc7f-bhE1GBp2Ej_xuJ13g9VOtsj1-6YPC2NjtHkydU4H-QbLj06A6z2k6kOS1nrSK2b8D2jLiuw1BVEr3uuH1AgP6lkHtr9U0NgxqZ6habuDuumlpl2NTI7Z0u39Qj8G7OdrbZz3fBwlDSwN8S3XNX-HQu-_tMqHytb3QBM8be50GpDUDyNEOGKdbdVfHOSbAfqa4AxnFZqQC-th-lLUfQrpwyQTuQ1aBHSrjBSfQTs3WFcmoDEuAcTX4k3oCiGSp3Fg_UhgJlVdDkZ-OIq90PGbJ_D58HTSZLRIba9BxBlmE72ndFf9Z-wDVAvpd2eo-kQ9W50iFv77jouMNJZb5GJrRWCt4bMvGjAQn1712pOnoLnP08t5A5ySUDAkdH28lfGOlxcSnDPO7jrEXCoeWB5QTlXFDcq2fl4eP0WFMgrndAmgcs-YKyMES_4bnMh_sy5z8DYzdo28LT2PzNhvUfEaqNT4tkMo9rKLCYE5S5oABSlEcWpaTn2ZIp0s0hkAp3u4FFxIYI9HitICGpGp5gseZ-J8CkV_3FnpIU2iDxQvd0BE5j-2-ZTQv9y257mx7lpCs9KlFVVdj13WUAl87sPejj_g9UIxOCSClp9eI8xJ9NN12-0BhU_yqC63pL5PvUdcg8Zn2ZtExim763WnlKxR4_4v5fRoCFBhyomefkwwQgsDOK-YOJ0DD7UAXz_DRbvJHuhVdXcZPZ7pay5qIktD57LydOKq5bl0I0J72wigIeJwYIx-fI57dKcXT2ZYg56lhg8Gz0dtrGBVWXUrhagOxHmyplkzKYPQ9wB1Un8mYOZSvbVlXJ_NXyEHotvOmlCidfgPBynr8jwNSx8bNac9GaH9AUPjVVjlBp3lg1sSTwaZsQwLmzBUG6ah7ADo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://apk2me.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ 4 B
371 B 51ms
50ms Ping
application/json 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://apk2me.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 20:41:08 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 21db661c21ccd495c5a4afceefe60b23
Content-Length: 4
Expires: 0

GET
H3 200 dc_oe=ChMIoLP1sZuAgQMVWVgNCh2fyQo9EAAYACDN789dQhMIgYbAsZuAgQMVkTQMCh1EsAgB;stragg=1;&timestamp=1693255269150;str=impression%20-%20auto%20-%20undefined%20-%20Celebration%20Milk%20Chocolate%20Top%20B...
ade.googlesyndication.com/ddm/activity/ Frame C187 42 B
63 B 65ms
65ms Image
image/gif 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoLP1sZuAgQMVWVgNCh2fyQo9EAAYACDN789dQhMIgYbAsZuAgQMVkTQMCh1EsAgB;stragg=1;&timestamp=1693255269150;str=impression%20-%20auto%20-%20undefined%20-%20Celebration%20Milk%20Chocolate%20Top%20Butter%26nbsp%3BCookies;strtype=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 20:41:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id.geistm.com
URL: https://id.geistm.com/m/OB/DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7

Verdicts & Comments Add Verdict or Comment

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

107 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
widgets.outbrain.com/nanoWidget/externals/cookie	1970-01-20 14:20:58	Name: thirdparty Value: yes
.apk2me.com/	1970-01-20 23:56:55	Name: _ga_PJKLJWW6RW Value: GS1.1.1693255256.1.0.1693255256.0.0.0
jn.dyewoodtigua.com/	1970-01-20 14:22:21	Name: GL_UI4 Value: eJw9jV1ugzAcw%2Fmm3QqbJQ6wIxAq6PY47RB7RAn5l6aFpAoZaLdfNGmTH2xZP8tBEETVE8I1SxB%2F8RYv56NoeNvUoj4Ra7rWa5CCNezEXo9vncReLb3jYiKXYLfM3LrerQkOI2myaugHI6nAs6f%2Bmps2m06QCsu1LJDOnpgK5MKabSFbxUg0nwnZx8Ua7%2BnMr8YiZqzzWWmfwxqRWaq4fED%2BqbT0w%2FKAiNVlmQV4vE%2FcnY2deyWzEOlouSSE79gN3NFo7DdyScvNmTtgJtn%2F87%2B%2F8cZqZJJWNfhz4y5kfwCks029
jn.dyewoodtigua.com/	1970-01-20 14:22:21	Name: GL_GI10 Value: eJwNyjELwjAQhuHcIQlCQT7o7ygIpXSV7K2DuIdGJMtduAZ%2Fv4F3eIbXOcfjAC4Vw7pM8zrd594C%2BoLjA3wIfEyScgIZeN%2FAJgi7tGRFQQfCS02ldReETS2%2Fn32SE9eoVtVS%2B4CqJ3DTcAGfeXSgn7%2F9AU1oG2w%3D
.openx.net/	1970-01-20 23:06:31	Name: i Value: 1721130e-09f3-4ff6-ba32-f8d8cb21c1f6\|1693255257
.criteo.com/	1970-01-20 23:42:31	Name: uid Value: b4bc5099-0600-4805-a06b-209acc1cd6fa
.yahoo.com/	1970-01-20 23:06:52	Name: A3 Value: d=AQABBFoG7WQCEKReKS4ZyY0ymyDZDnQk0mUFEgEBAQFX7mT2ZCXaxyMA_eMAAA&S=AQAAAnMBaQ2SGIZw9xeGCgQC_i4
.apk2me.com/	1970-01-20 23:06:31	Name: connectId Value: {"lastUsed":1693255258115,"lastSynced":1693255258115}
.apk2me.com/	1970-01-20 23:42:31	Name: cto_bundle Value: k0MHjl9CT0k1U0hOZDZZcVhqQ2ZCMmtTbVJOOW92YkJYOU9pN1VzVERyOSUyQkY0ckpzdDRpWUlrV2lRclFOU2wxcjB6aGZ5MEFDMmVVTmJUbERlM0JNb0VnN3FRZ3FBJTJCUE1OWjhWTDd5aDJvelFrNzlPRzEyN0htUDJjMHN1WENMTDh3U2MyNzY4YndtOWFBc1B1VERVemZPc05RJTNEJTNE
.apk2me.com/	1970-01-20 23:56:55	Name: _ga_PVZGH7YTYG Value: GS1.1.1693255258.1.0.1693255258.0.0.0
.crwdcntrl.net/	1970-01-20 20:49:41	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 20:49:41	Name: _cc_id Value: a29d57f5635a46afe14f1f159341b42
.apk2me.com/	1970-01-20 20:49:43	Name: _cc_id Value: a29d57f5635a46afe14f1f159341b42
.apk2me.com/	1970-01-20 14:22:21	Name: panoramaId_expiry Value: 1693341658205
.apk2me.com/	1970-01-20 23:56:55	Name: _ga Value: GA1.2.1647964.1693255257
.apk2me.com/	1970-01-20 14:22:21	Name: _gid Value: GA1.2.748528848.1693255258
.apk2me.com/	1970-01-20 14:20:55	Name: _gat_gtag_UA_213652305_71 Value: 1
.apk2me.com/	1970-01-20 23:42:31	Name: __gads Value: ID=e6f4973210dc7aa3:T=1693255257:RT=1693255257:S=ALNI_MZnCiIrwS3fJr8IQG4HUwGJ1Dl4Vw
.apk2me.com/	1970-01-20 23:42:31	Name: __gpi Value: UID=00000d8e650efdba:T=1693255257:RT=1693255257:S=ALNI_Mb9uhwkhKvJJwYGwiuhohJcgDYvYA
.outbrain.com/	1970-01-20 16:30:31	Name: obuid Value: 3a7bcfbf-fa0d-4524-9a25-4236b7137054
.outbrain.com/	1970-01-20 14:20:55	Name: recs_c32a6142d580e30f9701ea7d9be564aa Value: 0B5284479754A5188289445A5066432330A4732274637A5237972739ACD1
.outbrain.com/	1970-01-20 14:20:57	Name: obsessionid-p10621 Value: 2532ef56-ef13-8efd-0000-018a3de0d29c\|0\|1
.doubleclick.net/	1970-01-20 23:56:55	Name: IDE Value: AHWqTUmxBCskTR17I3Su-zJU14_BfzCQMpmricus9WeX4wGSrriMfCNznJPHTlBY
.doubleclick.net/	1970-01-20 14:20:56	Name: test_cookie Value: CheckForPermission
.casalemedia.com/	1970-01-20 23:06:31	Name: CMID Value: ZO0GW0zdySINDFQImdq2DAAA
.casalemedia.com/	1970-01-20 16:30:31	Name: CMPS Value: 3723
.casalemedia.com/	1970-01-20 16:30:31	Name: CMPRO Value: 3723
.doubleclick.net/	1970-01-20 18:40:07	Name: APC Value: AfxxVi5_pP1DJARdr5rFwpXaM9QXasVJf8WBEwbQ9O5wiaR4uVJ25A
.adnxs.com/	1970-01-20 16:30:31	Name: uuid2 Value: 2360486356122597287
.adnxs.com/	1970-01-20 16:30:31	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU'p+7>G!]tbPl1M>e)ZlrFUfJ+tGXxo]MX5sMB+N^F>>Cj-F>/X#8z-<DaaVY2c+krbpRzqF1`b`9^*8?jm
.analytics.yahoo.com/	1970-01-20 23:06:31	Name: IDSYNC Value: 195n~2dlw
.googleadservices.com/	1970-01-20 16:30:31	Name: ar_debug Value: 1
.agkn.com/	1970-01-20 23:06:31	Name: u Value: C\|0EAgsf8LcLH_C3AAAAAAAAgAsAViNWAIAAC0BB-agAgABAAcAAAAAAc5iTf__HgAAAAAALw4vAAAAABY2biAAAAAAC7P3zQAAAAAhmpa9AA
.demdex.net/	1970-01-20 18:40:07	Name: demdex Value: 40242768510630806432240492539211478714
.krxd.net/	1970-01-20 18:40:07	Name: _kuid_ Value: Pw0bWuOA
.adsrvr.org/	1970-01-20 23:07:57	Name: TDID Value: 807d1f16-0ef7-4426-9ac4-b77fb80cbace
.agkn.com/	1970-01-20 23:06:31	Name: ab Value: 0001%3AQAycWrXlyHb%2FH98EFmpquD1RchucgVPz
.dpm.demdex.net/	1970-01-20 18:40:07	Name: dpm Value: 40242768510630806432240492539211478714
.zemanta.com/	1970-01-20 23:06:31	Name: zuid Value: vBoGk7TqIcQamSFKZKdZ
.zemanta.com/	1970-01-20 23:06:31	Name: obuid Value: DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7
.doubleclick.net/	1970-01-20 14:20:58	Name: DSID Value: NO_DATA
.mfadsrvr.com/	1970-01-20 23:56:55	Name: tuuid Value: 7ea59c13-ae95-4d41-b918-7ea78ec15ef1
.mfadsrvr.com/	1970-01-20 23:56:55	Name: c Value: 1693255260
.bidswitch.net/	1970-01-20 23:06:31	Name: c Value: 1693255260
.im-apps.net/	1970-01-20 23:56:55	Name: imid_secure Value: L21abFB1SCmk8WBEyOa7ig
.im-apps.net/	1970-01-20 23:56:55	Name: imid_created_secure Value: 1693255260
.eyeota.net/	1970-01-20 23:07:57	Name: mako_uid Value: 18a3de0daee-4e890000010a4e5e
.eyeota.net/	1970-01-20 14:20:55	Name: SERVERID Value: 20062~DM
.bidswitch.net/	1970-01-20 23:06:31	Name: tuuid Value: c2b85291-29d1-4530-9a77-642b9181513e
.pippio.com/	1970-01-20 23:06:31	Name: did Value: bCbNqwFhDESMsc_0
.pippio.com/	1970-01-20 23:06:31	Name: didts Value: 1693255260
.pippio.com/	1970-01-20 15:47:19	Name: nnls Value:
.adfarm1.adition.com/	1970-01-20 16:30:31	Name: UserID1 Value: 7272475965508679829
.exelator.com/	1970-01-20 17:13:43	Name: EE Value: "3e29fa71a87dad67ee66f992b9316609"
.mfadsrvr.com/	1970-01-20 23:56:55	Name: tuuid_lu Value: 1693255261
.mfadsrvr.com/	1970-01-20 23:56:55	Name: ssh Value: !outbrain,1693255261
.bidswitch.net/	1970-01-20 23:06:31	Name: tuuid_lu Value: 1693255261
.exelator.com/	1970-01-20 17:13:43	Name: ud Value: "eJxrXxzq6XKLQcE41cgyLdHcMNHCPCUxxcw8NdXMLM3S0ijJ0tjQzMzAcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQbEl%252BUWb6ImfHxUUpaQyLSopPBR%252BV%252BwAAoYoqTw%253D%253D"
.pubmatic.com/	1970-01-20 14:22:21	Name: KTPCACOOKIE Value: YES
.360yield.com/	1970-01-20 16:30:31	Name: tuuid Value: 8b982a9c-acbf-49a0-8eb1-037602fc944b
.360yield.com/	1970-01-20 16:30:31	Name: tuuid_lu Value: 1693255261
.pippio.com/	1970-01-20 15:47:19	Name: pxrc Value: CN2MtKcGEgQIAhAAEgYI7OsBEAA=
.smaato.net/	1970-01-20 14:51:09	Name: SCM Value: 9d8555093c
.smaato.net/	1970-01-20 14:36:02	Name: SCMo Value: 9d8555093c
.rubiconproject.com/	1970-01-20 23:06:31	Name: khaos Value: LLVCGPV0-H-GU4L
.rubiconproject.com/	1970-01-20 23:06:31	Name: audit Value: 1\|UOfmMvEYCQOF1zOCOosjzBtSMcmFsMpZ/KIz5MXf+rr6iLMg9tLrdTy1sqdLe5eA7ofuGRpPsORCqQ3+tQhlLHMDvubSxZCGaLJOLsY/dF+KWeNHmXAcWtES+wzatrvcxGZLyAazrKUCsPxU4h5HAQSNravEgfYjMfxbUaVHR3zRW/CqwzVFnkiL/Q+AxqkR
.pubmatic.com/	1970-01-20 16:30:31	Name: SyncRTB3 Value: 1694390400%3A220
.pubmatic.com/	1970-01-20 23:06:31	Name: KADUSERCOOKIE Value: 5CDA6A4C-C027-463D-B788-0B27CD4CD589
.1rx.io/	1970-01-20 23:06:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-75a53ce8-3451-4a69-a665-5907bd2e9a8d-005%22%7D
.creativecdn.com/	1970-01-20 23:06:31	Name: u Value: VplDRn7dlbknfmyIIb3Z
.creativecdn.com/	1970-01-20 23:06:31	Name: ts Value: 1693255262
.bing.com/	1970-01-20 23:42:31	Name: MUID Value: 08B1F5DBCFA966530B0AE6A0CE836761
.c.bing.com/	1970-01-20 14:31:00	Name: MR Value: 0
.smartadserver.com/	1970-01-20 23:51:09	Name: pid Value: 3330658597789645301
.bidr.io/	1970-01-20 23:49:28	Name: bito Value: AAEJck7J2g0AACkQZ1dzuQ
.bidr.io/	1970-01-20 23:49:28	Name: bitoIsSecure Value: ok
.rlcdn.com/	1970-01-20 23:06:31	Name: rlas3 Value: ZnWaQ0wrWMlBRQNemwDCmZ/OEQYqbVkODwGLOQdrq7o=
.rlcdn.com/	1970-01-20 15:47:19	Name: pxrc Value: CNyMtKcGEgUI6AcQABIFCOhHEAASBgi46wEQARIGCIq6KxAC
.linksynergy.com/	1970-01-20 23:06:31	Name: rmuid Value: 8daa0143-932a-4857-86af-b80ee7ba7ed7
.linksynergy.com/	1970-01-20 23:06:31	Name: icts Value: 2023-08-28T20:41:02Z
.contextweb.com/	1970-01-20 22:59:19	Name: V Value: 6fUhKsIf8Xga
.contextweb.com/	1970-01-20 23:06:31	Name: pb_rtb_ev Value: 3-1mjr\|8jE.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: fec49310ef73b7f5
.quantserve.com/	1970-01-20 16:30:31	Name: d Value: EEsBDQHoKa-LswA
.quantserve.com/	1970-01-20 23:51:09	Name: mc Value: 64ed065e-82df0-6b786-7833a
.targeting.unrulymedia.com/	1970-01-20 23:06:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-75a53ce8-3451-4a69-a665-5907bd2e9a8d-005%22%7D
.pubmatic.com/	1970-01-20 14:22:21	Name: pi Value: 160065:3
.pubmatic.com/	1970-01-20 16:30:31	Name: chkChromeAb67Sec Value: 2
.adentifi.com/	1970-01-20 23:56:55	Name: adtheorent[cuid] Value: cuid_3411f970-45e3-11ee-99ec-1202f1c33782
.id5-sync.com/	1970-01-20 14:20:55	Name: callback Value:
.id5-sync.com/	1970-01-20 16:30:31	Name: id5 Value: 5e41bfb5-284b-7d95-851a-ef93b6a1b739#1693255263562#2
.tapad.com/	1970-01-20 15:47:19	Name: TapAd_TS Value: 1693255263964
.tapad.com/	1970-01-20 15:47:19	Name: TapAd_DID Value: d5b8370b-c702-4e84-8d82-a2d2b6988505
.tapad.com/	1970-01-20 15:47:19	Name: TapAd_3WAY_SYNCS Value:
.go.sonobi.com/	1970-01-20 15:04:07	Name: __uis Value: 3b441adf-3242-47c8-832d-bd71167599f6
.mathtag.com/	1970-01-20 23:46:50	Name: uuid Value: 998d64ed-0660-4700-a712-6756a41e0dcb
.apk2me.com/	1970-01-20 23:06:31	Name: FCNEC Value: %5B%5B%22AKsRol8wvG1G8Wr5gApkp3FjpFfZcgT86hJWGTUxynrvSkcTtf2K4WRQQ42kia9CE3Gc7FVN0-bwYEhEZL8FgH2hACR7-vsQ8YHApXXk0-iroswgsmQx-GuyXbcHPVNo41pytlGPbPzN4P-QqtpVtZBxkuLKEHYQeg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.adsrvr.org/	1970-01-20 23:07:57	Name: TDCPM Value: CAEYASABKAIyCwjU04zMuoSUPBAFOAFaBzhoOXUxMWhgAg..
.id5-sync.com/	1970-01-20 14:20:55	Name: cf Value:
.id5-sync.com/	1970-01-20 14:20:55	Name: cip Value:
.id5-sync.com/	1970-01-20 14:20:55	Name: cnac Value:
.id5-sync.com/	1970-01-20 14:20:55	Name: car Value:
.id5-sync.com/	1970-01-20 14:20:55	Name: gdpr Value:
.gumgum.com/	1970-01-20 23:06:31	Name: vst Value: u_e7485bee-cb33-4dc1-a747-ec6eb5aa1f37
.semasio.net/	1970-01-20 23:06:31	Name: SEUNCY Value: 3DF45A40D4F87084
.id5-sync.com/	1970-01-20 16:30:31	Name: 3pi Value: 112#1693255266032#-1503110594#3DF45A40D4F87084\|434#1693255264368#1170359966\|2#1693255266693#-583868750#2360486356122597287\|3#1693255264638#401699377#998d64ed-0660-4700-a712-6756a41e0dcb\|164#1693255263773#122720965\|501#1693255266693#-1580828478\|264#1693255265330#522995250#807d1f16-0ef7-4426-9ac4-b77fb80cbace\|441#1693255265625#-1184117620#u_e7485bee-cb33-4dc1-a747-ec6eb5aa1f37\|108#1693255264116#-1807466686\|429#1693255265064#1689288842#5CDA6A4C-C027-463D-B788-0B27CD4CD589
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86148\|ZO0GZ

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://c0.wp.com/c/6.3/wp-includes/js/jquery/jquery.min.js(Line 1) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network	error	URL: https://ups.analytics.yahoo.com/ups/58813/fed?v=1&url=https%3A%2F%2Fapk2me.com%2Fgift-of-hedone-apk%2F Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://id.geistm.com/m/OB/DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=6fUhKsIf8Xga&obUid=DWUvDTZ8lnwjkQXcqKqESx0QdgNNZS2anjQE0rVN4WfD22EuI_fE80o16ivk_UA7&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&ev=1&us_privacy=${us_privacy}&pid=562709 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

54037b1d0460593dbb688681bdc626fb.safeframe.googlesyndication.com
aa.agkn.com
ade.googlesyndication.com
adncdnend.azureedge.net
ajax.googleapis.com
apk2me.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
c.bing.com
c0.wp.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.rtbsystem.com
cms.quantserve.com
connectid.analytics.yahoo.com
creativecdn.com
d.agkn.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i0.wp.com
ib.adnxs.com
ice.360yield.com
id.geistm.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.outbrainimg.com
invstatic101.creativecdn.com
jn.dyewoodtigua.com
loadus.exelator.com
log.outbrainimg.com
match.adsrvr.org
match.prod.bidr.io
mcdp-sadc1.outbrain.com
oa.openxcdn.net
oajs.openx.net
odb.outbrain.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.tapad.com
pixel.wp.com
ps.eyeota.net
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.ad.smaato.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
stats.wp.com
sync-jp.im-apps.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.outbrain.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
tcheck.outbrainimg.com
telegram.im
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
id.geistm.com
104.17.25.14
104.18.35.167
104.21.68.74
107.178.254.65
108.156.184.123
108.156.184.71
13.107.21.200
142.250.72.98
142.251.32.97
142.251.40.202
146.75.38.132
151.101.129.229
162.19.138.83
172.217.13.110
172.217.13.130
172.217.13.142
172.217.13.161
172.217.13.162
172.217.13.163
172.217.13.168
172.217.13.193
172.217.13.194
172.217.13.195
172.217.13.196
172.217.13.198
172.217.13.202
172.67.38.106
173.237.16.20
18.209.38.85
185.184.8.90
192.0.76.3
192.0.77.2
192.0.77.37
192.184.68.134
192.40.39.223
198.148.27.131
199.127.204.142
2.22.41.153
207.198.113.90
23.105.12.170
23.215.41.73
23.49.250.160
3.160.22.128
3.160.22.7
3.160.4.198
3.160.5.24
3.211.144.247
3.211.159.119
3.33.220.150
34.102.146.192
34.111.113.62
34.120.135.53
34.200.65.202
34.229.3.43
34.236.43.18
34.239.10.179
34.96.70.87
34.98.64.218
34.98.67.3
35.190.60.146
35.207.24.140
35.211.178.172
43.225.53.77
50.57.31.206
52.20.6.194
52.55.229.173
54.156.26.12
64.202.112.31
64.74.236.191
66.225.223.95
68.67.179.166
69.166.1.35
72.21.81.200
74.119.119.131
74.119.119.139
74.119.119.150
74.121.140.211
8.28.7.81
8.28.7.82
8.28.7.83
8.28.7.84
8.43.72.97
80.211.42.243
85.114.159.118
01e8be122ac87eb4686d3bdad82d7e241a721dd3381699cc71423626ee7d7a32
05521bd9a735dad86e7b4340ee175b5be42878077eaf6fa6ff269b30a70a1b54
0699eecfdf4a053accd129e16cf8f08d2585648cddbd3b47bca004e71abe7d7a
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0aa0acb01b3dad7e2951b7c5d394ed8f4260b17ee26e41db30ceefbe579b3020
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea6c8b90bb8d07a664305bc08ea007276108f0da24a10a76e45babe09af6a03
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
0fd8234999ac0bf34e6a281424c7eb19597dfaf03be2329567dff0c534793b28
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
159ccf77f9b58e52b7aa6181341ca49627568cf03e938eac5fa628f387f2ec4c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b126bc5eff2c4664de9d2aaf51d20149aba2f8862cf12e00749ae1613919a6d
1c3a8aaa4b0a051f9ca1f0aef8c9e2cbb22a38d1ccfb0792df67519df883352c
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1e4580e910a624e7a73b550b1df947da9dfa8c688f9d5a797e41a7674513ae8e
220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9
239dfd26b0ab21a1c37a7da859fa6b0d675b58bca389ace449143d0df23f16fb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
29d1a4d4ff04f4985edac2ff2f76c900d7dd6727fbb9e2f4b8256c2f47d41c77
2acacc9cffe8e7a57dce64bf9914c66ea766ac3ed5f5daa299605488d2c36949
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e71993e4d7a11cd72b5ba7364f220e3c854d7f99c294f698676824e06b48286
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
328cb29271341963f1503c02d0d00d7d67f60396961e4fdac73b74ebbe16d803
35da1bf6d3deecd091e6a29886c2499f1b784e5b361493ad966f130871155c9b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36ef63420f2a82374d016a378bf127ba8d3c761c8dcad295188b1690a17a0108
381dd92f0e27a4d42c5b316c5955ef6ce82ed0eeb92a71e0723402cdcce046e7
383f32fa6baaab26fc0a313af9c0e0a57b20e298a598d85d23c39d3982cf735c
39080afa8618544cb9f11767979aeb785751821a1740f0147dfab3ba803c745c
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3afe7f41a1e7441a7df8cac942be6750c0bca673f0bec9acba983d378084ab70
3d34ac5cee8dcdf83684bfdf55641356487894a202f73a19055378abd77e2658
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4bb42237f510d70c7cbf4f42d28ce93d1ab3d0d6d1275ad0aa2afe8ec1bbdad9
4bea17f30f5f11f2c1e1c8556bcde6a6221bfdb0a59103dee2ba88e659702715
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ebecd8afd2424508ba7ee31ec8cf590613f0f316548badaf2c11d3be79b2d89
4f0b49a07933bcfc6b0e0761611eda2fa038bf49c628b8428b4fc45b7f5bf9f2
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5157d69d45b2cf7c79667aab99d59c2e0fb2c579e5cd132fb0007f242d449768
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52b106e7cc6e91c5f29203a3e0d4c5a9e90c424e221953d52d1dad30fbba4256
536e0002bdd9f74365542bc5ce5ed178ebdda0dbd654c184c37e04f057fd661e
5388fbc5a6cb49d12efa1c30933e3801dca79f5ee32c8d30aa808770a8b944ea
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5481c3353b1060ce05db093bb50e70f5177cef010aa62f35c031f479feaefbe9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b32ad050502d84444fde8b65bcbf3933b98f5cc4e8388417aaaa180d0958f1
5745d2a8b42da05bd3fa97794b4ef8ae200d2be4d8300be3b59253eb65f9d563
580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8
5864da48f12f63ba53802264719f69472d901c92d21a857ac685f311cbf730df
58da84cda48852de4c82e6f99e906e926101fc4731baca10b834c55f31e0b46f
593d82ff318ed811c9d35bd63c0590a870e08eab1f7b2bb8e7ccff5e74b42bdb
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5ccaf28c20bd5c7ea751215af2d3f3c1dc512f9a4a041b2fe59ab293332bcdd4
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
5fa28654ae63426d43f44705464b110ab6fec8e083e4265ae46d73624b362e88
5fe45a6e96286cacb9fbdd1b85e9df6da5387900fae6ac9198e93e29a01726a7
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
61c1f3476a65f7eb245b7179fefefc54a3455891e394944a1be1f0bbf5b61dfb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
68f9042a03dfb106098795785893fa607d2c51151b3abcb8d03484025f8eb3ee
69cb605f0a4a781056612fe26df57089a48b6f8e96a19a5ab954dd9b900d77c3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc04dd212f4315760b1f7fb7a7799dabbe8d02980282253ae33c8df54392fee
6f2d0028564d143618e004e3e658e349bc924de4fe1b7cefc758af535abf3831
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7b0e9f2bdf95ade611e0d1defb44c908324b714dbe065bdb8b53ab1fac0dce31
7b67fc13bf4d8f7458ffc48cdd38c49c5bd36794916c70e77c5346ec79c39235
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
810a1e594e490a5316854f12cc1536ec6999c149af3aea2bfc49981e0bae368b
8595370db337a82ca84bd737f0a443ea7f6a65b126b6ac03ca3476e96249d0ca
89390aa15f564984205c4c57ac6a72148c2d40f8943c28b0b28349fe1bb4e2d2
8d3251f4935896ec37ada153d20d0109828ad08523127f136415355b3fca2dcf
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5
97cc67ccdd4d42b68b5c224918d9007b06f286a91115917b9707368d1de54b32
9846e8c00af45bffb627274fce43a37ed85419f0ce19b364750cbaa19e53f7f0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9aabc95877405be6d241a9c2aac270eb9f0da56062d1cbc78c922eaf9004c8b5
9b9d658a845b73c72925e904fcde8bdbd3097384ce98697d1fe4f85b22c4fd00
9f433f4843e95f5116368cf1cdbe1312b52355211470c487886a8d6a5074de33
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5531a7467f0e324959b8c056c8ada8709116598b07d560936ff787ad7d5818b
a68827190bc01a61ee0a62ec59efa74497a6bc5aa8586f1fac50a58d0cf42d88
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a70ef200da9d0f6aeee32891bcdb357c771a9a3b8304e789d77920adbe210fcb
a7e750dcfc141cb62abf84f5b15b8ae8688121945db0f37c443ad50ac6595ea5
a8bd5e98d57068f936c2f271290d33e4796e02c491d77e147dd816430b3c8e2d
a9e7165f5372bc98a6ef65a6cd9b2526e9ea71ed13041592c675908c4017db98
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b188c077a4afca55bb0a2e9d849ac1300acc4a1b15240de70ea9d8b26d4fa9c6
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b3aa56c9cd536c51fb4c95c2dfaf81cf4bce15ab2025df6ebde9a6ec4b295dae
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b752aa576195cda8b100ce3d3fd57a026b0203ae627d887ef9093d8b4712574d
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b819dcb40958b1ef2e74f72fa5ba96f9370c421b31ecccabf7683f24372b80a2
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
be3162082c9bbf1a7eb9bd0bdb51f3b00298d805b424ffec1399539a49ac9a91
bfa6f64ca2042a77247e9920c90477bca62fde58345bd87e461d94934c3e6380
bfee8305dafa9279461d58a36a92b00129ff1b7a62132c10fbcac2337852c350
c3ecff2df7803f4443ba8e97300f0802fd919b20904fb24ac6eff277effa0b60
c4e7cf9cb45738f94c0379ce9353b7d193289378cc248563537abf73230aba17
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c87d9ded7d493e779fca78d1ff9b3fdd46c42487c9a78723e71b8557c79f0b3a
c890091815994db924443b1f4c5fbd0d3674a8b8bd53b8da1b7e9a014ce7ef4e
c8be1269a134d7df5a75a02b0fce70d409e6d6984554acef232eabdaa4c39d66
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1c0096ca999c26bdf628c38667b0d6bc1319c928ed6f2f772dd562b47c10f5e
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
d96ad124555be5e95a3e324cae461dbf14c8c286dace1a7725932097bf99dbbe
db1f461314ae65f94583f6c4c7953c8e8aaa4db12372c6b0a8e95d22ae170114
dca79181b4ed80cd1f4321c09fc89537b1f3792b4c8eb57e07f29830e01dbaa5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
e8d0c511a442ab86c456d557ff28c5eb0a80b6794f5a742e0c3ce6cf9d7088ed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04c103865cc36143d3bae95987dd86cfbb9c47f783343e1d1c6c1cf7e9707d1
f1a8263adc0b1e2844c9998f3290c60d6bf0a28c2b9443e08bb15c5ab3464066
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f8413abfad666edd28a3d1829edc03c7b10ae5a1e1616653fef42db42e9ab750
fae8d3cc8ea231dfe5f28dbfb82b186ebd61f9a02139af7318c1bbc70209d702

apk2me.com Open in urlscan Pro 43.225.53.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

286 Requests

88 %HTTPS

0 %IPv6

66 Domains

100 Subdomains

59 IPs

8 Countries

3479 kBTransfer

9049 kBSize

107 Cookies

9 Outgoing links

Redirected requests

286 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

apk2me.com Open in urlscan Pro
43.225.53.77 Public Scan

Screenshot
Live screenshot

Full Image

286
Requests

88 %
HTTPS

0 %
IPv6

66
Domains

100
Subdomains

59
IPs

8
Countries

3479 kB
Transfer

9049 kB
Size

107
Cookies

286 HTTP transactions
4 data transactions