appreviewed.net Open in urlscan Pro
136.243.40.69 Public Scan

Software

sffe /

Resource Hash

ebc42de16ccdfcb41a188d4f52a41e69e9fdd58d0a577d500863deae7c3c722f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "842 / 20 of 1000 / last-modified: 1618312126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20899
x-xss-protection: 0
expires: Tue, 13 Apr 2021 21:01:21 GMT

GET
H2 200 YXBwcmV2aWV3ZWQubmV0L2RlL3Jldmlldy84OTMw Show response
live.demand.supply/p4/v12-6-0/ 581 B
421 B 57ms
51ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://live.demand.supply/p4/v12-6-0/YXBwcmV2aWV3ZWQubmV0L2RlL3Jldmlldy84OTMw
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9b60a4a00e1aadd38b39086915acf4a5c92d88f18fc7f704977cf0beb275ae8

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:21 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 63f7a1136a6f4e08-FRA
cf-request-id: 096ea3002500004e08a7aa9000000001

GET
H2 200 ds.2.html Show response
live.demand.supply/ 413 B
349 B 34ms
19ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: a3cd8a12-cc4c-46c3-be45-d59b51d5b363-982523
date: Tue, 13 Apr 2021 21:01:21 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 1616501
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 63f7a1136d9f4e38-FRA
cf-request-id: 096ea3002000004e38463da000000001

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 198ms
98ms Script
application/javascript 99.84.153.196
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.153.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-153-196.txl52.r.cloudfront.net
Software: Server /
Resource Hash: 2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 20:54:49 GMT
content-encoding: gzip
server: Server
age: 391
etag: 9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: 11GrZ4vbIcrQ20hh8BdcRvzkMaiC0j9l
x-amz-cf-id: 7oPus5iML4_kMXHXT3rVtvDaRoZE0s7BptB7SrIF9FuNeS5Bla_izQ==

GET
H2 200 uamp.1.json Show response
live.demand.supply/ 8 KB
3 KB 126ms
113ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly9hcHByZXZpZXdlZC5uZXQvZGUvcmV2aWV3Lzg5MzA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 0761a0b7-11fb-4d23-901c-08f614dadf0f-20531451
date: Tue, 13 Apr 2021 21:01:21 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
etag: W/"2737623a1c86876e78fe4b7db5c30dd7-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 63f7a1136da14e38-FRA
cf-request-id: 096ea3002000004e3853047000000001

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/38134/ 375 KB
109 KB 82ms
28ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Download Go to

Full URL: https://cdn.adpushup.com/38134/adpushup.js
Requested by: Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 45eb9b0503df4bc60f510676856bfe6b6939bff2cbcc01ee02bb8287ad3599d6

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:21 GMT
content-encoding: br
x-cf3: H
cf4ttl: 604800.000
x-cf1: 28371:fA.ams1:co:1617295165:cacheN.ams1-01:M
x-cf-geodata: NL
content-length: 111630
x-cf-tsc: 1617904445
x-cf2: H
last-modified: Thu, 01 Apr 2021 17:03:30 GMT
server: CFS 0215
x-cff: B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
cf4age: 607834
accept-ranges: bytes
x-cf-rand: 24.155
expires: Tue, 13 Apr 2021 21:16:21 GMT

GET
H/1.1 200
OK Roboto-Regular-79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95.ttf
appreviewed.net/assets/ 168 KB
168 KB 57ms
35ms Font
application/font-sfnt 136.243.40.69
HETZNER-AS

General

Check archive.org

Download Go to

Full URL: https://appreviewed.net/assets/Roboto-Regular-79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95.ttf
Requested by: Host: appreviewed.net
URL: https://appreviewed.net/assets/application-4e02c3fffd41de416eab20ff44ced4f2eee5a18e6a0c2c293ee856bf2f458c5a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.40.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: media.advertiso.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

Request headers

Origin: https://appreviewed.net
Referer: https://appreviewed.net/assets/application-4e02c3fffd41de416eab20ff44ced4f2eee5a18e6a0c2c293ee856bf2f458c5a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 21:01:21 GMT
Last-Modified: Fri, 10 Nov 2017 12:31:37 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "29e9c-55da01a1605df"
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=4998
Content-Length: 171676

GET
H3-Q050 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
2 KB 39ms
19ms Image
image/png 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 500297
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:04 GMT

GET
H/1.1 200
OK color_bg-071b152cd360b65e1c7d59b76037f860632a388bc9d85be8986e89c2936c1a6e.png
appreviewed.net/assets/ 166 B
451 B 55ms
35ms Image
image/png 136.243.40.69
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://appreviewed.net/assets/color_bg-071b152cd360b65e1c7d59b76037f860632a388bc9d85be8986e89c2936c1a6e.png
Requested by: Host: appreviewed.net
URL: https://appreviewed.net/assets/application-4e02c3fffd41de416eab20ff44ced4f2eee5a18e6a0c2c293ee856bf2f458c5a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.40.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: media.advertiso.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 071b152cd360b65e1c7d59b76037f860632a388bc9d85be8986e89c2936c1a6e

Request headers

Referer: https://appreviewed.net/assets/application-4e02c3fffd41de416eab20ff44ced4f2eee5a18e6a0c2c293ee856bf2f458c5a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 21:01:21 GMT
Last-Modified: Fri, 10 Nov 2017 13:14:33 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "a6-55da0b3a20d53"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=4996
Content-Length: 166

GET
H2 200 jsapi Show response
s.d.adup-tech.com/ 74 KB
22 KB 49ms
14ms Script
application/javascript 2600:9000:20c3:a800:8:85a:880:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://s.d.adup-tech.com/jsapi
Requested by: Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:a800:8:85a:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a06389f970f70127e4d7edb8261bb046ca2aeb04bd120ed4ec851eca00b26c1

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 20:01:49 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 12:45:33 GMT
server: nginx
age: 3573
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc181.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: MUC50-C1
x-amz-cf-id: fMMpFvkfQzbPJ_IgqeVkipc4BBFHC94iuHY6p5maAYJKU5AfehrMhA==
expires: Tue, 13 Apr 2021 21:01:49 GMT

GET
H/1.1 200
OK iconfont-09c1c149aac55c25c4116495b137d5206867e90efbbb5ed8071200bf6ea80254.woff
appreviewed.net/assets/ 7 KB
8 KB 36ms
35ms Font
application/font-woff 136.243.40.69
HETZNER-AS

General

Check archive.org

Download Go to

Full URL: https://appreviewed.net/assets/iconfont-09c1c149aac55c25c4116495b137d5206867e90efbbb5ed8071200bf6ea80254.woff?t=1480401977301
Requested by: Host: appreviewed.net
URL: https://appreviewed.net/assets/application-4e02c3fffd41de416eab20ff44ced4f2eee5a18e6a0c2c293ee856bf2f458c5a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.40.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: media.advertiso.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 09c1c149aac55c25c4116495b137d5206867e90efbbb5ed8071200bf6ea80254

Request headers

Origin: https://appreviewed.net
Referer: https://appreviewed.net/assets/application-4e02c3fffd41de416eab20ff44ced4f2eee5a18e6a0c2c293ee856bf2f458c5a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 21:01:22 GMT
Last-Modified: Fri, 10 Nov 2017 12:31:37 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1ce0-55da01a19614a"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=4995
Content-Length: 7392

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 119ms
54ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:22 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: FBAF69B7861DE212
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24369
accept-ranges: bytes
content-length: 948
x-amz-id-2: mINJDBnKUfP83RzDJ6hQaYSGPvMPOM770jd+gXVSD8LFScfPdVPaVzI4W2IwmrtEKhDna93Nv9A=

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
241 B 12ms
12ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly9hcHByZXZpZXdlZC5uZXQvZGUvcmV2aWV3Lzg5MzA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 09f3b63a-e438-497f-8103-7b96bf1d7f92-59218228
date: Tue, 13 Apr 2021 21:01:22 GMT
cf-cache-status: HIT
age: 705696
cf-polished: origSize=2
content-length: 1
cf-request-id: 096ea3016000004e3890885000000001
cf-bgj: minify
server: cloudflare
etag: "39068702929f3daf002107232eb5243e-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 63f7a1156aad4e38-FRA

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5a0990bfacfbdec5/ 1 KB
702 B 110ms
108ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5a0990bfacfbdec5/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cb022884374f094c04f0472c4042fcf75dae9228c02f4c54ad024b8eba843e0a

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:22 GMT
content-encoding: gzip
etag: -1989074891--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=35, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 525

GET
H2 200 appreviewed.net_auto_interstitial_desktop Show response
live.demand.supply/cp/ 26 B
144 B 114ms
114ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://live.demand.supply/cp/appreviewed.net_auto_interstitial_desktop?mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9hcHByZXZpZXdlZC5uZXQvZGUvcmV2aWV3Lzg5MzA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbff9bfa4ed5f4c7182477dcc2cca63f6fd999abb0d709ff2df6b3c7a8bcf95e

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 63f7a1157ad74e38-FRA
content-length: 26
cf-request-id: 096ea3016d00004e3890887000000001

GET
H/1.1 200
OK cancel-off.png
appreviewed.net/assets/ 699 B
985 B 36ms
35ms Image
image/png 136.243.40.69
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://appreviewed.net/assets/cancel-off.png
Requested by: Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.40.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: media.advertiso.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a9b80e5db625004a79c5a14979accb3501b273f69dfbbffbd9309c713c5cee78

Request headers

Referer: https://appreviewed.net/de/review/8930
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 21:01:22 GMT
Last-Modified: Fri, 10 Nov 2017 12:31:37 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "2bb-55da01a181926"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=4994
Content-Length: 699

GET
H/1.1 200
OK star-on.png
appreviewed.net/assets/ 631 B
917 B 36ms
36ms Image
image/png 136.243.40.69
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://appreviewed.net/assets/star-on.png
Requested by: Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.40.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: media.advertiso.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: fd26bf0ea0990cfd808f7540f958eed324b86fc609bf56ec2b3a5612cdfde5f5

Request headers

Referer: https://appreviewed.net/de/review/8930
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 21:01:22 GMT
Last-Modified: Fri, 10 Nov 2017 12:31:37 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "277-55da01a19614a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=4994
Content-Length: 631

GET
H3-Q050 200 pubads_impl_2021040804.js Show response
securepubads.g.doubleclick.net/gpt/ 296 KB
104 KB 93ms
54ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 19:24:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106480
x-xss-protection: 0
expires: Tue, 13 Apr 2021 21:01:22 GMT

GET
H3-Q050 200 config_2_5__24.json Show response
securepubads.g.doubleclick.net/pagead/managed/js/ 2 KB
1 KB 93ms
54ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/config_2_5__24.json?domain=appreviewed.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

2ad0fe009b4e278bb28a800aab0b3c420a783b400fc57c869d15452012bc583a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 697
x-xss-protection: 0
server: cafe
etag: 6332091875858825310
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 21:01:22 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 145ms
47ms XHR
application/javascript 99.84.153.196
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.153.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-153-196.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 22217
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Tue, 13 Apr 2021 14:51:13 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 21b99afa310f2ff34977f80506fb1672.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: 1JryVRSeweEspp1USzSdWGv8E1Rte_wLPOs--ixU8oRepCyjrwbY8g==

GET
H2 200 pb.1615970786708.js Show response
cdn.adpushup.com/prebid/ 371 KB
107 KB 26ms
26ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.1615970786708.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/38134/adpushup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 939b5679d0e41364d7e08bbf29e1bde87dfe6584b4cdf10790d7c3a204e6a89d

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:22 GMT
content-encoding: br
x-cf3: H
cf4ttl: 604800.000
x-cf1: 28371:fA.ams1:co:1615970900:cacheN.ams1-01:H
content-length: 108855
x-cf-tsc: 1617183067
x-cf2: H
last-modified: Wed, 17 Mar 2021 08:48:20 GMT
server: CFS 0215
x-cff: B
etag: "6051c254-5cd47"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf4age: 605519
accept-ranges: bytes
x-cf-rand: 20.249
expires: Wed, 13 Apr 2022 21:01:22 GMT

POST
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
178 B 101ms
33ms Other
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/38134/adpushup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:21 GMT
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://appreviewed.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
272 B 53ms
27ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MTgzNDc2ODIzMTMsInBhY2tldElkIjoiMDAwMDk0RjYtNGNjNDkwN2UtOGJkZS00OWNjLWExZjQtNDI5ZTI5NzI0NjkzIiwic2l0ZUlkIjozODEzNCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYXBwcmV2aWV3ZWQubmV0IiwidXJsIjoiaHR0cHM6Ly9hcHByZXZpZXdlZC5uZXQvZGUvcmV2aWV3Lzg5MzAiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiR0xPQkFMIiwicGFnZVZhcmlhdGlvbklkIjoiOWUxMjUyYzMtODkwYi00ZTllLWJjOWMtMTY3MzgzZjFmYWU3IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJWYXJpYXRpb24gMSIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIwNDdhMTUyOC0zYzJiLTQzYjQtYjgxOS1iYjYwZTk0ODg4MTciLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9HTE9CQUxfOTAwWDkwXzA0N2ExIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF8zODEzNF85MDBYOTBfMDQ3YTE1MjgtM2MyYi00M2I0LWI4MTktYmI2MGU5NDg4ODE3Iiwic2VydmljZXMiOlsxXSwiYWRVbml0VHlwZSI6MX1dfQ==
Requested by: Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:21 GMT
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://appreviewed.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
131 B 58ms
33ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MTgzNDc2ODIzMTYsInBhY2tldElkIjoiMDAwMDk0RjYtNGNjNDkwN2UtOGJkZS00OWNjLWExZjQtNDI5ZTI5NzI0NjkzIiwic2l0ZUlkIjozODEzNCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYXBwcmV2aWV3ZWQubmV0IiwidXJsIjoiaHR0cHM6Ly9hcHByZXZpZXdlZC5uZXQvZGUvcmV2aWV3Lzg5MzAiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiR0xPQkFMIiwicGFnZVZhcmlhdGlvbklkIjoiOWUxMjUyYzMtODkwYi00ZTllLWJjOWMtMTY3MzgzZjFmYWU3IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJWYXJpYXRpb24gMSIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJiNmY0NDU3Yi1jMjI2LTRmM2MtOWFmYy05ZGNlZTY0YzM3MjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9HTE9CQUxfMTYwWDYwMF9iNmY0NCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzM4MTM0XzE2MFg2MDBfYjZmNDQ1N2ItYzIyNi00ZjNjLTlhZmMtOWRjZWU2NGMzNzI4Iiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19
Requested by: Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:21 GMT
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://appreviewed.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 44ms
29ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-65698457-35&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-65698457-53

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8933e0f25d4d40d35fad1676bf928d95c926123d18a18823edc59e5a4a76528d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39176
x-xss-protection: 0
expires: Tue, 13 Apr 2021 21:01:22 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
75 B 12ms
12ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://live.demand.supply/e/e.js?r=appreviewed.net_auto_interstitial_desktop&pdc=1.6522571563720696&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9hcHByZXZpZXdlZC5uZXQvZGUvcmV2aWV3Lzg5MzA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 91686452-ac0a-4fba-9cb3-aa049a660eef-3227651
date: Tue, 13 Apr 2021 21:01:22 GMT
cf-cache-status: HIT
age: 705718
cf-polished: origSize=2
content-length: 1
cf-request-id: 096ea3021f00004e38588bc000000001
cf-bgj: minify
server: cloudflare
etag: "39068702929f3daf002107232eb5243e-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 63f7a1169d904e38-FRA

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 63ms
62ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 13 Apr 2021 21:01:22 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 24ms
9ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210413

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1615970786708.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3638b591fff866351eae88d2ac43ca5464f35fec200609ec6c21e489ebafc6e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3300
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 928
etag: W/"677-u0rjPBclpotvIWt5TtHHL1/z7nM"
x-served-by: cache-fra19124-FRA, cache-hhn4073-HHN
date: Tue, 13 Apr 2021 21:01:22 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
145 B 102ms
33ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=27&wv=3.16.0-pre&cb=83411169387
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1615970786708.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://appreviewed.net
date: Tue, 13 Apr 2021 21:01:21 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-65698457-35&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 4186
date: Tue, 13 Apr 2021 19:51:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Tue, 13 Apr 2021 21:51:36 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=appreviewed.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 21:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 37ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=appreviewed.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 21:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
387 B 47ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=2085636268&t=pageview&_s=1&dl=https%3A%2F%2Fappreviewed.net%2Fde%2Freview%2F8930&ul=en-us&de=UTF-8&dt=App%20Review%3A%20Jetzt%20bis%20zu%2050%25%20bei%20Amazon%20sparen%20%F0%9F%A5%B0%20-%20einfach%20die%20neue%20Amazon-App%20installieren%20und%20Rabatte%20sichern!%20appreviewed.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1939871606&gjid=2133732833&cid=336841479.1618347682&tid=UA-65698457-35&_gid=1048489619.1618347682&_r=1&gtm=2ou3v0&z=522767911

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://appreviewed.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 client.de.min.json Show response
s7.addthis.com/l10n/ 3 KB
2 KB 95ms
33ms XHR
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://s7.addthis.com/l10n/client.de.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

14884600e50a1b1674027761700ee08ef921fc9fed8e76945e73b5ff9b69b34e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-df3"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Tue, 13 Apr 2021 21:01:22 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1751

GET
H2 200 uid Show response
d.adup-tech.com/t/ 80 B
486 B 28ms
8ms Script
application/javascript 2a05:d014:943:a602:edde:c0ae:1ad4:7ed5
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d.adup-tech.com/t/uid
Requested by: Host: s.d.adup-tech.com
URL: https://s.d.adup-tech.com/jsapi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d014:943:a602:edde:c0ae:1ad4:7ed5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 080291a4b06d3fbb0747f13694a3094c6756cee3c3643733337cdf040c64ba07

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:22 GMT
cache-control: private, max-age=31536000
server: nginx
content-type: application/javascript; charset=utf-8
etag: W/"p_tOtY3je6B1xgdgaiEg"
content-length: 80
p3p: policyref="/w3c/p3p.xml", CP="OTC NOI DSP COR PSAo PSDo IVAo IVDo OTPo OUR IND"

GET
H2 200 iframe Show response
d.adup-tech.com/ Frame 0D66 33 KB
9 KB 80ms
80ms Document
text/html 2a05:d014:943:a602:edde:c0ae:1ad4:7ed5
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d.adup-tech.com/iframe?p=83a3e3e007fac497883557e55ec07df5&r=0&s=0&a=0&f=11&id=32nifbje&uid=p_tOtY3je6B1xgdgaiEg&surl=appreviewed.net%2Fde%2Freview%2F8930
Requested by: Host: s.d.adup-tech.com
URL: https://s.d.adup-tech.com/jsapi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d014:943:a602:edde:c0ae:1ad4:7ed5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 27df4b17f364aad5fb87200434be6a27b88cc1f03851b3ab5c038202732475d6

Request headers

:method: GET
:authority: d.adup-tech.com
:scheme: https
:path: /iframe?p=83a3e3e007fac497883557e55ec07df5&r=0&s=0&a=0&f=11&id=32nifbje&uid=p_tOtY3je6B1xgdgaiEg&surl=appreviewed.net%2Fde%2Freview%2F8930
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appreviewed.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid_sec=p_tOtY3je6B1xgdgaiEg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://appreviewed.net/

Response headers

date: Tue, 13 Apr 2021 21:01:22 GMT
content-type: text/html; charset=utf-8
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="OTC NOI DSP COR PSAo PSDo IVAo IVDo OTPo OUR IND"
set-cookie: uid_sec=p_tOtY3je6B1xgdgaiEg; Domain=.d.adup-tech.com; Expires=Wed, 13-Apr-2022 21:01:22 GMT; Secure; Path=/; SameSite=None uid=p_tOtY3je6B1xgdgaiEg; Domain=.d.adup-tech.com; Expires=Wed, 13-Apr-2022 21:01:22 GMT; Path=/
content-encoding: gzip

GET
H3-Q050 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
777 B 43ms
28ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=appreviewed.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 21:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 41ms
26ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=appreviewed.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 21:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 126 KB
37 KB 603ms
603ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4446512916819057&correlator=1378168644190410&output=ldjh&impl=fifs&eid=31060760&vrg=2021040804&ptt=17&sc=1&sfv=1-0-38&ecs=20210413&iu_parts=103512698%2C21868179622%2C21865469013&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C160x600%7C120x600&fluid=height%2Cheight&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D38134%26hb_ap_ran%3D0%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D38134%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26da%3Dadx&cookie_enabled=1&bc=31&abxe=1&lmt=1618347682&dt=1618347682502&dlt=1618347681569&idt=832&frm=20&biw=1600&bih=1200&oid=2&adxs=350%2C5&adys=227%2C300&adks=630148877%2C3216731706&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fappreviewed.net%2Fde%2Freview%2F8930&vis=1&dmc=8&scr_x=0&scr_y=0&psz=900x-1%7C160x-1&msz=900x-1%7C160x-1&ga_vid=336841479.1618347682&ga_sid=1618347683&ga_hid=2085636268&ga_fc=false&fws=4%2C512&ohw=900%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

cafe /

Resource Hash

275378181fc6a797af946377b8baa323a2bec916b107f78b50226af7c51f3222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37168
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://appreviewed.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 83ms
39ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 25ms
5ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 0D66 51 B
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4e686bb315236550b55306fd7550ac9b2781f0548ab79df52edaa2a7cc795ab

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 oba_sd.png
m.adup-tech.com/images/icons/ Frame 0D66 415 B
747 B 48ms
13ms Image
image/png 2600:9000:20c3:9400:5:3cc0:9e40:93a1
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://m.adup-tech.com/images/icons/oba_sd.png
Requested by: Host: d.adup-tech.com
URL: https://d.adup-tech.com/iframe?p=83a3e3e007fac497883557e55ec07df5&r=0&s=0&a=0&f=11&id=32nifbje&uid=p_tOtY3je6B1xgdgaiEg&surl=appreviewed.net%2Fde%2Freview%2F8930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:9400:5:3cc0:9e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: da5fe3e22eda5f0e519afdd0ffd93f14a8a214decbc7764dc1e9fc202a0e52ed

Request headers

Referer: https://d.adup-tech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:58:05 GMT
via: 1.1 b90884acab23625db851d03bcf681a27.cloudfront.net (CloudFront)
last-modified: Tue, 08 Dec 2020 13:20:19 GMT
server: nginx
age: 2397797
etag: "5fcf7d93-19f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
content-length: 415
x-amz-cf-id: dppri9yBQBmRebWnqr24605n2kw9K2e4Z5Aykex4Duw1848jY4_rsA==

GET
H2 200 1qvx115xdx5cxaax5q.jpg
m.adup-tech.com/ad_image/c/Hf/vB/mMchA6JRvDqfwYxwDw/ Frame 0D66 9 KB
9 KB 50ms
15ms Image
image/jpeg 2600:9000:20c3:9400:5:3cc0:9e40:93a1
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://m.adup-tech.com/ad_image/c/Hf/vB/mMchA6JRvDqfwYxwDw/1qvx115xdx5cxaax5q.jpg?b&utkjne
Requested by: Host: d.adup-tech.com
URL: https://d.adup-tech.com/iframe?p=83a3e3e007fac497883557e55ec07df5&r=0&s=0&a=0&f=11&id=32nifbje&uid=p_tOtY3je6B1xgdgaiEg&surl=appreviewed.net%2Fde%2Freview%2F8930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:9400:5:3cc0:9e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d27c9352de15206d5bec853612e2f5e7de995b88949fa0a2f56de72aa36447fa

Request headers

Referer: https://d.adup-tech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:21:09 GMT
via: 1.1 b90884acab23625db851d03bcf681a27.cloudfront.net (CloudFront)
last-modified: Tue, 23 Mar 2021 14:40:04 GMT
server: AmazonS3
age: 456013
etag: "74bd72d757720dd4c0513ee405570649"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: Cache-Control: public, max-age=31536000
x-amz-cf-pop: MUC50-C1
content-type: image/jpeg
content-length: 9302
x-amz-cf-id: iJqlv1XEyLU0H9Hg3fsQXVF0yBUNal8-a7-pY9Cq578Gmp-aT8y6gQ==

GET
H2

200

cm
d.adup-tech.com/rtb/adscale/ Frame 0D66
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=71&tpuid=p_tOtY3je6B1xgdgaiEg&cburl=https%3A%2F%2Fd.adup-tech.com%2Frtb%2Fadscale%2Fcm%3Fssp_uid%3D__ADSCALE_USER_ID__%26ext_id%3Dp_tOtY3je6B1xgdgaiEg
https://ih.adscale.de/adscale-ih/tpui?tpid=71&tpuid=p_tOtY3je6B1xgdgaiEg&cburl=https%3A%2F%2Fd.adup-tech.com%2Frtb%2Fadscale%2Fcm%3Fssp_uid%3D__ADSCALE_USER_ID__%26ext_id%3Dp_tOtY3je6B1xgdgaiEg&nut...
https://d.adup-tech.com/rtb/adscale/cm?ssp_uid=2ab445191e186ffecaa115d5f14c48aadd3553b4313136537508b754d2b34a1a&ext_id=p_tOtY3je6B1xgdgaiEg

43 B
201 B

7ms
7ms

Image
image/gif

2a05:d014:943:a602:edde:c0ae:1ad4:7ed5
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d.adup-tech.com/rtb/adscale/cm?ssp_uid=2ab445191e186ffecaa115d5f14c48aadd3553b4313136537508b754d2b34a1a&ext_id=p_tOtY3je6B1xgdgaiEg
Requested by: Host: d.adup-tech.com
URL: https://d.adup-tech.com/iframe?p=83a3e3e007fac497883557e55ec07df5&r=0&s=0&a=0&f=11&id=32nifbje&uid=p_tOtY3je6B1xgdgaiEg&surl=appreviewed.net%2Fde%2Freview%2F8930
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d014:943:a602:edde:c0ae:1ad4:7ed5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://d.adup-tech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:22 GMT
cache-control: must-revalidate, no-cache, no-store
server: nginx
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://d.adup-tech.com/rtb/adscale/cm?ssp_uid=2ab445191e186ffecaa115d5f14c48aadd3553b4313136537508b754d2b34a1a&ext_id=p_tOtY3je6B1xgdgaiEg
date: Tue, 13 Apr 2021 21:01:22 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 0D66
Redirect Chain

https://ib.adnxs.com/setuid?code=p_tOtY3je6B1xgdgaiEg&entity=473
https://ib.adnxs.com/bounce?%2Fsetuid%3Fcode%3Dp_tOtY3je6B1xgdgaiEg%26entity%3D473

43 B
1 KB

71ms
70ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fcode%3Dp_tOtY3je6B1xgdgaiEg%26entity%3D473

Requested by

Host: d.adup-tech.com
URL: https://d.adup-tech.com/iframe?p=83a3e3e007fac497883557e55ec07df5&r=0&s=0&a=0&f=11&id=32nifbje&uid=p_tOtY3je6B1xgdgaiEg&surl=appreviewed.net%2Fde%2Freview%2F8930

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://d.adup-tech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 21:01:22 GMT
X-Proxy-Origin: 188.95.55.74; 188.95.55.74; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.170:80
AN-X-Request-Uuid: a480d844-c373-4408-b8d4-d42d0855b21d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 21:01:22 GMT
X-Proxy-Origin: 188.95.55.74; 188.95.55.74; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.153:80
AN-X-Request-Uuid: a5e2c552-d7ce-4b55-9663-e50cfff4a30a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fcode%3Dp_tOtY3je6B1xgdgaiEg%26entity%3D473
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cm
d.adup-tech.com/rtb/google/ Frame 0D66
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_ula=7599423&google_nid=UnisterAdserver&google_hm=cF90T3RZM2plNkIxeGdkZ2FpRWc%3D&google_cm=1
https://cm.g.doubleclick.net/pixel?google_ula=7599423&google_nid=UnisterAdserver&google_hm=cF90T3RZM2plNkIxeGdkZ2FpRWc%3D&google_cm=1&google_tc=
https://d.adup-tech.com/rtb/google/cm?google_gid=CAESEK01BWhvlGk6U-lZvLcxwfA&google_cver=1&google_ula=7599423,0

43 B
201 B

8ms
7ms

Image
image/gif

2a05:d014:943:a602:edde:c0ae:1ad4:7ed5
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d.adup-tech.com/rtb/google/cm?google_gid=CAESEK01BWhvlGk6U-lZvLcxwfA&google_cver=1&google_ula=7599423,0
Requested by: Host: d.adup-tech.com
URL: https://d.adup-tech.com/iframe?p=83a3e3e007fac497883557e55ec07df5&r=0&s=0&a=0&f=11&id=32nifbje&uid=p_tOtY3je6B1xgdgaiEg&surl=appreviewed.net%2Fde%2Freview%2F8930
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d014:943:a602:edde:c0ae:1ad4:7ed5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://d.adup-tech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:22 GMT
cache-control: must-revalidate, no-cache, no-store
server: nginx
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adup-tech.com/rtb/google/cm?google_gid=CAESEK01BWhvlGk6U-lZvLcxwfA&google_cver=1&google_ula=7599423,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 rtb-h
sync.taboola.com/sg/adup-network/1/ Frame 0D66 0
218 B 80ms
26ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.taboola.com/sg/adup-network/1/rtb-h?taboola_hm=p_tOtY3je6B1xgdgaiEg
Requested by: Host: d.adup-tech.com
URL: https://d.adup-tech.com/iframe?p=83a3e3e007fac497883557e55ec07df5&r=0&s=0&a=0&f=11&id=32nifbje&uid=p_tOtY3je6B1xgdgaiEg&surl=appreviewed.net%2Fde%2Freview%2F8930
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d.adup-tech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Tue, 13 Apr 2021 21:01:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 4995

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 0D66 0
360 B 104ms
38ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=11869&ext_id=p_tOtY3je6B1xgdgaiEg

Requested by

Host: d.adup-tech.com
URL: https://d.adup-tech.com/iframe?p=83a3e3e007fac497883557e55ec07df5&r=0&s=0&a=0&f=11&id=32nifbje&uid=p_tOtY3je6B1xgdgaiEg&surl=appreviewed.net%2Fde%2Freview%2F8930

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d.adup-tech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 21:01:22 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 12 Apr 2021 21:01:22 GMT

GET
H3-Q050 200 container.html Show response
6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9057 6 KB
3 KB 34ms
21ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appreviewed.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://appreviewed.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 13 Apr 2021 21:01:22 GMT
expires: Wed, 13 Apr 2022 21:01:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html Show response
6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 37F5 6 KB
3 KB 29ms
22ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appreviewed.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://appreviewed.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 13 Apr 2021 21:01:22 GMT
expires: Wed, 13 Apr 2022 21:01:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 40ms
38ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

sffe /

Resource Hash

c84f7f99e22a2d9e8afaadb5c6d7a6e0ef11e672ac4c49b35e288bc1a150564b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253580951442"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Tue, 13 Apr 2021 21:01:23 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
32ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040804&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49a86fd85cd22d2714d41f7948df4207a8fe753664b877ade9a72275c9d53112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 21:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6510
x-xss-protection: 0

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
265 B 182ms
180ms XHR
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fappreviewed.net%2Fde%2Freview%2F8930

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://appreviewed.net/de/review/8930
last-modified: Tue, 13 Apr 2021 21:00:00 GMT
server: nginx/1.15.8
date: Tue, 13 Apr 2021 21:01:23 GMT
content-type: application/json
access-control-allow-origin: https://appreviewed.net
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 85 B
299 B 194ms
127ms Script
application/javascript 151.101.112.84
FASTLY

General

Check archive.org

Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fappreviewed.net%2Fde%2Freview%2F8930&callback=window._ate.cbs.rcb_kpj70

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bc862b16af3f6d7257134f18d600cf9434aeea81d799982673f77726168c6ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 1192087123013764
expires: Tue, 13 Apr 2021 21:16:23 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
292 B 190ms
189ms Script
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fappreviewed.net%2Fde%2Freview%2F8930&callback=_ate.cbs.rcb_bb9v0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

1137326a70648b555ba02a86f43700c53bfc5fc1c51ff0ea04a7a869be96efa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: appreviewed.net/de/review/8930
last-modified: Tue, 13 Apr 2021 21:01:23 GMT
server: nginx/1.15.8
date: Tue, 13 Apr 2021 21:01:23 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 84 B
136 B 195ms
128ms Script
application/javascript 151.101.112.84
FASTLY

General

Check archive.org

Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fappreviewed.net%2Fde%2Freview%2F8930&callback=window._ate.cbs.rcb_jkcw0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2b41b3bde955ca05c7824d1e075de1fdce9a3891f260beff31a1aa1c63021c30

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 2
accept-ranges: none
x-pinterest-rid: 1306420534944823
expires: Tue, 13 Apr 2021 21:16:23 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
292 B 201ms
200ms Script
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fappreviewed.net%2Fde%2Freview%2F8930&callback=_ate.cbs.rcb_jqbp0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

65a395508ef0846c403dfb702e102c9f734fccaa2a4acd3d5456c76101095284

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: appreviewed.net/de/review/8930
last-modified: Tue, 13 Apr 2021 21:01:23 GMT
server: nginx/1.15.8
date: Tue, 13 Apr 2021 21:01:23 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E383 624 B
455 B 17ms
17ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCauQEQ45bmARjaiLCfATAB&v=APEucNVH_pRH6h_6LLSfrQiyA1mufQDISGP9v6vITlrqu5IFBXjE3VHAOZsrT7Zn5jhQKgnJvNo8y77X4tpneJydhJNykZC5zqELmKDJPdGZU_OVlL4xG--hpZEXVxSKjbv2UUg8MMxTbltzZl9KaLUsvxxvJFuQaxS3dRh-0u33I_52imJiwJQsa2d70Ok-wjVS49F0WJFXy499_6MMIYPbb5C_KU2J6Q

Requested by

Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMCauQEQ45bmARjaiLCfATAB&v=APEucNVH_pRH6h_6LLSfrQiyA1mufQDISGP9v6vITlrqu5IFBXjE3VHAOZsrT7Zn5jhQKgnJvNo8y77X4tpneJydhJNykZC5zqELmKDJPdGZU_OVlL4xG--hpZEXVxSKjbv2UUg8MMxTbltzZl9KaLUsvxxvJFuQaxS3dRh-0u33I_52imJiwJQsa2d70Ok-wjVS49F0WJFXy499_6MMIYPbb5C_KU2J6Q
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUngaC3uZKcQiD76e95Py9QUCXtfhFM5k3CtJVOEat7iQt-o_xkF6CK799b9vhw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 13 Apr 2021 21:01:23 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 21:01:23 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 9057 111 KB
39 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50411
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Apr 2021 07:01:12 GMT

GET
H3-Q050 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210412/r20110914/elements/html/ Frame 9057 6 KB
3 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210412/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 17:27:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 17:27:18 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210412/r20110914/ Frame 9057 17 KB
7 KB 33ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210412/r20110914/abg_lite_fy2019.js

Requested by

Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7469bb0c9cf9988f08f24ddadaa9c46a4b49028ed56a7a8a3446bea69401cd79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 8830192366576089018
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 21:00:04 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9057 42 B
154 B 63ms
53ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTUWlcNHqT0QdTSS95DRAV28JLbN-QGM2IOcR1zNp6dnZTLQ5iNgsvP9anm39wrBbsKYTW8QjzrNbzqGseEBk4zIlXPfKyTJn0-I5TG-ANvMAhcgM

Requested by

Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame 9057 2 KB
1 KB 37ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 20:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 20:59:04 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9057 118 KB
36 KB 40ms
38ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Tue, 13 Apr 2021 21:01:23 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame 9057 13 KB
6 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 20:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 20:59:51 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 9057 0
0 18ms
16ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_qR6NBqeA6iR5nAglM8p5jje-uKBqY3tAOMIq6wcwFMlT-6n8RUSuLw9tvn-iP9tPV16Y
Requested by: Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AEC1 640 B
445 B 16ms
15ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCauQEQ45bmARjIobCfATAB&v=APEucNU1XuVGzVIcHIUdfmclHDJLxgz8biqaeZzW5-sVt9r9zyCuOwYgLVK1pGlthSdWxq0Y8wU27MJu4dlbpWPSN2-1bOEohSL8hKoGXw46fVZEf7oDrX6MzdLcBM9IKFUJwcYtr8-0NtU2EkaKEUn2Kz8c69y8NuModH8eKS-fBVSOIoIYK5_mlsCjiEAsYbsl9oc0lsLcbhGTbPWy-2wKyyh08EabRA

Requested by

Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMCauQEQ45bmARjIobCfATAB&v=APEucNU1XuVGzVIcHIUdfmclHDJLxgz8biqaeZzW5-sVt9r9zyCuOwYgLVK1pGlthSdWxq0Y8wU27MJu4dlbpWPSN2-1bOEohSL8hKoGXw46fVZEf7oDrX6MzdLcBM9IKFUJwcYtr8-0NtU2EkaKEUn2Kz8c69y8NuModH8eKS-fBVSOIoIYK5_mlsCjiEAsYbsl9oc0lsLcbhGTbPWy-2wKyyh08EabRA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUngaC3uZKcQiD76e95Py9QUCXtfhFM5k3CtJVOEat7iQt-o_xkF6CK799b9vhw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 13 Apr 2021 21:01:23 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 21:01:23 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 37F5 111 KB
38 KB 26ms
16ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50411
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Apr 2021 07:01:12 GMT

GET
H3-Q050 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210412/r20110914/elements/html/ Frame 37F5 6 KB
3 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210412/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 17:27:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 17:27:18 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210412/r20110914/ Frame 37F5 17 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210412/r20110914/abg_lite_fy2019.js

Requested by

Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7469bb0c9cf9988f08f24ddadaa9c46a4b49028ed56a7a8a3446bea69401cd79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 8830192366576089018
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 21:00:04 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 37F5 42 B
65 B 53ms
52ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5VuLuhJKPfnelAHJ3aHv82odJDn412fIns7dMSJUuLnQ3evh125AfoPrEqtTuq1ZATaxabuCapom6Ze4X39z4_XnyaLxNoM6sQVDxBR-dmu6mb3c

Requested by

Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame 37F5 2 KB
1 KB 27ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 20:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 20:59:04 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 37F5 118 KB
36 KB 53ms
53ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Tue, 13 Apr 2021 21:01:23 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame 37F5 13 KB
5 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 20:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 20:59:51 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 37F5 0
0 14ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRl6u8pe2VcrP1gpkO5aUg3_0rxBYXgQa_giUVoFCETC-yTQor7E3exOXxxbhg8sRf5_mjb
Requested by: Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appreviewed.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 13 Apr 2021 21:01:23 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E383
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdXqyJHeH1PWl-WBUi7Bn8&google_cver=1

43 B
1014 B

58ms
44ms

Image
image/gif

23.210.249.164
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdXqyJHeH1PWl-WBUi7Bn8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCauQEQ45bmARjaiLCfATAB&v=APEucNVH_pRH6h_6LLSfrQiyA1mufQDISGP9v6vITlrqu5IFBXjE3VHAOZsrT7Zn5jhQKgnJvNo8y77X4tpneJydhJNykZC5zqELmKDJPdGZU_OVlL4xG--hpZEXVxSKjbv2UUg8MMxTbltzZl9KaLUsvxxvJFuQaxS3dRh-0u33I_52imJiwJQsa2d70Ok-wjVS49F0WJFXy499_6MMIYPbb5C_KU2J6Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 21:01:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 13 Apr 2021 21:01:23 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdXqyJHeH1PWl-WBUi7Bn8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E383
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHYGo5oIs2FVwKeIHEqY1gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdXqyJHeH1PWl-WBUi7Bn8&google_cver=1

43 B
894 B

43ms
43ms

Image
image/gif

23.210.249.164
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdXqyJHeH1PWl-WBUi7Bn8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCauQEQ45bmARjaiLCfATAB&v=APEucNVH_pRH6h_6LLSfrQiyA1mufQDISGP9v6vITlrqu5IFBXjE3VHAOZsrT7Zn5jhQKgnJvNo8y77X4tpneJydhJNykZC5zqELmKDJPdGZU_OVlL4xG--hpZEXVxSKjbv2UUg8MMxTbltzZl9KaLUsvxxvJFuQaxS3dRh-0u33I_52imJiwJQsa2d70Ok-wjVS49F0WJFXy499_6MMIYPbb5C_KU2J6Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 21:01:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 13 Apr 2021 21:01:23 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdXqyJHeH1PWl-WBUi7Bn8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E383
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEI9cTixPxdNua506m7XQxYI&google_cver=1

43 B
1 KB

40ms
39ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEI9cTixPxdNua506m7XQxYI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCauQEQ45bmARjaiLCfATAB&v=APEucNVH_pRH6h_6LLSfrQiyA1mufQDISGP9v6vITlrqu5IFBXjE3VHAOZsrT7Zn5jhQKgnJvNo8y77X4tpneJydhJNykZC5zqELmKDJPdGZU_OVlL4xG--hpZEXVxSKjbv2UUg8MMxTbltzZl9KaLUsvxxvJFuQaxS3dRh-0u33I_52imJiwJQsa2d70Ok-wjVS49F0WJFXy499_6MMIYPbb5C_KU2J6Q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 21:01:23 GMT
X-Proxy-Origin: 188.95.55.74; 188.95.55.74; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.81:80
AN-X-Request-Uuid: 972f85b5-fd02-40f4-a54f-351fcdd9d740
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEI9cTixPxdNua506m7XQxYI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame E383
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg1NzU5ODU1ODU3NzkzMDA0NA%3D%3D

170 B
201 B

41ms
40ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg1NzU5ODU1ODU3NzkzMDA0NA%3D%3D

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 21:01:23 GMT
X-Proxy-Origin: 188.95.55.74; 188.95.55.74; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.73:80
AN-X-Request-Uuid: c3e113f9-9fcb-4968-8564-e9e39a46624b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg1NzU5ODU1ODU3NzkzMDA0NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame AEC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECW_EMa9og6_L_i3vXQ7Tjk&google_cver=1

43 B
180 B

31ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECW_EMa9og6_L_i3vXQ7Tjk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCauQEQ45bmARjIobCfATAB&v=APEucNU1XuVGzVIcHIUdfmclHDJLxgz8biqaeZzW5-sVt9r9zyCuOwYgLVK1pGlthSdWxq0Y8wU27MJu4dlbpWPSN2-1bOEohSL8hKoGXw46fVZEf7oDrX6MzdLcBM9IKFUJwcYtr8-0NtU2EkaKEUn2Kz8c69y8NuModH8eKS-fBVSOIoIYK5_mlsCjiEAsYbsl9oc0lsLcbhGTbPWy-2wKyyh08EabRA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:23 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECW_EMa9og6_L_i3vXQ7Tjk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame AEC1
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDNhNmExODktOTk0MC0yNzhhLWViMTAtZTc1ZWM1MjE0YjRl

170 B
190 B

40ms
40ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDNhNmExODktOTk0MC0yNzhhLWViMTAtZTc1ZWM1MjE0YjRl

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCauQEQ45bmARjIobCfATAB&v=APEucNU1XuVGzVIcHIUdfmclHDJLxgz8biqaeZzW5-sVt9r9zyCuOwYgLVK1pGlthSdWxq0Y8wU27MJu4dlbpWPSN2-1bOEohSL8hKoGXw46fVZEf7oDrX6MzdLcBM9IKFUJwcYtr8-0NtU2EkaKEUn2Kz8c69y8NuModH8eKS-fBVSOIoIYK5_mlsCjiEAsYbsl9oc0lsLcbhGTbPWy-2wKyyh08EabRA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 13 Apr 2021 21:01:23 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDNhNmExODktOTk0MC0yNzhhLWViMTAtZTc1ZWM1MjE0YjRl
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame AEC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESECZVD57SdOHyF4Znn1-f-b0&google_cver=1

23 B
172 B

58ms
58ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESECZVD57SdOHyF4Znn1-f-b0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCauQEQ45bmARjIobCfATAB&v=APEucNU1XuVGzVIcHIUdfmclHDJLxgz8biqaeZzW5-sVt9r9zyCuOwYgLVK1pGlthSdWxq0Y8wU27MJu4dlbpWPSN2-1bOEohSL8hKoGXw46fVZEf7oDrX6MzdLcBM9IKFUJwcYtr8-0NtU2EkaKEUn2Kz8c69y8NuModH8eKS-fBVSOIoIYK5_mlsCjiEAsYbsl9oc0lsLcbhGTbPWy-2wKyyh08EabRA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:23 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 13 Apr 2021 21:01:23 GMT
server: akka-http/10.1.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESECZVD57SdOHyF4Znn1-f-b0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame AEC1
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZWM4YTViM2YtMjY4MS00YWFlLTkwMjctMjMzZmQwMGUxYzQw

170 B
190 B

44ms
43ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZWM4YTViM2YtMjY4MS00YWFlLTkwMjctMjMzZmQwMGUxYzQw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 21:01:23 GMT
server: akka-http/10.1.9
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZWM4YTViM2YtMjY4MS00YWFlLTkwMjctMjMzZmQwMGUxYzQw
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Tue, 13 Apr 2021 21:01:23 GMT

GET
H3-Q050 200 728x90_leaderboard_HB.html Show response
s0.2mdn.net/sadbundle/11857583214795906408/Leaderboard/ Frame 1FEA 6 KB
3 KB 35ms
20ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11857583214795906408/Leaderboard/728x90_leaderboard_HB.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a3c36d831ce9002331d2d5ef2b67a22f53ea3c8444eaf1b6749bcfe706d7867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/11857583214795906408/Leaderboard/728x90_leaderboard_HB.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2289
date: Thu, 08 Apr 2021 03:02:57 GMT
expires: Fri, 08 Apr 2022 03:02:57 GMT
last-modified: Mon, 08 Mar 2021 13:15:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 496706
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9057 0
575 B 145ms
74ms Other
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0rGI0Y1fhQ7unRw7dv4WSl4Bow6sFMUsg138fFQ78xSFTyyXkC12f82FGklVekuzkpKjOB_HKvt2eX3ZeWvSdqwHP1lGIHRRZa_XefPhLRwGUXzybfvKGnBAGWvkMtBaCbtSsNHgvUYXw3R254T5Lo7uMUCEKCgZC_AUC8d3BYElzxh2nnDNxvVbkNtA2ICtDgym-HsYM29MNmNduuHkWZMmbb--BBh5mhZwJOUYu4qvhmvFGgxibYEUNbF8IdsRa0Wt5H24Quq_RrR1DBqdTJAH_ANyTW4K4Q654fjYGCZflXIaJSjBYgo92CdkQz9O6qpQAVWlN6WrEfSxI7ayNHL_qil17dJfuktiiPu_hRLvEXY617lmiz4VChNotISTFCICeGtD1x4VLo4viZZXRVmcdvCGJF93DjV5hF7HXMmTtEXe70-WXJElIchILr51ksb-LrBcZMLr7jDfyUXzlSX0anFFjhV89H_aZTrh0TfGS_OyI1YG6GZM6LWv4OaLdMNSd8LBYq1n33g-wXF5-OK12w26NHSfRjCbaYuqxITZtgkTUMo0ol8tK8zTxqoUnSRGsjKuHrM1QRChFYXr8J-xMX-ju_3XooLLjuSHQJ8RL7MKllK75C1N74Z_a-Zbg-En2YZPeHJKjO5nerbiyhfj5NN7Al5_0w4dUn6ubCTyj2-iswXSpQaNOfMbj4rM5wOHzAtwq-BqagtvY3IrByktovY5mADPTwEREyq6xLNYLzXTyx87w1Zn6ciqlI4CbGoKLK8e5tWCSPvjgvMjrimFXBlbBSmFEV_ssPn-B0cU-gVCzmO6hKXYHiAhkMvEGDrnXieStYFYvzyJjEnL5tPexy8fIIAM1X4D13r8GoSFPNIf0jhG453l8m_0Dte-XOLtH4oEvuU2-7NIZfQmUdb5jcMw9s_I1E3urRIH-NLJy9R_Y4ygGdbojVVw3AZHPIeuUUKQfbB2rJrmx2cL5-OFvwDMrQx1shmrZ1STSoWgnsuTYaYQoK1AppUo7FiDiYQ9eL0aCFUF_HqalOAS1H85CEG8C3mgKNAU76SBI7Er4CNaiWHSbnVDEgERfJOXmOPl8c9B7v4j5OeAXBLtcKDAcRpXgUjVqL-lHkBg&sai=AMfl-YSjBoMOrJyYN3wtz7crR085-VRE2zoGvqQOEKd7XaUsKeXYLb8AKUWvTyeWRZqRG5kpRDA72iPvDt5Y-tkVZyPuS-1Yhi3su2CeUwCvkJNIGZHgNjBAN1j90iy2xw0bFUdfmncLRslPJL2SOAm981BRhgLPidBWbCF2tfNe8TJ5EgkZGMdIEVPzYJh3SmR1NtoDl31TZ9XuPTa6D_qfTYxnKnghbRZDY2-Em55QVtKyMUlk4uBJgDaHJLezxDPOtLWinGq8AchArTvcOYjOm5cgKkxZT3DkrMPpsxR-SWVzdA6pGJydXKLY_34N1mtngfNVLtjCzLYHacn50qSZhW5ZbiQQk8GOA0vqf5FBYKBKhllXSWXMQu7FUSdoXJxrNaVGgFuk&sig=Cg0ArKJSzE0J97YQ3F7zEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=87&cbvp=1&cstd=84&cisv=r20210412.81901&adurl=

Requested by

Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 13 Apr 2021 21:01:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9057 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 13:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25895
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Apr 2022 13:49:48 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 37F5 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 13:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25895
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Apr 2022 13:49:48 GMT

GET
DATA 200
OK truncated
/ Frame 9057 213 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbba2e65cd0378985b34f0443126f04bd116cf85ebc963fb43b3e49ad06152a7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 37F5 213 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a61209dba554d364a8f2a575214ce14141c826beb2467ef1457cd9c6c9dbdfb1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 160x600_skyscraper_HB.html Show response
s0.2mdn.net/sadbundle/14936212029870248887/Skyscraper/ Frame DD1C 6 KB
2 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14936212029870248887/Skyscraper/160x600_skyscraper_HB.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1bf724a5291b1da8ae8bf30e83956fa6840760ffc474e7b5dcadca8445f27c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/14936212029870248887/Skyscraper/160x600_skyscraper_HB.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2291
date: Fri, 09 Apr 2021 10:04:40 GMT
expires: Sat, 09 Apr 2022 10:04:40 GMT
last-modified: Mon, 08 Mar 2021 13:15:02 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 385003
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 37F5 0
61 B 73ms
73ms Other
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAZBapkCupt_gzzxbgoAtnYdVqrMCeSShqCkV4tPVwB6AbSYI_cn-bSx1ojpqX5svgWGuodTSDJoqfRM3Ul7DAtZCbdYFApnbCe-JG2CSDlaEdpGIIH21ZIRKYTJGXfwTpBHNZVNtPJIngYPSu_t7SB-cp81d-MBir3bBSWicKeVcg58vRPoen4IzMXFEUfyVhtEZUDTXriaIKytCgqYCWL5Mj07e-eTDxLqaFzjykg2GPBXWYFuvUuYLNyWg_rndknWumptEArl6UmCDOe_m2ECRxsurdfbeo8o7dqakDc5SZ7bJwrhWyxniQatgbeJdeVvP35yzQrkEGQFBiOYIsHRbuYMVI8JsQOszUZLwSF-wi0lGU0ALA_T8cUqfYe-tIyhmZB0Ih9WIcBDvElbYO-_idUVh64SVh1fWZzgNIzGl30_tQSrxUzHLHkQLoiDTH6VnHfzXX64jkzEA0uLqzfuABBX3_pUZlvIt_DZj5D4o89TtwW5NIH3CcVdUed9HtXdklFrFCCFORt9DkV-Dw5-cIhSXMXpFQyGtK4u2IWpMn2ELu2sKeRQtGqa8G_U_KNowO5HoKbY0NWM6KVLxoZn7EC04OlKgdp2-ofk1AC9ZqIDFFZiY6uXLC4UIhTeZ1dr2VLR8DuqKh6KvYJAmQRNM_pQbwNFEBdzPQ_KHxXrKBeAQXUyjxkIwBzzDCApDI_zV28UXLLa8snOoVqaRykY40DqeQjFy4-LRI5aWoiXBtT-RRP4KjpkyNGmyUHuQ1LMrAtfX3V-Ika6UfnAOSlkoQlvJP021J0EGvqhKSh4Va0_GYXArkUJEJ0dPO8smN19BTUnqa1wvkaWceDHrKNGSXGFklTtBjKcJUTSY4-ccqkR0mPnkihOo1bV0-zfGnY0RcRtEHODUrmcuYhMNXqf1nTxCO0S7JLHvpKR3cILZSJAJw3qATE4qEokr6sNcGZEVp7D0g67R9f_a2f7qiT9ZhFsTQEZq89onOMc7iEyckdSEZBOPB8tyQwE2oPdY6_21glxwqT6BYN9Ad6v2Yb844gOmed6tdejAJqmrwtCNb4tdOEWk8aE_K9C1FHEXPNw53rAY6AR_HKR2KqKpleMFw12XMbcH-TMbYw8cMItPRqks&sai=AMfl-YSFbeZVJgWT4U_pHNcYL1gHVA_0LfEo49rQAkh8aNO4aJpohBzS1i_TiFv-vdNoZHotRmFr7nc9JT4muW5dSTYyl9Jkyty4sO-sl9I2yaP7F5Sei_CpFxu0jrwpoR4wnCm9kks5OK0JBOFf4hrWS67vTcb4W9udXTAFgykts1twXER1LaSk6f7oyLF0213KamaGuQAhpn-tqO9qhNTjXNrmHdHRrT_XZPVS54AfTGqDvYWVcK7mp8q0qUxUtRyBXdfftJburxdZPeZJTctsE0JU7W8fH0JQKYta_b73PX6EJmtn4_v4OcNv2mT_BCBui9FeHezoQv0FenXhaR-VNK_NxcWE9_BZvmVaa6OV8iph4dskfPcSsjzKska3RL3VobeDLjZE&sig=Cg0ArKJSzLIwEequYUlgEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=169&cbvp=1&cstd=167&cisv=r20210412.72163&adurl=

Requested by

Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 13 Apr 2021 21:01:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 4BEA 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://appreviewed.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://appreviewed.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 13 Apr 2021 20:02:23 GMT
expires: Wed, 13 Apr 2022 20:02:23 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3540
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8F90 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 13 Apr 2021 19:31:15 GMT
expires: Wed, 13 Apr 2022 19:31:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5408
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1C3B 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 13 Apr 2021 19:31:15 GMT
expires: Wed, 13 Apr 2022 19:31:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5408
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 1FEA 236 KB
63 KB 48ms
29ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11857583214795906408/Leaderboard/728x90_leaderboard_HB.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:23 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Tue, 13 Apr 2021 21:16:23 GMT

GET
H3-Q050 200 728x90_leaderboard_HB.js Show response
s0.2mdn.net/sadbundle/11857583214795906408/Leaderboard/ Frame 1FEA 46 KB
11 KB 10ms
6ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11857583214795906408/Leaderboard/728x90_leaderboard_HB.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11857583214795906408/Leaderboard/728x90_leaderboard_HB.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4902fe7d947fbc765fa27910d1510ed96f9349dbbddafd0e21a5f9c8dfb76f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11857583214795906408/Leaderboard/728x90_leaderboard_HB.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 03:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11296
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:15:08 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 03:02:57 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame DD1C 236 KB
63 KB 42ms
26ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14936212029870248887/Skyscraper/160x600_skyscraper_HB.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 21:01:23 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Tue, 13 Apr 2021 21:16:23 GMT

GET
H3-Q050 200 160x600_skyscraper_HB.js Show response
s0.2mdn.net/sadbundle/14936212029870248887/Skyscraper/ Frame DD1C 40 KB
10 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14936212029870248887/Skyscraper/160x600_skyscraper_HB.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14936212029870248887/Skyscraper/160x600_skyscraper_HB.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dafb8c74dfb9a6958662c731ac3c8898558a71ac84ced729563ecd423e5384bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14936212029870248887/Skyscraper/160x600_skyscraper_HB.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10451
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:15:02 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Apr 2022 10:04:40 GMT

GET
H3-Q050 200 Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BEA 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 14:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 24827
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5721
x-xss-protection: 0
expires: Wed, 13 Apr 2022 14:07:36 GMT

GET
H3-Q050 200 UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F90 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c2e5bee213c3596175350cf8632495df32f038efec0be7f83de92856d6862c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 19:01:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 7179
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5718
x-xss-protection: 0
expires: Wed, 13 Apr 2022 19:01:44 GMT

GET
H3-Q050 200 UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C3B 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c2e5bee213c3596175350cf8632495df32f038efec0be7f83de92856d6862c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 19:01:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 7179
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5718
x-xss-protection: 0
expires: Wed, 13 Apr 2022 19:01:44 GMT

GET
H3-Q050 200 bg_skyscraper.jpg
s0.2mdn.net/sadbundle/14936212029870248887/Skyscraper/ Frame DD1C 36 KB
36 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14936212029870248887/Skyscraper/bg_skyscraper.jpg

Requested by

Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e20a8ba7f8e58be4cc2377b118fdc52d160675acf2abe8d420f9714a81073f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14936212029870248887/Skyscraper/160x600_skyscraper_HB.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 08:08:28 GMT
x-content-type-options: nosniff
age: 46375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36893
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:15:02 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Apr 2022 08:08:28 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 37F5 0
515 B 151ms
67ms Other
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

Requested by

Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 21:01:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 bg_leaderboard.jpg
s0.2mdn.net/sadbundle/11857583214795906408/Leaderboard/ Frame 1FEA 34 KB
34 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11857583214795906408/Leaderboard/bg_leaderboard.jpg

Requested by

Host: 6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com
URL: https://6586e3506f20dfc4be73a1449d115087.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba5e57dc23b32894e8bc71c3f0cbdaedece8e624e3ee3caf49b861d3c4aaaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11857583214795906408/Leaderboard/728x90_leaderboard_HB.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 03:02:57 GMT
x-content-type-options: nosniff
age: 496706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34838
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:15:08 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 03:02:57 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9057 0
27 B 143ms
68ms Other
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

Requested by

Host: appreviewed.net
URL: https://appreviewed.net/de/review/8930

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS