apk4k.fun Open in urlscan Pro
2606:4700:3030::6815:41c3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://apk4k.fun/app/com.carnivalbkk.carnivalapp
Submission: On October 23 via manual (October 23rd 2023, 1:30:11 pm UTC) from GB — Scanned from GB

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3030::6815:41c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is apk4k.fun.
TLS certificate: Issued by E1 on October 5th 2023. Valid for: 3 months.

This is the only time apk4k.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3030::6815:41c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::44 2620:1ec:46::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2 5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
56	15

7 2606:4700:3030::6815:41c3 (United States)

ASN13335 (CLOUDFLARENET, US)

apk4k.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

software-network-service.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	286 KB
12	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	37 KB
7	apk4k.fun apk4k.fun	85 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 75	20 KB
5	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 2045 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6890	30 KB
5	gstatic.com fonts.gstatic.com	241 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	3 KB
2	software-network-service.com software-network-service.com	27 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	59 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4847	36 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	601 B
56	12

	Domain	Requested by
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com
9	pagead2.googlesyndication.com	apk4k.fun pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	apk4k.fun	apk4k.fun
5	www.bing.com	2 redirects googleads.g.doubleclick.net
5	tpc.googlesyndication.com	apk4k.fun pagead2.googlesyndication.com tpc.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
4	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
4	fonts.googleapis.com	apk4k.fun software-network-service.com
2	software-network-service.com	apk4k.fun
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	apk4k.fun
1	cdn.adnxs.com	apk4k.fun
1	adsdk.microsoft.com	apk4k.fun
1	partner.googleadservices.com	pagead2.googlesyndication.com
56	14

This site contains no links.

Subject Issuer	Validity	Valid
apk4k.fun E1	`2023-10-05` - `2024-01-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
software-network-service.com GTS CA 1P5	`2023-09-10` - `2023-12-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
Frame ID: 236BBFBBCEB06D962F54A9F3D6781318
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 530863833ECCA0EB6EC27EB6E0B2DA91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&adk=1812271804&adf=3025194257&lmt=1698064206&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_r&format=0x0&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806416&bpp=6&bdt=466&idt=407&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=406374280912&frm=20&pv=2&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=453
Frame ID: 1486315331CBC2D7FBA6B8DBABCCA112
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=280&slotname=7946475843&adk=3645890676&adf=683863926&pi=t.ma~as.7946475843&w=1140&fwrn=4&fwrnh=100&lmt=1698064206&rafmt=1&format=1140x280&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806422&bpp=2&bdt=472&idt=475&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=97&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=1VKmIca7za&p=https%3A//apk4k.fun&dtd=483
Frame ID: 90DA614921DF8A8F563396A778C3F887
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=178&slotname=5947852099&adk=2401831332&adf=3017137674&pi=t.ma~as.5947852099&w=711&fwrn=4&lmt=1698064206&rafmt=11&format=711x178&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806424&bpp=2&bdt=474&idt=488&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hPcdiTEvoL&p=https%3A//apk4k.fun&dtd=492
Frame ID: C37601C61F7C5FBCA5DDC1B247FFBAAE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=178&slotname=5947852099&adk=2401831332&adf=3277601727&pi=t.ma~as.5947852099&w=711&fwrn=4&lmt=1698064206&rafmt=11&format=711x178&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806426&bpp=1&bdt=476&idt=495&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C711x178&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1010&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Z9GkBHtyaz&p=https%3A//apk4k.fun&dtd=503
Frame ID: 794FAE2C07218B9AE7F402C215AB2FC3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=280&slotname=8660490399&adk=793725472&adf=542677718&pi=t.ma~as.8660490399&w=711&fwrn=4&fwrnh=100&lmt=1698064206&rafmt=1&format=711x280&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806427&bpp=1&bdt=477&idt=506&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C711x178%2C711x178&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=TKO50Napap&p=https%3A//apk4k.fun&dtd=512
Frame ID: 7E3CA5FA24AEA16362A2A9ABFC1222EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=178&slotname=5947852099&adk=2401831332&adf=2440334819&pi=t.ma~as.5947852099&w=711&fwrn=4&lmt=1698064206&rafmt=11&format=711x178&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806428&bpp=1&bdt=479&idt=519&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C711x178%2C711x178%2C711x280&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1948&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=2dBRhpk1Fn&p=https%3A//apk4k.fun&dtd=522
Frame ID: 9B26EC94FC59A072F67A10E3565C1941
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=178&slotname=5947852099&adk=2401831332&adf=3405270947&pi=t.ma~as.5947852099&w=711&fwrn=4&lmt=1698064206&rafmt=11&format=711x178&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806429&bpp=1&bdt=479&idt=529&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C711x178%2C711x178%2C711x280%2C711x178&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2662&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=d9zUxDKzeN&p=https%3A//apk4k.fun&dtd=537
Frame ID: 1B8B61F1D84465D10AC3D142D186A7C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=426&slotname=7644077143&adk=1360620680&adf=1480884523&pi=t.ma~as.7644077143&w=711&cr_col=4&cr_row=2&fwrn=2&lmt=1698064206&rafmt=9&format=711x426&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806429&bpp=1&bdt=479&idt=539&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C711x178%2C711x178%2C711x280%2C711x178%2C711x178&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=QFatuvjjD9&p=https%3A//apk4k.fun&dtd=544
Frame ID: 96D9DEB9E5963ADF3D976A1C00646570
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=178&slotname=5947852099&adk=2401831332&adf=727652773&pi=t.ma~as.5947852099&w=711&fwrn=4&lmt=1698064206&rafmt=11&format=711x178&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806430&bpp=1&bdt=480&idt=549&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C711x178%2C711x178%2C711x280%2C711x178%2C711x178%2C711x426&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=ZPR8PrfaJp&p=https%3A//apk4k.fun&dtd=553
Frame ID: 5CB6851A7971FC1EAE5BACBC629D92B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 36AD1826A48BE6F7B8171BA4AC0613C4
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 6A69F3F3AAF634F4FA564984955881C0
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8912362753B36D5EAE13BEE91F93C448
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0B843A7D297AF2E8C86CEDA0EC7B362F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download Carnival APK 1.4.4.01 Android for Free - com.carnivalbkk.carnivalapp

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

56
Requests

96 %
HTTPS

86 %
IPv6

12
Domains

14
Subdomains

15
IPs

2
Countries

825 kB
Transfer

1843 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5d96be79-78b5-4f14-812f-238e296eebbf&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=8e65d1a3-502a-42ca-bfae-15070c7e72fc&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3De2134c5052884087ab52cfa8aa9a6265%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_fae_qverpg&aid=6220474588770685345 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=e2134c5052884087ab52cfa8aa9a6265&SNR=1&GV=2&med=10

Request Chain 52

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5d96be79-78b5-4f14-812f-238e296eebbf&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=8e65d1a3-502a-42ca-bfae-15070c7e72fc&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3De2134c5052884087ab52cfa8aa9a6265%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_fae_qverpg&aid=6220474588770685345 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=e2134c5052884087ab52cfa8aa9a6265&tids=15000&med=10

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request com.carnivalbkk.carnivalapp Show response
apk4k.fun/app/ 46 KB
10 KB 1301ms
1150ms Document
text/html 2606:4700:3030::6815:41c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:41c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 58e3c5e7d10ee7cede420ec991444805bb178fe89c38d23f7b0d87770d4e2289

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81aa55242a2c6365-LHR
content-encoding: br
content-language: app
content-type: text/html; charset=utf-8
date: Mon, 23 Oct 2023 13:30:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eTXOo0sgbYQR%2Bs4BV7Ow6daYjNrxmV92HC9I0K%2FKzCfqX%2BXSMnb3AnXa2AlYAepwIzVP6SbAgvenJY%2BrEdapGIaD171QTuBa6Emm%2B2xM42OUnkz6BP57KRIjT%2BXQv6a7Tk10DNTbTo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 253ms
89ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Oct 2023 13:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 13:30:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Oct 2023 13:30:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
642 B 258ms
94ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway&display=swap

Requested by

Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28893081d019169c217045909cee1dd584e455005767fc2cf62b41c267846055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Oct 2023 13:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 11:41:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Oct 2023 13:30:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
701 B 262ms
98ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed&display=swap

Requested by

Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66fb4fd7897a98f57e23dd541e9106050a1c80fbe81e0bb01e65416ff794d21a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Oct 2023 13:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 12:46:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Oct 2023 13:30:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 304ms
141ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee68c2c346eb2bb7fd4b5bfe68dd298eb90e928680f431c918493660444f958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51157
x-xss-protection: 0
server: cafe
etag: 14154448891759397298
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:30:06 GMT

GET
H2 200 240.gif
apk4k.fun/img/ 6 KB
6 KB 90ms
89ms Image
image/gif 2606:4700:3030::6815:41c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apk4k.fun/img/240.gif
Requested by: Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:41c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bcb77a886a91efad21dcd869619b10359f307cb20e445cd5fd866b28e59933a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1369814
alt-svc: h3=":443"; ma=86400
content-length: 6204
last-modified: Mon, 19 Oct 2020 14:04:05 GMT
server: cloudflare
etag: "5f8d9cd5-183c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrjwihbALulkz3PcpcaSAHV1KfqCY2GAvCOdtLlCiFASywrey762bJY50G7TeV9TRuzY%2Fpn9p%2FzapJbK1YdVZbarrlyG7hSQdGctYxsUiAwLRfa7KfNvRWejSnQ37aGZWKDBOmn6YH4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 81aa552b6e376365-LHR
expires: Mon, 06 Nov 2023 16:59:52 GMT

GET
H2 200 style.css
software-network-service.com/ 7 KB
2 KB 220ms
72ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://software-network-service.com/style.css
Requested by: Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88fe2c995430b717ab73cb2bc568e7958ca34dfb43b165c55b8c5c641bd3d9c2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4912
cf-polished: origSize=8871
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 11 Mar 2023 02:49:37 GMT
server: cloudflare
etag: W/"640bec41-22a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fy8O1CYml%2FKanelE61V8XWvEnENgYuuYvnDYO4aK5BG%2FHgeKmSYXeidDoU7uOvCwjMd4WqTb3aAPHufPIPqXlumxq%2BH6QKMJELJ%2Bwzgj7WTKAKffJvzacmhO3eIxZEYg1VbBHxDRiToCxwatF6paH%2F8Eo2An7EI9TebO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: apk4k.fun, veapps.me, android-top.com, apkway.net, apkflame.com, cherryapk.com, chiliapk.com, primeapk.co, rollingapk.com, yourapk.co
cache-control: max-age=14400
cf-ray: 81aa552c7f8b775c-LHR

GET
H2 200 plugin.js Show response
software-network-service.com/ 65 KB
25 KB 225ms
78ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://software-network-service.com/plugin.js
Requested by: Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d462b8277f136a53336ea1e06fc85393c2ef21bb01a56450d1c7d9e0263d84d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4912
cf-polished: origSize=66730
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 11 Mar 2023 02:49:35 GMT
server: cloudflare
etag: W/"640bec3f-104aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fw4vVldTqXd0XYrEmoM%2B03LCxyTB33Hr0whYDonu5w8ocgCSHMvyfdI%2B0XKBcDTCwvPgbfL%2F6llvxXBWf1gwDOL7ltL3fA8rI3BT8nMp5EBeNioMNCclw2w0hf8xPDU%2Fs6YKObhzmKhgf2o3BDzRhiaItqZBe9q1sYzf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: apk4k.fun, veapps.me, android-top.com, apkway.net, apkflame.com, cherryapk.com, chiliapk.com, primeapk.co, rollingapk.com, yourapk.co
cache-control: max-age=14400
cf-ray: 81aa552c7f94775c-LHR

GET
H2 200 email-decode.min.js Show response
apk4k.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 68ms
67ms Script
application/javascript 2606:4700:3030::6815:41c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apk4k.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:41c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2023 11:32:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652d1f47-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNtI3ykc0Bi8FoIIUfsu3NnpjtsS18NWKAT8jSws5UR22XfMCY7R8Zzd7SIv1V5LZfP4cUCvfRBCm2kvmQ5MpsvabjUfC%2Fys7lvElk5RnVzFrDQMDrr3Sf25IEZnSoztcdSZZpChMBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 81aa552b8e7c6365-LHR
expires: Wed, 25 Oct 2023 13:30:06 GMT

GET
H2 200 polyfill.min.js Show response
apk4k.fun/js/ 128 KB
35 KB 96ms
95ms Script
application/javascript 2606:4700:3030::6815:41c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apk4k.fun/js/polyfill.min.js
Requested by: Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:41c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25e32b492261e21be0755cf7cc174e73d70fa105405008b0107dcc7f0451f6d4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Oct 2020 14:04:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1504703
etag: W/"5f8d9cd6-1fe75"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6p7FaArmTz3Gkx3yRFJdQ3TrSL5dfbstS0mlRMwoJuLt65gtqttGQPySwCUsmi2Oc2XrHU5k7BpizBdFHIG0fAv8cR2reHr7%2FWKVVXn8WjjLAwvshEsZbfO%2F3V1teyFZOrE%2FUOjGsTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 81aa552b8e846365-LHR
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 Nov 2023 03:31:43 GMT

GET
H2 200 lazyload.js Show response
apk4k.fun/js/ 3 KB
2 KB 77ms
77ms Script
application/javascript 2606:4700:3030::6815:41c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apk4k.fun/js/lazyload.js
Requested by: Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:41c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d92d13f223b469e84827306a007fcfdcfb87c068f7d8cc40473359817e9d257b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1504703
cf-polished: origSize=5852
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 19 Oct 2020 14:04:06 GMT
server: cloudflare
etag: W/"5f8d9cd6-16dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFOs8gcAcPl%2BIDPZUL432qOE8UhWeBCljPPiOSASXPcK5uHyo74et5VCc3%2B1oT%2Fj%2BtbBM3zTIT8FZX4IsaNzphMwACu3carpfILD4XOfpIcbN8F9sq6mO35EpbbwQUD7OlTfApBI6%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 81aa552b8e886365-LHR
expires: Sun, 05 Nov 2023 03:31:43 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 240ms
78ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://apk4k.fun
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 09:56:40 GMT
x-content-type-options: nosniff
age: 531206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 09:56:40 GMT

GET
H3 200 font-logo.ttf
apk4k.fun/ 22 KB
23 KB 147ms
146ms Font
application/x-font-ttf 2606:4700:3030::6815:41c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apk4k.fun/font-logo.ttf
Requested by: Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:41c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3bad096e6be9de2cb28c768b1a8b99201498f732426b8400f55432846c1140b9

Request headers

Referer: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
Origin: https://apk4k.fun
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:06 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 22624
last-modified: Mon, 19 Oct 2020 14:03:57 GMT
server: cloudflare
etag: W/"5860-175412c80ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaSUx4QSm3OTKN27O9DIObF31rKtr8vPFY2Ih1Ff2aze5WBAzQNdBZzpHlBKQ2i2WPCLRJFySYTaDRZdyVbxov%2F4fIlNlvSAv22rYtJQfr9N1XSSkY0d8%2B0fPIT5Z37fkut7vIwQSk0%3D"}],"group":"cf-nel","max_age":604800}
content-language: font-LOGO.TTF
content-type: application/x-font-ttf
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81aa552d19fa24d1-LHR

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v29/ 22 KB
22 KB 486ms
324ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ec1e2ebe080ec8fbfbdc7dd9c0c25449e1d98e4e947c11a00fd770d8841698b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://apk4k.fun
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:39:44 GMT
x-content-type-options: nosniff
age: 327022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22420
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:56:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:39:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
966 B 90ms
89ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,800;1,900&display=swap

Requested by

Host: software-network-service.com
URL: https://software-network-service.com/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a5bc2b94908749d0ea506858056d130430adb9e35a48fa1f6a04bb6003490a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://software-network-service.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Oct 2023 13:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 13:30:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Oct 2023 13:30:06 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 20 KB
20 KB 457ms
314ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://apk4k.fun
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:58:29 GMT
x-content-type-options: nosniff
age: 415897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 17:58:29 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 336ms
288ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://apk4k.fun
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:18:24 GMT
x-content-type-options: nosniff
age: 328302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:18:24 GMT

GET
H2 200 1Ptug8zYS_SKggPNyCkIT5lu.woff2
fonts.gstatic.com/s/raleway/v29/ 25 KB
25 KB 367ms
336ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCkIT5lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89f273f492aa7c8a3e685cc74b6e0f2295b9ba6a2c253a40db0efff7f593563b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://apk4k.fun
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:25:36 GMT
x-content-type-options: nosniff
age: 327870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25828
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:36:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:25:36 GMT

GET
H3 200 aHR0cHM6Ly9wbGF5LWxoLmdvb2dsZXVzZXJjb250ZW50LmNvbS9NR1BHVUJhMFFJb3VfMlBZQkxRWE5VLWxkYkI4ckdab2lBR2NnbndBY19jS19OczZkaGhGMEx4bXUwNDhIbnNpTDdF.png
apk4k.fun/imgstore/k0EibgfqBmOMF1gOY2wLlgXQ6f-mM4pA0OJkcxp76F0/fill/240/240/no/1/ 9 KB
9 KB 211ms
210ms Image
image/png 2606:4700:3030::6815:41c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apk4k.fun/imgstore/k0EibgfqBmOMF1gOY2wLlgXQ6f-mM4pA0OJkcxp76F0/fill/240/240/no/1/aHR0cHM6Ly9wbGF5LWxoLmdvb2dsZXVzZXJjb250ZW50LmNvbS9NR1BHVUJhMFFJb3VfMlBZQkxRWE5VLWxkYkI4ckdab2lBR2NnbndBY19jS19OczZkaGhGMEx4bXUwNDhIbnNpTDdF.png
Requested by: Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:41c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2a3d23e17efb038a34ff425b1679a0dac1afbe9b88d72b683ce1c5101e83068

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="MGPGUBa0QIou_2PYBLQXNU-ldbB8rGZoiAGcgnwAc_cK_Ns6dhhF0Lxmu048HnsiL7E.png"
alt-svc: h3=":443"; ma=86400
content-length: 8704
x-request-id: sytKUtVKYuOjX92gZEDu6
last-modified: Mon, 23 Oct 2023 13:30:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8i5GIm3%2BrkXefwBhYdLqPZlutICV7%2FS6zRszUQRjhrTUtZpDzNYfjfhhjIV44YUf0yjTHfMmzQMpSMcG%2BFirnOoLLoI9CyNnG5SDkRBS3SOQ08V1%2FzVFgCQImgenTErEQQ%2FCmNx4IpI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81aa552deb2d24d1-LHR
expires: Mon, 23 Oct 2023 14:30:06 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/ 394 KB
134 KB 164ms
164ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9257228732407073&plah=apk4k.fun

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55115c7581528db99397f917bae664117d14ac1fe1130248242633055156b912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136811
x-xss-protection: 0
server: cafe
etag: 9662797460469864130
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:30:06 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/ Frame 5308 9 KB
4 KB 241ms
78ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e584410e52ac7818fbfdaae948cb42a3355eb1b6335bc0bbfd20186331a58d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk4k.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 42556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4100
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 01:40:50 GMT
etag: 15134155877240692467
expires: Mon, 06 Nov 2023 01:40:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 249ms
86ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=apk4k.fun&callback=_gfp_s_&client=ca-pub-9257228732407073

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9257228732407073&plah=apk4k.fun

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af3bde25e15583cbd985f8695c25042825f075dd979f0f69b264dba3bf0b927f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1486 86 KB
25 KB 747ms
745ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&adk=1812271804&adf=3025194257&lmt=1698064206&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_r&format=0x0&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806416&bpp=6&bdt=466&idt=407&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=406374280912&frm=20&pv=2&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=453

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b2b2a51c3b0e990bb3b7840860d7ebd3b9811aa4b1487cc479eb674dac40f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk4k.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 24929
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 13:30:07 GMT
expires: Mon, 23 Oct 2023 13:30:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 111ms
111ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=header-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 13:30:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 90DA 713 B
573 B 539ms
539ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=280&slotname=7946475843&adk=3645890676&adf=683863926&pi=t.ma~as.7946475843&w=1140&fwrn=4&fwrnh=100&lmt=1698064206&rafmt=1&format=1140x280&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806422&bpp=2&bdt=472&idt=475&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=97&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=1VKmIca7za&p=https%3A//apk4k.fun&dtd=483

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c062c61ce9b8819f557c0e68d6c5bafa0c00e5017a26ebae68ce8048a07a6e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk4k.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 13:30:07 GMT
expires: Mon, 23 Oct 2023 13:30:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C376 713 B
523 B 573ms
572ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=178&slotname=5947852099&adk=2401831332&adf=3017137674&pi=t.ma~as.5947852099&w=711&fwrn=4&lmt=1698064206&rafmt=11&format=711x178&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806424&bpp=2&bdt=474&idt=488&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hPcdiTEvoL&p=https%3A//apk4k.fun&dtd=492

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

347e7a3b4751b1576746b21cc011ea17d5cdf0a750a63218f9c50ded19228db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk4k.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 351
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 13:30:07 GMT
expires: Mon, 23 Oct 2023 13:30:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 794F 713 B
519 B 782ms
780ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=178&slotname=5947852099&adk=2401831332&adf=3277601727&pi=t.ma~as.5947852099&w=711&fwrn=4&lmt=1698064206&rafmt=11&format=711x178&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806426&bpp=1&bdt=476&idt=495&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C711x178&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1010&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Z9GkBHtyaz&p=https%3A//apk4k.fun&dtd=503

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e4f5ae8585f16d861b310dac3be681a0eabbb5202764d64ee18e0ae6d0bbebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk4k.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 351
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 13:30:07 GMT
expires: Mon, 23 Oct 2023 13:30:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7E3C 713 B
522 B 573ms
572ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=280&slotname=8660490399&adk=793725472&adf=542677718&pi=t.ma~as.8660490399&w=711&fwrn=4&fwrnh=100&lmt=1698064206&rafmt=1&format=711x280&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806427&bpp=1&bdt=477&idt=506&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C711x178%2C711x178&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=TKO50Napap&p=https%3A//apk4k.fun&dtd=512

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

464473f5dd2bb1651a77e7d2ad98736d9c2feebcde368d273c323b927e67f79c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk4k.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 350
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 13:30:07 GMT
expires: Mon, 23 Oct 2023 13:30:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B26 713 B
520 B 588ms
587ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=178&slotname=5947852099&adk=2401831332&adf=2440334819&pi=t.ma~as.5947852099&w=711&fwrn=4&lmt=1698064206&rafmt=11&format=711x178&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806428&bpp=1&bdt=479&idt=519&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C711x178%2C711x178%2C711x280&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1948&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=2dBRhpk1Fn&p=https%3A//apk4k.fun&dtd=522

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72bc9c29bd329469ae88c13a8708b99f06da450ede0aeff2d349f3172c28c7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk4k.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 13:30:07 GMT
expires: Mon, 23 Oct 2023 13:30:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B8B 713 B
520 B 501ms
498ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=178&slotname=5947852099&adk=2401831332&adf=3405270947&pi=t.ma~as.5947852099&w=711&fwrn=4&lmt=1698064206&rafmt=11&format=711x178&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806429&bpp=1&bdt=479&idt=529&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C711x178%2C711x178%2C711x280%2C711x178&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2662&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=d9zUxDKzeN&p=https%3A//apk4k.fun&dtd=537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08be6495f03140467247eca6a576e4f88d6c3210a222b670cc699e738eafe290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk4k.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 13:30:07 GMT
expires: Mon, 23 Oct 2023 13:30:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 96D9 713 B
526 B 547ms
546ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=426&slotname=7644077143&adk=1360620680&adf=1480884523&pi=t.ma~as.7644077143&w=711&cr_col=4&cr_row=2&fwrn=2&lmt=1698064206&rafmt=9&format=711x426&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806429&bpp=1&bdt=479&idt=539&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C711x178%2C711x178%2C711x280%2C711x178%2C711x178&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=QFatuvjjD9&p=https%3A//apk4k.fun&dtd=544

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4a37c5f993e8745c408db08b55a91dfa9b9da67003bee5727a2be4d46d6a224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk4k.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 13:30:07 GMT
expires: Mon, 23 Oct 2023 13:30:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5CB6 713 B
519 B 561ms
560ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9257228732407073&output=html&h=178&slotname=5947852099&adk=2401831332&adf=727652773&pi=t.ma~as.5947852099&w=711&fwrn=4&lmt=1698064206&rafmt=11&format=711x178&url=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698067806430&bpp=1&bdt=480&idt=549&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C711x178%2C711x178%2C711x280%2C711x178%2C711x178%2C711x426&nras=1&correlator=406374280912&frm=20&pv=1&ga_vid=1937380601.1698067807&ga_sid=1698067807&ga_hid=457081282&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3348&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C44804684%2C44805113%2C44805533%2C44805932%2C31078297%2C21065724&oid=2&pvsid=1086455856500348&tmod=33337903&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=ZPR8PrfaJp&p=https%3A//apk4k.fun&dtd=553

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c10043c3e4ff36d31d078e62d36943231ddfa7a01f99782c6eb13db9b1d66cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk4k.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 351
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 13:30:07 GMT
expires: Mon, 23 Oct 2023 13:30:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/ 159 KB
54 KB 146ms
146ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fabae857f013a17b333f2c7201296cb33994b0a7699f36ff61c5fbdc4c3cdf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55331
x-xss-protection: 0
server: cafe
etag: 11696331242006490281
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:30:07 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/ Frame 36AD 9 KB
4 KB 82ms
81ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e584410e52ac7818fbfdaae948cb42a3355eb1b6335bc0bbfd20186331a58d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk4k.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 41828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4100
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 01:52:59 GMT
etag: 15134155877240692467
expires: Mon, 06 Nov 2023 01:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 6A69 89 KB
36 KB 349ms
152ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e615f6f367dc60fdba6d1448d36ac3b9195d53b0547eecd900ec7ac5da35f87f

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 23 Oct 2023 13:30:08 GMT
content-encoding: br
last-modified: Tue, 10 Oct 2023 17:29:05 GMT
vary: Accept-Encoding
x-azure-ref: 20231023T133008Z-nh9ebqfdkh07tccs9na3uabgtw000000083000000001sm5z
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 98ef5094-301e-0028-1e63-03a39c000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 6A69 80 KB
28 KB 246ms
76ms Script
application/x-javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Expires: Wed, 10 Jul 2024 11:56:20 GMT
Date: Mon, 23 Oct 2023 13:30:08 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 8991229
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21944-LGA, cache-fra-eddf8230061-FRA
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
X-Timer: S1698067808.245492,VS0,VE0
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 5, 1884864

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 6A69 3 KB
1 KB 249ms
86ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:01:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 6A69 20 KB
9 KB 238ms
76ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 18:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 18:01:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A69 187 KB
59 KB 254ms
89ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: apk4k.fun
URL: https://apk4k.fun/app/com.carnivalbkk.carnivalapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:30:08 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 6A69
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5d96be79-78b5-4f14-812f-238e296eebbf&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=8e65d1a3-502a-42ca...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=e2134c5052884087ab52cfa8aa9a6265&SNR=1&GV=2&med=10

0
242 B

107ms
106ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=e2134c5052884087ab52cfa8aa9a6265&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 13:30:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F1FF1CD38DE04A198E62392238CB57EA Ref B: FRA31EDGE0118 Ref C: 2023-10-23T13:30:08Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 23 Oct 2023 13:30:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1666BC1182004A21A15D6132DA2696A8 Ref B: FRA31EDGE0118 Ref C: 2023-10-23T13:30:08Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=e2134c5052884087ab52cfa8aa9a6265&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 6A69 18 KB
18 KB 80ms
79ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215954223840_1C31BGIK8XKGNSKBXS&pid=21.2&c=16&roil=0.4108&roit=0&roir=0.9342&roib=1&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4970d55623e0de95c663065334b2e3227dc197650d061e2f50a27bed7bfabbe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:08 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A3154075C10C48B8941554268AD40A56 Ref B: FRA31EDGE0118 Ref C: 2023-10-23T13:30:08Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_HIT
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 18449

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 6A69 0
533 B 243ms
77ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&e=wqT_3QKFBOgFAgAAAwDWAAUBCN_q2akGEKGjlbDlleSpVhgAKjYJDlePMF48rj8RC677KShUrT8ZAAAAoEfhyj8hCw0SACkRJAAxARvAmZmpPzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHjF8wWAAQGKAQNVU0SSAQEG8FWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCMWh0dHBzOi8vYXBrNGsuZnVuL2FwcC9jb20uY2Fybml2YWxia2suYw0M8IFhcHCAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF4bXDqr_n7bIYwAUAyQUAAAAAAADwP9IFCQkABQw8AADYBQHgBQHwBc6bAfoFBAFcKJAGAJgGALgGAMEGCSQs8D_QBsKNBNoGFgoQCRIZAQGLZOAGAfIGAggAgAcBiAcAoAcByAfF8wXSBw0JESgBJgjaBwYBXqQYAOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=eb00f24c334a2a1e19abb2885826ff4cfc537dc0&bdref=https%3A%2F%2Fapk4k.fun%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fapk4k.fun%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231017%2Fr20110914%2Fzrt_lookup_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-1-%26adk%3D1812271804%26client%3Dca-pub-9257228732407073%26fa%3D4%26ifi%3D10%26uci%3Da!a%26btvi%3D6%26xpc%3DhKrjnYDf3u%26p%3Dhttps%253A%2F%2Fapk4k.fun,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231017%2Fr20110914%2Fzrt_lookup_fy2021.html%3Fhello%3Dworld%26fsb%3D1&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 13:30:08 GMT
an-x-request-uuid: c73d6f98-a08e-4d69-b6d3-b7ed049e658f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 82.199.130.40; 82.199.130.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 6A69 0
555 B 77ms
77ms Ping
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&e=wqT_3QK1B-i1AwAAAwDWAAUBCN_q2akGEKGjlbDlleSpVhgAKjYJDlePMF48rj8RC677KShUrT8ZAAAAoEfhyj8hCw0SACkRJAAxARvAmZmpPzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHjF8wWAAQGKAQNVU0SSAQEG8FWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCMWh0dHBzOi8vYXBrNGsuZnVuL2FwcC9jb20uY2Fybml2YWxia2suYw0MYGFwcIADAIgDAZADAJgDCaADAaoDrAMKwgIRR_CGd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPThlNjVkMWEzLTUwMmEtNDJjYS1iZmFlLTE1MDcwYzdlNzJmYyZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYxJm9BZFVuGVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AOI5xALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_DJX2ZhZV9xdmVycGcmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM2MjIwNDc0NTg4NzcwNjg1MzQ1IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56SXlNalExTURRME5qSTROVElqTWpNeU5EQXlNems0TkRFd09UVTJPQT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEukGGWIgFAZgFAKAF4bXDqr_n7bIYwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AXOmwH6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfF8wXSBw0VZQEmCNoHBgFesBgA4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=a3a850ab3c899b9b6e160008048b8340a2c218d5&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=8392519701324465192&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 13:30:08 GMT
an-x-request-uuid: 80bd54db-e98e-401d-91b3-7e093c6d33c5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 82.199.130.40; 82.199.130.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 283ms
128ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231017&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bb2c597ef946fa96e2bdd0547f388f26490c68a175aba49122d440947b916f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12254
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6A69 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 954a81e41f387364f788445c02eee085129882e044680aaeffdec5a69825b719

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6A69 0
23 B 126ms
126ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzBhbX3U2ZaxciN333w-eubKQD9Lg1-Buj6S2k5MKwI23ARABIACCARdjYS1wdWItOTI1NzIyODczMjQwNzA3M8gBCagDAcgDAqoE_QFP0KqRMynbT6-rm7HZd_uB-hjM0dbP7TjvZGv3CS-PANShoIgj5q2e7stocdtRYlgeIUTRm1mGBlr_uAgDBbsSekjoOU3EKCio7PLpPsWfft3bKiQuNX5N_Y4rtvtyXyND6gXOJcswf66-tGvak_EgQlxqadx4yVPcKit6RBaMnZd1mr9PIyJka-5npoKmlTa6GfG0zb0WbQNLblTn0TQXTdLrXJ0wqFwU6iniurW8sltlw-Ey27aQF_Q65TbO0_8SE6tFQXepDaGZe-BtlQkwXcSPmxbkgEfQ_c3vADELEWD8S_oVsBpU4FClyd1ipdoc5Ty7U_gu4-WFZXKngAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05MjU3MjI4NzMyNDA3MDczGAA&sigh=n0QsFVjTl9g&uach_m=[UACH]&cid=CAQSSgDICaaN-wAUxixpZCWP7eeCA8b-JMhQh8cbslQJfijcV_dWRBeckZwdw_B_ws09W7TVFAgdQaCKoLe0BfYES7T84afzthf2_MfNGAE&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 23 Oct 2023 13:30:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 23 Oct 2023 13:30:08 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 6A69 0
531 B 206ms
206ms Image
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&e=wqT_3QK1B-i1AwAAAwDWAAUBCN_q2akGEKGjlbDlleSpVhgAKjYJDlePMF48rj8RC677KShUrT8ZAAAAoEfhyj8hCw0SACkRJAAxARvAmZmpPzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHjF8wWAAQGKAQNVU0SSAQEG8FWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCMWh0dHBzOi8vYXBrNGsuZnVuL2FwcC9jb20uY2Fybml2YWxia2suYw0MYGFwcIADAIgDAZADAJgDCaADAaoDrAMKwgIRR_CGd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPThlNjVkMWEzLTUwMmEtNDJjYS1iZmFlLTE1MDcwYzdlNzJmYyZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYxJm9BZFVuGVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AOI5xALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_DJX2ZhZV9xdmVycGcmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM2MjIwNDc0NTg4NzcwNjg1MzQ1IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56SXlNalExTURRME5qSTROVElqTWpNeU5EQXlNems0TkRFd09UVTJPQT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEukGGWIgFAZgFAKAF4bXDqr_n7bIYwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AXOmwH6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfF8wXSBw0VZQEmCNoHBgFesBgA4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=a3a850ab3c899b9b6e160008048b8340a2c218d5&pp=ZTZ1XwAALiwF_e6IAAycnlnriJB_yTsdGL0h_w&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-YdJX3U2ZaxciN333w-eubKQD9Lg1-Buj6S2k5MKwI23ARABIACCARdjYS1wdWItOTI1NzIyODczMjQwNzA3M8gBCagDAcgDAqoEgAJP0KqRMynbT6-rm7HZd_uB-hjM0dbP7TjvZGv3CS-PANShoIgj5q2e7stocdtRYlgeIUTRm1mGBlr_uAgDBbsSekjoOU3EKCio7PLpPsWfft3bKiQuNX5N_Y4rtvtyXyND6gXOJcswf66-tGvak_EgQlxqadx4yVPcKit6RBaMnZd1mr9PIyJka-5npoKmlTa6GfG0zb0WbQNLblTn0TQXTdLrXJ0wqFwU6iniurW8sltlw-Ey27aQF_Q65TbO0_8SE6tFQXepDaGZe-BtlQkwXcSPmxbkgAXS3F8tpMtmhZqI_mRMNKxQw1ohwPN6fHiavLgH09IC-yUEhx8zNNzHgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_17iqalTz5WJv3Nv9H82mp5PmTXCA%26client%3Dca-pub-9257228732407073%26adurl%3D&cbvp=2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 13:30:08 GMT
an-x-request-uuid: 84620a92-d9f0-4ef8-8a72-c3f4f472b88a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 82.199.130.40; 82.199.130.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 Oct 2023 13:30:09 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8912 13 KB
5 KB 78ms
77ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apk4k.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 149073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 20:05:36 GMT
expires: Sun, 20 Oct 2024 20:05:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0B84 829 B
1 KB 254ms
89ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e325fcb9d7937d8baf10f830cf3d4aad23d19619ef7a119e9d8e760ac7b5341

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1mOgGaRx5FGwRADLqgySgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://apk4k.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1mOgGaRx5FGwRADLqgySgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 23 Oct 2023 13:30:09 GMT
expires: Mon, 23 Oct 2023 13:30:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js Show response
pagead2.googlesyndication.com/bg/ Frame 8912 37 KB
14 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 09:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14703
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Oct 2024 09:03:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0B84 0
0 111ms
111ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231017&jk=1086455856500348&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8912 0
10 B 79ms
76ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?amNJig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:30:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

c.gif
www.bing.com/aes/ Frame 6A69
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5d96be79-78b5-4f14-812f-238e296eebbf&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=8e65d1a3-502a-42ca...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=e2134c5052884087ab52cfa8aa9a6265&tids=15000&med=10

0
183 B

101ms
101ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=e2134c5052884087ab52cfa8aa9a6265&tids=15000&med=10
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 13:30:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 601AA6AA104E4D45801D207705AB4843 Ref B: FRA31EDGE0118 Ref C: 2023-10-23T13:30:09Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 23 Oct 2023 13:30:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E6D42E763F39400393E1992D1FA71303 Ref B: FRA31EDGE0118 Ref C: 2023-10-23T13:30:09Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=e2134c5052884087ab52cfa8aa9a6265&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 146
expires: 0

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 6A69 0
554 B 77ms
76ms Ping
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fapk4k.fun%2Fapp%2Fcom.carnivalbkk.carnivalapp&e=wqT_3QK1B-i1AwAAAwDWAAUBCN_q2akGEKGjlbDlleSpVhgAKjYJDlePMF48rj8RC677KShUrT8ZAAAAoEfhyj8hCw0SACkRJAAxARvAmZmpPzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHjF8wWAAQGKAQNVU0SSAQEG8FWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCMWh0dHBzOi8vYXBrNGsuZnVuL2FwcC9jb20uY2Fybml2YWxia2suYw0MYGFwcIADAIgDAZADAJgDCaADAaoDrAMKwgIRR_CGd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPThlNjVkMWEzLTUwMmEtNDJjYS1iZmFlLTE1MDcwYzdlNzJmYyZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYxJm9BZFVuGVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AOI5xALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_DJX2ZhZV9xdmVycGcmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM2MjIwNDc0NTg4NzcwNjg1MzQ1IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56SXlNalExTURRME5qSTROVElqTWpNeU5EQXlNems0TkRFd09UVTJPQT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEukGGWIgFAZgFAKAF4bXDqr_n7bIYwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AXOmwH6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfF8wXSBw0VZQEmCNoHBgFesBgA4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=a3a850ab3c899b9b6e160008048b8340a2c218d5&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=8392519701324465192&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 13:30:09 GMT
an-x-request-uuid: a1e522e1-5610-43ae-a131-190ac5baa395
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 82.199.130.40; 82.199.130.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6A69 42 B
64 B 115ms
114ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaDIAFj-xF0MGfiDPO5KCn7pkF-a-BKpdWJ4Q7cIs66GwdeA1LYsXDjCqU0lWISLK2gkTuPFOOXWgHrCAmqNdBv3pFQIGac4_RrkpH&sig=Cg0ArKJSzMGekGH24FstEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698067808011&rpt=689&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Oct 2023 13:30:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 117ms
114ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231017&jk=1086455856500348&bg=!yMuly4TNAAbDUgby41I7ADQBe5WfOHWG3P-5mrQNYf52o-brQd1rJNB9hM560QkhcPU1LFb6kwMd5tLL0vF4BgwkvWiRAgAAAKFSAAAAA2gBBwoA0XR2K2vgyHOhEPXflLPAHK203S5Npsr1zShr6kceDbNPv426PwmmBYEIe2ZXhen4Yi5MeW-FBVkQuewxrhunn_EdNvabfKSLqaDd7CuNj93KZlOXRQSwFeaYPMQ5tl8CBOq4mLCRbG7pqrLiNlIFA_KewqVhngVOTGZR_jHDrXt3JIsRndVIIhNVHvzMgiQmR8_9xtT56_uK5PKYMCg4lRo5o4qGH-3I3qBzDPM6zY3K5vlwLnj8woxc2IjBgYpuYX8HRcRgtp2WRvikKgDY0GjXmQKoiiV7b8RDiM6K0VYmQjos2GaMHTQGhxjYH4Xn33pW6F--9pNZ89MA9KZDk05XOss4jiwdr8g4JihbDMNKR0Bi-PkoSvTHxidSK0QVo7mfaC6lFWEAPgw5lga2S0eDYFipixLJjIaMlv1ehl4TK8O-B9haS-tIikYJD9hiZz32u6lQtKE5e3TAnx8zsjTEbcx3xQMLCRm_ygxtgTnAK5_9Z04_mSUOen8d6z8Zi9bdJ_c8_Zi2dd64GD44eC-hpPbuQruQd3Gs945Jq3DSHKWuLYf8oluc-KGzoZQOmR_gZm4NJPgKN35aG2YLa_PlSeV4TgkTGkRrVO79zFjNRZWAN6URatH3tmfIMb4HkGbSNHoWYK5CqpKweJ3sUGwFG1lkBXoFeRyKUablFD7U5ydE3Eww91oWzHAsgfGwByZRfhCMhvNnC0GAOBpJ6VkmekjMDRUuPhk35YQVOeg2uDTZelZ5nFpjQvz6iiVk8fdeCY5smiqYxtKSdHkknQzJFO-HMms88b09vqz3bg1Gqx6gr1CXlesV4EQAu8JLVMwtyRwcBKP2mVRkOlfO04Cj_IEpdfaxH9JGYIYBjRq_MBx-PWqF_HaxKpggyUXhx6FOpE_vs54czkB0hCBOm-GELg7W4HinFLBaKBvnT_PLDxhBbOY5dxAtW715p07z6bfSBeoD46lJD8CVIYrxzXFuNZnIhnU_2b8Br0cy6jhzVTkr0it6Z2eXZNTdT_X7ISg4tcNbAylHcFZr5qxhvn3hqcigECXzjd4Figm5GA6bzDCrqQNtiHFaDjM40Byja64DpmEemBR6qGKJ_ujOyk08g7Kw9YVVy5njYNVZIa4QGX8zyyBuNbZ8oyXQ5ffiR7muuE9lTNz2ofNO3u09m7hVVlCnfK8Cr9PqK3E
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://apk4k.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.apk4k.fun/	1970-01-21 01:02:43	Name: __gads Value: ID=3161c5043bc889ad:T=1698067806:RT=1698067806:S=ALNI_MaAFghG2bgx7tycnb-11oOzAgDjyQ
.apk4k.fun/	1970-01-21 01:02:43	Name: __gpi Value: UID=00000cc01ab2938e:T=1698067806:RT=1698067806:S=ALNI_MaFOy896aw6Mm5-wbELaN7JFOPoww
.bing.com/	1970-01-21 01:02:43	Name: MUID Value: 04BA9268F1296E551F3781DBF0856FE4
.doubleclick.net/	1970-01-21 01:17:07	Name: IDE Value: AHWqTUksOv_foSmdtJ2qNlYdDKTFjgXXVjErZ1SqW5xvi7GOfqUQQhjlTsA4cANd9bc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
ams3-ib.adnxs.com
apk4k.fun
cdn.adnxs.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
software-network-service.com
tpc.googlesyndication.com
www.bing.com
www.google.com
www.googletagservices.com
151.101.193.108
185.89.211.12
2606:4700:3030::6815:41c3
2620:1ec:46::44
2620:1ec:c11::200
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a06:98c1:3121::3
08be6495f03140467247eca6a576e4f88d6c3210a222b670cc699e738eafe290
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
1a5bc2b94908749d0ea506858056d130430adb9e35a48fa1f6a04bb6003490a8
1e4f5ae8585f16d861b310dac3be681a0eabbb5202764d64ee18e0ae6d0bbebf
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25e32b492261e21be0755cf7cc174e73d70fa105405008b0107dcc7f0451f6d4
28893081d019169c217045909cee1dd584e455005767fc2cf62b41c267846055
2b2b2a51c3b0e990bb3b7840860d7ebd3b9811aa4b1487cc479eb674dac40f64
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
347e7a3b4751b1576746b21cc011ea17d5cdf0a750a63218f9c50ded19228db0
3bad096e6be9de2cb28c768b1a8b99201498f732426b8400f55432846c1140b9
3bb2c597ef946fa96e2bdd0547f388f26490c68a175aba49122d440947b916f5
464473f5dd2bb1651a77e7d2ad98736d9c2feebcde368d273c323b927e67f79c
55115c7581528db99397f917bae664117d14ac1fe1130248242633055156b912
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58e3c5e7d10ee7cede420ec991444805bb178fe89c38d23f7b0d87770d4e2289
5c10043c3e4ff36d31d078e62d36943231ddfa7a01f99782c6eb13db9b1d66cc
5ec1e2ebe080ec8fbfbdc7dd9c0c25449e1d98e4e947c11a00fd770d8841698b
5ee68c2c346eb2bb7fd4b5bfe68dd298eb90e928680f431c918493660444f958
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66fb4fd7897a98f57e23dd541e9106050a1c80fbe81e0bb01e65416ff794d21a
6bcb77a886a91efad21dcd869619b10359f307cb20e445cd5fd866b28e59933a
6d462b8277f136a53336ea1e06fc85393c2ef21bb01a56450d1c7d9e0263d84d
6e325fcb9d7937d8baf10f830cf3d4aad23d19619ef7a119e9d8e760ac7b5341
72bc9c29bd329469ae88c13a8708b99f06da450ede0aeff2d349f3172c28c7ba
7fabae857f013a17b333f2c7201296cb33994b0a7699f36ff61c5fbdc4c3cdf2
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
88fe2c995430b717ab73cb2bc568e7958ca34dfb43b165c55b8c5c641bd3d9c2
89f273f492aa7c8a3e685cc74b6e0f2295b9ba6a2c253a40db0efff7f593563b
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
954a81e41f387364f788445c02eee085129882e044680aaeffdec5a69825b719
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
af3bde25e15583cbd985f8695c25042825f075dd979f0f69b264dba3bf0b927f
b2a3d23e17efb038a34ff425b1679a0dac1afbe9b88d72b683ce1c5101e83068
c062c61ce9b8819f557c0e68d6c5bafa0c00e5017a26ebae68ce8048a07a6e2c
c4a37c5f993e8745c408db08b55a91dfa9b9da67003bee5727a2be4d46d6a224
d92d13f223b469e84827306a007fcfdcfb87c068f7d8cc40473359817e9d257b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e584410e52ac7818fbfdaae948cb42a3355eb1b6335bc0bbfd20186331a58d74
e615f6f367dc60fdba6d1448d36ac3b9195d53b0547eecd900ec7ac5da35f87f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4970d55623e0de95c663065334b2e3227dc197650d061e2f50a27bed7bfabbe
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

apk4k.fun Open in urlscan Pro 2606:4700:3030::6815:41c3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

96 %HTTPS

86 %IPv6

12 Domains

14 Subdomains

15 IPs

2 Countries

825 kBTransfer

1843 kBSize

4 Cookies

0 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

apk4k.fun Open in urlscan Pro
2606:4700:3030::6815:41c3 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

96 %
HTTPS

86 %
IPv6

12
Domains

14
Subdomains

15
IPs

2
Countries

825 kB
Transfer

1843 kB
Size

4
Cookies

56 HTTP transactions
1 data transactions