www.apksum.com Open in urlscan Pro
2606:4700:3033::6815:59a3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Submission: On December 02 via manual (December 2nd 2023, 5:41:45 pm UTC) from CH — Scanned from CH

Summary HTTP 383 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 80 IPs in 12 countries across 70 domains to perform 383 HTTP transactions. The main IP is 2606:4700:3033::6815:59a3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.apksum.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 18th 2023. Valid for: a year.

This is the only time www.apksum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	2606:4700:303... 2606:4700:3033::6815:59a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1 8	2606:4700:10:... 2606:4700:10::6816:3ac7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
8	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f00... 2a03:2880:f008:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
6	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
6	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
5	3.126.74.121 3.126.74.121	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:440... 2606:4700:4400::ac40:994e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2606:4700:10:... 2606:4700:10::6816:2560	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2606:4700:303... 2606:4700:3030::6815:5286	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400a:8::9	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2606:4700:10:... 2606:4700:10::ac43:15e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
51	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12 18	18.158.157.189 18.158.157.189	16509 (AMAZON-02) (AMAZON-02)
12 14	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
5	18.192.135.64 18.192.135.64	16509 (AMAZON-02) (AMAZON-02)
5	2a02:2638:3::28 2a02:2638:3::28	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	51.255.68.171 51.255.68.171	16276 (OVH) (OVH)
7	2.19.107.55 2.19.107.55	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
10	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
2	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
6	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2	141.147.81.223 141.147.81.223	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 5	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
1 5	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
2 4	23.212.218.19 23.212.218.19	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2.19.103.55 2.19.103.55	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2 2	23.36.162.83 23.36.162.83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	65.9.66.18 65.9.66.18	16509 (AMAZON-02) (AMAZON-02)
1	131.153.158.209 131.153.158.209	60558 (SECUREDSE...) (SECUREDSERVERS-EU)
3	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
11	104.22.68.131 104.22.68.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 11	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
5 6	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2600:9000:211... 2600:9000:211e:be00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	188.42.34.65 188.42.34.65	7979 (SERVERS-COM) (SERVERS-COM)
2	35.156.254.191 35.156.254.191	16509 (AMAZON-02) (AMAZON-02)
2	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
4	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
2 8	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.147.45.225 54.147.45.225	14618 (AMAZON-AES) (AMAZON-AES)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 6	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2 2	185.86.139.57 185.86.139.57	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a05:d018:d29... 2a05:d018:d29:3602:1a0:3675:b602:a15	16509 (AMAZON-02) (AMAZON-02)
1 1	18.66.112.102 18.66.112.102	16509 (AMAZON-02) (AMAZON-02)
3 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	2607:ae80:4::26 2607:ae80:4::26	26558 (FREEWHEEL) (FREEWHEEL)
1	185.86.138.154 185.86.138.154	201081 (SMARTADSE...) (SMARTADSERVER)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 3	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
3 4	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
3 3	52.202.8.176 52.202.8.176	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550e:2d2e:9af7:db33:d77c	() ()
1 1	64.227.64.62 64.227.64.62	() ()
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
3 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	52.30.100.123 52.30.100.123	16509 (AMAZON-02) (AMAZON-02)
1 3	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	52.95.115.196 52.95.115.196	16509 (AMAZON-02) (AMAZON-02)
1 2	52.212.46.188 52.212.46.188	16509 (AMAZON-02) (AMAZON-02)
1 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	46.137.164.248 46.137.164.248	16509 (AMAZON-02) (AMAZON-02)
1 3	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
2 2	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
2 2	2a02:fa8:8806... 2a02:fa8:8806:21::1690	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	18.200.44.133 18.200.44.133	16509 (AMAZON-02) (AMAZON-02)
1 1	70.42.32.223 70.42.32.223	13789 (INTERNAP-...) (INTERNAP-BLK3)
383	80

33 2606:4700:3033::6815:59a3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.apksum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::6816:3ac7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

chart.apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f008:8:face:b00c:0:1 (Milan, Italy)

ASN32934 (FACEBOOK, US)

scontent-mxp1-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.126.74.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-74-121.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:10::6816:2560 (United States)

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700:3030::6815:5286 (United States)

ASN13335 (CLOUDFLARENET, US)

px.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbc.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400a:8::9 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

r4---sn-1gieen7e.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::ac43:15e3 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 18.158.157.189 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-157-189.eu-central-1.compute.amazonaws.com

aws-fr-sync.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.66 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.192.135.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com

media.grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::28 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

grid-mercury.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.255.68.171 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.19.107.55 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-107-55.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.237 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.63.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.147.81.223 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 176.9.26.250 (Berlin, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 159.69.70.9 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

hal900017.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.212.218.19 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-218-19.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.19.103.55 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-103-55.deploy.static.akamaitechnologies.com

iponweb503341958152.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.162.83 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-83.deploy.static.akamaitechnologies.com

ui2.awin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-18.fra56.r.cloudfront.net

a1.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.158.209 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU, US)

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)

csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.211.12 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:be00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.34.65 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.254.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-254-191.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.174.117 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.45.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-45-225.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.9.251 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.57 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:1a0:3675:b602:a15 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.102 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-102.fra56.r.cloudfront.net

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:ae80:4::26 (United States) 2 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.79 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.202.8.176 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-8-176.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550e:2d2e:9af7:db33:d77c (None, )

ASN- ()

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.64.62 (None, ) 1 redirects

ASN- ()

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 3 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.100.123 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-100-123.eu-west-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.191.210 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.115.196 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.46.188 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-46-188.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.137.164.248 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-164-248.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.205 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.243 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.241 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:21::1690 (Singapore) 2 redirects

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.44.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-44-133.eu-west-1.compute.amazonaws.com

cs.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.223 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	411 KB
34	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	312 KB
33	apksum.com 1 redirects www.apksum.com	276 KB
31	vliplatform.com px.vliplatform.com — Cisco Umbrella Rank: 35885 pbc.vliplatform.com — Cisco Umbrella Rank: 95349	13 KB
23	bidswitch.net 12 redirects aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 31154 x.bidswitch.net — Cisco Umbrella Rank: 336 media.grid.bidswitch.net — Cisco Umbrella Rank: 2648	7 KB
23	criteo.com 4 redirects bidder.criteo.com — Cisco Umbrella Rank: 776 gum.criteo.com — Cisco Umbrella Rank: 424 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 grid-mercury.criteo.com — Cisco Umbrella Rank: 3018 mug.criteo.com — Cisco Umbrella Rank: 2811 dis.criteo.com — Cisco Umbrella Rank: 550	55 KB
18	vlitag.com 1 redirects services.vlitag.com — Cisco Umbrella Rank: 40308 assets.vlitag.com — Cisco Umbrella Rank: 49048 media.vlitag.com — Cisco Umbrella Rank: 79301	510 KB
16	pubmatic.com 5 redirects ads.pubmatic.com — Cisco Umbrella Rank: 544 image6.pubmatic.com — Cisco Umbrella Rank: 793 image8.pubmatic.com — Cisco Umbrella Rank: 661 simage2.pubmatic.com — Cisco Umbrella Rank: 723 image2.pubmatic.com — Cisco Umbrella Rank: 859 image4.pubmatic.com — Cisco Umbrella Rank: 1224 simage4.pubmatic.com	34 KB
16	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 592 eb2.3lift.com — Cisco Umbrella Rank: 372	7 KB
14	quantumdex.io useast.quantumdex.io — Cisco Umbrella Rank: 19494 sync.quantumdex.io — Cisco Umbrella Rank: 4292	3 KB
12	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37721 hal900014.redintelligence.net — Cisco Umbrella Rank: 199926 hal900017.redintelligence.net — Cisco Umbrella Rank: 196694	23 KB
11	smilewanted.com prebid.smilewanted.com Failed csync.smilewanted.com — Cisco Umbrella Rank: 2705 static.smilewanted.com — Cisco Umbrella Rank: 9095	18 KB
10	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953 scontent-mxp1-1.xx.fbcdn.net — Cisco Umbrella Rank: 160961	185 KB
9	moatads.com z.moatads.com — Cisco Umbrella Rank: 653 mb.moatads.com — Cisco Umbrella Rank: 766 px.moatads.com — Cisco Umbrella Rank: 594	115 KB
8	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	6 KB
8	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478	6 KB
8	creativecdn.com 3 redirects prebid-asia.creativecdn.com — Cisco Umbrella Rank: 26644 creativecdn.com — Cisco Umbrella Rank: 564	2 KB
7	4dex.io script.4dex.io — Cisco Umbrella Rank: 1628 mp.4dex.io — Cisco Umbrella Rank: 2346	25 KB
6	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 714	4 KB
6	moatpixel.com iponweb503341958152.s.moatpixel.com — Cisco Umbrella Rank: 7909	1 KB
6	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 13930 a1.awin1.com — Cisco Umbrella Rank: 48923	167 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	192 KB
6	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751	1 KB
6	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 805	484 B
5	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 285 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807	4 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	318 KB
5	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 560 dmp.adform.net — Cisco Umbrella Rank: 2870 cm.adform.net — Cisco Umbrella Rank: 1211	3 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2112	3 KB
4	liadm.com 3 redirects i.liadm.com — Cisco Umbrella Rank: 517 i6.liadm.com	2 KB
4	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	2 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	593 B
4	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1750	536 B
3	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2134	2 KB
3	smartadserver.com 2 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1285 ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332	1 KB
3	yellowblue.io cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2453 cs.yellowblue.io — Cisco Umbrella Rank: 1547	2 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	2 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 487 ajax.googleapis.com — Cisco Umbrella Rank: 340	189 KB
2	dotomi.com 2 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2850	744 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 681	938 B
2	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 672	658 B
2	weborama.fr 1 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 24651	497 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 799	854 B
2	360yield.com 2 redirects ice.360yield.com — Cisco Umbrella Rank: 1817	668 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	638 B
2	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 526	1 KB
2	mathtag.com sync.mathtag.com — Cisco Umbrella Rank: 1031	884 B
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 650	277 B
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	69 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1601	1 KB
2	awin.com 2 redirects ui2.awin.com — Cisco Umbrella Rank: 53821	241 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	62 KB
2	googlevideo.com 1 redirects redirector.googlevideo.com — Cisco Umbrella Rank: 1163 r4---sn-1gieen7e.googlevideo.com	976 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	310 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 780	608 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	514 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 711
1	smadex.com 1 redirects cm.smadex.com — Cisco Umbrella Rank: 2280	619 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 327	864 B
1	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 546	194 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 674	439 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	274 B
1	a-mx.com id.a-mx.com — Cisco Umbrella Rank: 1702	266 B
1	nrich.ai 1 redirects dsp.nrich.ai — Cisco Umbrella Rank: 3181	586 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	254 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	30 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	14 KB
1	google.com chart.apis.google.com — Cisco Umbrella Rank: 47356	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	90 KB
0	admanmedia.com Failed cs.admanmedia.com Failed
383	70

	Domain	Requested by
51	pagead2.googlesyndication.com	assets.vlitag.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
33	www.apksum.com	1 redirects www.apksum.com
30	px.vliplatform.com	www.apksum.com assets.vlitag.com
14	cm.g.doubleclick.net	12 redirects eb2.3lift.com onetag-sys.com
13	assets.vlitag.com	services.vlitag.com www.apksum.com assets.vlitag.com
11	eb2.3lift.com	3 redirects assets.vlitag.com sync.quantumdex.io eb2.3lift.com
10	csync.smilewanted.com	assets.vlitag.com csync.smilewanted.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net www.apksum.com tpc.googlesyndication.com
10	aws-fr-sync.bidswitch.net	10 redirects
10	googleads.g.doubleclick.net	assets.vlitag.com pagead2.googlesyndication.com
9	sync.quantumdex.io	assets.vlitag.com sync.quantumdex.io onetag-sys.com ssum-sec.casalemedia.com ads.pubmatic.com cs-server-s2s.yellowblue.io
8	x.bidswitch.net	2 redirects assets.vlitag.com onetag-sys.com
8	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
6	onetag-sys.com	2 redirects sync.quantumdex.io onetag-sys.com
6	ib.adnxs.com	5 redirects eb2.3lift.com
6	iponweb503341958152.s.moatpixel.com
6	px.moatads.com	assets.vlitag.com
6	googleads4.g.doubleclick.net	googleads.g.doubleclick.net www.apksum.com
6	s0.2mdn.net	www.apksum.com assets.vlitag.com googleads.g.doubleclick.net s0.2mdn.net
6	prebid.a-mo.net	assets.vlitag.com
6	targeting.unrulymedia.com	assets.vlitag.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	hal900017.redintelligence.net	1 redirects assets.vlitag.com hal900017.redintelligence.net
5	hal900014.redintelligence.net	1 redirects assets.vlitag.com hal900014.redintelligence.net
5	www.googletagservices.com	googleads.g.doubleclick.net s0.2mdn.net
5	grid-mercury.criteo.com	assets.vlitag.com
5	media.grid.bidswitch.net	assets.vlitag.com
5	cat.nl3.eu.criteo.com	assets.vlitag.com
5	useast.quantumdex.io	assets.vlitag.com
5	bidder.criteo.com	assets.vlitag.com
5	mp.4dex.io	assets.vlitag.com
5	tlx.3lift.com	assets.vlitag.com
5	prebid-asia.creativecdn.com	assets.vlitag.com
4	a.audrte.com	3 redirects ads.pubmatic.com
4	image8.pubmatic.com	3 redirects onetag-sys.com
4	match.adsrvr.org	eb2.3lift.com onetag-sys.com ssum-sec.casalemedia.com ads.pubmatic.com
4	sync.adkernel.com	sync.quantumdex.io
4	www.awin1.com	2 redirects assets.vlitag.com
4	gum.criteo.com	1 redirects static.criteo.net assets.vlitag.com
4	services.vlitag.com	www.apksum.com services.vlitag.com
3	image2.pubmatic.com	1 redirects ads.pubmatic.com
3	simage2.pubmatic.com	1 redirects ads.pubmatic.com
3	creativecdn.com	3 redirects
3	i.liadm.com	3 redirects
3	s.amazon-adsystem.com	1 redirects onetag-sys.com ssum-sec.casalemedia.com
3	dis.criteo.com	3 redirects
3	ads.pubmatic.com	sync.quantumdex.io csync.smilewanted.com ads.pubmatic.com
3	ssum-sec.casalemedia.com	1 redirects sync.quantumdex.io ssum-sec.casalemedia.com
3	id5-sync.com	assets.vlitag.com sync.quantumdex.io
3	c1.adform.net	3 redirects
2	pubmatic-match.dotomi.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	u.openx.net	2 redirects
2	cr.frontend.weborama.fr	1 redirects ads.pubmatic.com
2	sync.crwdcntrl.net	1 redirects ads.pubmatic.com
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	ice.360yield.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects onetag-sys.com
2	ads.stickyadstv.com	2 redirects
2	sync.mathtag.com	onetag-sys.com ads.pubmatic.com
2	pixel.rubiconproject.com	1 redirects onetag-sys.com
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	secure.adnxs.com	2 redirects
2	sync.smartadserver.com	2 redirects
2	cs-server-s2s.yellowblue.io	sync.quantumdex.io cs-server-s2s.yellowblue.io
2	ap.lijit.com	sync.quantumdex.io csync.smilewanted.com
2	match.sharethrough.com	sync.quantumdex.io cs-server-s2s.yellowblue.io
2	ads.betweendigital.com	2 redirects
2	a1.awin1.com	hal900017.redintelligence.net hal900014.redintelligence.net
2	ui2.awin.com	2 redirects
2	ajax.googleapis.com	hal900017.redintelligence.net hal900014.redintelligence.net
2	mb.moatads.com	z.moatads.com
2	hal9000.redintelligence.net	assets.vlitag.com
2	ad.doubleclick.net	assets.vlitag.com
2	static.criteo.net	assets.vlitag.com static.criteo.net
2	script.4dex.io	assets.vlitag.com script.4dex.io
2	securepubads.g.doubleclick.net	services.vlitag.com securepubads.g.doubleclick.net
2	scontent-mxp1-1.xx.fbcdn.net	www.facebook.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	b1sync.zemanta.com	1 redirects
1	cs.yellowblue.io	cs-server-s2s.yellowblue.io
1	cm.adform.net	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	i6.liadm.com	ssum-sec.casalemedia.com
1	id.rlcdn.com	onetag-sys.com
1	ssbsync-global.smartadserver.com	onetag-sys.com
1	pixel-eu.rubiconproject.com	onetag-sys.com
1	image6.pubmatic.com	ads.pubmatic.com
1	cm.smadex.com	1 redirects
1	px.ads.linkedin.com	eb2.3lift.com
1	sync.1rx.io	1 redirects
1	s.ad.smaato.net	1 redirects
1	static.smilewanted.com	csync.smilewanted.com
1	lb.eu-1-id5-sync.com	assets.vlitag.com
1	id.a-mx.com	assets.vlitag.com
1	mug.criteo.com
1	z.moatads.com	assets.vlitag.com
1	dsp.nrich.ai	1 redirects
1	pbc.vliplatform.com	assets.vlitag.com
1	r4---sn-1gieen7e.googlevideo.com	www.apksum.com
1	redirector.googlevideo.com	1 redirects
1	media.vlitag.com	1 redirects
1	cdn.jsdelivr.net	assets.vlitag.com
1	imasdk.googleapis.com	services.vlitag.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.apksum.com
1	www.facebook.com	www.apksum.com
1	chart.apis.google.com	www.apksum.com
1	www.googletagmanager.com	www.apksum.com
0	cs.admanmedia.com Failed	sync.quantumdex.io onetag-sys.com
0	prebid.smilewanted.com Failed	assets.vlitag.com
383	115

This site contains links to these domains. Also see Links.

Domain
en.apksum.com
cn.apksum.com
tw.apksum.com
es.apksum.com
pt.apksum.com
th.apksum.com
de.apksum.com
play.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-18` - `2024-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
vlitag.com GTS CA 1P5	`2023-11-26` - `2024-02-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-11` - `2023-12-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.a-mo.net R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
media.grid.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-08-11` - `2024-08-11`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
id.a-mx.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-12` - `2024-11-10`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh

This page contains 51 frames:

Primary Page: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Frame ID: 17135F7765F43875B10E74E226A5ACFC
Requests: 118 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fapksum&tabs&width=300&height=154&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 20ECA701636533022FF2E7FD85663AB5
Requests: 11 HTTP requests in this frame

Frame: https://www.apksum.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: 9F1CF354A8A2689AC609588D837129F2
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.apksum.com
Frame ID: 5EFEE033ED9C172465519D0EBD97E9B2
Requests: 2 HTTP requests in this frame

Frame: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: 508C502A63896EB031427719593D6565
Requests: 21 HTTP requests in this frame

Frame: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: 47B64A1D9DF94EE7BF4AD9AB4029EBF0
Requests: 37 HTTP requests in this frame

Frame: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: A400D78DDFC497B2EFCDEAA76D5ED9F8
Requests: 22 HTTP requests in this frame

Frame: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: 1CC1E080D0C7E049855D69CDDAD1DC18
Requests: 22 HTTP requests in this frame

Frame: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: 0E8958E4BBC8E546B8CBD32C6FD1C1F6
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCwkYbeBRjdlaCAAjAB&v=APEucNWSLAxSYrLrDqr0xbZwmMnMztkc9VC4czJyC5YJRM2UEcDrSe9wFez24zladc9u8nvHGVPRe0jbmt_Q449bn-pNAk8c0LSw6Wc--gKxiKMgMqX9kLI
Frame ID: 146049B2A612648A0989B08579EF9D29
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COi0mwIQiaCjAhi4tvr8ATAB&v=APEucNUBTfEc96IJ0FqMuauOyUz2EBXvet1I2v39tADlneWMzfGl7ASqH31R3ErQlOtyJ9XX94IIJQIrpuy7sCCH0gUYmVkaZs2c50-VqzBjI_0ArgsxdVU
Frame ID: FEF04162E02A8A04268609B2164F3B93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDv-Kb2Axjsr7H-ATAB&v=APEucNX3lvk8rDdnxD1Zyn0fehqwC7bvGTUGeiGSk_URL5fYVUkpbdc8O0OQhy9jLMnhI6tFNR9DiEl4_M24kw5uX5EFsXS0BJYI7ujDoQ7HN48naPirk2g
Frame ID: AC583C45F8CCA88A6C95BD5486C91EA7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDv-Kb2Axjsr7H-ATAB&v=APEucNUnWKnuepPi_PV4pFJz8dMYmAIj33NFb2sRfpZZgMI2YEqy33b_9MQGYumchKXVUworDohchySgL3qNJXQHUo0MVujwpPHrorwcZb2erzU3nUXGlHg
Frame ID: 6C1DD77C4FD1F6305F3B9C3D59F8ED99
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCwkYbeBRiAmKCAAjAB&v=APEucNV5I-0F13dkLe_I5UJ-1gGaWs26AfO6rcRmdRXMURYqRN9YCbXi8UrZhjeIIseGIH64DFMOafbwYbSzopMayvPy_LTw37a-QZEkjrQZs8PfQNr3X2A
Frame ID: 7ADBD08BAD0708889992082E5D02FEC2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7494635C11C4699915083EA9B3C127A1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D1C68B4BCB9113DF618FF08FB241DEF4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1AF86906989F336752A5474275E1186F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 58BA09CD5333C41D8630527E6B4767E0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CAC3AC343B61B547AF85940A47612EE8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4451089284811474003/index.html?ev=01_250
Frame ID: 61F84979DD0A604788A06F5173C9988E
Requests: 3 HTTP requests in this frame

Frame: https://hal900017.redintelligence.net/request_content.php?s=60636500123059810284423012526017&a=4369996f
Frame ID: DD467625581F42AD8ED0A8B7228367D7
Requests: 6 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=35407500111664610284419012526014&a=b180f359
Frame ID: 433CF59C959CCC62EECE989685526DC2
Requests: 6 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: A79684CA994AF8AC622094BEE0DB332F
Requests: 9 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 459414CEF7F43D65203E1457EED77CE4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 15ABEF524D7BAE7BACAEDA2AB945F603
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A824B4E4801AB192670390EFBB17A77F
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: A061931EDDD39D31CD93E36B21E0A30A
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Frame ID: 6905D5682C4CCF2F37C99515841AD356
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: 5CE3DC50B9C626C994747BEAE8BB908F
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: 2F6BBA55DB14C56DC810293EE344AF9B
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: 95455AEF315A7D5DE4F5626F22EEEAF7
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Frame ID: 1C2DEB56EB300B68EE199AA1CE7507D2
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 37E26DD375799E523E7DFDE94F9FEB58
Requests: 10 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: FFCFD6711FB721FB39504223521697D0
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 2EAF3C6218F9295E927C05B483FEA1B3
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: EDE2F1B823D267DEED986A6F0BDD144F
Requests: 17 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 6D279AD459EAB00E5D7422DD9CB1473D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/1678579404281054647
Frame ID: 5EF3FB013EA29419A1ECCBEB9D574125
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/3374126541201223746
Frame ID: CAA5B104C586C60F3542C61D77861E5C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LPOCBW1D-Q-M2U?gdpr=0
Frame ID: 7495AFA539A08046D75898D6AFFBFB11
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 7BC21D9F51BB332855A35A4B3C09128F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/de386e47-80fb-46cc-bd39-3d0531cfcb9a&partner_id=1010
Frame ID: EA35A9A028EC2D5B0E3169B762149987
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 28C5C528B80D8DD84E048F0DD2E56FFD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: BE92BA09895C29AA15C19875F115BBD4
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EF62157B-E772-4800-8158-D9BACC7E1431&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: B9BA59DBB516473553D10051F9C099B6
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=EF62157B-E772-4800-8158-D9BACC7E1431
Frame ID: 3A9EF726F2E776B7E72D3439F6CAB9D6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/586be0a6-eefe-4591-890e-32181b40f1f5
Frame ID: 22A10A0FD23CFA21189CB621F8BE794F
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: EECB04E4A02F78E14ACE643F106BDD08
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/4137139064124650715
Frame ID: A1FE75128178A8B1B99923FA28DD7820
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: FDA98974A9A13A545B138D920C95FFF5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/L6zMNCx6HCkkACtv2N8Ew5D6srn2ivTcJAKKiqH-fn4?pi=smilewanted
Frame ID: 7F64C89B5012AADFA0E3363B55C566D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Five Nights at Freddys 2 APK 2.0.1 - download free apk from APKSum

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

383
Requests

87 %
HTTPS

34 %
IPv6

70
Domains

115
Subdomains

80
IPs

12
Countries

3065 kB
Transfer

8020 kB
Size

91
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://en.apksum.com/
Title: English

Search URL Search Domain Scan URL

URL: https://cn.apksum.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://tw.apksum.com/
Title: 繁体中文

Search URL Search Domain Scan URL

URL: https://es.apksum.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://pt.apksum.com/
Title: Português

Search URL Search Domain Scan URL

URL: https://th.apksum.com/
Title: ภาษาไทย

Search URL Search Domain Scan URL

URL: https://de.apksum.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.scottgames.fnaf2
Title: Google Play

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.scottgames.fnaf2&utm_source=apksum.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.apksum.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.apksum.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Request Chain 99

https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
https://redirector.googlevideo.com/videoplayback?expire=1701556018&ei=0lprZbaHDO6FsfIP0JyV8AE&ip=184.164.141.146&id=o-AMcR2dair95m7tRmV_W6Nm0SU4Vdf3nHy7TuNfP05Wms&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=d6&mm=31%2C29&mn=sn-2puupm-2pue%2Csn-p5qlsndk&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=UWF9f5cHXm5o5xxQ7DcX0DH0hGiNEOTjeilTfIZa1_CPMXb7u1ly&vprv=1&svpuc=1&mime=video%2Fmp4&ns=3dGCytTVK17PVwHnRJ9At60P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&mt=1701533887&fvip=3&fexp=24007246&c=WEB&sefc=1&txp=6219224&n=opIKeMHdDmQzrmSAL2&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAJ_mngTv1aWhz3fXwxobLe6jD2dJz58QSldHYxgIEL-vAiABT96ZHH3SapGwxvVpAk7HWp-N9XzrdDFfy0-MlwxP4Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AM8Gb2swRQIgEqy2D9Z0bXnAWZ9iqR9YdcOWgUsRFgJBvnvcvU611f8CIQDnRSM586V1N2_fnZCkWI4_wov_zRbZGcduRzzQAGKYmQ%3D%3D HTTP 302
https://r4---sn-1gieen7e.googlevideo.com/videoplayback?expire=1701556018&ei=0lprZbaHDO6FsfIP0JyV8AE&ip=184.164.141.146&id=o-AMcR2dair95m7tRmV_W6Nm0SU4Vdf3nHy7TuNfP05Wms&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f5cHXm5o5xxQ7DcX0DH0hGiNEOTjeilTfIZa1_CPMXb7u1ly&vprv=1&svpuc=1&mime=video%2Fmp4&ns=3dGCytTVK17PVwHnRJ9At60P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&sefc=1&txp=6219224&n=opIKeMHdDmQzrmSAL2&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAJ_mngTv1aWhz3fXwxobLe6jD2dJz58QSldHYxgIEL-vAiABT96ZHH3SapGwxvVpAk7HWp-N9XzrdDFfy0-MlwxP4Q%3D%3D&cms_redirect=yes&mh=d6&mip=2a05:ad00:b:0:129::1&mm=31&mn=sn-1gieen7e&ms=au&mt=1701538161&mv=u&mvi=4&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhAJHfqnRzXcyvoCheVcgMgnjy9DQLo2DI8GefZwa5gBDOAiAHsevCSMXfw-BMT2HTcWOdfxU5MWgYJSAyne-bE6ShkQ%3D%3D

Request Chain 144

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2&google_hm=ODIyNjNjMDUtMzA3NS00YTVjLWI5YjctYjc2OGVjNTFkNWUy HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEId7or7-o26mW3WC_jkbOwE&google_cver=1&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2

Request Chain 153

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=82263c05-3075-4a5c-b9b7-b768ec51d5e2&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=41d251df-236e-4b24-bcfb-57c00c6c8902&expires=1&user_group=5&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 158

https://gum.criteo.com/sid/json?origin=publishertag&domain=apksum.com&sn=ChromeSyncframe&so=0&topUrl=www.apksum.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=97lvMnx6TnZGY0p5dHZ4eStXWm9PQU1iOENSOS9rTk1UczB2ckFMWTNNVm9NekRmU3c0M1F4ckRDSE5yRmwvZnBNQkRqYkc5bXlWbXgybWM4VEFVcEJuQXNzZDNyaGszd0JiRU1MdXkvOTk3MHZEcis4c0NWVU1Wclh1djhydzAyLzZMaXJvblk4c2lRbDB5OWVENUJYektqTSsxOFVOWFlIRE5xRjk4ZzRJMHgxRkNUZ2lJUHk4TDJoVnBWNEwzamRsK3piOFkrTmFmWWlEWGsweVAxUVNDNHBCTHVFZ0tlT3JFbU94d2tnY0pYTHZUSGtUejkwR3ZicUFKaVNoUHFHLzFYKzdqU2xqOHYzZEp0VDhoRmZzcFRuZz09fA&cppv=2

Request Chain 164

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=85be579a-4cc7-41ad-a65d-fe5182d3b2bc&google_hm=ODViZTU3OWEtNGNjNy00MWFkLWE2NWQtZmU1MTgyZDNiMmJj HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFIC4sfllYZnw5BLMuzrbvY&google_cver=1&ssp=themediagrid&bsw_param=85be579a-4cc7-41ad-a65d-fe5182d3b2bc

Request Chain 173

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=themediagrid HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=themediagrid HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=4137139064124650715&ssp=themediagrid

Request Chain 182

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2&google_hm=ODIyNjNjMDUtMzA3NS00YTVjLWI5YjctYjc2OGVjNTFkNWUy HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEB5cEEad3vU3Nm1sj1dYf7w&google_cver=1&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2

Request Chain 227

https://hal900014.redintelligence.net/request.php?zone=c51otf15ln3j&nw=20&renderingType=javascript&namespace=78637d8f66&subid=&uid=835398667e64d05c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A38&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpdHcU2xrZa2IF8PI9u8PkMyL8AXGvb_HdNP038-dEpEvEAEgg_3mH2D1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE2QFP0K7b9ZtveJAJzzCtez1DfJvzM-JzC4NmhabJqgbyq9DuDaXk0xN38atO5M9gm-ujtNeRoV_ZGATFYC2o-_TwnA8PhUhkH-xrBHpxMgfltY47v1QIcU4UFQfCvJIG4opoHIJp41y1Uu-wUvXsJK0wCcnejgdBmhAZZAtsFZfIKhS8FGM377qumLYtv8A73SZt5AJpOU6w79rj0Ea8QpZMEXEbZc1jH_vqfWFrDfhmI2Fn7uDJJsgQLonS7OvGVDXWtnp5YYZURCscnQGpALfuPwoVnyEHPE74wATk0qy52QTgBAOIBYuu48pNkAYBoAZNgAf19repBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WPi-rK2m8YID8ggaYmlkZGVyLXRoZW1lZGlhZ3JpZF9kYjgyMTGACgSYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE7TH3hXQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNsX6LHGh0PtFyPkOqUq-75D4wGHReo7a2BDaGlKsFbQtZclbRyqR5J-Z14RU5GAE%26sig%3DAOD64_2JMGw8Mt1gn4ze_faKqsfFchQyQg%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-ARVT6w5WupTTNHvOFd6BKGnepIbxLgmWBtUMlV3hyiKtGTqqmBPTQPr1Zemy-vrSu2uFpBbFqlFFedvMOOJpvH1ksLsXxilpAUXtGKl_SqP8ojGOIgE3iIjWElwOtMLDgI_Vwgt0u3ABag0tQwEIFOyEouD6iEGHIGzjJiFUbt_IcV1AK7__WvP3LqzkA3JeNxjARqVW0r9xQHmddxwQ-jmKyi5g%26cry%3D1%26dbm_d%3DAKAmf-CCLqIxhkkvkpVkHrCN554XL9NffUHlvLdp8O8zT7kBp7i3kmIqCYLfe0hqefa9wB00LiQEmSrW-SNyExTZiVVJswCebjuOsz-UwOIbpDiYx9LUJj92GGKzycFeZhmuRP3Z7T7eDrAOmh5ROYOxgfas1oa9DqB2U9r3io77erFzX9se2uVlXBbJJd_LXkfKcW3sv_2z9WIWH6whRsWW7dex0uEPch4MUg3dIZkEju3OIigtb1nu0irqF92ETQ8iOYRLmv-T_5JxmH9sYX1as6XVqG1ywQ4FYlmawewv43AMSBVJNPbt_4G06CkdMUr-JZGjcTZpI_OibFlhmZA2SHFr1lqxBn3ZtUXA-bD8Xl2kR3xcsFkV9gTv965Zh8q-FPv6l8G1bP8m4rmGOpEKbiLyRF3gPw72zLTml0XegsR9nvTZ0v2Utl3jbojL14NJei3uvvp7HD_hmi2cHabkneSb-_ZA8SGX0Y8noxRFsk9PHHjzAEErSSL7Z9gHdGdPvaYXE2lSZTb2xUEFF8GiazrMXg1rBx3AoLEEj__Akrd3wcpo-6jSbRRxawe87r3DaarKtOSpQPcPEG28gIYAduh0Y_T4hbPurkgdi3BCOzfsiSg0ffrPWePV79R6wsEWW79OVlbm_gD7fcphMAwZOMRtm28ejnuY4nXRNyW3VqVHFJHv74r3ehCr_Q_uzqwk5hEeB9gn%26adurl%3D&documentReferer=https%3A%2F%2Fwww.apksum.com%2F&ancestorOrigins=https%3A%2F%2Fwww.apksum.com&random=7677363539318&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900014.redintelligence.net/request.php?zone=c51otf15ln3j&nw=20&renderingType=javascript&namespace=78637d8f66&subid=&uid=835398667e64d05c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A38&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpdHcU2xrZa2IF8PI9u8PkMyL8AXGvb_HdNP038-dEpEvEAEgg_3mH2D1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE2QFP0K7b9ZtveJAJzzCtez1DfJvzM-JzC4NmhabJqgbyq9DuDaXk0xN38atO5M9gm-ujtNeRoV_ZGATFYC2o-_TwnA8PhUhkH-xrBHpxMgfltY47v1QIcU4UFQfCvJIG4opoHIJp41y1Uu-wUvXsJK0wCcnejgdBmhAZZAtsFZfIKhS8FGM377qumLYtv8A73SZt5AJpOU6w79rj0Ea8QpZMEXEbZc1jH_vqfWFrDfhmI2Fn7uDJJsgQLonS7OvGVDXWtnp5YYZURCscnQGpALfuPwoVnyEHPE74wATk0qy52QTgBAOIBYuu48pNkAYBoAZNgAf19repBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WPi-rK2m8YID8ggaYmlkZGVyLXRoZW1lZGlhZ3JpZF9kYjgyMTGACgSYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE7TH3hXQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNsX6LHGh0PtFyPkOqUq-75D4wGHReo7a2BDaGlKsFbQtZclbRyqR5J-Z14RU5GAE%26sig%3DAOD64_2JMGw8Mt1gn4ze_faKqsfFchQyQg%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-ARVT6w5WupTTNHvOFd6BKGnepIbxLgmWBtUMlV3hyiKtGTqqmBPTQPr1Zemy-vrSu2uFpBbFqlFFedvMOOJpvH1ksLsXxilpAUXtGKl_SqP8ojGOIgE3iIjWElwOtMLDgI_Vwgt0u3ABag0tQwEIFOyEouD6iEGHIGzjJiFUbt_IcV1AK7__WvP3LqzkA3JeNxjARqVW0r9xQHmddxwQ-jmKyi5g%26cry%3D1%26dbm_d%3DAKAmf-CCLqIxhkkvkpVkHrCN554XL9NffUHlvLdp8O8zT7kBp7i3kmIqCYLfe0hqefa9wB00LiQEmSrW-SNyExTZiVVJswCebjuOsz-UwOIbpDiYx9LUJj92GGKzycFeZhmuRP3Z7T7eDrAOmh5ROYOxgfas1oa9DqB2U9r3io77erFzX9se2uVlXBbJJd_LXkfKcW3sv_2z9WIWH6whRsWW7dex0uEPch4MUg3dIZkEju3OIigtb1nu0irqF92ETQ8iOYRLmv-T_5JxmH9sYX1as6XVqG1ywQ4FYlmawewv43AMSBVJNPbt_4G06CkdMUr-JZGjcTZpI_OibFlhmZA2SHFr1lqxBn3ZtUXA-bD8Xl2kR3xcsFkV9gTv965Zh8q-FPv6l8G1bP8m4rmGOpEKbiLyRF3gPw72zLTml0XegsR9nvTZ0v2Utl3jbojL14NJei3uvvp7HD_hmi2cHabkneSb-_ZA8SGX0Y8noxRFsk9PHHjzAEErSSL7Z9gHdGdPvaYXE2lSZTb2xUEFF8GiazrMXg1rBx3AoLEEj__Akrd3wcpo-6jSbRRxawe87r3DaarKtOSpQPcPEG28gIYAduh0Y_T4hbPurkgdi3BCOzfsiSg0ffrPWePV79R6wsEWW79OVlbm_gD7fcphMAwZOMRtm28ejnuY4nXRNyW3VqVHFJHv74r3ehCr_Q_uzqwk5hEeB9gn%26adurl%3D&documentReferer=https%3A%2F%2Fwww.apksum.com%2F&ancestorOrigins=https%3A%2F%2Fwww.apksum.com&random=7677363539318&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 231

https://hal900017.redintelligence.net/request.php?zone=mqnp5hgjaan3&nw=20&renderingType=javascript&namespace=cc9a1da930&subid=&uid=cc38fd6658b870c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A38&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7fbOU2xrZZrtAeuRjuwPs5C--AbGvb_HdPv038-dEpEvEAEgg_3mH2D1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE3QFP0MY5TLQ5V8MFQOsKVay1FQ-ApNx1peS_1B5V85DWax9Q-L6Qj71BjXS5u62A48U9eS_qckJhDfcpfDg9QMXZOO34wQ7kZl2oYIW7m2dWPZv1EKXuMEodI8S_1gY6MOpEMMGCRZx3S5P9vj6fbJnf95owbncHdGjJjWbnwjHD5lDitopD2ea7sf1YMNySbx3QYnLsAb_KJoT6mS7o3qKY0CG5etPJUb1TB_rG7jhmW7FW-ObZTGXFg04LtBORaWpczYvVNUA96mdsSUDUSkjzLMG5X5iVbkX8-NOv6cAE5NKsudkE4AQDiAWLruPKTZAGAaAGTYAH9fa3qQWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYXzICigI6AoBASL39wTpYhaiXrabxggPyCBpiaWRkZXItdGhlbWVkaWFncmlkX2RiODIxMYAKBJgLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJDSLATtMfeFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNdeuMymDjWRIjb63ZXRzIUWuP2EOP6i7-AS3vAu0t1BYNO33JHQhxNJSrltuoGAE%26sig%3DAOD64_1hvnzI___M1SC8zEEm4HNidDiuBg%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-CJ1UpkazE64-xa4Tmg6C4ZtZe0kDfdCE4zmYlxF-_dk9QV6tL8Zt2lgPv_g3MtFQyY-lPA8LZFh3ewPEePzm1J2A7x_BRoJD7YEW7mO8138Uupw2O1vspcm5_Ur_t3uHM21wq-tfZSG9wwjcclBvI2e9QCNd4Wk6hVQXCt5cy6elck9ns021NGqE9lQBKHzc77or-pdNMl2l35m5zxs5ztK_2EEw%26cry%3D1%26dbm_d%3DAKAmf-DiwU2v20S_Fga2sw9nUmctnVVnqM02luEc5BdRvF6F5Q0yyhVLjyMrQH4qh7BO0a62Rtqo4xVNIaueM35xaf4f3dR87cy-TXWHWbGn4TmqvyYlcArUAbbj0b1vRGfuWIR0wRGDfNycP9K-jis5GoEgKzEF2-fC_LIg-K1P3s9Ep1PotNbOwqRauDR49Fnr9tStw6H9qSs23MS2GVIKi7qRkWIYEgaBHWJye4mIz17TsrHqw4jr7fe-xAfD5hWko0hJKwUzRwn0Kej-Wn3GbxoSbE4n4MkBifFZBaNMPwCObRYW5WTmPYzzixj-5XQ9EPF2CHA4EWObbpNo-qeMqxwHVwjht0qo4zy7wKfQ0u6pJEymKuwLYUtTqadjsMbIKnv5P2KcEWNT4SAr6dMb_He-TG1dReclmrZmWnnFKN3cgZzbCZikg5U7mDlkpnCA-V3QeqkCQuEiJV3I_l7SfZuQXqHIwQLmXFZnQibim9UlBWJhFaTkjZBd0ddPMA5BWw1bdpDjTUmU56CjCLr30hxTH6Q-F-qqvuQQLp0_CG14C8Cv_BoA6P4U9tQKj9KWZ2JCrPhxaXyuhwE7CXTy7a3uNtazLgPy27UW3wbwvVOfnZj5sw5PTidH6DAJ1QEJUL9S1Kr0GWUoP5EAMEE8XFB7qV5VEFtnRZfTJHzO5mbEdGLEsErcMlqSNFLkiuguv9_JLC_k%26adurl%3D&documentReferer=https%3A%2F%2Fwww.apksum.com%2F&ancestorOrigins=https%3A%2F%2Fwww.apksum.com&random=5445471826189&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900017.redintelligence.net/request.php?zone=mqnp5hgjaan3&nw=20&renderingType=javascript&namespace=cc9a1da930&subid=&uid=cc38fd6658b870c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A38&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7fbOU2xrZZrtAeuRjuwPs5C--AbGvb_HdPv038-dEpEvEAEgg_3mH2D1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE3QFP0MY5TLQ5V8MFQOsKVay1FQ-ApNx1peS_1B5V85DWax9Q-L6Qj71BjXS5u62A48U9eS_qckJhDfcpfDg9QMXZOO34wQ7kZl2oYIW7m2dWPZv1EKXuMEodI8S_1gY6MOpEMMGCRZx3S5P9vj6fbJnf95owbncHdGjJjWbnwjHD5lDitopD2ea7sf1YMNySbx3QYnLsAb_KJoT6mS7o3qKY0CG5etPJUb1TB_rG7jhmW7FW-ObZTGXFg04LtBORaWpczYvVNUA96mdsSUDUSkjzLMG5X5iVbkX8-NOv6cAE5NKsudkE4AQDiAWLruPKTZAGAaAGTYAH9fa3qQWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYXzICigI6AoBASL39wTpYhaiXrabxggPyCBpiaWRkZXItdGhlbWVkaWFncmlkX2RiODIxMYAKBJgLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJDSLATtMfeFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNdeuMymDjWRIjb63ZXRzIUWuP2EOP6i7-AS3vAu0t1BYNO33JHQhxNJSrltuoGAE%26sig%3DAOD64_1hvnzI___M1SC8zEEm4HNidDiuBg%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-CJ1UpkazE64-xa4Tmg6C4ZtZe0kDfdCE4zmYlxF-_dk9QV6tL8Zt2lgPv_g3MtFQyY-lPA8LZFh3ewPEePzm1J2A7x_BRoJD7YEW7mO8138Uupw2O1vspcm5_Ur_t3uHM21wq-tfZSG9wwjcclBvI2e9QCNd4Wk6hVQXCt5cy6elck9ns021NGqE9lQBKHzc77or-pdNMl2l35m5zxs5ztK_2EEw%26cry%3D1%26dbm_d%3DAKAmf-DiwU2v20S_Fga2sw9nUmctnVVnqM02luEc5BdRvF6F5Q0yyhVLjyMrQH4qh7BO0a62Rtqo4xVNIaueM35xaf4f3dR87cy-TXWHWbGn4TmqvyYlcArUAbbj0b1vRGfuWIR0wRGDfNycP9K-jis5GoEgKzEF2-fC_LIg-K1P3s9Ep1PotNbOwqRauDR49Fnr9tStw6H9qSs23MS2GVIKi7qRkWIYEgaBHWJye4mIz17TsrHqw4jr7fe-xAfD5hWko0hJKwUzRwn0Kej-Wn3GbxoSbE4n4MkBifFZBaNMPwCObRYW5WTmPYzzixj-5XQ9EPF2CHA4EWObbpNo-qeMqxwHVwjht0qo4zy7wKfQ0u6pJEymKuwLYUtTqadjsMbIKnv5P2KcEWNT4SAr6dMb_He-TG1dReclmrZmWnnFKN3cgZzbCZikg5U7mDlkpnCA-V3QeqkCQuEiJV3I_l7SfZuQXqHIwQLmXFZnQibim9UlBWJhFaTkjZBd0ddPMA5BWw1bdpDjTUmU56CjCLr30hxTH6Q-F-qqvuQQLp0_CG14C8Cv_BoA6P4U9tQKj9KWZ2JCrPhxaXyuhwE7CXTy7a3uNtazLgPy27UW3wbwvVOfnZj5sw5PTidH6DAJ1QEJUL9S1Kr0GWUoP5EAMEE8XFB7qV5VEFtnRZfTJHzO5mbEdGLEsErcMlqSNFLkiuguv9_JLC_k%26adurl%3D&documentReferer=https%3A%2F%2Fwww.apksum.com%2F&ancestorOrigins=https%3A%2F%2Fwww.apksum.com&random=5445471826189&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 262

https://www.awin1.com/cshow.php?s=3498956&v=41538&q=475802&r=414915&pref1=60636500123059810284423012526017&pv=0 HTTP 302
https://ui2.awin.com/ads/awin/41538/img2310_xmas_1_sea_affiliate_marketing_iab_kt_300x250-1699442187772.jpg HTTP 301
https://a1.awin1.com/ads/awin/41538/img2310_xmas_1_sea_affiliate_marketing_iab_kt_300x250-1699442187772.jpg

Request Chain 264

https://www.awin1.com/cshow.php?s=3498960&v=41538&q=475802&r=414915&pref1=35407500111664610284419012526014&pv=0 HTTP 302
https://ui2.awin.com/ads/awin/41538/img2310_xmas_1_sea_affiliate_marketing_iab_kt_728x90-1699442188140.jpg HTTP 301
https://a1.awin1.com/ads/awin/41538/img2310_xmas_1_sea_affiliate_marketing_iab_kt_728x90-1699442188140.jpg

Request Chain 283

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtMTZkM2YyODAtYmEzYS0zZTdmLWJlNDgtNmUyMDVlNDdhNWYzMgIYDDgB&gdpr=&gdpr_consent=

Request Chain 284

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5851632322476081320

Request Chain 285

https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=smaato&uid=2b9632f880

Request Chain 286

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-6477533191372521033 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=e7cf8d84-ec72-5250-83b4-5fffe6df33a9

Request Chain 290

https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=

Request Chain 295

https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1

Request Chain 296

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 301

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/smart/1678579404281054647

Request Chain 303

https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fappnexus%2F%24UID HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/appnexus/3374126541201223746

Request Chain 305

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIxNDIxNzk5MDQzNDMyNTkyNTYzOA%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 306

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKTuLg9vtfLRjnHS2NgCTjU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 307

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIxNDIxNzk5MDQzNDMyNTkyNTYzOA%3D%3D

Request Chain 309

https://pr-bh.ybp.yahoo.com/sync/triplelift/2214217990434325925638?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-L1EfnudE2oR2bHLCHSEm2Ya.x5gZwwLozHfCq8haBA--~A&dongle=0883

Request Chain 310

https://x.bidswitch.net/sync?ssp=triplelift&user_id=2214217990434325925638&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=9c8eebdf-6f72-429c-9453-3d53f76791c5&expires=10&ssp=triplelift&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2 HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=82263c05-3075-4a5c-b9b7-b768ec51d5e2&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 311

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
https://eb2.3lift.com/xuid?mid=2711&xuid=0d1ca073-de08-4ec8-9fe0-3c7bb812a290&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 312

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=5851632322476081320&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 315

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LPOCBW1D-Q-M2U?gdpr=0

Request Chain 318

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5851632322476081320

Request Chain 319

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=6ab8d3b47f58598b86fbd4323239f5ed&gdpr_consent=&gdpr=1

Request Chain 322

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCufMpgMkXPC6zz5aHgqz81Ymn7FR9MvJA

Request Chain 325

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=vk4UYCwQWjBRmuV9ZLm32KOhm9i83S5QNVCCeqLCZyc

Request Chain 327

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPvQQyZs6lb3Ml6-YJpqZsY&google_cver=1

Request Chain 333

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWtsVjK4EBB1RtiBuOLTcAAAFIMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOuFCt2mn5vQZ-Yxs6NVb-Y&google_cver=1

Request Chain 334

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWtsVjK4EBB1RtiBuOLTcAAA%265251&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZWtsVjK4EBB1RtiBuOLTcAAA%265251&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=4da300a7034242c29d69651ea6636afa HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-T1rlwcSb5waxYsk3eWWh0sbqbFE7geY1BVtLyg HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-T1rlwcSb5waxYsk3eWWh0sbqbFE7geY1BVtLyg

Request Chain 335

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWtsVjK4EBB1RtiBuOLTcAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIeZFIM3qPg_rBw8n6Cq128&google_cver=1

Request Chain 337

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZWtsVjK4EBB1RtiBuOLTcAAA%265251 HTTP 302
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=e8dd340f-3d96-421e-ad80-a69687598815

Request Chain 338

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZWtsVgAD-eNSIwBd HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWtsVgAD-eNSIwBd&_test=ZWtsVgAD-eNSIwBd

Request Chain 339

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWtsVjK4EBB1RtiBuOLTcAAAFIMAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWtsVjK4EBB1RtiBuOLTcAAAFIMAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 340

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWtsVjK4EBB1RtiBuOLTcAAA%265251 HTTP 302
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWtsVjK4EBB1RtiBuOLTcAAA%265251&tc=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=L6zMNCx6HCkkACtv2N8Ew5D6srn2ivTcJAKKiqH-fn4&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWtsVjK4EBB1RtiBuOLTcAAA%265251&tc=1

Request Chain 342

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/improve/de386e47-80fb-46cc-bd39-3d0531cfcb9a&partner_id=1010

Request Chain 344

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 345

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EF62157B-E772-4800-8158-D9BACC7E1431&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EF62157B-E772-4800-8158-D9BACC7E1431&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 347

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=72IVe-dySACBWNm6zH4UMQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 348

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EF62157B-E772-4800-8158-D9BACC7E1431&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EF62157B-E772-4800-8158-D9BACC7E1431&gdpr=0&gdpr_consent=&ct=y

Request Chain 349

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1805111187

Request Chain 350

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=EF62157B-E772-4800-8158-D9BACC7E1431 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZTk3dThQLU1qdE9UUXVUWVV3UDR4eXR4UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=4137139064124650715&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 351

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUY2MjE1N0ItRTc3Mi00ODAwLTgxNTgtRDlCQUNDN0UxNDMx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 352

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEL_x7Y9-3ljUlSAWl9NXWJs&google_cver=1

Request Chain 354

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4137139064124650715

Request Chain 357

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EF62157B-E772-4800-8158-D9BACC7E1431&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_CTsSWhE2uXfVL1wYuNF2zHSqj0jLbQ-~A&gdpr=0

Request Chain 360

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/openx/586be0a6-eefe-4591-890e-32181b40f1f5

Request Chain 364

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
https://csync.smilewanted.com/set_partner_userid_get/adform/4137139064124650715

Request Chain 365

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=575fabdf-5c7a-4796-a589-08cd9b2ea88d-656b6c57-4348&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EF62157B-E772-4800-8158-D9BACC7E1431&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=259ee09f9b051693&is_secure=true&networkId=17100&version=1&nuid=EF62157B-E772-4800-8158-D9BACC7E1431&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIXfUGw2-TPAMJz07fAAAAAAA&expiration=1701625303&nuid=EF62157B-E772-4800-8158-D9BACC7E1431&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=EF62157B-E772-4800-8158-D9BACC7E1431

Request Chain 367

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
https://cs.yellowblue.io/cs?aid=11601&id=6ab8d3b47f58598b86fbd4323239f5ed&gdpr_consent=&gdpr=0

Request Chain 369

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

Request Chain 372

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/L6zMNCx6HCkkACtv2N8Ew5D6srn2ivTcJAKKiqH-fn4?pi=smilewanted

383 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request com.scottgames.fnaf2 Show response
www.apksum.com/app/five-nights-at-freddys-2/ 30 KB
7 KB 859ms
790ms Document
text/html 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5d68b8c324a7ebbea12cc0ec2ecd212cd6f15d32ff102284673af1392f6da3f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82f55c9b0f38badb-MXP
content-encoding: br
content-type: text/html;charset=utf-8
date: Sat, 02 Dec 2023 17:41:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqhGnGofUnb8nFH%2BMYDKPysvJDWsfonfKSidGW7sWT6VzyvEMvooaiY3Sk%2Ba%2F99WXoxoEsb7lEdJo4mne28oz3uwoWVkcQoqMeMTteNyaV5J7rqYfWq5FqY1xlFuRWG3WkZCKw4kw5yahgpj2A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.css
www.apksum.com/static/apk/css/ 47 KB
15 KB 36ms
35ms Stylesheet
text/css 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.apksum.com/static/apk/css/style.css?v=2
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5eb8778fb1a579dffa7e2281318437ffbb0b7e7f10aa353611c696539464f07

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 391
etag: W/"63dcd53b-bcba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzjz5vTKD4H42j7l4vx7vPFuKk%2FU1DBIjO57Ukz5jgLVsYkynTbjYX7AEqzmdtDcfBA5OaFv0eezgc2OPdCDX1hWHuD%2F2l%2FcujMliM22mLo2y9QKIKNnY3F1joY2wDL%2FWgnM6npCBdSQ%2FJ5%2FqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82f55c9ffe6abadb-MXP
alt-svc: h3=":443"; ma=86400
expires: Sat, 02 Dec 2023 18:35:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 176ms
65ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8JFH2XCMDR

Requested by

Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec26bc231404feec9d6f5251917a86ba7a0ab35fae804560d6355a5f36e553d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91663
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Dec 2023 17:41:38 GMT

GET
H2 200 / Show response
services.vlitag.com/adv1/ 577 KB
148 KB 119ms
50ms Script
application/javascript 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/adv1/?q=c360f78cc06d5ad8583337f1e28d3051
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bdd4055f9c5925d4a52ae73f82df83d22c5fc35599c1f02cae63e156abdfb86

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 267
cf-polished: origSize=590927
etag: W/"c360f78cc06d5ad8583337f1e28d3051 2023-11-30T22:56:08 v1 default"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca0ae9c0e21-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
www.apksum.com/static/apk/image/ 3 KB
3 KB 39ms
38ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/image/logo.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66f41a2bd0dd29893160500f30386366e74009b405ae606322d6109835b32242

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122619
alt-svc: h3=":443"; ma=86400
content-length: 2563
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-a03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZyvl7lqR29x5enU7pVvj5br1ZfUoEU5hemTfOKIdyEyfo5aB1q2mrlHGONDK07P9ARXXt5MgKeuCvv0UoQpTzAgdtYWRI6BUHyhUdrzpDyDIF032UYl6WJ4ZPXEhyOhIml0UE6UkPlwKT28fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55c9ffe6cbadb-MXP
expires: Sun, 31 Dec 2023 07:37:58 GMT

GET
H2 200 us.png
www.apksum.com/static/apk/images/ 444 B
840 B 34ms
34ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/images/us.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6e5691d4b77fba76c1289c8cc642a4d324ac3cc2173af47e534b2a0435221de

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122619
alt-svc: h3=":443"; ma=86400
content-length: 444
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-1bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpbBeyttVzukMt9jgT5qWmCNh4yTTjJNuq%2FnFdTnkAkRYzCQ9zjtUwtqEu1LsTeTxLzMIKaS0DFTEjV5JJmuLb%2BAQylJt52VrSMv0S093T3KmCX0d5AIgB4eGbFsOWp9Ua5ynEb6vyiQ1GZ%2BFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca00e6dbadb-MXP
expires: Sun, 31 Dec 2023 07:37:58 GMT

GET
H3 200 cn.png
www.apksum.com/static/apk/images/ 528 B
1015 B 39ms
39ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/images/cn.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58fb8c5c7c02d8fd3dc57c1730f16cb784cd230c51a68e84d3e0332401e16376

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 368746
alt-svc: h3=":443"; ma=86400
content-length: 528
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-210"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFMgV9xFLFRpbcNY%2BE00yjm54O2mBazb3p0q4G4uRdz%2F3q1Cj6ZIBo4KUMrxgtVtjMNrn6kof7zsWsAkrZ6caoHv6SIIgoPPfAt5ZDwXHeNNBpM5q%2FFiuYbC%2BqHRT9OL4f7KaUDwCw77Hk%2BhLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca03e8c3763-MXP
expires: Thu, 28 Dec 2023 11:15:51 GMT

GET
H3 200 tw.png
www.apksum.com/static/apk/images/ 426 B
919 B 35ms
35ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/images/tw.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96e84db0c8e05c1f595db634482fb2d861bb653d5108d392fb9cc199b5aebe75

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1875318
alt-svc: h3=":443"; ma=86400
content-length: 426
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-1aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqdZQJouS75JsgD7kSQs%2F80hr43siJXbqR0x6mHjaLV%2B82UboeU%2Bffl%2F47mifnCOyQUJvb0%2BCek%2FKC8OVA819bn8IZySnavlMx2FSVyEd3ok2gFLvlxNgY%2B6ue5ieBfQHoZm%2Fq%2BMGrFwWL%2B44w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca03e953763-MXP
expires: Mon, 11 Dec 2023 00:46:19 GMT

GET
H3 200 es.png
www.apksum.com/static/apk/images/ 530 B
1 KB 33ms
32ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/images/es.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798d357e08c07a6e91ee0c087b74d5b94d4e92db6e2318b8494037b0059a63d9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 228092
alt-svc: h3=":443"; ma=86400
content-length: 530
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-212"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SflBWtE9Z9xmtER7fJ4SsMN2nqIhTmDLP1guaDvdmMAyurDOpAAQk%2Fxf8upzNX%2BjT9HAl8D5G8Mq83MzcYTxa0pKrFpb4dLxNlfIkB6p4YwO2NFsaw5GybTkw5Y%2BSefRRvS1YJgJMJMosQV6uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca04e9d3763-MXP
expires: Sat, 30 Dec 2023 02:20:05 GMT

GET
H3 200 br.png
www.apksum.com/static/apk/images/ 3 KB
4 KB 36ms
36ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/images/br.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4665d46340f929ec34de79d948ed95fb5d7bd822d5804797c3d50519c18b1043

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 368746
alt-svc: h3=":443"; ma=86400
content-length: 3444
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-d74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1V8319l0%2Fn8Y%2BcMJ2KM8sVp%2FhaDx8IUv4gDTZjB%2Busb4IUmG6FDAHf8ruhVvFQMdovyTz36lOygOrgADzgd4IOsljxSZoSs26culKZUVMME0rhIQ6r9Kl3TIP43HzhTRQIFBC8zBczxWGRDwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca04ea13763-MXP
expires: Thu, 28 Dec 2023 11:15:51 GMT

GET
H3 200 th.png
www.apksum.com/static/apk/images/ 398 B
884 B 35ms
34ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/images/th.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fcfbd0cf70630020499b0fde2537935b42ad37dbc83c9028427ccba4160e2d1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36727
alt-svc: h3=":443"; ma=86400
content-length: 398
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-18e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQRBURnCbGoqJ1JTxpe8GgdAc8M9CnqvmlWVY3QkKbxapXF0h8lc7yDjzjnQ6Rci5uXDKcd7w7aA%2FJE83uWug8sgNKTgmNw9Bffum%2F8%2BqHE55cRkdfe2kLOOmH2azfuGIHkSVe8CS%2FIs0jHqIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca04ea33763-MXP
expires: Mon, 01 Jan 2024 07:29:30 GMT

GET
H3 200 de.png
www.apksum.com/static/apk/images/ 418 B
904 B 44ms
44ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/images/de.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4103e1bce92760f53f4d299c521e4f079c6bfb3787e88e4e47582345c6e4fff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 368746
alt-svc: h3=":443"; ma=86400
content-length: 418
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-1a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQ1R%2Fw8WzW1TUO2nq6qk6bAZ6xkmmGsSoVsvC7Rjf0wbq8JBhJETnFeX2hNjHwNrWR%2BuZqr7cZxfXEWRJUgL58oe2s31%2BiaaPirpeeJgQolyvXvajN0P00QYWYwWLJJ6lrYLLxruY5zRGja9Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca04ea43763-MXP
expires: Thu, 28 Dec 2023 11:15:51 GMT

GET
H3 200 search1.png
www.apksum.com/static/apk/image/ 1 KB
2 KB 59ms
59ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/image/search1.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/static/apk/css/style.css?v=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbf5064b405dbe25537cb2537a766d4c797dc5b44b95ee2f8589e542a33e7214

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/static/apk/css/style.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1842129
alt-svc: h3=":443"; ma=86400
content-length: 1386
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-56a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzqygVY8SRUTh2qKnb4N8GDVXnoE9GThLCttdSywYQ84JSPzfVRGL4eHTx7b9o9D5afnZ3zSnLjPLmKXX1eAx2clacmN1%2ByD8fmq1Auti5tBlt51NURC0SHquF4XR3JiO%2Fu8r2So5Nw35L9JVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca04ea73763-MXP
expires: Mon, 11 Dec 2023 09:59:28 GMT

GET
H3 200 newicon.png
www.apksum.com/static/apk/image/ 515 B
1004 B 34ms
34ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/image/newicon.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/static/apk/css/style.css?v=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baec110706eb72947df7d42993d3132cc00de6043d8cfbd4e589736abb9c9ac0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/static/apk/css/style.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 301236
alt-svc: h3=":443"; ma=86400
content-length: 515
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-203"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHDy1LlxhFnP53AtEiSCnGt38xJaJcxJOFI%2B36wRzW%2FCSkJlNcST0MggT8LTfBqTACaG1N5FTIYTEezHug0fDzQ4%2FIR1QI9GkWQDirOa%2F0kT8l5A5KDgAALCqQ8y6X4ZY1Qp96xOsQpe%2FA0JKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca04ea83763-MXP
expires: Fri, 29 Dec 2023 06:01:01 GMT

GET
H3 200 appicon.png
www.apksum.com/static/apk/image/ 1 KB
2 KB 35ms
35ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/image/appicon.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/static/apk/css/style.css?v=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f55fd1fe27f57048077884d013958e9cae65c992d154de8dfc34bc88b524d99

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/static/apk/css/style.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122618
alt-svc: h3=":443"; ma=86400
content-length: 1168
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-490"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FwY%2B5ais2bPjU5HyNeo0vtPkU%2BvStCDrUjjRltFpUBeeZvST%2BfHiVWODU4i%2BWzrlFSKf6TQ1BeucAmzPgQ8gwzqbuB2bjEUvhVa64whV4v%2FkpWmY8eAiE5RLJwTem%2FGWR69RBR5j0NVnumePA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca04ea93763-MXP
expires: Sun, 31 Dec 2023 07:37:58 GMT

GET
H3 200 gameicon.png
www.apksum.com/static/apk/image/ 1 KB
2 KB 36ms
36ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/image/gameicon.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/static/apk/css/style.css?v=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea66f12ea7091c4f0afe68925085a3deda599cb778301b924e81e22397ca209a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/static/apk/css/style.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1933067
alt-svc: h3=":443"; ma=86400
content-length: 1519
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-5ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABOt6Fn2yaCHNm%2FNDfnCOunny0x0lG31ob2PhDCGv6X6qCZtQgkeKRC3G6oUWuvMow2m468YpWYsQm6SGIXcjtqaPx%2FfUT5qGHCSAHoP9dm28i5241zxTgRj9K28Xdky02LpEEoBwj0WDJnqfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca04ead3763-MXP
expires: Sun, 10 Dec 2023 08:43:50 GMT

GET
H3 200 lazy.png
www.apksum.com/static/apk/images/ 679 B
1 KB 34ms
34ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/images/lazy.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b70160b597fbdb2090591ecf892f97e7d99f25dfa89157f4f1fe7e82b899e81

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 368747
alt-svc: h3=":443"; ma=86400
content-length: 679
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-2a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Fa2j1KMOkJiWrBcv4QBeV6FMIunGIs5GUX%2B6T1JrjBgZFakMY6ifgnZYH4iY6U9zshYU8cV9nh9Ce72SbgU3X8K02elXASmfrGbf9pOplrV1Vhq3rH81kxSCynOlpnJ9iAnCZ6hC9hupHJ2SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca0ff893763-MXP
expires: Thu, 28 Dec 2023 11:15:51 GMT

GET
H2 200 chart
chart.apis.google.com/ 1 KB
1 KB 405ms
255ms Image
image/png 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.apis.google.com/chart?cht=qr&chs=150x150&chl=https://www.apksum.com/download/com.scottgames.fnaf2_2.0.1_free

Requested by

Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

97bedd52af17d7690e9b0c9b4c6d6178b987dae954f282ecf4f2cdfd1dbb116b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 02-May-2018 18:35:04 GMT
server: GoogleChartAPI/1.0
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1044
x-xss-protection: 1; mode=block
expires: Sun, 03 Dec 2023 17:41:38 GMT

GET
H3 200 icon-verified.png
www.apksum.com/static/apk/image/ 2 KB
2 KB 36ms
35ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/image/icon-verified.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f04948acda4721b58d06676a168fcc2c63f8c4de42df7c8e1daf8062318b50

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36728
alt-svc: h3=":443"; ma=86400
content-length: 1941
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-795"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQpsRvd6Wa2YecXPXv7023h%2BlEmWu0VV%2BRrFhp2yaqvZzikTUCtLi7xfo6tJT%2Bm9S8rpv3RVPYHsZbpGKul77KXP5X2dNcKoE4wSL3WZCh4D8O8piww%2BzCFUMkLjSyQR2%2F3tmcTid5Fe2S58%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca0ff8a3763-MXP
expires: Mon, 01 Jan 2024 07:29:30 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 20EC 37 KB
14 KB 231ms
171ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fapksum&tabs&width=300&height=154&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e19399e35bcba2d1fcda91d90c66dd16d9670b1136f6fb07bc4d18b5057cfe18

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apksum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:38 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: Cre6UkcjxvsfoNw+zJpKBvMoIkS+0FMgNfQIHgHpT8JCN3ZSH7jp6eC0EqIHi1lIr5fW41osWHXm/1c73lE7Bw==
x-xss-protection: 0

GET
H3 200 gp_logo.png
www.apksum.com/static/apk/image/ 3 KB
3 KB 36ms
36ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/image/gp_logo.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a12b2b589a2a7aafe31a40aee94acc4c820dbb81caa41cdbe2f2508e3e6ba866

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2015702
alt-svc: h3=":443"; ma=86400
content-length: 3015
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-bc7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z50IeYEkQ639YNcQzr769vQFbJjg%2Bpceld%2BUfXVlvWsk1vDBE58c1kejlFuRYteRW9yFvj7ojm%2BY4hthZJHSA5rEDe6G87JiBFH%2BR8FY5GJBNFiw8XTwmuJPmwUPJphhJe8sbyGH3G%2BI5Gb1mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca0ff8b3763-MXP
expires: Sat, 09 Dec 2023 09:46:36 GMT

GET
H3 200 email-decode.min.js Show response
www.apksum.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 29ms
29ms Script
application/javascript 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apksum.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2023 16:06:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65660ffd-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZZmTAyWBoX38iz9NN6qEnGEyLioMjnv5G9uFWE%2Bl7nx8sCK0xvvo3F2uUGB0WgQbjqA7NDPnbss53s%2Fgd8jmvLBIYxsSQxwc9uCPwbSwU7cBffQQMszRkLUXqQe8la%2BKeWnsCeWO33Fkufwiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 82f55ca0ff8d3763-MXP
expires: Mon, 04 Dec 2023 17:41:38 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/ 94 KB
30 KB 114ms
44ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 316361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29929
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-176f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RA%2FpbUHd9qs3Odj%2Fb4m89Up91JUIfE2ImhvF1GogT9VXBAqBSVhklINHQs56isamV29uWWS%2B5pS5wwFZSu84hAvs05y%2Fcg8IRpKJLEuwBaAnYhaUcxYueswNOlUIaBcMs5HyojmPAVAauxQsFTxj4aTK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82f55ca16d52f1a8-CDG
expires: Thu, 21 Nov 2024 17:41:38 GMT

GET
H3 200 jquery.lazyload.min.js Show response
www.apksum.com/static/apk/js/ 3 KB
2 KB 36ms
36ms Script
application/javascript 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.apksum.com/static/apk/js/jquery.lazyload.min.js
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93b47be8dc356454f920599dabd4ba6830e60776cae2f9b073b6c7732b4c8bcf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1854
etag: W/"63dcd53b-d36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pofDOdrJ5bs3V%2FvPp9TqnoJH8kPTNU%2Fp4Slcod5mkexUsKFzy7QydmslX%2BMu%2FoW7mmJa4rZ5aC3MToafxEx3fdD6jIrQ4gfW4OfWdAKNbbrmEprvm5q7foqutTUhQmRUWjSNs%2BUODSd3tEIUUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82f55ca0ff903763-MXP
alt-svc: h3=":443"; ma=86400
expires: Sat, 02 Dec 2023 18:10:44 GMT

GET
H3 200 typeahead.bundle.fix.min.js Show response
www.apksum.com/static/apk/js/ 39 KB
12 KB 38ms
37ms Script
application/javascript 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.apksum.com/static/apk/js/typeahead.bundle.fix.min.js
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4f44d55b29bbda2a8e8bd399cb0343935c774d7dc937c76e5ce47be9d0281fe

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1854
etag: W/"63dcd53b-9b4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZ0fNq%2FriqkQIxWEFapU%2FELX3fxzqPn0UTKnNmkAA1bbW0lxvi7Q1iXgusQIMp91OH2w1WgFR1%2FCdl91PSMXlokaeSwslpoPyP320H8dMCvpv7AJFCIr6%2Bz630RHLNXMfq7522os8UM2kgOwKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82f55ca0ff913763-MXP
alt-svc: h3=":443"; ma=86400
expires: Sat, 02 Dec 2023 18:10:44 GMT

GET
H3 200 star.png
www.apksum.com/static/apk/image/ 1 KB
2 KB 57ms
56ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/image/star.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/static/apk/css/style.css?v=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dc3a65f22fe774dd096eafe4e01f8833ac0eb61d2e891d0dee6385bfff4a0aa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/static/apk/css/style.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 368747
alt-svc: h3=":443"; ma=86400
content-length: 1238
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-4d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtZAx5xG2tedjrIwPPydwQeLy%2F90vgQMC%2FZpvHTNGW%2FxmJmI66oZCQiqRmmEEtEF%2B4IDMv1C7LWVyC97JqGQFlboriqDjc6L%2B8H1t8u32uCpKZ5k%2BT2jq%2BBf1ti6OlyORFNSAqO5SDHFeooRUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca10f973763-MXP
expires: Thu, 28 Dec 2023 11:15:51 GMT

GET
H3 200 stars.png
www.apksum.com/static/apk/image/ 1 KB
2 KB 58ms
57ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/static/apk/image/stars.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/static/apk/css/style.css?v=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe639785b378acbc44b4e97ee461d4ebf76a4d759d7959b9966b4203d1570886

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/static/apk/css/style.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 193121
alt-svc: h3=":443"; ma=86400
content-length: 1126
last-modified: Fri, 03 Feb 2023 09:34:51 GMT
server: cloudflare
etag: "63dcd53b-466"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pfQbOOz7O%2BeuV6izQqIyUJc0%2B%2BLRLyWsYCviTw%2B26YlMHFMMriTbfq3m32l4%2FnYdOycNpg8SccPBVDC7k5wPRDAvQrbjkph2Ce6QwQFeXLeVUI8HWkvjZrwNTNe0vffkWnlgOCpfgEB1iq5Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca10f9b3763-MXP
expires: Sat, 30 Dec 2023 12:02:57 GMT

GET
H3 200 c360f78cc06d5ad8583337f1e28d3051.json Show response
services.vlitag.com/cli/ 42 B
364 B 242ms
184ms XHR
application/json 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/cli/c360f78cc06d5ad8583337f1e28d3051.json?hn=https://www.apksum.com
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=c360f78cc06d5ad8583337f1e28d3051
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b288c57c8eca34f70aedc276b9ae19697b87895db06e097da629ba7e39f7d1d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:38 GMT
cf-cache-status: BYPASS
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apksum.com
cache-control: private, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca1c89383a9-MXP
content-length: 42
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 7187e4e11edcac6ad3cefa8305a223e9.png
www.apksum.com/images/71/ 28 KB
28 KB 36ms
35ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/images/71/7187e4e11edcac6ad3cefa8305a223e9.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7776dbea4cc697f968c9676a972d6ab37f75efd709124917c863cdc9fc4422fd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122609
alt-svc: h3=":443"; ma=86400
content-length: 28658
last-modified: Mon, 25 Sep 2023 17:15:29 GMT
server: cloudflare
etag: "6511c031-6ff2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcSZz%2BrC2Yi4KaVS8IE3Ls3k7W79Snunih6OscbIvQHuHGWjf%2BBNSPdCHPTXI0SpVS45biYOe5a3nDDUfeu8ME%2BeIyKOBIHdUajXaq2rMI0oEwYi%2FlqNW1xsWMhVA6ue5F8ZxZvO69SDuIR%2BEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca1d8773763-MXP
expires: Sun, 31 Dec 2023 07:38:08 GMT

GET
H3 200 a76a957917e329e37298f712bf39ca98.png
www.apksum.com/images/a7/ 16 KB
16 KB 846ms
845ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/images/a7/a76a957917e329e37298f712bf39ca98.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ebc4801aab1d019cd8ee036b894c46b644297f4705437607cf7efebddd2f634

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 05:01:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652cc38e-3e86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NGav8qbw8CdBSkWw%2FzexMIiLd0ZWQk6r1lGX%2F%2Fd5u4QqmpJdEsfeVWCtKOTwSljeuOj1bkqQpCV1Lry4k%2FLCXlXr6FIfnEU4aIB5whsp%2BJD3kvnNla55%2By3JH8b9rtUW2oCYTxIk5aw6Pk1Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca1d8793763-MXP
alt-svc: h3=":443"; ma=86400
content-length: 16006
expires: Mon, 01 Jan 2024 17:41:38 GMT

GET
H3 200 93d73068357cdf2edd5ade1895e0eb43.png
www.apksum.com/images/93/ 25 KB
25 KB 810ms
809ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/images/93/93d73068357cdf2edd5ade1895e0eb43.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a938db6678da5a81cef2c31ef7c5d6cdbc9234af244005a426718873ad7e601

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Sep 2023 18:15:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6511ce42-62b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFv30beKAs8NDDgBLGGTDSz0URDDXRcNA65%2FUu6T60%2Bh%2FkK9ynROhcXXVov1RarRLrYKa2RKi84K7J5wP9P9noRCXavBFK4kDOcbdCXInaFROem6m4giXNM21R0CPj7oNKi5U2bVPU4lUa2hUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca1d87a3763-MXP
alt-svc: h3=":443"; ma=86400
content-length: 25273
expires: Mon, 01 Jan 2024 17:41:38 GMT

GET
H3 200 9c9730ecedb59da3e53608409837aeb8.png
www.apksum.com/images/9c/ 53 KB
54 KB 970ms
969ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/images/9c/9c9730ecedb59da3e53608409837aeb8.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460e9b1fb4ce26294c621f7b955f633fa9139f7cfc94ab65f6bb2d7a28954c49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Sep 2023 18:35:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6511d2f8-d596"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnFDQpKkR7KfpuBe93vnnU8%2FvNNF9O2IoUM8BsgJ9oXwJVa98W1Dp5Ub3gHCpkw1EVXApPA61VsZqmUHYOwqgCA0hREREnVpOKrqMF49MBzLDPUYgGCtiMe%2Fx5ceDLWY8v7chVYyz%2F1HnLxSog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca1d87d3763-MXP
alt-svc: h3=":443"; ma=86400
content-length: 54678
expires: Mon, 01 Jan 2024 17:41:38 GMT

GET
H3 200 2427551e28f4a68de7c02c2347a5f8ac.png
www.apksum.com/images/24/ 16 KB
16 KB 837ms
836ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/images/24/2427551e28f4a68de7c02c2347a5f8ac.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9506f38868511479a9f344c89a9f458ef7be7de16aa28d205a1491df482ef403

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Sep 2023 21:30:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6511fbec-3fed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boD1QtKJYT%2FZeKXhBD9m090ChzpWt1QyYucMeWwnhAVULOWsp1nUkMCxYfZFXPD3714gtBVeQ6h1d5YWdQwd3uBaXl1CDwOgJdYdIsCTCXMi4zzuDnURIMAoCTx%2B%2FzHFs5Vi2kT3xwavKqszUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca1d87e3763-MXP
alt-svc: h3=":443"; ma=86400
content-length: 16365
expires: Mon, 01 Jan 2024 17:41:38 GMT

GET
H3 200 e14bcfe41520ae2e7ee97d1a14c26d27.png
www.apksum.com/images/e1/ 26 KB
27 KB 859ms
858ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/images/e1/e14bcfe41520ae2e7ee97d1a14c26d27.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c225b2eaeffb92aea8402d3bb867236b13d12b3bc8b62ac523dc3cf35a2aa6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 19:32:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653032b2-69e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJZlRkdTzDqDsOQh0HfgNuuZh7TCa7MhbR2NXOKzCCljX6v4uJy11ck9eMZKhjVRBZ%2BI%2BZe71EZi92wghR6ti8cz5F9yhtgX4pz2%2FdLMIE4kpUcBk8ZMj9A55Wu4wZkP36UttUaAQ2VTiLimZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca1d87f3763-MXP
alt-svc: h3=":443"; ma=86400
content-length: 27109
expires: Mon, 01 Jan 2024 17:41:38 GMT

GET
H3 200 8fd14a15ebde8b17fc4c30add9f6f32b.png
www.apksum.com/images/8f/ 23 KB
24 KB 846ms
845ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/images/8f/8fd14a15ebde8b17fc4c30add9f6f32b.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a282ff363e5e2bc38e95db6f73e4b4ce6f735176f4876774c2f1fdb339ac38b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sun, 29 Oct 2023 00:01:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653da0bf-5c49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2kwCDSkRy6Glo%2B52hsD8HDVjW3%2BhWD6gbeJWuLHW6GehLR%2FdXsjmnBt4CMrMyFqbhW2pF9OlZH85FwkqtK3yUoQIKbyiwl3RLObPP468GK1MWnQS7VI0R6alU91eSh075dtsxBUHDsMaVfHeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca1d8803763-MXP
alt-svc: h3=":443"; ma=86400
content-length: 23625
expires: Mon, 01 Jan 2024 17:41:38 GMT

GET
H3 200 a57abda1454ce355b50821b95d9a8304.png
www.apksum.com/images/a5/ 15 KB
15 KB 811ms
811ms Image
image/png 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apksum.com/images/a5/a57abda1454ce355b50821b95d9a8304.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08bc90c582ba4de7a52efe77d318d835c61d0ba823887dfe8bef776e568ae0c3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 03:02:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65309c2a-3a9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovTLb6Lr8BNsQcF09H0YG7DIcu%2FFEk%2FaxXgVvYHW8JQeA3OaoAQMYG5lo3JUchaSvLgX4ZQ2eyFfTcDJBWoraQEFww48P9KsFzGZjRGByO7WjLhA%2Fxsp2R3nubWYNhz7YB1CSpqlfOvbfdHW9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55ca1d8823763-MXP
alt-svc: h3=":443"; ma=86400
content-length: 15003
expires: Mon, 01 Jan 2024 17:41:38 GMT

GET
H3

200

main.js Show response
www.apksum.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame 9F1C
Redirect Chain

https://www.apksum.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.apksum.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

7 KB
4 KB

31ms
31ms

Script
application/javascript

2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apksum.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Requested by

Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2

Protocol

Server

2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

814290fbf6213c9ca8ea4507ab866c00fe770d76dc1bff80324caa7a2dc45dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Nv3v8BIhYjB3shVJ6jLYdquptfcagjjw%2BQS1nb3OgU0GyPqjFyGhFs%2BG0hk31so6zHlWHEEUSk1Hxo5p0vjIWGv2r4C3kKvmDj043W5%2FKR%2B7%2FmtrxN70pJNUvEnnMvvbGT%2B1HyhloRoAqRMWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82f55ca248df3763-MXP
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 02 Dec 2023 17:41:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pz3%2BVC%2FHoQnrP2yWiHTpkaHr6PnsWiD083Y5gm09LFHoVCfXHm8Hg0py1QMFILgkcEBt2zhAQ6AFa64%2FxhKKp2YSDtmiq7AiX8fxN%2FxDJ4V7tATM7Fas9POCZiQ4lYZ5uMJvhQ9j%2BKEcjw8JwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 82f55ca1f8943763-MXP
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 114ms
43ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8JFH2XCMDR&gtm=45je3bt0v9100261674&_p=1701538897957&gcd=11l1l1l1l1&dma=0&cid=637028135.1701538898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701538898&sct=1&seg=0&dl=https%3A%2F%2Fwww.apksum.com%2Fapp%2Ffive-nights-at-freddys-2%2Fcom.scottgames.fnaf2&dt=Five%20Nights%20at%20Freddys%202%20APK%202.0.1%20-%20download%20free%20apk%20from%20APKSum&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1212
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8JFH2XCMDR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.apksum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 20EC 20 KB
6 KB 90ms
31ms Stylesheet
text/css 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fapksum&tabs&width=300&height=154&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xXCq6/qryia0kWXvm23HIA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5237
reporting-endpoints
x-fb-debug: 7NNaJLVo0u/wqYd8VrV9Xtmv/o1nMyoOpKbHYKZpKSkODSpDHH3tMvuudtFs91kRESEvngmeTu4Bv7JOAx77aQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 30 Nov 2024 00:18:19 GMT

GET
H2 200 x4X7fUlJrMh.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame 20EC 354 KB
92 KB 116ms
57ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/x4X7fUlJrMh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e0fe743974d890be92b347ded49e907110f0029642e15918512d494c07a09ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: goRpVxE15qRJo+AAAn6UWg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93629
reporting-endpoints
x-fb-debug: GsHU0ZLXNfyjpBsCnDaya5G0VyhzS/e77sqJXXQwqoYSebapoFZTgcDuVNWOV5DYZQSs7Gx9Y1IlQGtFgoMfow==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 30 Nov 2024 23:17:57 GMT

GET
H2 200 tbb6w30TkDN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 20EC 7 KB
2 KB 116ms
57ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HCL+u+2LMSrM7ELnarU2bQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2226
reporting-endpoints
x-fb-debug: 0BDt7JO0vWBFPed7QzqcXlXqrAmvmDanmJcej3NDBt9V9N4YYDANFfG14ilZdhOKVGAyD06ByukQJn13WbgaGg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 09:00:13 GMT

GET
H2 200 YJcyY7izLGB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 20EC 94 KB
27 KB 177ms
118ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/YJcyY7izLGB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qj5bFqqBeNQLu7uSNkxJ/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27471
reporting-endpoints
x-fb-debug: LZKEFTG/KMW6AqPGIMj1aXD/yzxnY0nT5+Wk7OS7sNmJUBRm3X+lA5C1raPigu6doHOrCXoYNzI645yNFD0XCg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 22:18:56 GMT

GET
H2 200 uK1oiHJVa8d.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 20EC 52 KB
17 KB 116ms
57ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/uK1oiHJVa8d.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20eb692d7e54b1992776015beb0cc19aa121ebbcc37f6e5ee59d5b0f03a6b558

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mTTo/RpDZavyXbvvIYyIzA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16769
reporting-endpoints
x-fb-debug: aytB2cZ0sThDdQO5fl6EMcPNKaGOrPs2ewWC8BQn9xIcdNwoWiSgXxndrk0NwHB2O2oZFJBunosbn+wNVIwvsg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 23 Nov 2024 17:15:12 GMT

GET
H2 200 KudK-WKp3ZH.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yx/l/de_DE/ Frame 20EC 70 KB
20 KB 117ms
58ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yx/l/de_DE/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3827a6dd36894e2178e76226f61a99f2099896b5d088e2a8db6c405402b4bcbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mPl1TBwuoZqEeIwYXpaEUg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20134
reporting-endpoints
x-fb-debug: Esx9iKegfu4Xp3iVM3PWlBNqCg1QSsBlvH8kltoZB8tGDymTIi78tmnSNSh7zk8muLbz0yYnR3wzU+IIl8Srfw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 30 Nov 2024 23:20:19 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 20EC 507 B
517 B 115ms
56ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: FfJYBQkz4LLAgmipcArWeLrlg0YAZHNvzYAYQAY2wJ8Q1lToEPO89ScV2dZUCtpWyQps5xT0QbQIRjli4w4K+Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 21 Nov 2024 22:03:02 GMT

GET
H2 200 306133766_458163539706012_6951888189124857419_n.jpg
scontent-mxp1-1.xx.fbcdn.net/v/t39.30808-6/ Frame 20EC 16 KB
16 KB 121ms
38ms Image
image/jpeg 2a03:2880:f008:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-mxp1-1.xx.fbcdn.net/v/t39.30808-6/306133766_458163539706012_6951888189124857419_n.jpg?stp=dst-jpg_p133x133&_nc_cat=103&ccb=1-7&_nc_sid=081abc&_nc_ohc=7O3e85gCsPUAX8HpAf_&_nc_ht=scontent-mxp1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfALO9d98AimJeWLlDsUwV0mtG6HaLKEfj4c7E5qH8Jgsw&oe=65706606
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fapksum&tabs&width=300&height=154&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f008:8:face:b00c:0:1 Milan, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 155609db9230dabe92284b66273f3750ed15081cae67ff402df665dc6d40d2d4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 12 Sep 2022 22:14:51 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=39231666
thrift_fmhk: GBCYCJHHL3t8p3k57oVIrSYJFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2712441659
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 16440

GET
H2 200 302151847_458163543039345_6211380541290413363_n.png
scontent-mxp1-1.xx.fbcdn.net/v/t39.30808-1/ Frame 20EC 4 KB
4 KB 38ms
38ms Image
image/png 2a03:2880:f008:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-mxp1-1.xx.fbcdn.net/v/t39.30808-1/302151847_458163543039345_6211380541290413363_n.png?stp=cp0_dst-png_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=4da83f&_nc_ohc=Xyq9YzSqcmMAX_8kxbz&_nc_ht=scontent-mxp1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfA1uA68MsNYv4BkhAdckJDwvqhuAzoFNZnNvtajJouH5w&oe=6570503C
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fapksum&tabs&width=300&height=154&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f008:8:face:b00c:0:1 Milan, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ccfacc9373b897507697610863a2dbc5300afe97dbab9590d425f2b70281729d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 12 Sep 2022 22:14:51 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=3786731041
thrift_fmhk: GBBvlkVir48qdFIurB9VIgBhFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3321130581
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 3607

POST
H3 200 82f55c9b0f38badb Show response
www.apksum.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 9F1C 0
557 B 48ms
47ms XHR
text/plain 2606:4700:3033::6815:59a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.apksum.com/cdn-cgi/challenge-platform/h/b/jsd/r/82f55c9b0f38badb
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:59a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1DdRy0QNnHTPQHzBtPGKsU0sJuINwlQW%2BkzYBxOq218uD1kbmeUo9DV1NQtscXwM4tAw%2BA0Oj837YMGm6aWJGsLvkobF4H0LOId1LpRg7OWAxOQG%2BCIcAMY8HcCHp6O9Ng33shrAvDfaPwawQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 82f55ca2d97a3763-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 vl.json Show response
services.vlitag.com/vld/1701518652/ 13 B
276 B 35ms
35ms XHR
application/json 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/vld/1701518652/vl.json?page_url=https%3A%2F%2Fwww.apksum.com%2Fapp%2Ffive-nights-at-freddys-2%2Fcom.scottgames.fnaf2
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=c360f78cc06d5ad8583337f1e28d3051
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Dec 2023 17:41:17 GMT
server: cloudflare
age: 21
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apksum.com
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca2fa8583a9-MXP
content-length: 13
alt-svc: h3=":443"; ma=86400

GET
H3 200 c360f78cc06d5ad8583337f1e28d3051.json Show response
services.vlitag.com/obj/1701518652/ 30 KB
4 KB 36ms
36ms XHR
application/json 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/obj/1701518652/c360f78cc06d5ad8583337f1e28d3051.json?cc=CH&hn=https://www.apksum.com
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=c360f78cc06d5ad8583337f1e28d3051
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11f26fc6509c9e28ffa7c65cd4322155dc5bc1f6def68658afec90b89cc13270

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 02 Dec 2023 14:55:59 GMT
server: cloudflare
age: 21
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apksum.com
cache-control: public, immutable, max-age=31536000
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca2fa8683a9-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 prebid-8.21.0.js Show response
assets.vlitag.com/prebid/default/ 615 KB
187 KB 56ms
47ms Script
application/javascript 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=c360f78cc06d5ad8583337f1e28d3051
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 08:25:02 GMT
server: cloudflare
age: 307500
cf-polished: origSize=630565
etag: W/"6544ae5e-99f25"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 82f55ca34a9c0e21-MXP
alt-svc: h3=":443"; ma=86400
expires: Sat, 11 Nov 2023 09:19:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 234ms
113ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=c360f78cc06d5ad8583337f1e28d3051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11a17985df569ff36abed824be6eae6ad8a4222ce087261d87cf6443f91d3b20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30138
x-xss-protection: 0
server: cafe
etag: 974 / 19693 / m202311150101 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:38 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 228ms
111ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=c360f78cc06d5ad8583337f1e28d3051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128095
x-xss-protection: 0
expires: Sat, 02 Dec 2023 17:41:38 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
17 KB 46ms
37ms Script
application/javascript 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=c360f78cc06d5ad8583337f1e28d3051
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 2637000
etag: W/"5dbbbcf2-9806"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 82f55ca34a990e21-MXP
alt-svc: h3=":443"; ma=86400
expires: Sat, 07 Oct 2023 10:59:23 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 20EC 573 B
713 B 60ms
30ms Image
image/png 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: N8EkdpRGtWoJZumXIU23bcwLaW71w0yroSILPwbryWgMjqRaCOteSBONNHT+Ccg0Vyjq+b9MRk4bnSmx/D80rg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1,i
expires: Thu, 28 Nov 2024 22:53:35 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 431 KB
135 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 10:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25623
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138149
x-xss-protection: 0
server: cafe
etag: 11558412289700915514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 01 Dec 2024 10:34:35 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 117ms
34ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.apksum.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.apksum.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sat, 02 Dec 2023 17:41:38 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 107ms
34ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.apksum.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.apksum.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sat, 02 Dec 2023 17:41:38 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 107ms
34ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.apksum.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.apksum.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sat, 02 Dec 2023 17:41:38 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 110ms
42ms Fetch
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231202

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a787d539cf38c44227edae3b32f9baffcccf721d2ada015b732e11bac0db170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6050
x-jsd-version: 1.0.1892
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230027-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"642-maGbSK4k2X9erGcOaUhCqMYsf3g"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlNqlIZlmFCX9UA7yQgRIsFbcPSN0SlIU4qNS%2FdOeUO8ocbaclEDFiCSfqN6Le1Wb%2FXdEWd4hu2odPm6jyYMBvwOeAepnppmEUnwk049qZSPa%2BMqsxDSUkTrpM83ye%2FNZxPT%2FLgRdKZkERp3rxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82f55ca60e5a22b0-CDG

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1022 B 100ms
34ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:38 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 229237
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iLdlc7Ig4YW8PXBDOQGrbXie57aOC20hAw79VeVm%2BYJW5akEIkr%2Fec6xPFnDUz75eppxPi330fcQY7arsyOS2FoEE2I7bm98AoEx5TFKX73NkuqB%2Bx1%2FpCbpV4JJ3EFS%2FYOdZ958xBMk5Kk"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 82f55ca61de04c49-MXP

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
177 B 502ms
166ms Fetch 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:39 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
354 B 126ms
39ms Fetch 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:38 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
527 B 212ms
110ms Fetch
application/json 3.126.74.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.21.0&referrer=https%3A%2F%2Fwww.apksum.com%2Fapp%2Ffive-nights-at-freddys-2%2Fcom.scottgames.fnaf2&tmax=1000

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.126.74.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-74-121.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:39 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apksum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST /
prebid.smilewanted.com/ 0
0

POST
H2 204 prebid Show response
mp.4dex.io/ 0
267 B 118ms
62ms Fetch 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:38 GMT
x-err: Parsing the Prebid Request. website disabled
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://www.apksum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82f55ca61f5f24c0-ZRH
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 14 KB
8 KB 263ms
170ms Fetch
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=56709364278&lsavail=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c34619c2052f5e49d6f5bce5092b76a4268c9fa1adbb6dca5a9a9b2736827d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.apksum.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
133 B 285ms
215ms Fetch 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:39 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f55ca639773762-MXP
access-control-allow-methods: POST, GET

POST
H2 200 cdb Show response
bidder.criteo.com/ 14 KB
8 KB 276ms
190ms Fetch
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=97625613119&lsavail=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1cebe36aaeabc9e82a39d593c725c3bc53f5adb53f7dec6dee083ea000cd7678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.apksum.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
264 B 267ms
203ms Fetch 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:39 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f55ca639783762-MXP
access-control-allow-methods: POST, GET

POST
H2 204 prebid Show response
mp.4dex.io/ 0
40 B 123ms
77ms Fetch 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:38 GMT
x-err: Parsing the Prebid Request. website disabled
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://www.apksum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82f55ca61f6224c0-ZRH
expires: 0

POST /
prebid.smilewanted.com/ 0
0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
176 B 486ms
166ms Fetch 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:39 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
526 B 210ms
121ms Fetch
application/json 3.126.74.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.21.0&referrer=https%3A%2F%2Fwww.apksum.com%2Fapp%2Ffive-nights-at-freddys-2%2Fcom.scottgames.fnaf2&tmax=1000

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.126.74.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-74-121.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:39 GMT
accept-ch: sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apksum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
212 B 124ms
53ms Fetch 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:38 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 18
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 cdb Show response
bidder.criteo.com/ 17 KB
9 KB 329ms
251ms Fetch
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=38290576017&lsavail=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96ed86b493513d9c410bb3937d5636c9b9360a63ad132ad416f37668136b534f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.apksum.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
176 B 643ms
329ms Fetch 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:39 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
526 B 194ms
113ms Fetch
application/json 3.126.74.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.21.0&referrer=https%3A%2F%2Fwww.apksum.com%2Fapp%2Ffive-nights-at-freddys-2%2Fcom.scottgames.fnaf2&tmax=1000

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.126.74.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-74-121.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:39 GMT
accept-ch: sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apksum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
211 B 137ms
73ms Fetch 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:38 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
132 B 320ms
266ms Fetch 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:39 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f55ca639793762-MXP
access-control-allow-methods: POST, GET

POST /
prebid.smilewanted.com/ 0
0

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
161 B 139ms
71ms Fetch 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://www.apksum.com
pragma: no-cache
date: Sat, 02 Dec 2023 17:41:39 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 prebid Show response
mp.4dex.io/ 0
41 B 114ms
79ms Fetch 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:38 GMT
x-err: Parsing the Prebid Request. website disabled
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://www.apksum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82f55ca61f6324c0-ZRH
expires: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
176 B 632ms
329ms Fetch 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:39 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST /
prebid.smilewanted.com/ 0
0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
526 B 193ms
122ms Fetch
application/json 3.126.74.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.21.0&referrer=https%3A%2F%2Fwww.apksum.com%2Fapp%2Ffive-nights-at-freddys-2%2Fcom.scottgames.fnaf2&tmax=1000

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.126.74.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-74-121.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:39 GMT
accept-ch: sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apksum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 prebid Show response
mp.4dex.io/ 0
41 B 105ms
78ms Fetch 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:38 GMT
x-err: Parsing the Prebid Request. website disabled
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://www.apksum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82f55ca61f6524c0-ZRH
expires: 0

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
162 B 107ms
39ms Fetch 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://www.apksum.com
pragma: no-cache
date: Sat, 02 Dec 2023 17:41:39 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
161 B 137ms
69ms Fetch 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://www.apksum.com
pragma: no-cache
date: Sat, 02 Dec 2023 17:41:39 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
211 B 127ms
75ms Fetch 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:38 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 6
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 cdb Show response
bidder.criteo.com/ 19 KB
10 KB 297ms
234ms Fetch
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=70025870584&lsavail=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9a556fe4585a633ef681ff4cd88d384ee25f0f8fcdc0269ae74b200b25b7017c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.apksum.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
132 B 285ms
243ms Fetch 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:39 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f55ca6397a3762-MXP
access-control-allow-methods: POST, GET

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
270 B 236ms
168ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNaBUZZRzdNqAKKrTqY-UUyU-PraT-wPZe-ZUtPeAaMaZAtRlmNKYMbaARdzNwqfftkRqxeNco_YTaaPaBUZZ_TRwkjNAR_yszuNyqsltRkjmNKYMbaA,PUMbUA,qxzgRwlNkzwigxlt,qdb,zkohstsoyz,ldostvqfztr,qrquog,ekoztg,ekoztg,jxqfzxdrtbRleNpl
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWE5qgJeWpJb8Tt63%2BxjHOyh91GLKSFPGT%2FWGGSbrOHIa4qnpKnJx7QFuzFUqzTspFM4PMQHF5IDTVR9c0Fw4%2F9Xpo2J3n9gruzokP5R34jKs8ZndJVYg4skWeUkB5DatJz7w1gPuRzDaFXfuzeJVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca66c7b0e8f-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
271 B 237ms
169ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNaBUZZRzdNUMZteayq-TBYM-PeUU-aAqr-BrwZZyyqwKtPRlmNKYMbaARdzNwqfftkRqxeNco_YTaaPaBUZZ_YRwkjNAR_yszuNyqsltRkjmNKYMbaA,PUMbUA,qxzgRwlNekoztg,ekoztg,jxqfzxdrtb,qrquog,ldostvqfztr,kzwigxlt,zkohstsoyz,qdbRleNpl
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ON7rpD6AlQYH5Nhe2KPwfqpq6Mtcc9l10nKk8q%2B8zGHCUqnb2HDkq%2BNkEcPLbqtsqHzUi47h%2FDCDcIetKW8jImxuz4vVq%2BHJvcJfRN33ulevKNXkPBnX6RPiiI4NBd3P8ZVdSNgkjVaDqAI4sTMrpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca66c7d0e8f-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
274 B 239ms
172ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNaBUZPRzdNBMMUMAPB-tPeP-Pyqe-qqUZ-ABtAPwTZrqUqRlmNBAAbYZARdzNwqfftkRqxeNco_YTaaPaBUZP_TRwkjNAR_yszuNyqsltRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZA,qxzgRwlNekoztg,kzwigxlt,zkohstsoyz,qdb,jxqfzxdrtb,ldostvqfztr,qrquogRleNpl
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V10bFixjckqXBiZ6J4tIZ8AMou9mdpcYKcc5oxQ6BT%2FqjW0OsMTtgB79j7DxK%2BuxNdRQ9csK4KLH98MXA%2FfqF%2FqH1uwtg%2F8zdWmZJVj319oSSkzIPjav3NOpancggBkxL5YcWtZKGVx7In5%2BB%2BonAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca66c810e8f-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
525 B 234ms
167ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNaBUZPRzdNAyUTKrrq-Uqqa-PtBM-wBUq-KMAKKUBaUKeyRlmNBAAbTUMRdzNcortg%20gxzlzktqdRqxeNco_YTaaPaBUZP_T_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNBAAbTUMRwlNekoztg,qdb,jxqfzxdrtb,xfkxsnRleNpl
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOFee4%2FbxiiXEHIDK7G%2BipVty2lhGTJwQIamrtNb%2B3eEegw1l4ya4cUdyj3b7MyCw3C%2FcLHsTvjoeYP7dLTlZQKWAO0iEwL4DNewLoceko%2Fsho0jZCOpfevgxhuHfiulcyMWXhdzWcO3oMlD0d7uKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca66c840e8f-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
272 B 239ms
172ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNaPAUYRzdNUBZAPZaP-yraP-PUKe-qByB-raqwyTMAByPrRlmNBBUbPMARdzNwqfftkRqxeNco_YTaaPaPAUY_wqfftkRwkjNAR_yszuNyqsltRkjmNBYAbPMA,BBUbYMA,BAAbYZARwlNkzwigxlt,ldostvqfztr,zkohstsoyz,qrquog,qdb,ekoztg,jxqfzxdrtbRleNpl
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TICzd0W4aYaCVecsEomLE%2BtOFhI1qROZ7%2FJjMfEyQrQ3MHI2zglhAlmvTZFBqHMb0N9N5iSOmIVvlk%2BkLAzneorm4L7UVJHDJ7AoDmfJb%2B98IUa1LDtrjTJSepY4JxmqzE%2BKACcKHYK4te9dWMaSmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca66c890e8f-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
272 B 238ms
171ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNaPAUYRzdNTeBKTtZK-ZPYq-PKwK-wYqa-PZtBYtyZqMqZRlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_YTaaPaPAUY_oflzktqdRwkjNAR_yszuNyqsltRkjmNUPAbPMARwlNzkohstsoyz,xfkxsn,qdb,ekoztg,jxqfzxdrtbRleNpl
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCEQiHqHChGEZSQj9gGVVrizJOQzw%2BbEWOOJpQWNb%2FqQdJyCtqGnUUkDEn5SfdZrAGWvYqosl8GVpycn37GGK9kRlYwpWRAZfC4Vn1ZFuwfJe3VJSsH2DngBQ1QPGVbQC51LFHii%2BUR6eiPkK4qHqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca66c860e8f-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
273 B 167ms
167ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNaPAUYRzdNYAPtqPtB-yaqZ-PPAt-aKeK-wPUPtYZBUwrTRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_YTaaPaPAUY_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNPTAbYBTRwlNxfkxsn,qdb,ekoztg,jxqfzxdrtbRleNpl
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQpNN3Uih%2F868ZtxTWqCZ43xFa98nNOLPqiaIkrThBb72idnUO6%2B%2BCKgp8QMlx90UmsZ1xeeXPtwwGTwZG7ocs0Gl%2BfJsH9uthq7H%2FxVhf%2FPgorSDiJIsyRV2stKBwMlM7XxNAjf9EB7yrHaOAHOTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca66c8b0e8f-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 1679645040.png
assets.vlitag.com/widget/2023/03/24/ 98 KB
99 KB 36ms
35ms Image
image/webp 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2023/03/24/1679645040.png
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
cf-cache-status: HIT
age: 2125023
cf-polished: origFmt=png, origSize=323185
content-disposition: inline; filename="1679645040.webp"
alt-svc: h3=":443"; ma=86400
content-length: 100856
cf-bgj: imgq:85,h2pri
last-modified: Fri, 24 Mar 2023 08:04:00 GMT
server: cloudflare
etag: "641d5970-4ee71"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82f55ca60e630e21-MXP
expires: Tue, 07 Nov 2023 21:32:09 GMT

GET
H3

206

videoplayback
r4---sn-1gieen7e.googlevideo.com/
Redirect Chain

https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y
https://redirector.googlevideo.com/videoplayback?expire=1701556018&ei=0lprZbaHDO6FsfIP0JyV8AE&ip=184.164.141.146&id=o-AMcR2dair95m7tRmV_W6Nm0SU4Vdf3nHy7TuNfP05Wms&itag=18&source=youtube&requiressl=...
https://r4---sn-1gieen7e.googlevideo.com/videoplayback?expire=1701556018&ei=0lprZbaHDO6FsfIP0JyV8AE&ip=184.164.141.146&id=o-AMcR2dair95m7tRmV_W6Nm0SU4Vdf3nHy7TuNfP05Wms&itag=18&source=youtube&requi...

160 KB
0

82ms
25ms

Media
video/mp4

2a00:1450:400a:8::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-1gieen7e.googlevideo.com/videoplayback?expire=1701556018&ei=0lprZbaHDO6FsfIP0JyV8AE&ip=184.164.141.146&id=o-AMcR2dair95m7tRmV_W6Nm0SU4Vdf3nHy7TuNfP05Wms&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f5cHXm5o5xxQ7DcX0DH0hGiNEOTjeilTfIZa1_CPMXb7u1ly&vprv=1&svpuc=1&mime=video%2Fmp4&ns=3dGCytTVK17PVwHnRJ9At60P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&sefc=1&txp=6219224&n=opIKeMHdDmQzrmSAL2&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAJ_mngTv1aWhz3fXwxobLe6jD2dJz58QSldHYxgIEL-vAiABT96ZHH3SapGwxvVpAk7HWp-N9XzrdDFfy0-MlwxP4Q%3D%3D&cms_redirect=yes&mh=d6&mip=2a05:ad00:b:0:129::1&mm=31&mn=sn-1gieen7e&ms=au&mt=1701538161&mv=u&mvi=4&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhAJHfqnRzXcyvoCheVcgMgnjy9DQLo2DI8GefZwa5gBDOAiAHsevCSMXfw-BMT2HTcWOdfxU5MWgYJSAyne-bE6ShkQ%3D%3D

Requested by

Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2

Protocol

Server

2a00:1450:400a:8::9 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

client-protocol: quic
date: Sat, 02 Dec 2023 17:41:39 GMT
x-content-type-options: nosniff
last-modified: Sat, 03 Jun 2023 08:32:55 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-14185952/14185953
cache-control: private, max-age=16819
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 14185953
expires: Sat, 02 Dec 2023 17:41:39 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:39 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-1gieen7e.googlevideo.com/videoplayback?expire=1701556018&ei=0lprZbaHDO6FsfIP0JyV8AE&ip=184.164.141.146&id=o-AMcR2dair95m7tRmV_W6Nm0SU4Vdf3nHy7TuNfP05Wms&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f5cHXm5o5xxQ7DcX0DH0hGiNEOTjeilTfIZa1_CPMXb7u1ly&vprv=1&svpuc=1&mime=video%2Fmp4&ns=3dGCytTVK17PVwHnRJ9At60P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&sefc=1&txp=6219224&n=opIKeMHdDmQzrmSAL2&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAJ_mngTv1aWhz3fXwxobLe6jD2dJz58QSldHYxgIEL-vAiABT96ZHH3SapGwxvVpAk7HWp-N9XzrdDFfy0-MlwxP4Q%3D%3D&cms_redirect=yes&mh=d6&mip=2a05:ad00:b:0:129::1&mm=31&mn=sn-1gieen7e&ms=au&mt=1701538161&mv=u&mvi=4&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhAJHfqnRzXcyvoCheVcgMgnjy9DQLo2DI8GefZwa5gBDOAiAHsevCSMXfw-BMT2HTcWOdfxU5MWgYJSAyne-bE6ShkQ%3D%3D
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1293
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 104ms
49ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:39 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 221182
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNGMSuHZqqD%2BSOM%2FHQlPADvEZTrE86YaAjkrKZvRrsGKspboeXl3wtoZxGBnWKeCcggDySNeBN3SFF6r2N2QDwMLQlFXECSU0EvQma3akdFFMZaoLmd2sdcqVr2twujTCWHflAzAtUIwuR1L"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 82f55ca6abea0e6d-MXP

POST
H2 200 cache Show response
pbc.vliplatform.com/ 63 B
417 B 200ms
190ms Fetch
application/json 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbc.vliplatform.com/cache
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bad9f93907f98d38d0579e436919546105fc89fddb91ce0ba173eebff5058e17

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bI5eM1OD1YoHcM3Q%2BjCw54jtoWhfv13%2BRsf74qju7XO%2F1TWYpstWU5dfOLdR4kS7PzxIeZ3plmRGKwRA4cbIuSlBnzo4FnjutRcQeAkryefvlwegmyNPwlj1x2SNZljjl3D6Pgu2CKjqTM02KYJstHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.apksum.com
access-control-allow-credentials: true
cf-ray: 82f55ca7eeae0e8f-MXP
alt-svc: h3=":443"; ma=86400

POST
H2 200 cdb Show response
bidder.criteo.com/ 17 KB
9 KB 182ms
182ms Fetch
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=47464785748&lsavail=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

05daf39ce01efa0d9e48a25f8b4f89e80d36df0bc5d615fd3646bbf23e912d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:41:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.apksum.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 204 prebid Show response
mp.4dex.io/ 0
64 B 71ms
71ms Fetch 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:39 GMT
x-err: Parsing the Prebid Request. website disabled
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://www.apksum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82f55ca8ddd924c0-ZRH
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
526 B 116ms
116ms Fetch
application/json 3.126.74.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.21.0&referrer=https%3A%2F%2Fwww.apksum.com%2Fapp%2Ffive-nights-at-freddys-2%2Fcom.scottgames.fnaf2&tmax=1000

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.126.74.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-74-121.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:39 GMT
accept-ch: sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apksum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
132 B 192ms
191ms Fetch 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:39 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f55ca8ec9f3762-MXP
access-control-allow-methods: POST, GET

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
209 B 40ms
40ms Fetch 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:38 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
176 B 167ms
167ms Fetch 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:39 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
272 B 166ms
166ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNaBKBPRzdNPrUtKatw-qUaY-PByy-wwUq-ZrKyMaAyMtKaRlmNKYMbaARdzNwqfftkRqxeNco_YTaaPaBKBP_MRwkjNAR_yszuNyqsltRkjmNKYMbaARwlNekoztg,qrquog,zkohstsoyz,jxqfzxdrtb,qdb,kzwigxltRleNpl
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UPaPZQ%2Fj2Uwn4Iuipb43dqI1L2cmsjnQwhVYjMYZj2Yce1FHdn9gsLNBJwPod6%2FmJYrPsfQ7YxKcOocq5s%2B7F5IRoZcf1WfHjx0f%2FSYA1d5LcbOKfnRtf%2BK3jBu7U7pPqIidNmYdUiv8i%2FtFQU5TA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca8efd50e8f-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
499 B 166ms
166ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNaBKBPRzdNPrKKyrTy-wATt-PBtw-MUtT-KtqaUAwKZyMPRlmNaKAbaARdzNwqfftkRqxeNco_YTaaPaBKBP_KRwkjNAR_yszuNyqsltRkjmNaKAbaARwlNqrquog,zkohstsoyz,jxqfzxdrtb,qdb,kzwigxltRleNpl
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nxa1O2KhEEk0PoRrKulbuXuCn0oy3CIkfK3MG8VmpX2HFRo8zWKbuzM4Z2gxDItjJMF9jXpEKXCtqdkVTkaBkkLam4oXIwv7fRgbTVuWT4%2BHAzLKUGbkTsVEKuUIgTIqTvqF7ANjzYjvNBJukGus6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca8efd60e8f-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/br-v4/ 0
273 B 175ms
174ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNwZAqAPUe-aeAq-PUPw-waMr-eTMTBetMMtBwRlmNKYMbaARdzNwqfftkRqxeNco_YTaaPaBUZZ_TRysggkNAGATRwkNekoztg|AGAKZPTAaaKTYYZYUTM|KYMbaA|wqfftk|YUU|RmNaBUZZRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFYjefdpcdUCj8d4yNQqtsQIMZsn6x%2Bt%2BBmgiNqb5sx%2F8izqosdhKvp7GLK5HFD8K4DpVn46hjDk4P3RRdZTN3W6BVfMAqIjxPRMRnQx2%2BoBbqg8rQ6LEC3rQN4lYnOLLQgIm74uyrCxUU%2FeGRghqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca8fff40e8f-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bw-v4/ 0
269 B 176ms
176ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNTMKaeqBT-YayM-PwKT-aPPY-ABMyPeKZMZZtRqxeNco_YTaaPaBUZZ_TRwNekoztgRhNAGAKZPTAaaKTYYZYUTMRlmNKYMbaARdzNwqfftkRmNaBUZZRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYQ9A3mOBzSpPCHonMDjUVOGWGuYGWIcK6YyeXS%2BwmYgK210MabWDOUOvD8aXMWF861JFY8yYjmI9xyxeUkMdSk2jEcSybbkIOieRfYbFd7YclD0bhaHJYMGm5VRkgf013uCW%2BQPpSkkfn4XIutUBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca8fff50e8f-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/br-v4/ 0
267 B 170ms
169ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNyPMKPArt-tZAM-PwqY-qqTe-ZYUeyqUtaqKKRlmNKYMbaARdzNwqfftkRqxeNco_YTaaPaBUZZ_YRysggkNAGATRwkNekoztg|AGAKZPTAaaKTYYZYUTM|KYMbaA|wqfftk|YKM|RmNaBUZZRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBvmQ9wrpIWKI011XPqI4rXAF1Skn49oLwDnB4WmEd2cEwM3%2FLqHlPw24b%2Fgnvaes3opemWVqybMfcdemfsVw0dGk62TvlOblko8nPUyrzOj4hb08Wl7UhzHWUhYSbhRpnJArpOrXE7XDuQOpNX54g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca908070e8f-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bw-v4/ 0
272 B 168ms
168ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNyArwrAaA-tAtP-PrtZ-waMT-YYUrAKwtYwYZRqxeNco_YTaaPaBUZZ_YRwNekoztgRhNAGAKZPTAaaKTYYZYUTMRlmNKYMbaARdzNwqfftkRmNaBUZZRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FM3gKytC6xDVbVLYpUY%2BFnlthORwk7cNgC%2BCPJYQuIxjvTsiaVYdvNvsDPiABjNvGBlnWDeXsT8NIN5iqb4DciMaYv%2FNVPf4xMjHcKiQ%2FnkIkPuarucJEoScU5bI2J74hi0pbP15eNX038xKfpXlDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca908080e8f-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/br-v4/ 0
496 B 173ms
173ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNBPUeYZtq-qPBY-PZYr-MMqP-rPUwBwwYqZBYRlmNBBUbPMARdzNwqfftkRqxeNco_YTaaPaPAUY_wqfftkRysggkNAGATRwkNekoztg|YGAaBTYTAYKaPUPKYB|BAAbYZA|wqfftk|BAA|RmNaPAUYRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsrzwWPrDtICm19JNSAt%2BH0VQDgqXohvG9WyMPkCQ04Zn1BNQszPwh6hUpMcz6N9YU19p0vg7RrVYNQTlrQCN6ofTiBF30N7Wqtpb98coYHFHBlNSgXsIuL0Il2hq1JQrKYXcSJNRg%2BniGzi87eWwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca9f80f0e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/br-v4/ 0
534 B 169ms
169ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNqPaMwUPB-eTqe-PeYe-qZaP-wUAZYwwTUBwZRlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_YTaaPaPAUY_oflzktqdRysggkNAGATRwkNekoztg|AGTYPPaUaaKMaYMZUU|UPAbPMA|cortg%20oflzktqd|Yaa|RmNaPAUYRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1ziyer33wgpxLBD1VXacoU5HhWlQKh%2BW2532FxER77X7uVpeBXTiY%2FjghRzCCtK1ZTz8jnnLfneRGw9RZ37TFNBGhyid4GUk40uDqn30vG%2BEQZ8OaiSrggAjN12%2FtPcDM9m9DqzQUrbcqrxIk6kpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca9f8130e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/bw-v4/ 0
501 B 172ms
171ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNeeqqeyTT-YeMK-PyPU-MTPw-UUUUMTrqByAMRqxeNco_YTaaPaPAUY_wqfftkRwNekoztgRhNYGAaBTYTAYKaPUPKYBRlmNBAAbYZARdzNwqfftkRmNaPAUYRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2F4UKw9Uc4m3%2FUZYEGB6utqyXUdfTrsPQLz9UyO7YUdiUx8eltbSZvQbWLPx%2FZJZGJkL2Crajxs%2FXWbyk7q1EcTMuzxA3o8SR5xZwgGuYK3S04WfTM6PplBqagDm2kkh2cg8fk2pIwKIenNKxkTsSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55ca9f8150e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/br-v4/ 0
498 B 165ms
165ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNBKMyMZwZ-aqyr-PtZM-MTBM-ZYYKqtTAetarRlmNBAAbYZARdzNwqfftkRqxeNco_YTaaPaBUZP_TRysggkNAGATRwkNekoztg|AGAKaBMAAAYUTKMBU|BAAbYZA|wqfftk|BBT|RmNaBUZPRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oe5MGeH3JBPMrMCd1whG6AUungL9fX7qAmdt1MX4QLKFt3%2Bw0eGgy5pjud98191y%2FFOw68XJgB59rL8IejHPqBqdwaQG0sUBYvcGWwafAOo%2Fp827ze9fMcLV%2B0vt15y%2FS1HlCTVkk7QYake026XWPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55caa08230e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/bw-v4/ 0
496 B 165ms
164ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNMYyPKUew-aTKK-PPeq-awyB-BPUwAPZrMBYZRqxeNco_YTaaPaBUZP_TRwNekoztgRhNAGAKaBMAAAYUTKMBURlmNBAAbYZARdzNwqfftkRmNaBUZPRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaWC%2BZpqLj3X2%2FcfsEyfRYXlyY1k65qxJ2ZoddKb2AiGW16BNjwAyOOoz8AraGsiBP0TyUHKYSRtiESaDs%2BNkIQEKipFosVVXZcPHdnf07RT6LUcuV8VhDeGztmskWx5sZUAd0ekCp4ktiBPD9ifRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55caa08240e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/br-v4/ 0
508 B 171ms
171ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNAYqMwZaw-rwUw-PtUM-waKq-qqYPrwYYUePwRlmNKYMbaARdzNwqfftkRqxeNco_YTaaPaBKBP_MRysggkNAGATRwkNekoztg|AGAKaBMAAAYUTKMBU|KYMbaA|wqfftk|TMZ|RmNaBKBPRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqZKi4ORCYovh0Zrfz8S4ag%2BfwudzOwx3hh0Ny%2FPLWKb%2BngR3KbeXhy8gC13dT%2BdOu97UN9FEzBD%2BAEtn2UcaBROhR9O0mIQ%2Fha%2F00wzlit5%2FfmNx44%2By2P8ed8ymtgxWgb6uk4O3JVmbI%2B0NG%2BUJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55caa18430e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/bw-v4/ 0
495 B 163ms
162ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNqYABTKyK-MeAY-PUPT-aUeY-tPwwAeeqeBYARqxeNco_YTaaPaBKBP_MRwNekoztgRhNAGAKaBMAAAYUTKMBURlmNKYMbaARdzNwqfftkRmNaBKBPRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BTt20Xs62pxCBtip2nkfp1csfKhVZtyyBJiFK3xxR7Wft2oyKp6Uo2xGdQTcgVbTZXeZHS7HnrZok7W1iWPw%2Bxicj60lJByLIh4xpnbqSfLQkoyoZKeEc3PnUn7FbwSiukUu6rtuJ8INwAq5Bpv%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55caaf9950e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 166ms
82ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Dec 2023 17:41:39 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
499 B 164ms
164ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNoc-PyBeBeBM-rTMK-PYPe-MreB-ZYMeKrTrtqeTRqxeNco_YTaaPaBUZZ_TRwNekoztgRlmNKYMbaARdzNwqfftkRrdzNRmNaBUZZRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:40 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2TtsHsjSEqzKgAJoEKxIkyovIQMUFv15jDpxvavE08kRg4W65aBGrZH3jrsXChG5FxhGTjYNGkwr2WknV8De6MlNmGq%2FftAMLeFLVWsDtC%2BZBJQXlXBqAuM4SIlLUW2%2B2iauSAmvEcRqFzgkT9F7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55cac4ba20e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
500 B 170ms
170ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNoc-erqyqUtt-YUqY-PttY-qZPA-wyywqtBrKrrARqxeNco_YTaaPaBUZZ_YRwNekoztgRlmNKYMbaARdzNwqfftkRrdzNRmNaBUZZRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:40 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F73Ivogj9cEN18NJVNYREA%2BDplPffpfQ9K0ZCJkL9zkxkOpyo%2BUUP%2BT%2B6T4w32Ss2b7sdowevH%2FmzJWD8qK3fIly%2BZ9a8Nlr1p17EvsIVoiWDnhIDoxcbojaDVmJYaxnG2G6ONQQkiCszZc13jeUtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55cac4ba30e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 136ms
68ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Dec 2023 17:41:40 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
496 B 172ms
172ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNoc-MMrtUAYe-rBBy-PwTy-MMTZ-weaZUZwayTAMRqxeNco_YTaaPaPAUY_wqfftkRwNekoztgRlmNBAAbYZARdzNwqfftkRrdzNRmNaPAUYRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:40 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBHwxfnWIYVkMsvmXPVLI1K0swRPfXwCY3DSOxua5dBCLSiBNGqjhn1IfOaQU2Jhcdq0ZpmfmE2bV4F5WWix9fNbuIwFJfmDQB5Uf0CBQEWSQFsrBbTOY95AyP3yU6gXYnKRrIkniGTErEa%2BeGsm8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55cb039100e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
501 B 167ms
167ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNoc-tMqKrYyU-arAU-PBtT-qMYy-PAYyeAUwZqtMRqxeNco_YTaaPaBKBP_MRwNekoztgRlmNKYMbaARdzNwqfftkRrdzNRmNaBKBPRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2claNCTlEfECCGOjT1RTR6hF8QjwAE3qhhYLSVULdCPnxPgwvzJMEfjWLFskqc3%2FbsxZ%2BTqO%2Fcxfcf7SCgfig9i7u9BfumZqErVa4lftFguIR9m9YmNtSPjGDzdBWh0cWzwA3CBq%2BpT%2FyR0nmIHXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55cb26b5f0e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
503 B 163ms
163ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNoc-ZeUearUY-reUP-PUYK-qBUT-TqewreKtBZyMRqxeNco_YTaaPaBUZP_TRwNekoztgRlmNBAAbYZARdzNwqfftkRrdzNRmNaBUZPRleNplR_yszuNyqslt
Requested by: Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apksum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9X5TvNiUy1UeUKpnTay0RHCUpUBLVXcSidjcBousCsBdDP5a3%2FQe%2Byur5UKrXnRu1ImCO5NYvnxbZaJR5DRoNh0xkUVv4ywPCBJx%2FmSG6pGMLVrNjjI6F%2BMu0T%2FuQpozAF6ztlFL5XLJzORTcw%2FHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55cb29ba50e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5EFE 15 KB
6 KB 151ms
44ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.apksum.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apksum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:41 GMT
server: Kestrel
server-processing-duration-in-ticks: 331331
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 r.html Show response
assets.vlitag.com/plugins/safeframe/src/html/ Frame 508C 856 B
573 B 41ms
41ms Document
text/html 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f72d7d1793dd9eb7b7697f2c6307a471d644734747381e10794fbe9e82181e1a

Request headers

Referer: https://www.apksum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 138712
alt-svc: h3=":443"; ma=86400
cache-control: max-age=16070400
cf-cache-status: HIT
cf-ray: 82f55cb3af80babe-MXP
content-encoding: br
content-type: text/html
date: Sat, 02 Dec 2023 17:41:41 GMT
expires: Mon, 13 Nov 2023 10:01:54 GMT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 r.html Show response
assets.vlitag.com/plugins/safeframe/src/html/ Frame 47B6 856 B
537 B 37ms
37ms Document
text/html 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f72d7d1793dd9eb7b7697f2c6307a471d644734747381e10794fbe9e82181e1a

Request headers

Referer: https://www.apksum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 138712
alt-svc: h3=":443"; ma=86400
cache-control: max-age=16070400
cf-cache-status: HIT
cf-ray: 82f55cb3efbcbabe-MXP
content-encoding: br
content-type: text/html
date: Sat, 02 Dec 2023 17:41:41 GMT
expires: Mon, 13 Nov 2023 10:01:54 GMT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 r.html Show response
assets.vlitag.com/plugins/safeframe/src/html/ Frame A400 856 B
537 B 38ms
37ms Document
text/html 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f72d7d1793dd9eb7b7697f2c6307a471d644734747381e10794fbe9e82181e1a

Request headers

Referer: https://www.apksum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 138712
alt-svc: h3=":443"; ma=86400
cache-control: max-age=16070400
cf-cache-status: HIT
cf-ray: 82f55cb3efc1babe-MXP
content-encoding: br
content-type: text/html
date: Sat, 02 Dec 2023 17:41:41 GMT
expires: Mon, 13 Nov 2023 10:01:54 GMT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 r.html Show response
assets.vlitag.com/plugins/safeframe/src/html/ Frame 1CC1 856 B
537 B 44ms
44ms Document
text/html 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f72d7d1793dd9eb7b7697f2c6307a471d644734747381e10794fbe9e82181e1a

Request headers

Referer: https://www.apksum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 138712
alt-svc: h3=":443"; ma=86400
cache-control: max-age=16070400
cf-cache-status: HIT
cf-ray: 82f55cb3efc5babe-MXP
content-encoding: br
content-type: text/html
date: Sat, 02 Dec 2023 17:41:41 GMT
expires: Mon, 13 Nov 2023 10:01:54 GMT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 r.html Show response
assets.vlitag.com/plugins/safeframe/src/html/ Frame 0E89 856 B
537 B 43ms
42ms Document
text/html 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f72d7d1793dd9eb7b7697f2c6307a471d644734747381e10794fbe9e82181e1a

Request headers

Referer: https://www.apksum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 138712
alt-svc: h3=":443"; ma=86400
cache-control: max-age=16070400
cf-cache-status: HIT
cf-ray: 82f55cb3efd0babe-MXP
content-encoding: br
content-type: text/html
date: Sat, 02 Dec 2023 17:41:41 GMT
expires: Mon, 13 Nov 2023 10:01:54 GMT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 sf_ext.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ Frame 508C 23 KB
10 KB 44ms
44ms Script
application/javascript 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 389042
etag: W/"5dbbbcf2-5aed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 82f55cb3efd5babe-MXP
alt-svc: h3=":443"; ma=86400
expires: Sat, 11 Nov 2023 13:26:09 GMT

GET
H3 200 sf_ext.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ Frame 47B6 23 KB
10 KB 41ms
41ms Script
application/javascript 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 389042
etag: W/"5dbbbcf2-5aed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 82f55cb41821babe-MXP
alt-svc: h3=":443"; ma=86400
expires: Sat, 11 Nov 2023 13:26:09 GMT

GET
H3 200 sf_ext.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ Frame A400 23 KB
10 KB 37ms
37ms Script
application/javascript 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 389042
etag: W/"5dbbbcf2-5aed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 82f55cb42827babe-MXP
alt-svc: h3=":443"; ma=86400
expires: Sat, 11 Nov 2023 13:26:09 GMT

GET
H3 200 sf_ext.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ Frame 1CC1 23 KB
10 KB 56ms
56ms Script
application/javascript 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 389042
etag: W/"5dbbbcf2-5aed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 82f55cb43835babe-MXP
alt-svc: h3=":443"; ma=86400
expires: Sat, 11 Nov 2023 13:26:09 GMT

GET
H3 200 sf_ext.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ Frame 0E89 23 KB
10 KB 57ms
56ms Script
application/javascript 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 389042
etag: W/"5dbbbcf2-5aed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 82f55cb43837babe-MXP
alt-svc: h3=":443"; ma=86400
expires: Sat, 11 Nov 2023 13:26:09 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1460 0
149 B 134ms
67ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCwkYbeBRjdlaCAAjAB&v=APEucNWSLAxSYrLrDqr0xbZwmMnMztkc9VC4czJyC5YJRM2UEcDrSe9wFez24zladc9u8nvHGVPRe0jbmt_Q449bn-pNAk8c0LSw6Wc--gKxiKMgMqX9kLI

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.vlitag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:41 GMT
expires: Sat, 02 Dec 2023 17:41:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 508C 92 KB
32 KB 167ms
95ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32789
x-xss-protection: 0
server: cafe
etag: 17194431578830737671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:41 GMT

GET
H2 200 tpd
cat.nl3.eu.criteo.com/ Frame 508C 43 B
462 B 108ms
34ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/tpd?dd=hCdNtl9rMWZDaCUyQjFYVkJuNlNYWFByUUhQNDFxcXlXJTJGUjFXQXE3MXc4UlE0WnV0RlRoUTV4dVFTbzlyJTJGT204U2lScjc0Z3RwRW1ZdURYU083JTJCVTRsM3Bnc2xMalBGYSUyQnRxVmcyTXZVS3Q1JTJCMyUyRjlqRUxKaE42VzJPR2thYnZ0NUF3JTJCdnU1c0tISzBmNzJQa1Jabk10a2pqQ2x6YTV5ZlU2QjllM3BrVXZpQ1E5QnFscFpBVUNrc3M3JTJCbDRlVmZiV2ZtV01yZUJVcTU5Z3FLeXRRNUR0UkhzM1pRZUY0cGEzeGRpWEFrQ1JxVnFRbzJEc2hrQnhnRERIa2U1cjZYTnl6QWM4bWlia1JRbDV6NG8wOCUyQk1ISzB4JTJGYU5aJTJGTUdlenpETmolMkZzcnh3VXk0cmQxNGxXNlhaaEhzRmhrTlhleTdTVW9qWlZkV0pmY2dGT2Z5dFp0N2olMkZCNnB1SjhvVW9mSXklMkZBZ3RtZ2dBcjlCVkdkZEFxVEZvY2l1ZyUyRkpDWWx2MnFwYldaZHJXeVZVZ1dTbGxHc3pxSlRvQWR1aWJ4eHBCZEZRNjFRNm9WWDg0MXNmdERoV09rWEE4Qm1GT0s2b2VLQWhwbXowNURwS0xWRURvJTJGJTJCcWM0UldXdyUzRCUzRA

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 260398
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 508C 42 B
107 B 161ms
90ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bq1o07BLSTpXy9kAERYr_66Y0ncoLKtjfyHfiP5aqk8GZEWeOkUKjvgyQHHE7qVkYL8fy65DaNiiWRa1mp5beckgPLIEZT7wkQt3th13alh1POgt8

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 508C 0
56 B 135ms
64ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4295937500513244083&x=38&ct=77

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame 508C
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2&google_hm=ODIyNjNjMDUtMzA3NS00YTVjLWI5YjctYjc2OGVjNTF...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEId7or7-o26mW3WC_jkbOwE&google_cver=1&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2

43 B
145 B

127ms
32ms

Image
image/gif

18.158.157.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEId7or7-o26mW3WC_jkbOwE&google_cver=1&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: H2
Server: 18.158.157.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-157-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEId7or7-o26mW3WC_jkbOwE&google_cver=1&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCPFT0U2xrZa2IF8PI9u8PkMyL8AXGvb____HdNP038-dEpEvEAEgg____3mH2D...
media.grid.bidswitch.net/imp/Sgi14yCa2U2PY-3NmFaCznZG39uhn4W8EUNss1GdfekwzxbIjip-nRsSxzTHT-ZRBGJMTaoC-zkwwfZcJDZ4jFx9Wb1Rz5vQ_wgT5ehUv-E7xc3X_8ikCzOjL9Qs2wvq1coPJcAbTAeYhSv0EGjlGE4HI6CF3VnblVsnij06... Frame 508C 43 B
196 B 283ms
31ms Image
image/gif 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.grid.bidswitch.net/imp/Sgi14yCa2U2PY-3NmFaCznZG39uhn4W8EUNss1GdfekwzxbIjip-nRsSxzTHT-ZRBGJMTaoC-zkwwfZcJDZ4jFx9Wb1Rz5vQ_wgT5ehUv-E7xc3X_8ikCzOjL9Qs2wvq1coPJcAbTAeYhSv0EGjlGE4HI6CF3VnblVsnij06PBhMGh6f_1xKWiCZKr0xSzxK9xsClQep1IR5Pl0b103EKQjbT2TqLsMdro2S8L2A2r0LWWvrOLuUSo1BpNOE0Bpo7PE4hK-4pxRTqz8COD6GroYNgXFbtVImtVtMLhf6yaVDdmTC1AyypH90TPTvqCon7oq1RmO9yd4i38V2mlRLnsRoorPNUe3Uq3_2fkLr2APnqr7QLXyQxEOje1B9ZOekcA/billingf-93M_ftyNLVXtqvXaMRccNV97svINi0Ue6Ejz4l2ya0XO-ZppeE4ilfidA/https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCPFT0U2xrZa2IF8PI9u8PkMyL8AXGvb____HdNP038-dEpEvEAEgg____3mH2D1hYCA____APIAQmpAocWcjmKQrI-qAMByAObBKoE1gFP0K7b9ZtveJAJzzCtez1DfJvzM-JzC4NmhabJqgbyq9DuDaXk0xN38atO5M9gm-ujtNeRoV____ZGATFYC2o-____TwnA8PhUhkH-xrBHpxMgfltY47v1QIcU4UFQfCvJIG4opoHIJp41y1Uu-wUvXsJK0wCcnejgdBmhAZZAtsFZfIKhS8FGM377qumLYtv8A73SZt5AJpOU6w79rj0Ea8QpZMU3Mq93____L4aZXgxDbxIrW6gvzJ4pdx4U0JCrYxfNaweSkBpGXT6hMwJ3N95VC7pnCJ7qIeXy6wATk0qy52QTgBAOIBYuu48pNkgUGCAMQARgBkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZNgAf19repBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB____6esQKoB9XJG6gHpr4b2AcA8gcKENP9BRjdlaCAAtIIHwiAYRABGF8yAooCOgSAQIBASL39wTpY-L6srabxggPyCBpiaWRkZXItdGhlbWVkaWFncmlkX2RiODIxMZoJFmh0dHBzOi8vd3d3Lmdsb2J1cy5jaC-ACgTICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECsBO0x94VyBO-8v7jA9ATANgTA9gUAdAVAYAXAbIXCAoGCAASABgA__Jsigh__R1w1-0Hw--kg__Juach____m__R__U5BUACH__U5D__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgDICaaNsX6LHGh0PtFyPkOqUq-75D4wGHReo7a2BDaGlKsFbQtZclbRyqR5J-Z14RU5GAE_B-0CxjdkCJN55dZfvviRnK6p4iZR5JWdddSHj3Q2M1b61XrdYv2fCk8r5sQMB6nUguXytUdtLUI85bibTtdug5-27y179fgqiECTrwYMxVbyuUzGD74Odxp3pMWKMOVTiVxqcJgkO__lu9A__F8qCK7twz57gAzPWt8MRYiETXxMt-XxMgcvx79oX6__vAEVPRl-JZj8eVYRlR__7mt2vhrxxEFHb9qVgEe7AISw9L1e5n__xego-AN5lT-__3cE2ZpzyOZdpZNyP0AmelWU__XKjJrAmKBDzNC8ZLChgcZXuLCXYb__wXMbHgXqFF-7nGyqpLzcfOll5NCuk99ycQlvbXaIb31QJPoKpaI4pVbt8GlK3gaXdstP8aIExXtiYT2__rjbzI4UonUo2MIjpEfrxn2PnkTLONwlyDiyF4QKtZiaIQg__0ls0nnwgfwKpIi35bYxdycar33f7UW7edu__DjWYkqRzBKPhGvvGia32CEZnqvtiBfk1iMhcZ1ynsM4POGAQu0q1WOjt5Iw__KFQWWEqEBZWgjzQs1LadQI__xwLD09Mb3uny9vD2IuW7-Jl1LF-MQuCCVuI2PU2OOeNQZ9wBID9eOB8wP711FIVyxr2JlCy8yRBtxN__saTF1yi-dAh5Y1LLqPqcJLroqtFpanD5sLYXGpdVnEitRlwgiarTsPa3kHF09EUCygz-BTXafURmNJllpjypJ5A3MiSZSLaFOKlpgBy2PJ8f6VQCdEoacgr0H5TM9w6b-zJwok4YGHFyc6lmRHAXZB5kqX__ADzHr95zh4ZAI43l3KKfy-6ldYaaZtbYAMKQnJs5p5MTogYQ38aXNTzJjN6wyMMqjr0gmgE6GRCKoKZi7-C93zgdG8PF7uJie0RzGnpXOY22Nth6M7cCSVrZ1CpQ__o4UkiSzuO3j6MdcL84jPSXALJX2ECdv4df-N6952WybUaJf0Q__wHZRMM2MIe__nRblhoExYIHc5wSxmsZ9eIB5mrE9BMeL5LVc-T00r2pJINvuT3brpFKOBoyM973m4jEwJWC9__DFXxq3Pb-IADcaNaXgoEsvQDi89f8M1Xz-Z0QoEYcLhfiie641Xy6K16lTJxgqmEQ7yMfZ1pE46T-orbf1Yql4_B
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif

GET
H2 204 cookie-overlap
grid-mercury.criteo.com/notifications/ Frame 508C 0
122 B 105ms
34ms Image
text/plain 2a02:2638:3::28
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=apksum.com&bid_id=a53e5ee9-5d8b-42d6-9031-992f20bf4e1f&ads_txt_id=8GZCTF&has_bsw_id=0&bid_price_usd=0.0882

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::28 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ Frame 508C 0
496 B 166ms
166ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNtMqKrYyU-arAU-PBtT-qMYy-PAYyeAUwZqtMRqxeNco_YTaaPaBKBP_MRwNekoztgRhNAGAKaBMAAAYUTKMBURlmNKYMbaARdzNwqfftkRrdzNRwkhNRmNaBKBPRleNplR_yszuNyqslt
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Be5wBjLj%2FvrVuOjUNT0ue%2Bu8yb78zuEZUqAI5XDOHz3PBHIlWAwhdDP%2BCd3SRXONkxqduoOaoIkT5nqOchdAWuSti7e03eo9Y5MeUbRk1n3bttzJXoyeR0wJuUGqnbb9A0yeschNCechEvSkL150qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55cb45e390e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FEF0 0
149 B 125ms
67ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COi0mwIQiaCjAhi4tvr8ATAB&v=APEucNUBTfEc96IJ0FqMuauOyUz2EBXvet1I2v39tADlneWMzfGl7ASqH31R3ErQlOtyJ9XX94IIJQIrpuy7sCCH0gUYmVkaZs2c50-VqzBjI_0ArgsxdVU

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.vlitag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:41 GMT
expires: Sat, 02 Dec 2023 17:41:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 47B6 89 KB
31 KB 238ms
174ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31498
x-xss-protection: 0
server: cafe
etag: 4296746511219988724
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:41 GMT

GET
H2 200 tpd
cat.nl3.eu.criteo.com/ Frame 47B6 43 B
461 B 100ms
35ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/tpd?dd=T6cWvF8lMkJsUEUlMkJDYiUyQlUlMkIwSnB4QnRlJTJGcEoxc1JMRVRaU2VGY053UWhVQUJwcW1CR0d2Y1NkVm1oT216amN0d1hIemxwZkNDZ2lwS3BHVEJKYUpUYmclMkJNJTJCd1VmaVhsamZPYlolMkJEbnBGQnN6SFdKYlNqeTIwdklSQiUyRlcyYjF4alRpSTE5V3JTdERhJTJGaTZISnB5U0hGbUx6bHd5NGRlJTJCT0F1aENRc3Yzd1pzQUtIY1M5aVlORDBKTzg5Mmc1QzJLWGF2Z0c0NEZKdFh4SHR6eWVDeEFvWm9ITjA0ZlBUUkpvWEcxYzRPU2NjTHVFVndGVjJqelBUTVVZSnIydnhrcDlVZzN2U2g3aUtsanhDVEVWJTJGYzNGRlRMRUxQTTNGeW1qTkFrcG9RV1BLSWk4NFhmRnM0OFo5YlkwYUVqc0F2WTVIaURBN29GUTNFNDViUW5tZkRiJTJCT3VTaFNWWVBCNjVHSDB6cElmdjMxZHMxc2kwY1Z5b084RmRPR0ZCV2Y0TkhZRnM3MSUyQnVPUjhsbEs2c0o3emRlN1JOa1ZrOEg0SmhjWlJTdERpYzA0V1N1NGdpbkZnQTc3eEUlMkZhaWx6MFNoNENxSGRXMTBrdnJ3RVpPS3VGZzRybkZCcG1XOTdVWDNTJTJCVDBkZTUlMkZxbnBqazZDYm0ydWpyUjFrR2p5c1EzSVRNUzAyMVk

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 313678
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 47B6 42 B
110 B 127ms
64ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CCBgvQiHGVbRxaIJoZ5lbvifsi5MyuwnJyICKNFiPpmF3c55Q3C3fs25WjEpGX7ByJY878xI0YrORJBF5ZmX6wRL4_EHHh24Pnuzi7iLgHgmT25Zg

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 47B6 0
349 B 126ms
64ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5964607571727175938&x=38&ct=119

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame 47B6
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=82263c05-3075-4a5c-b9b7-b768ec51d5e2&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=41d251df-236e-4b24-bcfb-57c00c6c8902&expires=1&user_group=5&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2&gdpr=&gdpr_consent=&gdpr_pd=

43 B
145 B

119ms
29ms

Image
image/gif

18.158.157.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=283&user_id=41d251df-236e-4b24-bcfb-57c00c6c8902&expires=1&user_group=5&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: H2
Server: 18.158.157.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-157-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

Date: Sat, 02 Dec 2023 17:41:41 GMT
Strict-Transport-Security: max-age=63072000; preload
Server: nginx
Content-Type: -
Location: https://x.bidswitch.net/sync?dsp_id=283&user_id=41d251df-236e-4b24-bcfb-57c00c6c8902&expires=1&user_group=5&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2&gdpr=&gdpr_consent=&gdpr_pd=
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

GET
H2 200 moatad.js Show response
z.moatads.com/iponweb503341958152/ Frame 47B6 335 KB
113 KB 133ms
35ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/iponweb503341958152/moatad.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ecdd8086b0b7ca4704226c7fe754e9d9c5e26b62f2e86fb1806ce6856a7f1c94

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 08:17:16 GMT
server: AmazonS3
x-amz-request-id: 109N2169MK3N16AT
etag: "af66cc4ab950f7df4d28d9bf6778ea7a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=56370
accept-ranges: bytes
content-length: 115758
x-amz-id-2: 3UuESrJ4zCYZM2uDZWpMSQF2S0Bbosw8g1wzUXEXJxqZBFo68ToJG4xulRY87jYq8WNMh9LkYNIZcqsdkeILYQ==

GET
H/1.1 200
OK https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RC8eZpU2xrZdgvtpD1-A-4gpiIDcyE0____pzlrfYhZkSZBABIIP95h9g9YWAgP...
media.grid.bidswitch.net/imp/gmm0cnG8CyCd2AuHrESFpL88TeDGIDRK1hd_XohK2wbNhxzDJx_sHoQtCv6TzBUklG5RelkrVI2rb0ASizymg5vyI22gnui4OZauJWljSEzoDn5l1C1J2T7w22yy-jRWY2pAVyx1XWQgeSSrC8Ujd1p_hjfAPzwb2adDEKaJ... Frame 47B6 43 B
196 B 276ms
33ms Image
image/gif 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.grid.bidswitch.net/imp/gmm0cnG8CyCd2AuHrESFpL88TeDGIDRK1hd_XohK2wbNhxzDJx_sHoQtCv6TzBUklG5RelkrVI2rb0ASizymg5vyI22gnui4OZauJWljSEzoDn5l1C1J2T7w22yy-jRWY2pAVyx1XWQgeSSrC8Ujd1p_hjfAPzwb2adDEKaJSOzP-27FxGvGp33ysk4_fWdYcueltZx1egC5V3fALPOXrOsNQRisqQ0og_IyZhwtHGdDMt8wSNLK3hjnyJudI-qzbry5WJmWMLoMHZS_YBxDBcgrlk6cYTt0kNWOV7a5dIeubjkl2Sx0KcuBnoQcjVMg0ifviBNKv1xWA-6cHBzTYFBCYV27yyYp1PDMWBGZygpmH4d2iXFEthPKCODx_4HBQA/billingB2qjzSxa_OId4aTb4waSJ297gT3ArPu5U_Lm_FQzOJEh_7vfkM9lc6xuv1IT/https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RC8eZpU2xrZdgvtpD1-A-4gpiIDcyE0____pzlrfYhZkSZBABIIP95h9g9YWAgPwDoAGO5dPaAsgBCakC6Dim5QBNsz6oAwHIA5sEqgT6AU____QgbNypoZ4NU3Fhw-8MmvR7QG9t9NbVYWqW8CsWDqrqh8zQJh06xL8Snl3xRMGe1V0c9J____PPWlnAgPxgBcJkBMevzC1mIkH0tG8lnRIomB9pfmbdNsVk7FIMGYVa7l88ujWw9a9pdNvS1e7jhilWdRrBNggSBPPrNhiLymxDwh6ssUZTA5D2DWWxUzILvNAO5bwtwbJTcD44UogYWnubTjAjyRjCjzmrz4mkON____k7yF6AKgOJI3knm2xDxgkkJj10qIwyhjmy-S4GjCfP3rrOHCdFEcM1-ThYlO7gAEa5xLRR82OdsqWprPIN464PT8lmkfLt2tdkulPHABISxu53IBOAEA4gF597Pn02SBQQIAxgBkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ3gAfamqylAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB____6esQKoB9XJG6gHpr4b2AcA8gcLEPrcnQEYuLb6____AHSCB0IgGEQARhfMgKKAjoCgEBIvf3BOlj3hZatpvGCA____IIGmJpZGRlci10aGVtZWRpYWdyaWRfZGI4MjExgAoEyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLaDBAKChCQ9ojYrLaQyyQSAgEDsBPBxOAVyBOMgf3jA9gTCtgUAdAVAYAXAbIXCAoGCAASABgA6BcE__Jsigh__RbRrdyVP0r____M__Juach____m__R__U5BUACH__U5D__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgDICaaNFYHHaviTCwf0eotKSvMAkERlMQKwJEd4LIS8dcVbQRE7dlkt6P3tixj2C1FaGAE_BS1m0F4jd4WTyNkoybaqnITQQmjVhAtpynHmod7WzdvYrWQqXhfMBgCt6gF384KRo70d1QufUYdzwmpeQ5Ghpq3a3H7ZfC23nBVGGNVXztB7uRDwasxpInyrQScVPaIvLHCdhWkyVYRHspi3OO0dQ3rKm1JXJBwE8yaAhbRMUZQYgKtbS__5UygFbm1uN9-TY-brLUu0M6__ekBJN1WISyGUaatLC5ExsilcbL9S00kkFsnrqUv6M83zL__qbwTrkX9__WDLf5q__ZLZ1n8am9LMcS-93OwY5TLjnDOIF8s1qrhSkIltFPMXAJ6uO4Y6JnfCXRjXphOhwFHjxa-8HIdKHAmD1Gonlc0jXou9BOUVVDgDRzEg04yT1Og7N1PKaXvziEKPFKwe92AVaLbfkduON2OpGRcVgNKphfrnma6G0WntQb61iSOmzHg__mOGIVd6CD0-0jK9__7zh2oq0tRlcf2oXeR6rSP5RYTnX__iIdbQdEuFacf0NV4MglmW-RIWrKUCdPdbI1U5mSlyymrsp55HHHMU2sVUL__sfRUdf8mD0xDB7D3iXIwTnJ0NZE4Udfz9lHeTp8YXlomNPFp-14A04LKwNE__af4246kqPj-ry3QPnR9QVPLYF5o1xHZ4UofEU1pVNunfpyiQ__m__J6ONkkHVHqNT8AF8fYuSQR94v2IpBe7W0pS3z8TzhWIjB45gfvPTOUIboh0deYuWzUWOkL5cMOO__4JHiW9RZhzYf8QqkR2LqJ-LnLa0I27TZoWRUcr8-7khiVHq__VFPYQYmKISZAUjKeigXBL-V9Q1EIUgYSwtvYPtSJUQG1RuKy9Kh1kws8TlsRhxNq2suKYUCk__SEC3Zqd4yxGC5H5XIlaxcA4zJPMD4xSNvmZl__bQa7xqGSrReu4NdDE5nFQLVcybMpG__skSw7FMvTwIVZCk3lpHbzejV1wpRkzA92tjH3paRc-SMoAOPvQ7fDvtdYJy0x9umZvmwHiPPuVhKecel2csVfkR-__39hMLGxwRs__pl8fWU0j2vA3I98LTNp8TxgN8cLyzJZCuZ9LRlo38YlworoTzRj1qvEMrgExP8h6CPms3OieAxYsaVb5TXhiYMm__tD__RpPiKm6rel2DMcfekQSdCUcWDiQ_B
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif

GET
H2 204 cookie-overlap
grid-mercury.criteo.com/notifications/ Frame 47B6 0
121 B 97ms
34ms Image
text/plain 2a02:2638:3::28
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=apksum.com&bid_id=550647bf-70c2-41fc-b1f4-ef57ff538bf5&ads_txt_id=8GZCTF&has_bsw_id=0&bid_price_usd=2.32569

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::28 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ Frame 47B6 0
504 B 170ms
170ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNMMrtUAYe-rBBy-PwTy-MMTZ-weaZUZwayTAMRqxeNco_YTaaPaPAUY_wqfftkRwNekoztgRhNYGAaBTYTAYKaPUPKYBRlmNBAAbYZARdzNwqfftkRrdzNRwkhNRmNaPAUYRleNplR_yszuNyqslt
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5j%2BR1Bma3kQSCFY0jLVSr6Drtdcc7gJtcnpzRCBludmXCdk0GTMi84K%2F%2FEbP%2FekJZ%2BfPufTK%2BYGOtk8Lp87EVQZKeHcNGUbAg2l7vVbyQTPOPquWdjSPzo1BU5%2BXwbT3ttvPZJUXOoyG4DxMkzTPsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55cb46e480e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5EFE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=apksum.com&sn=ChromeSyncframe&so=0&topUrl=www.apksum.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=97lvMnx6TnZGY0p5dHZ4eStXWm9PQU1iOENSOS9rTk1UczB2ckFMWTNNVm9NekRmU3c0M1F4ckRDSE5yRmwvZnBNQkRqYkc5bXlWbXgybWM4VEFVcEJuQXNzZDNyaGszd0JiRU1MdXkvOTk3MHZEcis4c0NWVU1Wclh1dj...

433 B
672 B

49ms
42ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=97lvMnx6TnZGY0p5dHZ4eStXWm9PQU1iOENSOS9rTk1UczB2ckFMWTNNVm9NekRmU3c0M1F4ckRDSE5yRmwvZnBNQkRqYkc5bXlWbXgybWM4VEFVcEJuQXNzZDNyaGszd0JiRU1MdXkvOTk3MHZEcis4c0NWVU1Wclh1djhydzAyLzZMaXJvblk4c2lRbDB5OWVENUJYektqTSsxOFVOWFlIRE5xRjk4ZzRJMHgxRkNUZ2lJUHk4TDJoVnBWNEwzamRsK3piOFkrTmFmWWlEWGsweVAxUVNDNHBCTHVFZ0tlT3JFbU94d2tnY0pYTHZUSGtUejkwR3ZicUFKaVNoUHFHLzFYKzdqU2xqOHYzZEp0VDhoRmZzcFRuZz09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

479d76866ae9806c2ee1fde44ba89316c499a40bd519bac4c2d4d9892c2ad7ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:40 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1230644
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=97lvMnx6TnZGY0p5dHZ4eStXWm9PQU1iOENSOS9rTk1UczB2ckFMWTNNVm9NekRmU3c0M1F4ckRDSE5yRmwvZnBNQkRqYkc5bXlWbXgybWM4VEFVcEJuQXNzZDNyaGszd0JiRU1MdXkvOTk3MHZEcis4c0NWVU1Wclh1djhydzAyLzZMaXJvblk4c2lRbDB5OWVENUJYektqTSsxOFVOWFlIRE5xRjk4ZzRJMHgxRkNUZ2lJUHk4TDJoVnBWNEwzamRsK3piOFkrTmFmWWlEWGsweVAxUVNDNHBCTHVFZ0tlT3JFbU94d2tnY0pYTHZUSGtUejkwR3ZicUFKaVNoUHFHLzFYKzdqU2xqOHYzZEp0VDhoRmZzcFRuZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 222247
content-length: 0
expires: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AC58 0
466 B 92ms
66ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDv-Kb2Axjsr7H-ATAB&v=APEucNX3lvk8rDdnxD1Zyn0fehqwC7bvGTUGeiGSk_URL5fYVUkpbdc8O0OQhy9jLMnhI6tFNR9DiEl4_M24kw5uX5EFsXS0BJYI7ujDoQ7HN48naPirk2g

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.vlitag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:41 GMT
expires: Sat, 02 Dec 2023 17:41:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A400 89 KB
31 KB 211ms
178ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:41 GMT

GET
H2 200 tpd
cat.nl3.eu.criteo.com/ Frame A400 43 B
461 B 70ms
36ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/tpd?dd=-5f6Hl9LUmZEJTJCRWxsZ09Da2F3N2pGT3hoWEFHMVNqWERXMFU4b1Ricng2RmdtQ1BRbEJ0eHdpYWI5JTJCbjU4VjNoMVpzN1ZKNExUaHZrWjdqVlJSUWZHMCUyRm5hMHYlMkI1bE1Lc1RrellXblMlMkZkdXU0VDB2d05PU3ozQm9WMVoxcGczQ0J5cGhjUWVDYXBDdTFHRyUyQlZhWkRwREUydTFTN0owMGxSYWIySEpaOWgyOFpqbU9mTVVzRnJ1SUF6WVUlMkZBJTJCdjJIeHZ4VTFva1FuSTNpcGJzOGNEY0NBcGdCRlMlMkJFcnhSTFRXWU03aE1lUWMlMkJhbXhKaXQ3QmgxJTJCcG9xTmxLQTNGcnJibFBJNXpFTVkwTHZ2QXpiNGxlQ3NPS2MyYUFSJTJGWmlVMyUyQjJva2NQYVpHVEVRbnR6aWVHQmVhY1IlMkJWMzQlMkJ3S25NUnFDZ1I0QTdvcUpPOTE0YTdsMExMWEc5elMwOFVFT1c2NThzb2dwc3FjaHF4bnlYa29xeHlaQ3IzJTJGQkY4RCUyRnRzcXRuVTNoTm9SM2JOTmg5UCUyRlZGRGolMkJ0OGdQcGp5eEM2T1E5YWlyUXBUcFpZJTJCZFdiZklxU05wekhSZTFlRm9aUG9xa3BSQm1nUXprNVh5aW96bE5Ja21FeG9DOENpNFd4ZyUyQk1LJTJGVWVIakRRJTNE

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 205335
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A400 42 B
107 B 123ms
92ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DFYlkHksCKSUckDbPbZ-YHgaTduohwQps4ITB2oU_SBVANxNKa9dC8Wo1ugZjuR95EpMVAdBrgqbXDGJITaz1yXnWzA-QhNdwSapgGifSGvMRi-rw

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A400 0
56 B 122ms
90ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1323764092838305357&x=38&ct=76

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame A400
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=85be579a-4cc7-41ad-a65d-fe5182d3b2bc&google_hm=ODViZTU3OWEtNGNjNy00MWFkLWE2NWQtZmU1MTgyZDN...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFIC4sfllYZnw5BLMuzrbvY&google_cver=1&ssp=themediagrid&bsw_param=85be579a-4cc7-41ad-a65d-fe5182d3b2bc

43 B
145 B

126ms
31ms

Image
image/gif

18.158.157.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFIC4sfllYZnw5BLMuzrbvY&google_cver=1&ssp=themediagrid&bsw_param=85be579a-4cc7-41ad-a65d-fe5182d3b2bc
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: H2
Server: 18.158.157.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-157-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFIC4sfllYZnw5BLMuzrbvY&google_cver=1&ssp=themediagrid&bsw_param=85be579a-4cc7-41ad-a65d-fe5182d3b2bc
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCZYuuUmxrZabKPNu02fcP6eyjqAqXh76sdOmDycO0Esa____t____GAQBABIIP...
media.grid.bidswitch.net/imp/WNQHCssIhtXPDj_Oc_Lez6kDWLsaARa2vRTtZ7PD31Saet__v4qRwOcAJESeS8R_S7u8OP5oC4CGETLGDEonMiWlQv49EWZU-Vfbqgxjw7U4SUPQMP-tM7VBJnu1BH8nG4rt_NvFDkr61SBt3BiEyxyAfM31JOYqS9bdMTNt... Frame A400 43 B
196 B 243ms
32ms Image
image/gif 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.grid.bidswitch.net/imp/WNQHCssIhtXPDj_Oc_Lez6kDWLsaARa2vRTtZ7PD31Saet__v4qRwOcAJESeS8R_S7u8OP5oC4CGETLGDEonMiWlQv49EWZU-Vfbqgxjw7U4SUPQMP-tM7VBJnu1BH8nG4rt_NvFDkr61SBt3BiEyxyAfM31JOYqS9bdMTNtDCCKMqD_dh0jMKpF4kW8vLi5Nw2ict7cLll1RF0iTk93Z4eiUUuOy6_ti9J4jnNNn49wWCIs60zr0Y_wjnUZPvvH2EH4r1TdSkI5NFCZd1GbVI3Y7bsPaHMNfO7E6QNCOBx4Rj0c_NktyzvCa6qwXv97mmBJYCSBmk1wyrv71iV0SBmqzY5eS4QL1O6MiHThTsw14TNxD_GkNhwUa-7hhGgHxA/billingQh8Okeu-Q_InuHdhbbI1b4ZvhL0fWqAjhGpL3pjMd4LPkr-6zXCcteOzc3bh/https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCZYuuUmxrZabKPNu02fcP6eyjqAqXh76sdOmDycO0Esa____t____GAQBABIIP95h9g9YWAgPwDoAG7m6bxKMgBCakC6Dim5QBNsz6oAwHIA5sEqgTqAU____QjzrIYGr-nbE9vmBiAxBpSZrZwKuo1Mks____6F7wgjCiCCrHzNsSqNKapA1nii8QB1WtnA4LWQgv8Kzv6eYwLkl-4E0GH2PwWMKIPFDReNewhT6xydenzr8NtGtTQg9jJmXHPv4AZA5jkJPBFzsYt4ENsB29oT6Fd3Uvvr3fnu____BHJooqkFLShPYFeIUjjWpgQYi3nPPO0tCKQY3XB-lw3cMEeraOPVRvITzLqlzS7NiE0SYIxpWdzyTIZ96vaWocja1NVSF3eF-Jl0UdOzzNLfAOQao5M1TZmh49kHi7PSiBUvR6M9Toj6kMAEguD9____LIE4AQDiAWdtaa7TZIFBggDEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAHu9P20AOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChDR1wUY7K-x____gHSCB0IgGEQARhfMgKKAjoCgEBIvf3BOliQnZWtpvGCA____IIGmJpZGRlci10aGVtZWRpYWdyaWRfZGI4MjExgAoEyAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAtoMEAoKEKCpotyPm6CCXBICAQOwE-O1zxXIE____fh9uMD2BMNiBQC2BQB0BUBgBcBshcICgYIABIAGAA__Jsigh__Ryt1QaYayCBc__Juach____m__R__U5BUACH__U5D__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgDICaaNsyRxLjnDU4A7HbN6IsYIpNuZ7BbCLTVG4yQQWy5____PRIFQVg-o3r7Yonk3zdWGAE_BU8frDte9H__NX57PvfXfhetH5xogxfXDZG0CfMSJmISFDzCZnA__v-ma08265ZkDPW7cWzBLQrZzfBAUUrnCslEENfU3scWskzkR1uZeavAP79BEyriDLgCxaESuiDPsSRMSHCje2pos48qh9B-ceamjYbwid2N2VFNBZ__S3y7hYVSDse0eq8ERr5fZ-N9r53DN9Ysf0eau3tAP4anvJ7MpibDXWf7kwKcuKfKc8mfvCs5iIj7FwSzCduvuatZ2ACzSfeMg6s7HzxFC8FKGcOsq4urjsN477bfCOByu60H2L-HqUxjoxchvdiEWG1FQhgwEWTjfnyAvz6u7hpefyvEqEViPqFe67wPQwlrAmQjHtaKbmM654f1mLdzgKFW3qkTITKo0sN2yoeZUZfogBFlRumYXGIZ1lfCi8z01TOObL0JndKhv5PCQ1paN9gzgbQpl90Md87b9xfa95Udk__Tp0eB__mX7S717Q6bTIDgM8NI5t3tGTfupLKHYhMeGXZis9qmUoUTrDJ4d7NuJBxgQX__mku3Sa7O9Fmms9Xhih__ykBX02vj3gwPMFhdqhlJz9tIATqxYMyGcPdvrpS1colXaIG79WBcSUMq5jh1goFg-ztTDc6ephQQXm5KgWqrf5XkG-N0o6v0F6rqrpW1437cws__GAhnAjpVw4e9X2ABZD6CYDbEMsQ8tVq6cjaCs4Qm1zuDYpP4QYBjHsbsIOSwiLJHO29qYE5irBNfV9FG2FENaYJvKUbMDAisY3F6S6Jdn2Qq91zK5PpAvGztDiaOOJeMl5icAG1RynQE-L37cwDiK9tfrUT1xLyMEG__CHXewboM7XA97k__DvFEyd-baKMoyysl1KLmJcRY8c7J2a1-etCJ1WZudeHwPgu3TIoPDmQVyQP0RGUo9tUaq3__lQ__r80Q67fMoHZF1jzzxwdaxHpZvDHo7Z9OIqTUd0asCKplSmwF06WTbhoYR1tHX3tMDceOgdw-6JAfbIqAeyMJk5rs7K__bGzo8RDV9W9r9Nw__uR79BLFuQP5rOPUPXXevaI0Ms23XSxzgnLDopX8eunzmeiO1YmIG__9Nr0__x3FiqDBnnZ13LOL9N__XjrsY4tCxRo07NW6YeXg_B
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif

GET
H2 204 cookie-overlap
grid-mercury.criteo.com/notifications/ Frame A400 0
121 B 66ms
36ms Image
text/plain 2a02:2638:3::28
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=apksum.com&bid_id=0da7c742-6369-4d8e-b7c5-2cce6222d2e8&ads_txt_id=8GZCTF&has_bsw_id=0&bid_price_usd=0.08379

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::28 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ Frame A400 0
501 B 162ms
162ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNPyBeBeBM-rTMK-PYPe-MreB-ZYMeKrTrtqeTRqxeNco_YTaaPaBUZZ_TRwNekoztgRhNAGAKZPTAaaKTYYZYUTMRlmNKYMbaARdzNwqfftkRrdzNRwkhNRmNaBUZZRleNplR_yszuNyqslt
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMVU4ExC0wDNbFtsfsgkEtMae3j0%2BfRj1RcnVx2UwC6ENluk8US9I%2FOV%2FkxuH54Gy%2FPBHq0vUIYHFqv3QafprZIufCCP%2FCkB0f4ZAPrYa1gLG1IjhC0RAHQDDMm6fzYQcBIx1PB1vMgWYuviY9ZblA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55cb49e970e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6C1D 0
149 B 93ms
69ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDv-Kb2Axjsr7H-ATAB&v=APEucNUnWKnuepPi_PV4pFJz8dMYmAIj33NFb2sRfpZZgMI2YEqy33b_9MQGYumchKXVUworDohchySgL3qNJXQHUo0MVujwpPHrorwcZb2erzU3nUXGlHg

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.vlitag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:41 GMT
expires: Sat, 02 Dec 2023 17:41:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1CC1 89 KB
31 KB 215ms
186ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:41 GMT

GET
H2 200 tpd
cat.nl3.eu.criteo.com/ Frame 1CC1 43 B
461 B 68ms
37ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/tpd?dd=jov96F9lMSUyRmw3ZER4WnNwUW8xOE5BbkhEUk5ETmNyN0RmQlhaTVA1aGMxRHRwbEh0MjclMkJreVlQZzNQY2RSUzZETW9NYW5QRFZqeEZ6czlHZmFhd3ZnbTMlMkJNVWFpVGNyMjUyb0JiWFV5YkxBNWxuaUtjMDFvOTF1UkFwamFqZ1c4MnpsYU9nS2E1OEZLVkdMdkdvT1JmZjMzYiUyQktsbERld3pjYmQ2bWVyMCUyQiUyQmJWeHRMdmRTeWF1eTRoV28zWWJ3UVNabzZwc3pDUUs4d2M3M0NGZlVQV05xSHBBQ3dXSFVzOWd4NDNjUTU2bUxub05EWkFPQiUyQjlrN0JuNmtCJTJGZTFUbHF4YzIxdmFvcWZ4ZDkxUXVsbTEzcUxpWmhTMGZBRVpaTzY0eTVpZXNNQ3lOMFJneVlxbWxGR0tNNVIzayUyRkJJcjElMkZmNTFiZkMzM25BUlEzRSUyRkdWbVJCJTJCSHJCN2NVMHdPcm1vVjlSanZZOTBBMnc1QjJueG53YW9QaUZ6YUtLTXpyaGRRS1pPbmVjdzlJODRpJTJGQ2dLaDlUQXlCSVFNcGpzdDVwbno3aUlieUZkWExUSVNGc0RudXpOTWROVE0xZVJLZVhNSE9nRjF0aCUyQlB1czYzR1QyaXlXcWxVRkMxdkxSSTN3cTUlMkZFbEZZT1ZadyUzRA

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 251662
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CC1 42 B
107 B 119ms
90ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D9KyT_kzy-z0KNNblMQKQM22dgHDHlvvwKRQxTPCODZKJLJnyUMvPfX-RE_Q0PcCGjgNVYGm8XJWWsF5pzoz6o1erVbeFla4FSvp_F6DS4C7U1qls

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CC1 0
56 B 117ms
89ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10773230996724592223&x=38&ct=76

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame 1CC1
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=themediagrid
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=themediagrid
https://x.bidswitch.net/sync?dsp_id=70&user_id=4137139064124650715&ssp=themediagrid

43 B
145 B

30ms
30ms

Image
image/gif

18.158.157.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=4137139064124650715&ssp=themediagrid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: H2
Server: 18.158.157.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-157-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://x.bidswitch.net/sync?dsp_id=70&user_id=4137139064124650715&ssp=themediagrid
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCn31FUmxrZcKuO6mImLAP6rqbsAaXh76sdOmDycO0Esa____t____GAQBABIIP...
media.grid.bidswitch.net/imp/KV7gwyIWmxrEv3tdnrWBhu5rp8woYSp0FRLAy-JwCnL5BCia-NGpTt-tC01RdarjeI5xzsDPw1_bmxebM2rH8GZ4mfGkEOYrRhm_X5eDTL27nNnGEIAIMX6GnPtjQpM7W2rTedEE0duhZD9LVojOuKjZEHWqIYEnLXGz3OT8... Frame 1CC1 43 B
196 B 244ms
35ms Image
image/gif 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.grid.bidswitch.net/imp/KV7gwyIWmxrEv3tdnrWBhu5rp8woYSp0FRLAy-JwCnL5BCia-NGpTt-tC01RdarjeI5xzsDPw1_bmxebM2rH8GZ4mfGkEOYrRhm_X5eDTL27nNnGEIAIMX6GnPtjQpM7W2rTedEE0duhZD9LVojOuKjZEHWqIYEnLXGz3OT8ec1FQSn6QH5kdlhKNF0nMN5tbrCQMrQaSeA9QRpL7QebMQrGOKY66VXP85UnMOc0kmwa8FjxhVaBeigDYvYNzxNkUUcq6cyEQO6d7X-PxjFR8ne3G_dC_3q7xtwJIEiopDsG7MNjc2VRjbb9l5VSmMn63xWNCNWN7VlklJ_jU8URHdrXb--MvvgoHtT42G6WaiOONuv8B2t9l_PaKU1tQk665A/billingQh8OkaIZid8NKqVcLObnsdPcoE88ZSjGdlxndCgBH8Hw4HGcOd4fB9x4rK0T/https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCn31FUmxrZcKuO6mImLAP6rqbsAaXh76sdOmDycO0Esa____t____GAQBABIIP95h9g9YWAgPwDoAG7m6bxKMgBCakC6Dim5QBNsz6oAwHIA5sEqgTqAU____QzmM2UckT2l-fSUIfq1Wzu-ZLZ28VStaprJ2Xic7uzwuehxD3FEJDTyhRTYcFfq1NrMoiDH0JWrMr7MG5ZcHT2S2NixnY9w7QK5HppKvSuZhTC-____lmL1juHSfdKvxiso4EkLJ8ABO7m-xlh3Ca39fwwYkOD9jUhgpRdHs3FEpHZgfoEo-N-PodJr8uGL7smXfYWwAgyBOMZOxNcy1MUh1iuZTnFKCgEiFyaT1IrzexrhKQeXnwNrLbukcwULLlH98wbzxXUEipwTIOz07FKVZuLfAn6QU7tP5VvwrsGYzGu5qVbVRPVY4jcAEguD9____LIE4AQDiAWdtaa7TZIFBggDEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAHu9P20AOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChDR1wUY7K-x____gHSCB0IgGEQARhfMgKKAjoCgEBIvf3BOlin____JOtpvGCA____IIGmJpZGRlci10aGVtZWRpYWdyaWRfZGI4MjExgAoEyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLaDBEKCxDQ7rbPvaTl5LkBEgIBA7AT47XPFcgT9-H24wPYEw2IFALYFAHQFQGAFwGyFwgKBggAEgAYAA__Jsigh__RHiPr3EoSyyM__Juach____m__R__U5BUACH__U5D__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgDICaaNEVHhAef-VpTmbBNNQDt11tLGQUiVSY7W-UK9Ly66nuI____XnwTKnCYiDT3hJdhGAE_BENEp5OFavlK1QPrLZq4o2Bum4awzVtckFvog6LpWes06P2VOjy__Z2W6mkMqQ7xAuSpfK3FqUmTPytxeGYOGPZW-nQ023HwtgjtTQctLrXysyOKMEzlI72AtoGNAzjJ0IOm__oea70C3KKGtsnpCNRHaHVRHMdyIAVdcDHjZuC9Ec5rjUGnqbJlRTD1n5BDjGAtlEKM-x45xVpzlNfZIXNoKTX0M1esJZU7__W55dXikSlzWbdctaXYmhnMH02BZMthtkzWcCKWOxwVdTV3BY1AnygGQXMn6cvSsv9__yiy27uyGj-CGmsYsJ3LIkkPTMeFuhlbuMRpLm3xlN46zP4YIPESuUO__cttIj-ZjCluyxROL__xzipHfYCJ7jOnBOLRUev3FhYw33IqYvgzoyrhdyxxEg4amBqCuVcb8i3QQs6BjZ3BwtipO96kjYymQsFzKXfbC40fpQHwGYdPysROuyX__4IIAtAIpL7QlzJDoHS6C7pEgVKiPpJa5eLOfK0GFc1ExT5pxaSO3BkcTgsjX4vXcpzaqpxJ0IyXvA-haDMVAaEnG0__c5RKB__X__j10cz3VxrYh6OY7Bh9SeEqI4XT-4ZjKVTuCiHbfxA__w4VAsWfH9w5F9__yuV2NkPfIvbffrgxQU301vnBg0g2JEfEoGOoWdgRo1KwYQlDq3C-hv-jtxhLBVkjnW__Hyv3Cnts1i7Acxc__tT53NkQVmzFj3wBad9OXVzJe7pgAWZIV0pGgcVQRrmvmoVCuzOmzFzS7G9tEZSap5HFFV2zeDgxFZD9__8qu9aB8QwT7zrKox8ngi7U28iCUleGnq89UZxQBzEn__Z6JvrIBUki2e-fy-GrQbgAnA__E0Jt0tQYG2qfzRpIluObzZoOAn70m8mwtvsQFtY__D801vhuLWu__RGc7gMIPziJgHyZumKcflAvv5ltXGD8nrMvowlZmeHqCPxvRK74q6F4A2IN7Muu0PaL--____BzDEDj3pFucxWLFbNqdjdRhpVmNEORREyJ03VOYyAisELZ1s-THXgRnCCX6mf3DYV8uTS0M4SUiRwS-HKb18NLVf2rgseN5dkxEDLGKTWjFFGGv9FAqJeaN1bshTSTxbOmffC9Qs1EvIS0mHnRNc__jQ_B
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif

GET
H2 204 cookie-overlap
grid-mercury.criteo.com/notifications/ Frame 1CC1 0
121 B 63ms
35ms Image
text/plain 2a02:2638:3::28
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=apksum.com&bid_id=f240645f-779c-461b-b160-1661d2fabeca&ads_txt_id=8GZCTF&has_bsw_id=0&bid_price_usd=0.08379

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::28 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ Frame 1CC1 0
501 B 165ms
165ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNerqyqUtt-YUqY-PttY-qZPA-wyywqtBrKrrARqxeNco_YTaaPaBUZZ_YRwNekoztgRhNAGAKZPTAaaKTYYZYUTMRlmNKYMbaARdzNwqfftkRrdzNRwkhNRmNaBUZZRleNplR_yszuNyqslt
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFyWrMI66E6TfUlOGy4jkKXFAGmILkdB3r4XiGt6zrV%2FcQQKRZ3PjDUsnZB2ajZsQioC8%2FIX3xRlZEH%2F0jEgN22UE0oK8ZlOaaZwOwOYjJSgSvlyqezzNgE%2BD51cegJMruFZqlW6xEiYfLOFD2XxOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55cb49ea00e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7ADB 0
149 B 71ms
66ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCwkYbeBRiAmKCAAjAB&v=APEucNV5I-0F13dkLe_I5UJ-1gGaWs26AfO6rcRmdRXMURYqRN9YCbXi8UrZhjeIIseGIH64DFMOafbwYbSzopMayvPy_LTw37a-QZEkjrQZs8PfQNr3X2A

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.vlitag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:41 GMT
expires: Sat, 02 Dec 2023 17:41:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0E89 89 KB
31 KB 193ms
182ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:41 GMT

GET
H2 200 tpd
cat.nl3.eu.criteo.com/ Frame 0E89 43 B
461 B 47ms
35ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/tpd?dd=j1Swm19sVklCSWd1S2FFZkdueXIzciUyRndKalFmd1E1UkU0a3YlMkYlMkZ2aVFYWnhLcXhvejdKOXNrSSUyRlNsMWtzY0xSUUdlczlodFIxM3NJY2ZWR0ZpSkY5V285OGl3UE5RQVNyQWZzanRPOW00aUJuemd6T2p4MWliZ2JackhXejI4blg3ZnJMUVd0dGhnaThJSHg0NVBtTEh4ZDhBODlzaHZGWEVUVW1KTmlpcjRGdjFHVTdxWGMlMkY3d3l6QjdXTWNIVnhmVjRsVGp1Wm5tYWJjdjlYMyUyRm9VOXU5WnlwdTVRS3dXMWcxODUlMkZGTENtQSUyRiUyRlFzQTE0RHBmcHAxVFVrb0xjdlBTalBhcEFkRENCUU96V1RTdXB1U2Z4U0VBUVhvNGttYVRxdldRSGZVeFh3bkVkVSUyQmxQVTFabEVsNnN5OTJmc1hOUnBUaUdGRTNicExZUzElMkZkaHY5UDk1azdZVXFjakl4dG5ZSzduUU1OS1ViTU1YeENwRTNpYSUyRlpyJTJGYTBiTHlYM0pxSHRDS0tzSVA2YlcwazlpYjMyNWlKVHNsTVBMcSUyRlh1ZnRQNCUyQjI1MmVFRndvQU5adW0zMkdabnJIbEFKMEc5RjVNemdiamloU1clMkZ3MjlJbzYxMDFOR09RJTNEJTNE

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 258014
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E89 42 B
107 B 101ms
91ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-T63LH5WJDHdWuDafWeg4EmKsL30DB_V7RYyIEiN5vI3_NM1LpCB6qGNBZg0rP5vxisWTQCVtOQa0xoNLi3Yia078ms9Njq3sUnWd3U9LX5HHnaA

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E89 0
56 B 99ms
89ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14446814646774191639&x=38&ct=77

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame 0E89
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2&google_hm=ODIyNjNjMDUtMzA3NS00YTVjLWI5YjctYjc2OGVjNTF...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEB5cEEad3vU3Nm1sj1dYf7w&google_cver=1&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2

43 B
145 B

125ms
30ms

Image
image/gif

18.158.157.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEB5cEEad3vU3Nm1sj1dYf7w&google_cver=1&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: H2
Server: 18.158.157.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-157-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEB5cEEad3vU3Nm1sj1dYf7w&google_cver=1&ssp=themediagrid&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCxUMXU2xrZZrtAeuRjuwPs5C--AbGvb____HdPv038-dEpEvEAEgg____3mH2D...
media.grid.bidswitch.net/imp/GoKCSq1FNGxdvnrrUGMturxzpt2X2E6Uyhuel2zOwZWzOtDcWJg8rvwQJisZqryU18lugGm7jawxyDUpxEIEkKd9OOOqQY9QE4OxzZT6wNK6HrXs5ubHgshdVpPacBtdVr-g80VGZcC3E2Wr6zRJGItu8SoAdh4McVxI3AWA... Frame 0E89 43 B
196 B 224ms
34ms Image
image/gif 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.grid.bidswitch.net/imp/GoKCSq1FNGxdvnrrUGMturxzpt2X2E6Uyhuel2zOwZWzOtDcWJg8rvwQJisZqryU18lugGm7jawxyDUpxEIEkKd9OOOqQY9QE4OxzZT6wNK6HrXs5ubHgshdVpPacBtdVr-g80VGZcC3E2Wr6zRJGItu8SoAdh4McVxI3AWAHjBlAaegAJL2Jpd-p12hYHK8vIpMbZu1IpfxBwy9DqtM1ZG7Et38CNsV8dYqxVzilbUnIFGcu1drD-w8HJOwjR1yS0Ckf8QccZ9n67TkMAg53Kk-Qyslrr4iz24czCgzltTbqEv-QjWcsWyoYAXY7C-BIAQmHxKo-Q7UCaA5iRNLbSs6AlMZNptfsuYaRBIW36ASr_R3RoOJ1_fqLa1v005ZSQ/billingf-93M4W_b9_28nlDwVndVTQWqixcjct7iLoJyZHcLrsp1j_1rY5Szzkw9qY/https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCxUMXU2xrZZrtAeuRjuwPs5C--AbGvb____HdPv038-dEpEvEAEgg____3mH2D1hYCA____APIAQmpAocWcjmKQrI-qAMByAObBKoE2gFP0MY5TLQ5V8MFQOsKVay1FQ-ApNx1peS____1B5V85DWax9Q-L6Qj71BjXS5u62A48U9eS____qckJhDfcpfDg9QMXZOO34wQ7kZl2oYIW7m2dWPZv1EKXuMEodI8S____1gY6MOpEMMGCRZx3S5P9vj6fbJnf95owbncHdGjJjWbnwjHD5lDitopD2ea7sf1YMNySbx3QYnLsAb____KJoT6mS7o3qKY0CG5epHLYC____hrwSbU8YX63gkSC-z2KyvF69GkBkyY0NEUR4ER____DWBElCUcRimyJnxy-Xc4Al86OhRcAE5NKsudkE4AQDiAWLruPKTZIFBggDEAEYAZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTYAH9fa3qQWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChDT____QUYgJiggALSCB0IgGEQARhfMgKKAjoCgEBIvf3BOliFqJetpvGCA____IIGmJpZGRlci10aGVtZWRpYWdyaWRfZGI4MjExmgkWaHR0cHM6Ly93d3cuZ2xvYnVzLmNoL4AKBMgLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKwE7TH3hXIE77y____uMD0BMA2BMD2BQB0BUBgBcBshcICgYIABIAGAA__Jsigh__RfEm0uAEKemk__Juach____m__R__U5BUACH__U5D__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgDICaaNdeuMymDjWRIjb63ZXRzIUWuP2EOP6i7-AS3vAu0t1BYNO33JHQhxNJSrltuoGAE_BFPz1KZMCHlFjqU17EMm9L7NM4__LyFzmdd6Qy8bWNPaqpprLMTjyy2sf34yDa0IF9Ymrd5qWNzoQRZrJ-rGwXghO396iohlC6HVEaZfXnyX1w__C30kbOa5iMuoUv6JQH5uP0ezBBTX6jyxVhVi0LDRxHtLYyL8cdH785I3Ll4tcvS-l6zILsDllntH0fcnyGH3MTgeKxRQNkJp3jEkyX84iV7Vx-JOTThOUMrsUciLjCLXVjwy9szEw69rSVFNI0Re28g5Et9xI-QKOkl9Usr4iplUpSyQnf9g7__Yb1PYEKP1-G0ubjNBNhExdCv2gCyrQpaJONxzRxsrDytFT8ILYe__4bdMpiAbcXPtAd-ALGa58bjqF9LSZvrglnugneOwc-i6pc0JP7e-bGfKj-jkvtFHX-293UHzRMznT4gHpaK5XNUoemp9nMGCU3__kVXPu45N8HA9dZYkuiDSzzUlIzMIx2VIhv7__MbLlnfFbhYkC8y__b6ZsjDi__4AFeL1U2QQ91__N__Ucx-5Sax1MQGfgyakqR47Lo5__MnkRvQYsV3ql2E-qukjmNIYfghZP0Cmu0C71pHesq-vjFiS6TIFrDTd-QPfRFJpAGw5CAhOpZuekHch67svyyV2NqcDHyDGT__iLfKsBwhruQswzndrE7JyKXgopzmI2l2Rt7QNwOheJFsUn7zS07PygLUmwZ7siAjguw7rooMRoDFGAzTtpcL3wZt3msT6ANYaaQCDMKViUHmli59u7CQUh0FTVsJ2FxTF__qIWFZ8xXeOXclZY23DJc6YVPRIAsVy__TL2P9gKCJ4jHdiBbtGYwyTsQcK12Z1Tz76ziLzOb5RSif4z9EPhVYc0Y01bcS-c5DKgdEVEm3WrllzsLTN5trE7qCOFTmBhvGpXovYMc__8v41L04UkILKT46sL5FVviO07Dg2iQkLXdEWlYCr8kBy6TOuBaO__oUqlTmvfG7cKIh4RkFhtGh1PEG62lWM4gTaE7n72Aj2RlFya6-39h82sAWBo9iIOj9iRIKFd9ER-7lCGZJyZQZCLdQkVZa0Ek6-iOGQgUIk-QJhpMH-82GCTTLuTFCjwNUCyoN6L0fJ5BQvK__mI_B
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif

GET
H2 204 cookie-overlap
grid-mercury.criteo.com/notifications/ Frame 0E89 0
121 B 44ms
35ms Image
text/plain 2a02:2638:3::28
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=apksum.com&bid_id=a9771677-879c-42b8-9d6d-a35bcaaf52db&ads_txt_id=8GZCTF&has_bsw_id=0&bid_price_usd=0.0882

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::28 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ Frame 0E89 0
501 B 163ms
162ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYTaaPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRzdNZeUearUY-reUP-PUYK-qBUT-TqewreKtBZyMRqxeNco_YTaaPaBUZP_TRwNekoztgRhNAGAKaBMAAAYUTKMBURlmNBAAbYZARdzNwqfftkRrdzNRwkhNRmNaBUZPRleNplR_yszuNyqslt
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:41:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1O%2FtK%2Fmk%2FxZ%2Bo79HDDYSdeo7V4n8xMdnPzc2B1o2NRaMAcB5hfy6kK1bCng%2BP1Nigjz0VjWk16XE4pcxZxFbhvQiuIn2%2FR2Yd9gf0EsBv9Rk5Pz8G8oL34VB1MMIxRtzepP%2FrAXtYourkbmSdpjWDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55cb4bebb0e43-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 508C 0
56 B 82ms
82ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7705689210672&version=m202311060101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 508C 0
56 B 80ms
80ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7705689210672&version=m202311060101&ct=77&x=38&cor=4295937500513244000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 508C 22 KB
15 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUDRZBnApuj-DZOH3oTENKoxkGfPtGhJAGDd3JXs_ymZx37qBvmdsxeKbnJ_Z79Z-fKyii6bBXc373SoBT4EoWx_ZRLaVICatY_lg9v-7ez44WXB3kxOB0x3qK14ll15Zy--gmbK3kPjExvg5y22gQHTmLxnrIaEeZZaiIGRdVA_9uTlu-9Hb7Oc--xK6R2hAL2l1GnOdPJyp3RdryCWcbwmppSQ&cry=1&dbm_d=AKAmf-CoxKtRfJGCj3K_2q_AkWiTkDx4CBOK1dyDjejepp6lLNYlBy5CcQtaejlSYXCYsLs24O7ds775D9N92IjulGoO9jvLNgGhaL_Snx6YErtOSEY464l4t-T1jBMalP0hdnGJ26WWdB1hKr6XTFIhaC7QaxCEaXo0-F1VsXcPO9TIwmOuqwHQNpm13qJWcRkTyt54m0YUdSqv864M2E2XHdMUDJzusO9_hkPYwqnlfr-3OTEyqMhwKZJuzmxoqSNn9SPumyK6tUTkm5bsoQVhjiPgfzAVaJkU-QNpf5drgZznnzc20lCXQz33mQaAE8Nkdv2A1DbWv9xCXCl15tsiiqFF4eE_TjaVgFifeMcK5iufbDohtrYdl9YuKycnLK-llwmOm97ifeVf4163rtoSlWae0oo8r4q_kSMEhPFrbcuuepdvMv2b5ePvt2BN0cnTAk2HayViAYdM84O1f8kzqJC0COOMOKN9o5qo0aar7gDAcNS-H53-82lnKbLb7EQJNiinqnM0cLV3FfHiM5GutrpPy2TCEd3kk3yK3ETrDhu4I0XRBQ_X_p80l7HGwNnGbp36elJeGiV0z1l1kiEc1mGItHG09RR2JO5nWBilKy0Ip3-wq-2-lK_Yex7Aw7BuQEQPDm77zbdp3uv1uEJcEpQ73Obs53drOy68YFB8yy53FguJnsKgFpzDxFZtmPKHJYzPMU_VF9jzISWkBxPi0ez96vQ2q3maPVxi-t6WL74wkZ91Eq1TzICtHWHvUDePtXNEoqZR5G0QboQbO1ZzjkCrR2aVnntvs8O2escFmrWpfRRE_5c3FDLAYITJi-oGixhG6a3ewin_aS6q9moTO4AmH573qhwegazC6yueNVpS_-diF3UdbaaHOi3zScOMLtHus2g-_cQMzQNvHpo0su0r8wAdDL2n5IVqA_yzxk7JgmcnAJvYqxDheXVcB3ICPJcaYGsJxC_QRzNlSZN-DmdUDcGGOMB3k6IkCXrkueTUPqjMmDh159RMpbh5qvWIKgH8NO6TvThLuLaIypRyeq_bAyo8LC1xvpAzymafg6waLz5JmVvKGppMon4aoiFzOOQz3wvR5vxZDYeKQp27vzqxsdoKWJKWM_LQF7ojbEZEnoC463s4JrjA-CM9a60jLDQBTyPR4u8BGW_daw9rGYSedwlQ7P7r3y9kiJGGA8C_gplSWKbKaPmR-bBevZVKE--6dmAG0aOnb__7x9UJi_OyWghuvMr1HmqCSi5wBD6RsOKwjwhVT-go2Bqk6zQb2bdF5uBSkt_j89O2r66Y157dQPI15vs7yhqdqPBEiFALY5D07skgLxX52s2tY7oOg_669ToDeEnj6QJp0R12ANnO8GdYkpuVHSeskCCQ7PW2S_05jI7xrbYlMPrqDRbEydM639m2miAtjFk9b89i2vnn9d7OXsyvxnms2fXXKEtJspH4uEWDEmmag2Q6YDFkPEcw5SSOIhxL0Zd1Xvbkr5xyKJ83QxHS_KhLnqtm_Va7X6pp6ynnH34mx4wfN4ZuKAMNic3Lgl_yVUbDvnjIt8gtUNJ0PSsS4gF3SC9zj9eNz1n-4MymQ_zhZqTD44NtZCA_CQS0GIHQw2W8trg1x8jo72c0nvgRX9B_v6nbZ-aCtrP7-TOJN_r4adSOmBeFIeRqUyS6QsBQTbwyKY5sWNaRpxW7OOhpcs6-zU9OtXBjKYY1zLcBGW0EME8n-3UJiCfzGS9c0EdJwh0p3klyLNGzk8c1yTN76JKchli6z3F8IiQWvh3VKvOXC822D4nurJJCwrtuboWqZvUlnBKNgzufegFeI4cR77soW0TjFb87wqg5iBhS5wNHYedbOkOTCare6eqBLolB84lWQe_xTgLHNrrRHH5AV0ZsPylG2RFHfaNeWymUIZOQ08zT0Ju0zhsTqdJNR395oW73Klj2Ps0_OMgGxsSBvYT_V1k0SmPbeC0I7SI3SaElOIa94nrbHfEH8OSazeMtv2qCZY2FVswweUlpG8n4pDn9qmfkChqExTTzsXdvLMKndx0pknrzVFp0PPXQfmTL1oJew6pu84mlspbF99YB_zg9U2kQctR0S6s6zaSNcqEIkK_aNhmc6OWwYxzaZZryLdjo1LDW83FDF8SetgsjPx2SdPNVn-rkuZVuq0cBR7TnqNRvC7rl9rXxLE6yMPdoJDPVR9kRNAXc2w7JmqgA4i7xAJZAzhG-BuixNZSAdQu9xf7Yg0SWegr_J90bXLsweHR8Fj1DRXN6jJ3p2k3rhtFo0ojypSMMRrGo8V8-UeQh_AV0q7ZgO3Nxm2lD2kEmnc_iR8gtyAE_B2R5LW5qGlZDACoqi8VJkFWQiF3BXDiwhQP-7RJ24ZqdTyazfh1Ae3chkNe5sgrqD1WkslX1AnIlEUZAlRtOexWqDwXj9bJ7gybgMGdL3e6z7-kAtuJqKvvQM68VQYT9danLDla--1xNM9R7TT14UxbHCgcbAOCyB_ZmnKBq5e31ZXgdhfj9S6lk-11QcEfVTUDsjmUw__po3TPoHHkd-D2iJB-RYXKwWfrHx5RfvAMksmsZxe28nSh2YhEkxeaLt5d50HXbC7Trx287b5-pwlFbwirMK59Nhod2pSKAXmfI6njruUqtPHkqod9-v1iX9n5i_3ZKRnt3kHXuczZrIqSXOvvBUH0AfdyBHm-y1Tw3BfE7HEtRcDKpP4bXaMFDN7PhSJZ6mW9CrNvqrXyLU_VY9vRGResDfY7JRYLsAXvwOqcxJ4g7i8Gybni_lFHqmV2twXqULfPJY7gKU2E2SUTLHB7lKYHRwYxDVRaQuWkFjHfzslO_MRgbWWaexGpyNv1DRbxQGNwoBNnBT4otUg3wP2L220RunvozKrbnjBlGgMnS3Z-v-eIQns6DkymUoh86iBSN43WdHaS9s4X6caLh5RSf0E1RqYMUfAKEaTAWgA6UJ0yWcG-rnR1Bhu5KJSCjIhaImhjomXmdwn3JlZP5UUv5HjfZrMgFayuOnl7fQiJnnJlJJRjP4PLUFILGtd__sKihsMeWL4tq-upD8W7rsv_tFBfOuWNe8050E_e3-fTVLa6sxapacZWNWSODuHljJvRkNfuZrYrtAhVvH64nEfMXnqq8qOaeX1PPbfhLpJdpXSVUC9nvWRj2Va00XKuo8eSZPLJOzQFe-_PQPsnhcrG6EvIyPbCbh4_Nz61rAy_ggDUnb7t1CnTF22B-zO58kRoYlCrk8vAkSPH1aVXnuzUlsJL1e5GtclYtsCinxuRbCoJZQ9kwr9YHYuWlqhSGwbxwYGrhALCu4HaRxjhSWNRX_fjL4SC3hCWXLfyfBe17E7ri5GVBeJCxxGhBbhwEf2ihKpWyIDGpHiy0DwcHqYb-eBxLxPs1x3ud2lHqV71fZAX8LJWkE9JgA09ZKw9zSKeOTc4Mqfvwa3pE2R-5jizbG9H66Iy-aKACK8GQKm9PjsncK9-iWSHbcOWAyU2LD-GyDQXDzN6MENFvKglcRMHAU99EX1SF8SbkoAiK-yqiPYiC7o-fLkRwJ4lyFWFY9aplifMYZYXcwysI4-HvEsB4qnz8hbu_CFu5urZM8wGBdo3BjBB8Rln1_jXbUYWleJFKW2YBCHTRvgzWH0LFVAazPZyuPai183CO4Q_Dpf0pCYExVRk6QLG8OqdWiQ8vrp9DZYzxHQGaVVzYe1ZkbN9umrkI9gVI0hyXimjggBEvO5-yI1keqcWIgmbJOvzY512x8CqtfvURyULn8zw92YU&cid=CAQSMgDICaaNsX6LHGh0PtFyPkOqUq-75D4wGHReo7a2BDaGlKsFbQtZclbRyqR5J-Z14RU5GAE&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fwww.apksum.com%2F&ds=l&xdt=1&iif=1&cor=4295937500513244000&adk=948955621&idt=198&cac=0&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e22a1fb3eb482747b1bd015e0a163905eccb9bd7e295074aafae20fdfab5402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 47B6 0
20 B 63ms
63ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=199193674805&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 47B6 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=199193674805&version=m202309260101&ct=119&x=38&cor=5964607571727176000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 47B6 89 KB
38 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CELN77WeDq9nag7WGvh_0J9w68oLJ2b_JZdTXe2Sp_I1xYCyCldlvev9hw19-u3y1xfa7lKzMSevMq48lbemE4s5bFV0Zly3KKcuqkyoVw6e9VGTrbQhldU_INwBsGcEYWkg3jHvY5n9tJxHRb7otGNePmIPkiUp-hqPD6DBKbaXkgc1s&cry=1&dbm_d=AKAmf-AuOSUJtEkDn-EkdI3pV48HhoBhsWqoD1Bleqw9MlEWDcyPXxmOFUMcyZW4M-arXw0s4qyFKGph4L1sgrvzfjxBWKORwFWyG4IhTEUvekieuaUVWNFtBXFP8IWO9sVe5Je33IEruCEk9566tOui-Bg2a_GVd2RyheMrcVetq6_UgXul3Y8S5duGXKD1fNCHALQqrgb-lsX8ldbEWQbwx70_LOEWB6Lccq35unLIneF5pmwn2vGTfDlauxNgfMu25Jd9bBz8gdIl3K68B2Ohh39OPDc97OUxoSMiEnlVcKAb_WyKlZsLs5T1Ezcpi6PNuqA5H63cAiZ-m5mmV_VImRA07d0ZBOfNoWD7kzUE2wVinDQVKpJn2by4LiP_vUu0VFZ4_koHNPUbkvHY47MRDs2wQWsYwtEndKxfe-emKFegUIOMlynKM838GIJ-WFCuncpsNTayVU-e9BXKF0udec5B6O_ycMxjVJaktQu8XXZ7laHAb6EE0nnLmmkt-iif0NOve_ZoqhsfzHn9p_nm9pL1Fi7h1K1S6cFp6l4IYM0KU6RcW1tbsqULb0qfgxlPmOgE4vTgXRyvPm9Rm9VSyJKtZQA0IFwISqV41X9GrtlYtJb9CmeR9b7UalPphUTiEY_-DVLvZoGvMGYzVhjPftlMfYWZcF-XdRls0pt1ccGPlPN4JP5_w68fXdlOpPmnMREyV0g8pcJQqZm2-nGXD48XnNy7tuDj4DcI-Vt5S-kVDrC9cGZbsKLW1CsumeEBu5RaGhqFfqVDfoZsKeQs_VE3NuthrxX1LLdq2AAJWW3ppMNF3AEy-HfzUXLOPNkxWaC8fNWgn7FHMPs1u90kfv5FhzTZqKrAExFZvLS8dwJcJ9MscI4RnJ5sAj93Txn273Hsv1iAhHmprdSBh2UEXQkls8XqvKTM0tzyiYu2ge40NI9A8nMDQJs5ZZPxzkl6g42cVqb4pA8IPW8cms1Mf7oXMhZPP0coqs8zgi_1McGYe0_0HXZL-eRo1DXPutwYiMOCssuAsnuC6t9nVUwvfcKGF2HJ5VAT2TX0wjbJvYAqEuwqVE1-zjTxd3sMKCNEnysETz7legElZOlRYygIIkyrkt7G-NwaZxHQFdDdeFXNihADzh54phxQP2pGl7LZyliCQG2WThpib85DzeA_PZCrgGMsZWhaoJAyIYvO7p26KSg87fO6kUY6ltbMoZPyLVQD-iUC9FNEkmHcGhbl3OXsXvlyEOo7vli-pfX8cWMlK2QzsiJ-TKkD24KMs6c3YpgT2BhqqyzyzznlK6w4d1FNETPqV9Zj_tZSJoUY0QEv9yZvXKckPc4d5FxxcBV3aloC-sZbD0RDHpKKsz9zPyYmpo368LaiDnCAqWeDC0efowjnaIiNGAW2N6XzR_XfDHgj-rwucy7HI_6ltq34dva4hdk71CaayMJPrfqldJwwrlQmMonVXTJxiuBk70r2mMojI2nIuzkNAeyKJiAkmmKQJ6NvQaCaZ7e7lB0agFDLGHguH6WQiu3XnPnn5bJuWRJf4Z8hfAnlteTRK0390YLHwAmyomOUM1x2ndgUbe4epJ5uAmbSs4mPPW2y6AmfZIOHj-CrbMHIb4w1-ok_LRVjF92_VDqDl7gLrjIMA3lBTchjmZTFcmYfKkMxk-UL-asJHhC8wqvEWAmEpUHobXXdDwppCw5NhQecHyhDWJtR5Kg0nVOzkuoLDC2N79jDAcVPlcQ-CxFQHz_IWAOsFFgF3ZV1AHmpI19J-mNz9XskorGb2cZro_2gLUE_p1U5lXfgc-XQgsVltD6ShD5-9d2e-Do9XblPHbXnOx4UNFesrkU_DFdL7i-cbbEN3OxabDmlXEm3lA229ZlqxavqmDlz54KKQSxq2L1-oczcLH6g2DQlkL2RupsG9NeUlcMhWKF7yVqUXAwLYj80dNgSRhMXr5bnbWiaE4VhxfoOPwTKUWcelgKnYDf7s4xFjNaCY0XxOPe6d_luzyhZeU-qlEryKT2udZBaat5x4zIOMlbX8Hj9mOKWaSlFJid0hx5FPfs3UzhctfdTDlx8O0foGtmYS2o5b_28yqELiv89iL1p1gYZqTkVURSdCMtwzdf2VgprYtQ7XWuCWw7KpRjL2ELBNl6qHtBfY1sg5IfwJzROv71MwSU8z_x3ugs2Ni6F1gHkeomOmQ1F-Vm_qxJlTsDF5gvCVJ-czRN57v7fLJ-9j74A6EbqtV-QoQTVHfhY_Ai-qUh6slCpyPYTT4uAGcN7rNI8StWVGx6yxIobqI1MwMwwSnemZOKPUDQU7DwSN-DU1MdkFKgZcsDCIC9gVvjcBa6tyslGQ8VwY3Y9hgQcEHiboLfx-x3cgwSm5o3CncgKRNCgQrXcr4bOsDo1b4ml5JiYboWHObUQrzrbsoGMSaH1UsEQwGMMnziOo-3XRQOkDvgZ0DxiLTRZu-B07jUtn6hMqZ8xNuhTFPKKtu58Ks2UoUp0gji_dhEP2aYlpbPXu0znznDlkFzoVQSDh5vyDmOgcR63ZYVPMGljhUwwzFIgEsV8TyiqpvKujfqiXagLOng0GFR0y_tdfOXbd9xnnaGxsyGl05c05AdksnE6nFBNx0kuE9heTWGEdVqWPCZ7RZL_-3OoCfYKfcf-ExgQjv6R_daTbP6V1ksvOVrjA3DCUnpy1obzED1u6fTgCG9_1Ou68gZc3yHvOz5jdPio58ObbxxQ7SARU2Pwxzfwu8iV9xD0IM5UqpxPKoPse5kkLJpfetjGb6OpSK0Did0WlpjeCYGhIRP8_SUiHPS0gLpUF-zcII33ZohoKIAWFbxORBJ1I1b7J_DN-N_2Txe7RbRRhbOeQH661PYmtXZUmq2N1SdPEo94-8jZ0YAnRMYFCU66Vsrk6z_7pWbJ_uJbH6ZsHERcisVBzTu2NUbcv5NyANUlYlOSqjfXW81IR4Mpflww-lxFMRJUqnZNdAazWijoq_0GTSIGCaGp0ocxStmn7fp4tW0U5lVNW2OVwA_S8iLXHbIvOV1jl5BI4Kl_0tQeDoLZWvhwBpAjT0iFzcnq7HTCEP4hOuS7cJH7hn9RvVsxsR4VvVfEX_utFf7lRMODG8qzosjOetrqI_eHrMoEKGbClkqyKuNaL_8pS0MYP1YR5Sdtq5o8S_6Cds64vmXjhz0UhfdC6a7Vz40cgSz7pgEe9pcHbck7cXr8lKLTtdKjlxXVDcfSgDWBhOkTbkx83Mh1BCR-bL386XGQ0EiZE7GJ7oyFYX3bFjmoKvyGkexwmH_2PyphZollzEVJQwDdyP16-BggnYouT5nwqWujIHdKZMhZnKKiHpjAr7pAWy9JXcPtH0wIv601Dh5cvW09DbKIwlrSjuQDevhPwVLS-xU8Bbhb1n2DX0yA3ZFL-pgJm-DmFzpP0DQ8E-qR0O-uXSF73W749RkwoGPcFZwFzzQibnM0mO2SYPUIom7L8eMnr38UKchDgyoGKxdkrBFCh72cxY01BtsSp_6mTkTacQipmsGmBsTBCIepPFwJKZ0cRhid6LP4qENHBw1n53IX4oQGD1raeewIhTeCXdLc-2pZxAAbmo9_0i3FwlkPUaSCaVM5DN9m07B-SrQGZaTMQB2xtnVlgF-aPSQJkYf6huubWGzKFD02-hBh8XANr7ly0_Av5vPI22MwLhtDvbGhI5hjTyg-zMm8qhutFPJ3g5kH5opyf9HOCerAV6KoraoPdb--3JfVwnJquI-UvzGbdoT4Jzc28vvIJlVbpU5WOkwbsxwwNvLjclXfsj7h2oh9Yl9Pt_7fa8veiUqGkWZ-Cb-bFmbdLVFt_u0r8VspuxVwTK0jzFaHwFZpmYu93WSxTsZcVeAfOOgIGLRhnXT_IJ_gMcCg1e2cUkDhxpisQ-GILFzAJP6LpNKoOGsb2nhjRCnCz7vCr4ufqh8XK1Zhy0NoI8YAIba9C-m09nUVC_5qKNLbr5laXx58ITqFIhG0a3GAGOALzo2A7Tyye30pNekDP7YPC7W6RWdKF6hJ8Me3mHhrS_SYdBwDGRBCl0Ee0CQlhT2-x_gvDJ_MXdH6LyqSt32gBo5yM3JhYgMrQSaPvajSR50aabaLnsgx7Wjb-BO6mjDKPiXs-Uv5q74U14Fz58rIhTRydApHWxX31u0&cid=CAQSMgDICaaNFYHHaviTCwf0eotKSvMAkERlMQKwJEd4LIS8dcVbQRE7dlkt6P3tixj2C1FaGAE&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apksum.com%2F&ds=l&xdt=1&iif=1&cor=5964607571727176000&adk=2075474804&idt=258&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8567a4a47d35ecb0e690d9657b5fb952ed85cc492d21228189305710b1e582c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38387
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A400 0
20 B 63ms
63ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=347028461959&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A400 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=347028461959&version=m202309260101&ct=76&x=38&cor=1323764092838305300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A400 83 KB
37 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_-oD0YF4iKYm8-1n3DrMtVQVDv5_sA-cr40ffFQ7fPVjeE4DfDscizdMsGFzsMHMGaC9FyZ0pPmzKzT7HX1ycILeMBDNwGjB1fjqE6aamsQOY9RbXfIhpwjeoq_xqVO_F3UWihxKRXrCxvc-VE5s1dM4ZgnRsPaigz4F7XZox8lBRaDM&dbm_d=AKAmf-BXMqha05rjW5h-EvuQNaTxY_Bb7gOKm4ZsPunTtJGzXtaYPgFo0htUWKWMsNUV-UGdSSf6pDzXK4k21_kP99Jqhe4LSnmvgEHwbs1_uXNtemXsA6bio7UGQdQtBCRnzk3tKhSDJ2oVm1ADJMzmVmaxMWUTGlngR0ctRZNmHOjJs2b1CooZsLSV3cyiwqhckszAct_ZwuIhLUtSlLtHxxrfU425wPp9gB9FnvaDyq6aHx6U0Idx4nqa7KKnVGWg14g-0IonUNC2JaJpauHyRjqwzmvoabHQfRauNAZDuCQjP7Z7qfqmVBT5l2eZj8CIEti73xboz3d2VUie4WuA4X2R-DxTF05ME5Rt5CSeoZ2BG7JVDSlPdIv7MhlaFlxHa9sr6AmshFALOISxxW_IGT8mlwt7SN3fhvocgK3MPrR3djzrv3o0TT5No9YiFz-BSVBXKnWKX0-YRxkgE2ztDO2D9ZLR91g9y0tO4u_XXQgqsnuHB_QKW3sfwcbwCFnjNWAIflw7SOnZoxVPbV-Gi81kkL78BRFPYMMDwV1hybph6iEKCL0YcoCifKVb7AW7T87vGTqEkBX3gRSH-PFjvXRhAzKGz-tXUc3bvpqlaVJYfPQ5xV8ceyENiUGrmrrjdiiCXWIXTkjlcZ-U9gxV5HWAgQ1itxmBl1uV4nMQsQGJIWCNgq_LH3z9pRrVEJVWeUJ67oKsw0mJHrdBC-cia8bCuv9eU-4AfRbJ3p29D8KCNbSKhiFW02ybCzF1NmDRs6lLZfBZLck8HZX7Eo2GjyFWVYbThr289ZovwiwrNrRewyfHuC6cyRJcxEYvkd5rzgHSfkhEF23l5mZMkgi8ZvuTpCr0vmgcGw7S_OtKEtvn6e6vlT9b0qHD9UcyHuAffZSPX_FFPrfctEboG88cZ3vIGn5Pj-kK4IS8HMz14vY6PAD8CQitAj2noxn4l6ea68HfnS-nvA8JslVB_fVMPgmruOqXXUBzn8hplhJ1r1P6jU8UC5Cdweeu259QHucF371U5gCYvFJ4DgQbdAPirW1iIpXKJgBM1fQZ55M-k1Ap6yfZ84-VOblup5wKDtlle2GF1w2wcdFoZ_hupVwx7TzqnNPvKr936NPO7GwQn_RR2b8ZXLhHlZvLx3wIhj3P07UevYdK8CkxYd4rp77RSeeFyFcJnSOqBUBE4B5xoyR3Keyz9lL8mItMm4ZwHlP8UdL1ZQI7VdHW3fjfFZUZQIwf9jQ6JM3WLLD6lXtq4MzSp_ELfD2gMhWG__jwtCyH87LYhhCB5Rhhce-qM5T0TrO9yv2q3CJw64NNX1zW-nhqRENoA_iPTdBtumxgjO9tws4PajsIrRmnyxQRd9SrGxIzaU5T81ScI5tZUnniu-o46gogZodxOsQcn4HLa-hB0Upsqj9oP8UKqnLkn-dxIAz24dCAg72rjdHsK3v_StI80KOAbTHx0IK5j_8liIp4n7PdvbaqtXOkg_4MNrDBXqMUTSOlh69H1jol1V_d_slMe93BL4a8KOr9kS8gKr7hMmjLSdhZWI7mfHUWUR_x_3e16_vIeCuEC8JRVciqair4_3Lq-8sSZLYn3FMHF_e5ZZXqvm3TYge2hlArTaZDXohFBH1_8IhKJkj3NZrKBw34fFcEng5HL4uuWFMQWYtfkMulopTagEgroagWR9wTjBrJQvaAt9VmTZaNmpguROHg_5TmS7wNjBJYNxp60XG4vEMwf619vnofCv89Pq_UTmpZ3eVzIrxDsNnL1ddmUtYuYRRXl3wPsxkYWRRs0MGcLQFKP332QS9Fxhrf5Kd4sFZG9Ft3pDvCPIb71Q4ie0prFAnJ-yqQRu4Hubj8J5-X1qrVDOkeSvkPvsQKt1Op9mpY81INUg5saLmGKzPyI5pHGDaHz3PH87XogQy1_otabf4Od5fBX2RlM0ljxSvbtvrn9h2czG6SuZmGT5OG4CA8j5cfxjr4QfPVirxgiUQdyrtU0Qg5PMMpIFYvxNt4E4MSTrvTWrUMB6WpYegq6s5mWHQyxhzxm20HkXIvbrvZ8hFVx1KvUx5Bra3a0XtF5Kib7sQHm1XFO1PwZOzZ6NSnMKmiTPCGdFQei9T7-oGleaVjdwsE3q2phxe1g_KT2mffW758FGlP-BVOOUGPE2a3MucJQpQtCRy9KG3Nt4Imx8fg7IRUZyFr7PjiMgswyw_CstyQym30nB9ia77vf8HOiWR373CADqV8tQNntVPrCdMSi6o-mQA1f1qZy3j2Dt7_QwS4S6FifipNMJ8KPFEt6fRT6VYBpfn-adRLjcyX2Q_gl2HfVWl17R8GAw_O0_PZRwh13ziX6WTkXg62puiX02NQCv2nI1M455U0T5-J_YJd_SEWCr5F2JEMKJUjJBQOl4h7ArVRvmkxsw9YRR871qIU4PTpvXgvmIqn7IoPcan-95mlU78sWWcMansyG6ymiv-rpPuK0NihrOcqRFA51BFgAb1nx-RQvpp48TADntDnGMx4TFSZ9iZELM_qJ7KlpAFRlnsbHBc2X4nePJ4oxhymp8UVBXbWcdpAtC2IyFrGpqx-dWXmxfPSghHJVcNSMFjsSB_G8wyo3vy_D76EbuHwXxt-eagEvLbHV0yGXvITkJ52vF5FVCTPil-hWg9hQANwGrCk3fGS9mKAveDKKN7doozDPAnDIopb8T8qNEDGeYnuFHWq8c5Zcnk2BVvZ5e7DCWNJI0qXhFQGzDdqhuneMZq5kp-w6VAQVjd7uCrBsjbT5EKIRuaDH-6QRrnGddpBv-LLUMeKo0W_uF-lKbJyYrxuCvf109QyTfzvAi3koP5csa0xSpBeImIFLr94m6UdlXZ4VqWSqR2E6CtvMVMx3qbFVEskSRMogV9PxMLh619Af20sO7e_OV_m1_fbTKdhQ_qyLp0GglW5EYK1YJ9g0zsXqh_Pf6__wihqu1FczZbnQTTB_lSADn1tyO_mjGKb63vosVIFyQgUl3rvgkvH8VKChoRNPIJyUn_2XahlQZOBRGci5f6jKudw0s4oPF3rRX7Vm3N87Sb0epnYRsQ2UR6dg9COR98NmKPpwZhapQlPafGfFwYi2hlVlx779_hY7GOaal8aIkAdzUoGJP-M7S0EtUxpaalwM5ZcJd45LOh-PK56CTMpnpMPP5lmunCNeEeGfubxwaPhJEpfKTYYneG-qHjT-ibTdssl9W6qSNUakJ31-5cFSfKMrdOGKc8Udd_MnQqV4iipHEGR8-hwXlgusfPE8RWSo1D_9r_jFa9jeJ_ii4-3SQEly1NjvvDTAO6uPmdYSyB6AsWJjrE73-mKalAlAKe4qacqx8PHJtCeA7u8a_f9rbFuU5eHVcKPcJTI8azuSOj4Lwws5-xDaxfhszk3F12L_ADHRc9RCmj3AbqfZJbmVLDYScg9ba1HjREKCFWX5YWkAB5a34ehFnujcBcdWaEfKo92C3OmHzN2syzO3-8G6r7pPexo_yzfwn4kvTjGdeBTaBFwlcFP2sRkLE_FfwljmDVMpH9pFvE3qg7HwrJSFO5XMlCo9QEO74RcFoGqDI-WwJw_MLQ6MYsNyRyQffjmavZ4NXBd3fHaU1pmX2Vwu27RTjhWT3lWMlNtEEe0rY54CiESMzvtfh2ySFF_RwEG1n3U3bbNuDEkeXvE136mMdcf_kkrDa0Nul6mVVYhS5Ll2CWIoi9YPc5iBx3M9rYZ8sNjrG8rejWo&cid=CAQSMgDICaaNsyRxLjnDU4A7HbN6IsYIpNuZ7BbCLTVG4yQQWy5_PRIFQVg-o3r7Yonk3zdWGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apksum.com%2F&ds=l&xdt=1&iif=1&cor=1323764092838305300&adk=338188162&idt=235&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c5d8ef60466c91377d39f53506bb1e464c796d5fae22bcdab04e7a3ca5160c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38001
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E89 0
20 B 63ms
63ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5238503411872&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E89 0
20 B 63ms
62ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5238503411872&version=m202309260101&ct=77&x=38&cor=14446814646774192000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0E89 23 KB
15 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRV3lZxL1XSUNlNTr_vbanekKkUtSw27xcaqOj9TPmwniWZGUod3dADruigMaVo8A5zbCHWkx1RZCJbK8k7AP-gxne28WvIDTXOrtHBmtOiQAALfDadKMgsqHbmqP139CUk7BtdpJ-loA2j_YyGFeJ5xyeSzt5vD201RfmVsJGnewK4kIjFVS3giMl5ipKyZcZjrVD7847p8ThuigjqQtxv_R74w&cry=1&dbm_d=AKAmf-DLhNCwC6ivrZpxrJqTKD_V6nD5bsZvDMpT_lUbigxheYTfzC5VOoHuBQsIQYp_eFjYa6wzQuKI8u821VNo1OFe0Y9gnewQggb3ZIQZC8LvT6Qsw0Wp6Z4NkTLWlmGSamQJmOVr8CucgbI-sQdazJAiNboVZH1dcyjxp__2M8FVOaR5Q4Hg54BYULimsua9zrFjIO8kSyZuhaBqIzmpgsj6Dd7neii7O0lJeq6w4duRXOgGKjOWFp-v_ZN3Gr8jJs_1doRcXWnyRPKCseEHaytwpTRH4aucDBWFHoE5X23sm6O18iYKQXT55N-CCfox-N2FxHA4zslC0IPv5VL_CO7uiWr-lmmZQELDROwvkCJV3CdgTVOsnpOvztOZXoTlBPP9XjGhi9KZt9v6MNPkmQSPNNLO51M4NIV64snXefIhkT4iDunr2zdH2mV-3ZV7OKCAXvQOg6WKgLhRiYR3iVsL4RlNcp3V6FCMD3qVWDbmJFyuJkTQp-YgkQNhlHw7GrE2_6LDbW75IANr_yVxh7GuBLqAa11Icmb347N-EZr8sgbysv5XT43zKOWL_9QT08dGHA3ll1L54-LM7IELjO5AlToCR33x6rZfEGtesT0-8P7Tn1X99vXTXTA-Mxm2mTDkBlFOeQKD0B18WJJljJseEJ5Z6BxoJjE9rz8_H_sNrlKpgTBPedKbdwpZ9ml1vxa9g60FlTOnbz87UPJpIg__5FUHic5dcXpVbORPS8KMuVrC-uENbsGpT8f5512ag_HSDvMALxwSe-3kGFT9qrnupDjui8Y7TYK3fYQbXZLnKT5ItiMa0RVNSIJE6uGCfp0afjng6TCLRJ1O19gkigTyuHyV-Vt3XTvXY69SCeDTjp-ZTbEnXHxhgepiC1akFv39wfYQUxs64Qdw1kB_sTFwAwMubRYn_p-rhYSsxTEeuPgO4kBQGNoVa0j0ubIO8lplJXXQrZVsMHaySpIBvFLlHKezPiqqI8gORaPCjHojrhLg-SPuu_q4UbeFTvl34HZp-tYiVrpC9W_xZwn0vYlGI28ztGBR38wihAZvGC-PhJ-ZujThZnkn04bTyz4mkU9vfkQFt2TPirMnZ_cgBVRCW_NeXaaKQmzdye_wrfRBpQwUqZOdOtCNneUBctSf7dQmf5odKmnEEsPa36oKf-bxhhGpOommpltjd-IvRW7uFIjwCUcBUlPAoZFRu2FN0CH1S7-lXSLZVzN6aLA8a7LoU249dk1RRV_3gJaf9a5btbeiSvh4FRD2VEpwyMHxz8-X1UhgYh8j9qkhpvE7nzMGkcGFCEcKTDGI2q9W7zE23PoUu3UB-ZZml_PDnhDgJrzePtGe5DjXW3TZKCb8AqHXVn8ofCsn0c6970KFuOiL4e0jNbdUEh0ZOSlLL73Ecn5yEcXtkra3Jm21TLWenrE_ZF2wo4eGTH6E4GIWsxS-qvnqrF9sQjT_Y4dQxr_fThrRrrptNQgQQ9aZI0LAo09Ql6dxJ3ymNXqFKqHzxzKC8ipRJ2DBQSadBGIeyBm5-7YNqZszFvpL4keidKqqZyLP_3Hl5NVPfi3K6qQZ_AYhHdUIKJZc934kpSdq7fdRGm2ppXNQrVvcoMoUbbTi7xRU90UwQ4fhN-5KpkX8oin9NBr97IDejMB0mVVif2Acg-uUVPdmdHh08Nl3XYdpDpNA-w5xPEZ3c2CiDMHqNlw3NlGEJ8s5fhCiYn-ORKWGb7btzN7WlB7xgB73Dlxh8pL6I_gSpe5sDJlRNWZwg1yCPkfPzi5Q_GNtB5sNMgxtp2uGjoye-qinBQ_7AB6Ctx60lIfph428yXKZsCO_jSj5qlfwqTREnS6WD4YvK7qeXbnDwccRJoVr1ZHZ7zVBb1eKQzs0deO9U8Gax-MXFLoYsctjTq8KaK5y6pjIAkY1v1PK4KczxHfYF3TfB6pohtu2eIKPE70iiiTy_vn5X3LQcdvc66JK33NVCy9rkdsbJYMDUqtITY147mILakSipistWB4My0ktgYd5XaLb60m1_9E_QQsNYpY-ruvc8r-iU0JgxuSt_rVJjjRTA7WMl25zHjci_uK-iIicv0miD2G_6vbywK9sSG2KfOK88RASSyqMcAMs1SfsfJax8Srx9Rb46m0SGVmsTCFo4OGr4c7qr74Qo-JV3B7cx8Yz35o9-4otfIS7dkmykCcaq7Z5oyWX0RplvnXGiRywtrKzGiCdq3ohdN088tmnGTAse_tiJoKQ164B59Ie9bev8E9LTqCyvGtDm-sAGdAwJIOA0En0NogLcLSkbjh4Yst2Glm1dKtyYxwjEBAXkSaRCKest6PyX4UnGcaIqLGgKkj7okASg_9Y3YqqalTq6HjNSxRn16OUIBg8Lr4qcAIq1-oJD84UG-qOcjvPIR9_G-edAz75BR7smu7i-iuwG-HUGILqe8DvzA03MBzElOYObE-dvXV_bN7U2YJNuJMczXY5qtbx5xkDxEsLTRoSH6kGKG5BeuSi-yb1RuZ7_Y5L2dkClzRmjEHmzUoItID_BO_r5coki0q1eLeTkK6GYpgjXefAVRDmK4ZPzDKaixazgh0oCXAuRCbk_IqCWwRhxZo59pwnXa9_LcuguUQZL9lYaaofetFF8WSUsIFOL_SEKLM1hlefyX9lh4aTkuXkQOHSS_dEUkhMQkas54oVBRhFSYDgqGngLaFrAnsYTjjoRpf-1frsbsE136asxI_039s1azZk9t6bKbiUWyP9yLdZD7IvvLN817GZOC0Xo2SEc28ag7AnWMatoFYGdgZjm54wKDvEkBrdA_bpDu6Tp8uYAPtopr4L1cjNjlPTQdK4m3xKIuk4m_5zSBJQLHRbGvAT9uMoo7OxQvrdcbRFCRzlz9lpSIGeI-zUJ0VEQi8ge4W8B8mjOLgTDQWjhIFaSQBtJjQ8sUSXb3SxFndBNW0EHPZmNBCluwPoOhrHxYgqkTYzIK61AjtBjpaCVWxY_tbdrxm_mny1ki1V8XE_DeBqakTufEcr1OtXsBCXvqgPnQo-FP_F6m0-gUip31KmVH3VjkLZ6pWEuljvQix-WErWRVL7B4GCggA9EdBpnt6D9PDwgpDwxNj-7bNdU7m6rCb0gcsPgNtg_b0RENKhd0eMW_mHRCFXAaPTmaiz4Ruj4pJ19XTU1sBO1egNXNVQwQz_ZzYIOzn91MOa-51cHb14Tyw2FdqBhf_XXlaoqD91zmjH0h-qgNFJb6Z0cnK1ebPf0K-W0a1BZA9jmC-J6mne8aPoGbS5I4vF1v10DHdMyeRzRSjEnBcYYZzwP5M3YINrs04JFlT_wYGzUbcHRdcaBNuaNZgXFb690Opi1h8kyIJINCfHEVzJE338SRTixJbX6_kGoLQrx7_JeD4OPMP72k2XY6zwrcbLmULEeiOzGn7dLBqd9tmISrNnnLvB1-Vr0Lzl58L3x6jxpKQFmvK8DC8FXO6cL-pBcjGyXXWNS20ZS59p9nQjlOycue0ncDwX0TCf8B3OXpa9KBClYc29TPAw6WIWJ6Wat5zMZ7mIEd1gCys3hwSIqC2snYNGoTUXIiJ-JTmMTGCovTphgQ81vZMr3pdJmGGBhA2tPodE1OUlPV0uNY3HGJjeDPAzneiILEJ1Uq23GjaGoP2M_d5-HlDFxnRZi2qaXBJdMZtSRW_WmxPYjNO2e_gAiW00GO8VUvKxN-lPnHLxscfOMai36Pa4UJLzAdRVA2owHm-iGVRyjq6EgOAgo8galXOYCL8xhSXHrJIXOJmuUqdfr1cTqTtsFSG12SK1&cid=CAQSMgDICaaNdeuMymDjWRIjb63ZXRzIUWuP2EOP6i7-AS3vAu0t1BYNO33JHQhxNJSrltuoGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apksum.com%2F&ds=l&xdt=1&iif=1&cor=14446814646774192000&adk=3860748336&idt=218&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6757cac382fac13f0662af36d2ee9361b8344e7263adcb9af592b8d03085a11d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CC1 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5586549315277&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CC1 0
20 B 63ms
63ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5586549315277&version=m202309260101&ct=76&x=38&cor=10773230996724593000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1CC1 83 KB
37 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1DKYo1JprkLl7xAwei3NoWTIG7L6WbKLKAEjRNDun63WjbD33_yDfvXa_8c2gT9H0fxa11Jk6j5-qwcjK-lfEE1QeL6DelJm9YiqqC_9TkO4gJHJlBAUu3oEzagtZKBtr_ylvxiI5yUk8b5aJMH4S3az8j3qNe96WHUD7kroiGyXdXsk&dbm_d=AKAmf-DUDaoaxt4xmBBCpxGSTQD8F5Y4K0LYQuffclEEC_c2KOpOyBFp7H8c_HMgFATD4NejwoLEi2HOYHvfNP_ODydp_eaAszh9wk2uisaR59YyJV191AdtEDPUZdqlj6FpBKSP6IUJTCGR4qFyM12svP01_fISQ3cH6PcQnyLpNUjMGWJxrGDAxikljDPMFXTQGkm2EEvFRF8FwmtTAr1kkZ8pgStxyqScDxtfFbmM27APKnSrlsYBK75KgUQRJsxvwZQtmz7HLixIJmc-6eXi4HKRLM0qx9oxXks3wwLiLfxsl2sjeTmm7mb3PBLUJafrBL7IxP_ohT0w31vIx-5NRwSUjj5p60Z9RIoZjR9Vhb3U7dpo6LNorw7HFXNefZJFRnGlRpgktJjL4toPmG8w8MSVlktfL3kaAqcy5qRXFpWz5NDI2grjxH3r9_GX69qFe3d0E0b9XBtfUbjrd2THS7xaE733Gv4J_AryE1iHOcXVAoOtUibha2lJT0yZLXw3-Eeax37gfH5szKdiURe4NT-j0wyL39wD-opks4bkCzWlkJNh8XE1i9cPKx7SfCKt6b9mLaOKbdTJZ3gDlJbfwKRFwidqJ_rIuX5KwiKuM76TN39Pk5iSkAWrXbdsoenQBujI_2tQe5qzbNHRzIKKxPMViT4LE7F2MsnL0sYhP8U8crUpRcRDaHua_0LdgWjcG0FJtVAzE561Cn_sKBLHArEgtdowijXUasdfmmVdzrMH5tO0lcDHNifLRwBie8AZtC9x2PT7Ym15k3NY3S-VBv3BNIPX6NSdvECDopiB8d8GDFVBV5HFej_jJwrj4wTDfXlFMS_NJX100nKbwNCwQRnuIFUJu4e0fcMZyUWzJ1hv04j1RdQKCFj53ZMSfAYpy15h7VoJclhxZJqUZiXlI1ukfeQIKQyq9Iijpxe3f5yrWROce4acASyIrozRp4nk1OCNxK2XmfKQA3GCkF4-cwLUCbhWzdpJn99uhrFhVV9gO_leoy_xyaz9ob6KNir8vgm3cloKZfdQEdg1QPt18thWjziK8fRALpnlRPhsGd6Y0AiFWsLZCXIB27WAl9rz18kj-ha3zAVqg-Q8frV9In9fM0DC3NrdeZB-VIwGxjlBYIZdWI4nwqCTS2MAbw1S07L0qxlSSanWZaEYW7uUL8vqDF63H8XM55WGkHYWqcRPEXpMGDx_0V-sAzVhLQkMy2wBLtRhqSjCzwAEHtjAiyVlNUaWVDIgWJ1klDM-pSdoudiJY_zVbXf1K-C7QTWnlBPIWzxXle8lDnKoREbdqhAHvQsg93r88fNDw5pFs2ff91S2D_7Cf1cnDRpmbJKhKi0bWMK7sENWUZOAy7OEPUqTfGiYtQirwsJi9MOJxFmCT5-7zFZKuPliOvW6x55RH0zhlNK7X99lqBAaxE1sHvoNcN92AJLkqQc3R1nrnWqk7q9yHcqn5rBLbYsY3CzbMNOMKqWdwNVZd12Q_nCV0qapXXvMPZPkr7GQKFqDcx6NhHYldJzGZToCEiusQLxeHAken2eh25ExA9m8sdLIHR7wUVC1dLSTRE8qIQGAYnldvtP318OGmcBh0285iPRZBtTJKyT5RKW4W1YLAFSqaUPWxYPXdxMHzJ0UVYE0YsGoZwehyet_dNr0fGxkOD_nGXvvGkP_ZVDu8dwLD8kzrawcLW9eWYchSCXFGsR2E63q-D2CtU389nA2ckvLWGj7l2e_I_wGM6pbbdEaUFV3Vbnhl_E-6OFj_8_lUN8kFpUA1oKkiSJnx43zXWbFrzTvx5PaB_7DayjaMUd2WMd4n_i0V03Vh6FCrbs3vocWszIz3bYLqm9gzfm595wOPy65wPLzI72ltsXWoHdtaUITkU_6x2BWizLMv8Nxa1402CzJfmku42wXej615hcuhmygNzqF5r9nOaqU4OzIquBZHV7povctBRMaRXmCgT_KZ7CXj3mrjXA1a2EoRiLcdH9bmOzbKcAQ5RuixsPCb80et0fgW2VcJXbRc2xKlxXLg7FyG8bnXtNpOAgPysueNZueuNLEwddKws-7RMJCWekiPQyBdtxebbkwg3w8EveG2Ig5C6324HeTxx8UV8Qp1NPFlQ-soILGHy30J8k_vSCncPotzfdfGiUjlCCCb4SeKuqZF0bWeIMt3asx5oq_K92plIgk8KzFd4CeidNDiQ2pKyVF0JpMfOH_sUE1kpxzW_Rxs8qYVa6ouz63gcYJuZT2bVno9qddAz7SfkINZld4kLcCsD4kUd1ZY2IMcxCjhS6pdcJqShSscqU76bSHsigqBAbpU4sCkHEP_3ym6bmkstDMt9Vh_uuv76HfiH77YvLOT09mYk5LACgWHTPWTJB1smirwuGRa-SoKC6Mh0qQL1ReZzGqfZ7t8k707bOE0UBv_wDgQV5ogsdI6cIvKMLxMrzeh3G2o7U-jPbT3Om9s_mEpcRj_2_yHi6U-OSOfK148guaCbYd6G30wtg4vmJv6GNVHzJpI-rnw7lT1VseGECQ3mifG_PmyWf29hU76YYij3MbuAp9YxMM8CEFtSmhwOIbvjCui84ShpPojoo-l6HCUlJgEH4EmBvf40neIwpW6IZzyy7kgrZ9QxXEhryvHu3pviiUl_hxBzHXqWC_LjJLYzBDEJhFXWyl-u1tB1Ng1TJH27ZqQSyqmdBCxAIoImi7f-Y6KyMkNm1yFN3FfKHUbS1gz5YZaK5sh6x_jfZ3HXJMNNOvgfMiIk_3sRuPgQT9QivTHvBNc0IOCPUf90poeqief-Ywvszqj5GDL7TEKBwbmVMNmspGC5PzmDDnuWgXBdOGhC49OMkg_FtRJbgiuMOBJhRUwT4TfgBFEEIHmhJOX69LKmX7IHjctNnddNLz40sr02O8s2QRYiX-Wsd0A-w3lo6APZObHdUzVlahBZaXGTnPCqBv-eZr2IvIEiD5we7i_vr9fIEWV8fRayuJy6ZriFjiQotCYw-xbsJvYC2ZqIuJGRgL9Jkt0kdWlOGCUHynUWDakrnUc24Y73TQKYrvHnn3m0YhJ_OnoQezClxQZ6Yc9vyQipCn9n7LYKjAP2rd2W_bVUxiItKD0WS4PHJNeqlyJQvpmpK-u3iEANOMECuGhwPQpK2umhmdN--r2gzXXeZq93HLomqYnJ0PkpYG38oMv0lLVulaCYCqPs3ilJCeISGoVgpwv2b2JKR4_Y3A14PVMUcYHFnnPKRv0iJENx41n4QkCveJSpsfFHMGv_c-mPotvoJwC2XU7rbrfa0wkQlWtI9XUt2CufPXVzC9Fig0GexdYZXUx2s14snACah2owoYvkHmFnsbJ1GP4G8FAjGtufjKQ8Y5Hyr3ke14cZOI51A4QHc3R02RzwaJadZukeBCos7FEb-aC83xWR_7R8NT-MYkC_gxfd8rthEVaqKfovtsu9EVVbcU-p28pEphuvUUFRRVZE_yiQVNTmVLDruHL-CvtAmkggR-RLVr5_pLrL391V-TljEhs0vaazjhX2HamS79VJw1FyZ5g1UU_VI28i19AqhqkqyZrlPSa7FvRA66VjqlRhpQ0lpC-OMdY6eSZ1jvt1q0W_iVcuTFzFBMnyUQHtCPJ3VzSmDfV4OZ8OqsXltzLZ61lMcmmPJQfaB4l42tmSwDRGj9YxzKhArCcqh2HZp7t_XFh8TDXxyt8GDqSGaPnxpzrEuvB8o&cid=CAQSMgDICaaNEVHhAef-VpTmbBNNQDt11tLGQUiVSY7W-UK9Ly66nuI_XnwTKnCYiDT3hJdhGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apksum.com%2F&ds=l&xdt=1&iif=1&cor=10773230996724593000&adk=4187883465&idt=240&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66358359131a262af5a0780aed3b12b107453dd93696ea5bc5c43ae4a42542ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37927
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 508C 202 KB
64 KB 79ms
72ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUDRZBnApuj-DZOH3oTENKoxkGfPtGhJAGDd3JXs_ymZx37qBvmdsxeKbnJ_Z79Z-fKyii6bBXc373SoBT4EoWx_ZRLaVICatY_lg9v-7ez44WXB3kxOB0x3qK14ll15Zy--gmbK3kPjExvg5y22gQHTmLxnrIaEeZZaiIGRdVA_9uTlu-9Hb7Oc--xK6R2hAL2l1GnOdPJyp3RdryCWcbwmppSQ&cry=1&dbm_d=AKAmf-CoxKtRfJGCj3K_2q_AkWiTkDx4CBOK1dyDjejepp6lLNYlBy5CcQtaejlSYXCYsLs24O7ds775D9N92IjulGoO9jvLNgGhaL_Snx6YErtOSEY464l4t-T1jBMalP0hdnGJ26WWdB1hKr6XTFIhaC7QaxCEaXo0-F1VsXcPO9TIwmOuqwHQNpm13qJWcRkTyt54m0YUdSqv864M2E2XHdMUDJzusO9_hkPYwqnlfr-3OTEyqMhwKZJuzmxoqSNn9SPumyK6tUTkm5bsoQVhjiPgfzAVaJkU-QNpf5drgZznnzc20lCXQz33mQaAE8Nkdv2A1DbWv9xCXCl15tsiiqFF4eE_TjaVgFifeMcK5iufbDohtrYdl9YuKycnLK-llwmOm97ifeVf4163rtoSlWae0oo8r4q_kSMEhPFrbcuuepdvMv2b5ePvt2BN0cnTAk2HayViAYdM84O1f8kzqJC0COOMOKN9o5qo0aar7gDAcNS-H53-82lnKbLb7EQJNiinqnM0cLV3FfHiM5GutrpPy2TCEd3kk3yK3ETrDhu4I0XRBQ_X_p80l7HGwNnGbp36elJeGiV0z1l1kiEc1mGItHG09RR2JO5nWBilKy0Ip3-wq-2-lK_Yex7Aw7BuQEQPDm77zbdp3uv1uEJcEpQ73Obs53drOy68YFB8yy53FguJnsKgFpzDxFZtmPKHJYzPMU_VF9jzISWkBxPi0ez96vQ2q3maPVxi-t6WL74wkZ91Eq1TzICtHWHvUDePtXNEoqZR5G0QboQbO1ZzjkCrR2aVnntvs8O2escFmrWpfRRE_5c3FDLAYITJi-oGixhG6a3ewin_aS6q9moTO4AmH573qhwegazC6yueNVpS_-diF3UdbaaHOi3zScOMLtHus2g-_cQMzQNvHpo0su0r8wAdDL2n5IVqA_yzxk7JgmcnAJvYqxDheXVcB3ICPJcaYGsJxC_QRzNlSZN-DmdUDcGGOMB3k6IkCXrkueTUPqjMmDh159RMpbh5qvWIKgH8NO6TvThLuLaIypRyeq_bAyo8LC1xvpAzymafg6waLz5JmVvKGppMon4aoiFzOOQz3wvR5vxZDYeKQp27vzqxsdoKWJKWM_LQF7ojbEZEnoC463s4JrjA-CM9a60jLDQBTyPR4u8BGW_daw9rGYSedwlQ7P7r3y9kiJGGA8C_gplSWKbKaPmR-bBevZVKE--6dmAG0aOnb__7x9UJi_OyWghuvMr1HmqCSi5wBD6RsOKwjwhVT-go2Bqk6zQb2bdF5uBSkt_j89O2r66Y157dQPI15vs7yhqdqPBEiFALY5D07skgLxX52s2tY7oOg_669ToDeEnj6QJp0R12ANnO8GdYkpuVHSeskCCQ7PW2S_05jI7xrbYlMPrqDRbEydM639m2miAtjFk9b89i2vnn9d7OXsyvxnms2fXXKEtJspH4uEWDEmmag2Q6YDFkPEcw5SSOIhxL0Zd1Xvbkr5xyKJ83QxHS_KhLnqtm_Va7X6pp6ynnH34mx4wfN4ZuKAMNic3Lgl_yVUbDvnjIt8gtUNJ0PSsS4gF3SC9zj9eNz1n-4MymQ_zhZqTD44NtZCA_CQS0GIHQw2W8trg1x8jo72c0nvgRX9B_v6nbZ-aCtrP7-TOJN_r4adSOmBeFIeRqUyS6QsBQTbwyKY5sWNaRpxW7OOhpcs6-zU9OtXBjKYY1zLcBGW0EME8n-3UJiCfzGS9c0EdJwh0p3klyLNGzk8c1yTN76JKchli6z3F8IiQWvh3VKvOXC822D4nurJJCwrtuboWqZvUlnBKNgzufegFeI4cR77soW0TjFb87wqg5iBhS5wNHYedbOkOTCare6eqBLolB84lWQe_xTgLHNrrRHH5AV0ZsPylG2RFHfaNeWymUIZOQ08zT0Ju0zhsTqdJNR395oW73Klj2Ps0_OMgGxsSBvYT_V1k0SmPbeC0I7SI3SaElOIa94nrbHfEH8OSazeMtv2qCZY2FVswweUlpG8n4pDn9qmfkChqExTTzsXdvLMKndx0pknrzVFp0PPXQfmTL1oJew6pu84mlspbF99YB_zg9U2kQctR0S6s6zaSNcqEIkK_aNhmc6OWwYxzaZZryLdjo1LDW83FDF8SetgsjPx2SdPNVn-rkuZVuq0cBR7TnqNRvC7rl9rXxLE6yMPdoJDPVR9kRNAXc2w7JmqgA4i7xAJZAzhG-BuixNZSAdQu9xf7Yg0SWegr_J90bXLsweHR8Fj1DRXN6jJ3p2k3rhtFo0ojypSMMRrGo8V8-UeQh_AV0q7ZgO3Nxm2lD2kEmnc_iR8gtyAE_B2R5LW5qGlZDACoqi8VJkFWQiF3BXDiwhQP-7RJ24ZqdTyazfh1Ae3chkNe5sgrqD1WkslX1AnIlEUZAlRtOexWqDwXj9bJ7gybgMGdL3e6z7-kAtuJqKvvQM68VQYT9danLDla--1xNM9R7TT14UxbHCgcbAOCyB_ZmnKBq5e31ZXgdhfj9S6lk-11QcEfVTUDsjmUw__po3TPoHHkd-D2iJB-RYXKwWfrHx5RfvAMksmsZxe28nSh2YhEkxeaLt5d50HXbC7Trx287b5-pwlFbwirMK59Nhod2pSKAXmfI6njruUqtPHkqod9-v1iX9n5i_3ZKRnt3kHXuczZrIqSXOvvBUH0AfdyBHm-y1Tw3BfE7HEtRcDKpP4bXaMFDN7PhSJZ6mW9CrNvqrXyLU_VY9vRGResDfY7JRYLsAXvwOqcxJ4g7i8Gybni_lFHqmV2twXqULfPJY7gKU2E2SUTLHB7lKYHRwYxDVRaQuWkFjHfzslO_MRgbWWaexGpyNv1DRbxQGNwoBNnBT4otUg3wP2L220RunvozKrbnjBlGgMnS3Z-v-eIQns6DkymUoh86iBSN43WdHaS9s4X6caLh5RSf0E1RqYMUfAKEaTAWgA6UJ0yWcG-rnR1Bhu5KJSCjIhaImhjomXmdwn3JlZP5UUv5HjfZrMgFayuOnl7fQiJnnJlJJRjP4PLUFILGtd__sKihsMeWL4tq-upD8W7rsv_tFBfOuWNe8050E_e3-fTVLa6sxapacZWNWSODuHljJvRkNfuZrYrtAhVvH64nEfMXnqq8qOaeX1PPbfhLpJdpXSVUC9nvWRj2Va00XKuo8eSZPLJOzQFe-_PQPsnhcrG6EvIyPbCbh4_Nz61rAy_ggDUnb7t1CnTF22B-zO58kRoYlCrk8vAkSPH1aVXnuzUlsJL1e5GtclYtsCinxuRbCoJZQ9kwr9YHYuWlqhSGwbxwYGrhALCu4HaRxjhSWNRX_fjL4SC3hCWXLfyfBe17E7ri5GVBeJCxxGhBbhwEf2ihKpWyIDGpHiy0DwcHqYb-eBxLxPs1x3ud2lHqV71fZAX8LJWkE9JgA09ZKw9zSKeOTc4Mqfvwa3pE2R-5jizbG9H66Iy-aKACK8GQKm9PjsncK9-iWSHbcOWAyU2LD-GyDQXDzN6MENFvKglcRMHAU99EX1SF8SbkoAiK-yqiPYiC7o-fLkRwJ4lyFWFY9aplifMYZYXcwysI4-HvEsB4qnz8hbu_CFu5urZM8wGBdo3BjBB8Rln1_jXbUYWleJFKW2YBCHTRvgzWH0LFVAazPZyuPai183CO4Q_Dpf0pCYExVRk6QLG8OqdWiQ8vrp9DZYzxHQGaVVzYe1ZkbN9umrkI9gVI0hyXimjggBEvO5-yI1keqcWIgmbJOvzY512x8CqtfvURyULn8zw92YU&cid=CAQSMgDICaaNsX6LHGh0PtFyPkOqUq-75D4wGHReo7a2BDaGlKsFbQtZclbRyqR5J-Z14RU5GAE&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fwww.apksum.com%2F&ds=l&xdt=1&iif=1&cor=4295937500513244000&adk=948955621&idt=198&cac=0&dtd=17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:41 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 508C 41 KB
14 KB 108ms
29ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTUzODkwMTQzNTM4MgogIHNlcnZlcl9pcDogMTM5Nzk2MjcyCiAgcHJvY2Vzc19pZDogMzEzNzk1ODcxNgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMzk1Mjcx...
ad.doubleclick.net/ddm/activity/ Frame 508C 0
866 B 139ms
67ms Image
image/png 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTUzODkwMTQzNTM4MgogIHNlcnZlcl9pcDogMTM5Nzk2MjcyCiAgcHJvY2Vzc19pZDogMzEzNzk1ODcxNgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMzk1MjcxMgphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA4NjIzNTkwODQzNTkwMTU0MjU3CmRlYnVnX2tleTogMTI5ODY5OTk5MDIyMDE1NzU1NQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMDIiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMzk1MjcxMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4MjcwNzg4OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTUzOTQxMDA5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDgyNjM0NzI3NQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDUzNzM5Nzk4MQogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x37e9dead8c1e68ca0000000000000000","13":"0x1b32e9e8ef586ff40000000000000000","14":"0x7bf3588ab3724eec0000000000000000","15":"0x2e2ba7cfb3a69c750000000000000000"},"debug_key":"1298699990220157555","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["13952712"]},"priority":"0","source_event_id":"8623590843590154257"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK c51otf15ln3j Show response
hal9000.redintelligence.net/zone/ Frame 508C 12 KB
4 KB 137ms
44ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/c51otf15ln3j?subid=&gdpr=0&gdpr_consent=&rnd=1701538899377901&extVar[]=DV360_SSP:38&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpdHcU2xrZa2IF8PI9u8PkMyL8AXGvb_HdNP038-dEpEvEAEgg_3mH2D1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE2QFP0K7b9ZtveJAJzzCtez1DfJvzM-JzC4NmhabJqgbyq9DuDaXk0xN38atO5M9gm-ujtNeRoV_ZGATFYC2o-_TwnA8PhUhkH-xrBHpxMgfltY47v1QIcU4UFQfCvJIG4opoHIJp41y1Uu-wUvXsJK0wCcnejgdBmhAZZAtsFZfIKhS8FGM377qumLYtv8A73SZt5AJpOU6w79rj0Ea8QpZMEXEbZc1jH_vqfWFrDfhmI2Fn7uDJJsgQLonS7OvGVDXWtnp5YYZURCscnQGpALfuPwoVnyEHPE74wATk0qy52QTgBAOIBYuu48pNkAYBoAZNgAf19repBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WPi-rK2m8YID8ggaYmlkZGVyLXRoZW1lZGlhZ3JpZF9kYjgyMTGACgSYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE7TH3hXQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNsX6LHGh0PtFyPkOqUq-75D4wGHReo7a2BDaGlKsFbQtZclbRyqR5J-Z14RU5GAE%26sig%3DAOD64_2JMGw8Mt1gn4ze_faKqsfFchQyQg%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-ARVT6w5WupTTNHvOFd6BKGnepIbxLgmWBtUMlV3hyiKtGTqqmBPTQPr1Zemy-vrSu2uFpBbFqlFFedvMOOJpvH1ksLsXxilpAUXtGKl_SqP8ojGOIgE3iIjWElwOtMLDgI_Vwgt0u3ABag0tQwEIFOyEouD6iEGHIGzjJiFUbt_IcV1AK7__WvP3LqzkA3JeNxjARqVW0r9xQHmddxwQ-jmKyi5g%26cry%3D1%26dbm_d%3DAKAmf-CCLqIxhkkvkpVkHrCN554XL9NffUHlvLdp8O8zT7kBp7i3kmIqCYLfe0hqefa9wB00LiQEmSrW-SNyExTZiVVJswCebjuOsz-UwOIbpDiYx9LUJj92GGKzycFeZhmuRP3Z7T7eDrAOmh5ROYOxgfas1oa9DqB2U9r3io77erFzX9se2uVlXBbJJd_LXkfKcW3sv_2z9WIWH6whRsWW7dex0uEPch4MUg3dIZkEju3OIigtb1nu0irqF92ETQ8iOYRLmv-T_5JxmH9sYX1as6XVqG1ywQ4FYlmawewv43AMSBVJNPbt_4G06CkdMUr-JZGjcTZpI_OibFlhmZA2SHFr1lqxBn3ZtUXA-bD8Xl2kR3xcsFkV9gTv965Zh8q-FPv6l8G1bP8m4rmGOpEKbiLyRF3gPw72zLTml0XegsR9nvTZ0v2Utl3jbojL14NJei3uvvp7HD_hmi2cHabkneSb-_ZA8SGX0Y8noxRFsk9PHHjzAEErSSL7Z9gHdGdPvaYXE2lSZTb2xUEFF8GiazrMXg1rBx3AoLEEj__Akrd3wcpo-6jSbRRxawe87r3DaarKtOSpQPcPEG28gIYAduh0Y_T4hbPurkgdi3BCOzfsiSg0ffrPWePV79R6wsEWW79OVlbm_gD7fcphMAwZOMRtm28ejnuY4nXRNyW3VqVHFJHv74r3ehCr_Q_uzqwk5hEeB9gn%26adurl%3D
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: af61c702d5e3e77ce672bb58faa0b74619f9c9eba2d7731d55bd05ad32d071aa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:41 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4317
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E89 202 KB
64 KB 112ms
111ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRV3lZxL1XSUNlNTr_vbanekKkUtSw27xcaqOj9TPmwniWZGUod3dADruigMaVo8A5zbCHWkx1RZCJbK8k7AP-gxne28WvIDTXOrtHBmtOiQAALfDadKMgsqHbmqP139CUk7BtdpJ-loA2j_YyGFeJ5xyeSzt5vD201RfmVsJGnewK4kIjFVS3giMl5ipKyZcZjrVD7847p8ThuigjqQtxv_R74w&cry=1&dbm_d=AKAmf-DLhNCwC6ivrZpxrJqTKD_V6nD5bsZvDMpT_lUbigxheYTfzC5VOoHuBQsIQYp_eFjYa6wzQuKI8u821VNo1OFe0Y9gnewQggb3ZIQZC8LvT6Qsw0Wp6Z4NkTLWlmGSamQJmOVr8CucgbI-sQdazJAiNboVZH1dcyjxp__2M8FVOaR5Q4Hg54BYULimsua9zrFjIO8kSyZuhaBqIzmpgsj6Dd7neii7O0lJeq6w4duRXOgGKjOWFp-v_ZN3Gr8jJs_1doRcXWnyRPKCseEHaytwpTRH4aucDBWFHoE5X23sm6O18iYKQXT55N-CCfox-N2FxHA4zslC0IPv5VL_CO7uiWr-lmmZQELDROwvkCJV3CdgTVOsnpOvztOZXoTlBPP9XjGhi9KZt9v6MNPkmQSPNNLO51M4NIV64snXefIhkT4iDunr2zdH2mV-3ZV7OKCAXvQOg6WKgLhRiYR3iVsL4RlNcp3V6FCMD3qVWDbmJFyuJkTQp-YgkQNhlHw7GrE2_6LDbW75IANr_yVxh7GuBLqAa11Icmb347N-EZr8sgbysv5XT43zKOWL_9QT08dGHA3ll1L54-LM7IELjO5AlToCR33x6rZfEGtesT0-8P7Tn1X99vXTXTA-Mxm2mTDkBlFOeQKD0B18WJJljJseEJ5Z6BxoJjE9rz8_H_sNrlKpgTBPedKbdwpZ9ml1vxa9g60FlTOnbz87UPJpIg__5FUHic5dcXpVbORPS8KMuVrC-uENbsGpT8f5512ag_HSDvMALxwSe-3kGFT9qrnupDjui8Y7TYK3fYQbXZLnKT5ItiMa0RVNSIJE6uGCfp0afjng6TCLRJ1O19gkigTyuHyV-Vt3XTvXY69SCeDTjp-ZTbEnXHxhgepiC1akFv39wfYQUxs64Qdw1kB_sTFwAwMubRYn_p-rhYSsxTEeuPgO4kBQGNoVa0j0ubIO8lplJXXQrZVsMHaySpIBvFLlHKezPiqqI8gORaPCjHojrhLg-SPuu_q4UbeFTvl34HZp-tYiVrpC9W_xZwn0vYlGI28ztGBR38wihAZvGC-PhJ-ZujThZnkn04bTyz4mkU9vfkQFt2TPirMnZ_cgBVRCW_NeXaaKQmzdye_wrfRBpQwUqZOdOtCNneUBctSf7dQmf5odKmnEEsPa36oKf-bxhhGpOommpltjd-IvRW7uFIjwCUcBUlPAoZFRu2FN0CH1S7-lXSLZVzN6aLA8a7LoU249dk1RRV_3gJaf9a5btbeiSvh4FRD2VEpwyMHxz8-X1UhgYh8j9qkhpvE7nzMGkcGFCEcKTDGI2q9W7zE23PoUu3UB-ZZml_PDnhDgJrzePtGe5DjXW3TZKCb8AqHXVn8ofCsn0c6970KFuOiL4e0jNbdUEh0ZOSlLL73Ecn5yEcXtkra3Jm21TLWenrE_ZF2wo4eGTH6E4GIWsxS-qvnqrF9sQjT_Y4dQxr_fThrRrrptNQgQQ9aZI0LAo09Ql6dxJ3ymNXqFKqHzxzKC8ipRJ2DBQSadBGIeyBm5-7YNqZszFvpL4keidKqqZyLP_3Hl5NVPfi3K6qQZ_AYhHdUIKJZc934kpSdq7fdRGm2ppXNQrVvcoMoUbbTi7xRU90UwQ4fhN-5KpkX8oin9NBr97IDejMB0mVVif2Acg-uUVPdmdHh08Nl3XYdpDpNA-w5xPEZ3c2CiDMHqNlw3NlGEJ8s5fhCiYn-ORKWGb7btzN7WlB7xgB73Dlxh8pL6I_gSpe5sDJlRNWZwg1yCPkfPzi5Q_GNtB5sNMgxtp2uGjoye-qinBQ_7AB6Ctx60lIfph428yXKZsCO_jSj5qlfwqTREnS6WD4YvK7qeXbnDwccRJoVr1ZHZ7zVBb1eKQzs0deO9U8Gax-MXFLoYsctjTq8KaK5y6pjIAkY1v1PK4KczxHfYF3TfB6pohtu2eIKPE70iiiTy_vn5X3LQcdvc66JK33NVCy9rkdsbJYMDUqtITY147mILakSipistWB4My0ktgYd5XaLb60m1_9E_QQsNYpY-ruvc8r-iU0JgxuSt_rVJjjRTA7WMl25zHjci_uK-iIicv0miD2G_6vbywK9sSG2KfOK88RASSyqMcAMs1SfsfJax8Srx9Rb46m0SGVmsTCFo4OGr4c7qr74Qo-JV3B7cx8Yz35o9-4otfIS7dkmykCcaq7Z5oyWX0RplvnXGiRywtrKzGiCdq3ohdN088tmnGTAse_tiJoKQ164B59Ie9bev8E9LTqCyvGtDm-sAGdAwJIOA0En0NogLcLSkbjh4Yst2Glm1dKtyYxwjEBAXkSaRCKest6PyX4UnGcaIqLGgKkj7okASg_9Y3YqqalTq6HjNSxRn16OUIBg8Lr4qcAIq1-oJD84UG-qOcjvPIR9_G-edAz75BR7smu7i-iuwG-HUGILqe8DvzA03MBzElOYObE-dvXV_bN7U2YJNuJMczXY5qtbx5xkDxEsLTRoSH6kGKG5BeuSi-yb1RuZ7_Y5L2dkClzRmjEHmzUoItID_BO_r5coki0q1eLeTkK6GYpgjXefAVRDmK4ZPzDKaixazgh0oCXAuRCbk_IqCWwRhxZo59pwnXa9_LcuguUQZL9lYaaofetFF8WSUsIFOL_SEKLM1hlefyX9lh4aTkuXkQOHSS_dEUkhMQkas54oVBRhFSYDgqGngLaFrAnsYTjjoRpf-1frsbsE136asxI_039s1azZk9t6bKbiUWyP9yLdZD7IvvLN817GZOC0Xo2SEc28ag7AnWMatoFYGdgZjm54wKDvEkBrdA_bpDu6Tp8uYAPtopr4L1cjNjlPTQdK4m3xKIuk4m_5zSBJQLHRbGvAT9uMoo7OxQvrdcbRFCRzlz9lpSIGeI-zUJ0VEQi8ge4W8B8mjOLgTDQWjhIFaSQBtJjQ8sUSXb3SxFndBNW0EHPZmNBCluwPoOhrHxYgqkTYzIK61AjtBjpaCVWxY_tbdrxm_mny1ki1V8XE_DeBqakTufEcr1OtXsBCXvqgPnQo-FP_F6m0-gUip31KmVH3VjkLZ6pWEuljvQix-WErWRVL7B4GCggA9EdBpnt6D9PDwgpDwxNj-7bNdU7m6rCb0gcsPgNtg_b0RENKhd0eMW_mHRCFXAaPTmaiz4Ruj4pJ19XTU1sBO1egNXNVQwQz_ZzYIOzn91MOa-51cHb14Tyw2FdqBhf_XXlaoqD91zmjH0h-qgNFJb6Z0cnK1ebPf0K-W0a1BZA9jmC-J6mne8aPoGbS5I4vF1v10DHdMyeRzRSjEnBcYYZzwP5M3YINrs04JFlT_wYGzUbcHRdcaBNuaNZgXFb690Opi1h8kyIJINCfHEVzJE338SRTixJbX6_kGoLQrx7_JeD4OPMP72k2XY6zwrcbLmULEeiOzGn7dLBqd9tmISrNnnLvB1-Vr0Lzl58L3x6jxpKQFmvK8DC8FXO6cL-pBcjGyXXWNS20ZS59p9nQjlOycue0ncDwX0TCf8B3OXpa9KBClYc29TPAw6WIWJ6Wat5zMZ7mIEd1gCys3hwSIqC2snYNGoTUXIiJ-JTmMTGCovTphgQ81vZMr3pdJmGGBhA2tPodE1OUlPV0uNY3HGJjeDPAzneiILEJ1Uq23GjaGoP2M_d5-HlDFxnRZi2qaXBJdMZtSRW_WmxPYjNO2e_gAiW00GO8VUvKxN-lPnHLxscfOMai36Pa4UJLzAdRVA2owHm-iGVRyjq6EgOAgo8galXOYCL8xhSXHrJIXOJmuUqdfr1cTqTtsFSG12SK1&cid=CAQSMgDICaaNdeuMymDjWRIjb63ZXRzIUWuP2EOP6i7-AS3vAu0t1BYNO33JHQhxNJSrltuoGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apksum.com%2F&ds=l&xdt=1&iif=1&cor=14446814646774192000&adk=3860748336&idt=218&cac=0&dtd=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:41 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E89 41 KB
14 KB 69ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTUzODkwMTQ3NDkzOAogIHNlcnZlcl9pcDogMTI2MDY3OTg0CiAgcHJvY2Vzc19pZDogNDg2NzE4NDUzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDEzOTUyNzEy...
ad.doubleclick.net/ddm/activity/ Frame 0E89 0
506 B 94ms
68ms Image
image/png 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTUzODkwMTQ3NDkzOAogIHNlcnZlcl9pcDogMTI2MDY3OTg0CiAgcHJvY2Vzc19pZDogNDg2NzE4NDUzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDEzOTUyNzEyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDYxMzExNTEzOTE2MDM1MzU2OTcKZGVidWdfa2V5OiAxNzU1ODA2Njc3ODEyNjEyNDAzCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wMiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDEzOTUyNzEyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzgyNjk5OTkwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNTM5NDEwMDk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwODI2MzQ3Mjc1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTM3Mzk4MjcyCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x37e9dead8c1e68ca0000000000000000","13":"0x1b32e9e8ef586ff40000000000000000","14":"0x7bf3588ab3724eec0000000000000000","15":"0x57cc56c7c35974220000000000000000"},"debug_key":"1755806677812612403","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["13952712"]},"priority":"0","source_event_id":"6131151391603535697"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK mqnp5hgjaan3 Show response
hal9000.redintelligence.net/zone/ Frame 0E89 12 KB
4 KB 127ms
43ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/mqnp5hgjaan3?subid=&gdpr=0&gdpr_consent=&rnd=1701538899030362&extVar[]=DV360_SSP:38&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7fbOU2xrZZrtAeuRjuwPs5C--AbGvb_HdPv038-dEpEvEAEgg_3mH2D1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE3QFP0MY5TLQ5V8MFQOsKVay1FQ-ApNx1peS_1B5V85DWax9Q-L6Qj71BjXS5u62A48U9eS_qckJhDfcpfDg9QMXZOO34wQ7kZl2oYIW7m2dWPZv1EKXuMEodI8S_1gY6MOpEMMGCRZx3S5P9vj6fbJnf95owbncHdGjJjWbnwjHD5lDitopD2ea7sf1YMNySbx3QYnLsAb_KJoT6mS7o3qKY0CG5etPJUb1TB_rG7jhmW7FW-ObZTGXFg04LtBORaWpczYvVNUA96mdsSUDUSkjzLMG5X5iVbkX8-NOv6cAE5NKsudkE4AQDiAWLruPKTZAGAaAGTYAH9fa3qQWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYXzICigI6AoBASL39wTpYhaiXrabxggPyCBpiaWRkZXItdGhlbWVkaWFncmlkX2RiODIxMYAKBJgLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJDSLATtMfeFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNdeuMymDjWRIjb63ZXRzIUWuP2EOP6i7-AS3vAu0t1BYNO33JHQhxNJSrltuoGAE%26sig%3DAOD64_1hvnzI___M1SC8zEEm4HNidDiuBg%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-CJ1UpkazE64-xa4Tmg6C4ZtZe0kDfdCE4zmYlxF-_dk9QV6tL8Zt2lgPv_g3MtFQyY-lPA8LZFh3ewPEePzm1J2A7x_BRoJD7YEW7mO8138Uupw2O1vspcm5_Ur_t3uHM21wq-tfZSG9wwjcclBvI2e9QCNd4Wk6hVQXCt5cy6elck9ns021NGqE9lQBKHzc77or-pdNMl2l35m5zxs5ztK_2EEw%26cry%3D1%26dbm_d%3DAKAmf-DiwU2v20S_Fga2sw9nUmctnVVnqM02luEc5BdRvF6F5Q0yyhVLjyMrQH4qh7BO0a62Rtqo4xVNIaueM35xaf4f3dR87cy-TXWHWbGn4TmqvyYlcArUAbbj0b1vRGfuWIR0wRGDfNycP9K-jis5GoEgKzEF2-fC_LIg-K1P3s9Ep1PotNbOwqRauDR49Fnr9tStw6H9qSs23MS2GVIKi7qRkWIYEgaBHWJye4mIz17TsrHqw4jr7fe-xAfD5hWko0hJKwUzRwn0Kej-Wn3GbxoSbE4n4MkBifFZBaNMPwCObRYW5WTmPYzzixj-5XQ9EPF2CHA4EWObbpNo-qeMqxwHVwjht0qo4zy7wKfQ0u6pJEymKuwLYUtTqadjsMbIKnv5P2KcEWNT4SAr6dMb_He-TG1dReclmrZmWnnFKN3cgZzbCZikg5U7mDlkpnCA-V3QeqkCQuEiJV3I_l7SfZuQXqHIwQLmXFZnQibim9UlBWJhFaTkjZBd0ddPMA5BWw1bdpDjTUmU56CjCLr30hxTH6Q-F-qqvuQQLp0_CG14C8Cv_BoA6P4U9tQKj9KWZ2JCrPhxaXyuhwE7CXTy7a3uNtazLgPy27UW3wbwvVOfnZj5sw5PTidH6DAJ1QEJUL9S1Kr0GWUoP5EAMEE8XFB7qV5VEFtnRZfTJHzO5mbEdGLEsErcMlqSNFLkiuguv9_JLC_k%26adurl%3D
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9cb503cd7d6fd3621ac1194ab5d32301d5268af2f05450404f68c5376bdc23e6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:41 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4316
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 47B6 111 KB
39 KB 120ms
28ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.vlitag.com/
Origin: https://assets.vlitag.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36073
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 07:40:28 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 47B6 11 KB
4 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CELN77WeDq9nag7WGvh_0J9w68oLJ2b_JZdTXe2Sp_I1xYCyCldlvev9hw19-u3y1xfa7lKzMSevMq48lbemE4s5bFV0Zly3KKcuqkyoVw6e9VGTrbQhldU_INwBsGcEYWkg3jHvY5n9tJxHRb7otGNePmIPkiUp-hqPD6DBKbaXkgc1s&cry=1&dbm_d=AKAmf-AuOSUJtEkDn-EkdI3pV48HhoBhsWqoD1Bleqw9MlEWDcyPXxmOFUMcyZW4M-arXw0s4qyFKGph4L1sgrvzfjxBWKORwFWyG4IhTEUvekieuaUVWNFtBXFP8IWO9sVe5Je33IEruCEk9566tOui-Bg2a_GVd2RyheMrcVetq6_UgXul3Y8S5duGXKD1fNCHALQqrgb-lsX8ldbEWQbwx70_LOEWB6Lccq35unLIneF5pmwn2vGTfDlauxNgfMu25Jd9bBz8gdIl3K68B2Ohh39OPDc97OUxoSMiEnlVcKAb_WyKlZsLs5T1Ezcpi6PNuqA5H63cAiZ-m5mmV_VImRA07d0ZBOfNoWD7kzUE2wVinDQVKpJn2by4LiP_vUu0VFZ4_koHNPUbkvHY47MRDs2wQWsYwtEndKxfe-emKFegUIOMlynKM838GIJ-WFCuncpsNTayVU-e9BXKF0udec5B6O_ycMxjVJaktQu8XXZ7laHAb6EE0nnLmmkt-iif0NOve_ZoqhsfzHn9p_nm9pL1Fi7h1K1S6cFp6l4IYM0KU6RcW1tbsqULb0qfgxlPmOgE4vTgXRyvPm9Rm9VSyJKtZQA0IFwISqV41X9GrtlYtJb9CmeR9b7UalPphUTiEY_-DVLvZoGvMGYzVhjPftlMfYWZcF-XdRls0pt1ccGPlPN4JP5_w68fXdlOpPmnMREyV0g8pcJQqZm2-nGXD48XnNy7tuDj4DcI-Vt5S-kVDrC9cGZbsKLW1CsumeEBu5RaGhqFfqVDfoZsKeQs_VE3NuthrxX1LLdq2AAJWW3ppMNF3AEy-HfzUXLOPNkxWaC8fNWgn7FHMPs1u90kfv5FhzTZqKrAExFZvLS8dwJcJ9MscI4RnJ5sAj93Txn273Hsv1iAhHmprdSBh2UEXQkls8XqvKTM0tzyiYu2ge40NI9A8nMDQJs5ZZPxzkl6g42cVqb4pA8IPW8cms1Mf7oXMhZPP0coqs8zgi_1McGYe0_0HXZL-eRo1DXPutwYiMOCssuAsnuC6t9nVUwvfcKGF2HJ5VAT2TX0wjbJvYAqEuwqVE1-zjTxd3sMKCNEnysETz7legElZOlRYygIIkyrkt7G-NwaZxHQFdDdeFXNihADzh54phxQP2pGl7LZyliCQG2WThpib85DzeA_PZCrgGMsZWhaoJAyIYvO7p26KSg87fO6kUY6ltbMoZPyLVQD-iUC9FNEkmHcGhbl3OXsXvlyEOo7vli-pfX8cWMlK2QzsiJ-TKkD24KMs6c3YpgT2BhqqyzyzznlK6w4d1FNETPqV9Zj_tZSJoUY0QEv9yZvXKckPc4d5FxxcBV3aloC-sZbD0RDHpKKsz9zPyYmpo368LaiDnCAqWeDC0efowjnaIiNGAW2N6XzR_XfDHgj-rwucy7HI_6ltq34dva4hdk71CaayMJPrfqldJwwrlQmMonVXTJxiuBk70r2mMojI2nIuzkNAeyKJiAkmmKQJ6NvQaCaZ7e7lB0agFDLGHguH6WQiu3XnPnn5bJuWRJf4Z8hfAnlteTRK0390YLHwAmyomOUM1x2ndgUbe4epJ5uAmbSs4mPPW2y6AmfZIOHj-CrbMHIb4w1-ok_LRVjF92_VDqDl7gLrjIMA3lBTchjmZTFcmYfKkMxk-UL-asJHhC8wqvEWAmEpUHobXXdDwppCw5NhQecHyhDWJtR5Kg0nVOzkuoLDC2N79jDAcVPlcQ-CxFQHz_IWAOsFFgF3ZV1AHmpI19J-mNz9XskorGb2cZro_2gLUE_p1U5lXfgc-XQgsVltD6ShD5-9d2e-Do9XblPHbXnOx4UNFesrkU_DFdL7i-cbbEN3OxabDmlXEm3lA229ZlqxavqmDlz54KKQSxq2L1-oczcLH6g2DQlkL2RupsG9NeUlcMhWKF7yVqUXAwLYj80dNgSRhMXr5bnbWiaE4VhxfoOPwTKUWcelgKnYDf7s4xFjNaCY0XxOPe6d_luzyhZeU-qlEryKT2udZBaat5x4zIOMlbX8Hj9mOKWaSlFJid0hx5FPfs3UzhctfdTDlx8O0foGtmYS2o5b_28yqELiv89iL1p1gYZqTkVURSdCMtwzdf2VgprYtQ7XWuCWw7KpRjL2ELBNl6qHtBfY1sg5IfwJzROv71MwSU8z_x3ugs2Ni6F1gHkeomOmQ1F-Vm_qxJlTsDF5gvCVJ-czRN57v7fLJ-9j74A6EbqtV-QoQTVHfhY_Ai-qUh6slCpyPYTT4uAGcN7rNI8StWVGx6yxIobqI1MwMwwSnemZOKPUDQU7DwSN-DU1MdkFKgZcsDCIC9gVvjcBa6tyslGQ8VwY3Y9hgQcEHiboLfx-x3cgwSm5o3CncgKRNCgQrXcr4bOsDo1b4ml5JiYboWHObUQrzrbsoGMSaH1UsEQwGMMnziOo-3XRQOkDvgZ0DxiLTRZu-B07jUtn6hMqZ8xNuhTFPKKtu58Ks2UoUp0gji_dhEP2aYlpbPXu0znznDlkFzoVQSDh5vyDmOgcR63ZYVPMGljhUwwzFIgEsV8TyiqpvKujfqiXagLOng0GFR0y_tdfOXbd9xnnaGxsyGl05c05AdksnE6nFBNx0kuE9heTWGEdVqWPCZ7RZL_-3OoCfYKfcf-ExgQjv6R_daTbP6V1ksvOVrjA3DCUnpy1obzED1u6fTgCG9_1Ou68gZc3yHvOz5jdPio58ObbxxQ7SARU2Pwxzfwu8iV9xD0IM5UqpxPKoPse5kkLJpfetjGb6OpSK0Did0WlpjeCYGhIRP8_SUiHPS0gLpUF-zcII33ZohoKIAWFbxORBJ1I1b7J_DN-N_2Txe7RbRRhbOeQH661PYmtXZUmq2N1SdPEo94-8jZ0YAnRMYFCU66Vsrk6z_7pWbJ_uJbH6ZsHERcisVBzTu2NUbcv5NyANUlYlOSqjfXW81IR4Mpflww-lxFMRJUqnZNdAazWijoq_0GTSIGCaGp0ocxStmn7fp4tW0U5lVNW2OVwA_S8iLXHbIvOV1jl5BI4Kl_0tQeDoLZWvhwBpAjT0iFzcnq7HTCEP4hOuS7cJH7hn9RvVsxsR4VvVfEX_utFf7lRMODG8qzosjOetrqI_eHrMoEKGbClkqyKuNaL_8pS0MYP1YR5Sdtq5o8S_6Cds64vmXjhz0UhfdC6a7Vz40cgSz7pgEe9pcHbck7cXr8lKLTtdKjlxXVDcfSgDWBhOkTbkx83Mh1BCR-bL386XGQ0EiZE7GJ7oyFYX3bFjmoKvyGkexwmH_2PyphZollzEVJQwDdyP16-BggnYouT5nwqWujIHdKZMhZnKKiHpjAr7pAWy9JXcPtH0wIv601Dh5cvW09DbKIwlrSjuQDevhPwVLS-xU8Bbhb1n2DX0yA3ZFL-pgJm-DmFzpP0DQ8E-qR0O-uXSF73W749RkwoGPcFZwFzzQibnM0mO2SYPUIom7L8eMnr38UKchDgyoGKxdkrBFCh72cxY01BtsSp_6mTkTacQipmsGmBsTBCIepPFwJKZ0cRhid6LP4qENHBw1n53IX4oQGD1raeewIhTeCXdLc-2pZxAAbmo9_0i3FwlkPUaSCaVM5DN9m07B-SrQGZaTMQB2xtnVlgF-aPSQJkYf6huubWGzKFD02-hBh8XANr7ly0_Av5vPI22MwLhtDvbGhI5hjTyg-zMm8qhutFPJ3g5kH5opyf9HOCerAV6KoraoPdb--3JfVwnJquI-UvzGbdoT4Jzc28vvIJlVbpU5WOkwbsxwwNvLjclXfsj7h2oh9Yl9Pt_7fa8veiUqGkWZ-Cb-bFmbdLVFt_u0r8VspuxVwTK0jzFaHwFZpmYu93WSxTsZcVeAfOOgIGLRhnXT_IJ_gMcCg1e2cUkDhxpisQ-GILFzAJP6LpNKoOGsb2nhjRCnCz7vCr4ufqh8XK1Zhy0NoI8YAIba9C-m09nUVC_5qKNLbr5laXx58ITqFIhG0a3GAGOALzo2A7Tyye30pNekDP7YPC7W6RWdKF6hJ8Me3mHhrS_SYdBwDGRBCl0Ee0CQlhT2-x_gvDJ_MXdH6LyqSt32gBo5yM3JhYgMrQSaPvajSR50aabaLnsgx7Wjb-BO6mjDKPiXs-Uv5q74U14Fz58rIhTRydApHWxX31u0&cid=CAQSMgDICaaNFYHHaviTCwf0eotKSvMAkERlMQKwJEd4LIS8dcVbQRE7dlkt6P3tixj2C1FaGAE&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apksum.com%2F&ds=l&xdt=1&iif=1&cor=5964607571727176000&adk=2075474804&idt=258&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:58:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 47B6 31 KB
12 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:51:49 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 47B6 41 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame A400 31 KB
12 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_-oD0YF4iKYm8-1n3DrMtVQVDv5_sA-cr40ffFQ7fPVjeE4DfDscizdMsGFzsMHMGaC9FyZ0pPmzKzT7HX1ycILeMBDNwGjB1fjqE6aamsQOY9RbXfIhpwjeoq_xqVO_F3UWihxKRXrCxvc-VE5s1dM4ZgnRsPaigz4F7XZox8lBRaDM&dbm_d=AKAmf-BXMqha05rjW5h-EvuQNaTxY_Bb7gOKm4ZsPunTtJGzXtaYPgFo0htUWKWMsNUV-UGdSSf6pDzXK4k21_kP99Jqhe4LSnmvgEHwbs1_uXNtemXsA6bio7UGQdQtBCRnzk3tKhSDJ2oVm1ADJMzmVmaxMWUTGlngR0ctRZNmHOjJs2b1CooZsLSV3cyiwqhckszAct_ZwuIhLUtSlLtHxxrfU425wPp9gB9FnvaDyq6aHx6U0Idx4nqa7KKnVGWg14g-0IonUNC2JaJpauHyRjqwzmvoabHQfRauNAZDuCQjP7Z7qfqmVBT5l2eZj8CIEti73xboz3d2VUie4WuA4X2R-DxTF05ME5Rt5CSeoZ2BG7JVDSlPdIv7MhlaFlxHa9sr6AmshFALOISxxW_IGT8mlwt7SN3fhvocgK3MPrR3djzrv3o0TT5No9YiFz-BSVBXKnWKX0-YRxkgE2ztDO2D9ZLR91g9y0tO4u_XXQgqsnuHB_QKW3sfwcbwCFnjNWAIflw7SOnZoxVPbV-Gi81kkL78BRFPYMMDwV1hybph6iEKCL0YcoCifKVb7AW7T87vGTqEkBX3gRSH-PFjvXRhAzKGz-tXUc3bvpqlaVJYfPQ5xV8ceyENiUGrmrrjdiiCXWIXTkjlcZ-U9gxV5HWAgQ1itxmBl1uV4nMQsQGJIWCNgq_LH3z9pRrVEJVWeUJ67oKsw0mJHrdBC-cia8bCuv9eU-4AfRbJ3p29D8KCNbSKhiFW02ybCzF1NmDRs6lLZfBZLck8HZX7Eo2GjyFWVYbThr289ZovwiwrNrRewyfHuC6cyRJcxEYvkd5rzgHSfkhEF23l5mZMkgi8ZvuTpCr0vmgcGw7S_OtKEtvn6e6vlT9b0qHD9UcyHuAffZSPX_FFPrfctEboG88cZ3vIGn5Pj-kK4IS8HMz14vY6PAD8CQitAj2noxn4l6ea68HfnS-nvA8JslVB_fVMPgmruOqXXUBzn8hplhJ1r1P6jU8UC5Cdweeu259QHucF371U5gCYvFJ4DgQbdAPirW1iIpXKJgBM1fQZ55M-k1Ap6yfZ84-VOblup5wKDtlle2GF1w2wcdFoZ_hupVwx7TzqnNPvKr936NPO7GwQn_RR2b8ZXLhHlZvLx3wIhj3P07UevYdK8CkxYd4rp77RSeeFyFcJnSOqBUBE4B5xoyR3Keyz9lL8mItMm4ZwHlP8UdL1ZQI7VdHW3fjfFZUZQIwf9jQ6JM3WLLD6lXtq4MzSp_ELfD2gMhWG__jwtCyH87LYhhCB5Rhhce-qM5T0TrO9yv2q3CJw64NNX1zW-nhqRENoA_iPTdBtumxgjO9tws4PajsIrRmnyxQRd9SrGxIzaU5T81ScI5tZUnniu-o46gogZodxOsQcn4HLa-hB0Upsqj9oP8UKqnLkn-dxIAz24dCAg72rjdHsK3v_StI80KOAbTHx0IK5j_8liIp4n7PdvbaqtXOkg_4MNrDBXqMUTSOlh69H1jol1V_d_slMe93BL4a8KOr9kS8gKr7hMmjLSdhZWI7mfHUWUR_x_3e16_vIeCuEC8JRVciqair4_3Lq-8sSZLYn3FMHF_e5ZZXqvm3TYge2hlArTaZDXohFBH1_8IhKJkj3NZrKBw34fFcEng5HL4uuWFMQWYtfkMulopTagEgroagWR9wTjBrJQvaAt9VmTZaNmpguROHg_5TmS7wNjBJYNxp60XG4vEMwf619vnofCv89Pq_UTmpZ3eVzIrxDsNnL1ddmUtYuYRRXl3wPsxkYWRRs0MGcLQFKP332QS9Fxhrf5Kd4sFZG9Ft3pDvCPIb71Q4ie0prFAnJ-yqQRu4Hubj8J5-X1qrVDOkeSvkPvsQKt1Op9mpY81INUg5saLmGKzPyI5pHGDaHz3PH87XogQy1_otabf4Od5fBX2RlM0ljxSvbtvrn9h2czG6SuZmGT5OG4CA8j5cfxjr4QfPVirxgiUQdyrtU0Qg5PMMpIFYvxNt4E4MSTrvTWrUMB6WpYegq6s5mWHQyxhzxm20HkXIvbrvZ8hFVx1KvUx5Bra3a0XtF5Kib7sQHm1XFO1PwZOzZ6NSnMKmiTPCGdFQei9T7-oGleaVjdwsE3q2phxe1g_KT2mffW758FGlP-BVOOUGPE2a3MucJQpQtCRy9KG3Nt4Imx8fg7IRUZyFr7PjiMgswyw_CstyQym30nB9ia77vf8HOiWR373CADqV8tQNntVPrCdMSi6o-mQA1f1qZy3j2Dt7_QwS4S6FifipNMJ8KPFEt6fRT6VYBpfn-adRLjcyX2Q_gl2HfVWl17R8GAw_O0_PZRwh13ziX6WTkXg62puiX02NQCv2nI1M455U0T5-J_YJd_SEWCr5F2JEMKJUjJBQOl4h7ArVRvmkxsw9YRR871qIU4PTpvXgvmIqn7IoPcan-95mlU78sWWcMansyG6ymiv-rpPuK0NihrOcqRFA51BFgAb1nx-RQvpp48TADntDnGMx4TFSZ9iZELM_qJ7KlpAFRlnsbHBc2X4nePJ4oxhymp8UVBXbWcdpAtC2IyFrGpqx-dWXmxfPSghHJVcNSMFjsSB_G8wyo3vy_D76EbuHwXxt-eagEvLbHV0yGXvITkJ52vF5FVCTPil-hWg9hQANwGrCk3fGS9mKAveDKKN7doozDPAnDIopb8T8qNEDGeYnuFHWq8c5Zcnk2BVvZ5e7DCWNJI0qXhFQGzDdqhuneMZq5kp-w6VAQVjd7uCrBsjbT5EKIRuaDH-6QRrnGddpBv-LLUMeKo0W_uF-lKbJyYrxuCvf109QyTfzvAi3koP5csa0xSpBeImIFLr94m6UdlXZ4VqWSqR2E6CtvMVMx3qbFVEskSRMogV9PxMLh619Af20sO7e_OV_m1_fbTKdhQ_qyLp0GglW5EYK1YJ9g0zsXqh_Pf6__wihqu1FczZbnQTTB_lSADn1tyO_mjGKb63vosVIFyQgUl3rvgkvH8VKChoRNPIJyUn_2XahlQZOBRGci5f6jKudw0s4oPF3rRX7Vm3N87Sb0epnYRsQ2UR6dg9COR98NmKPpwZhapQlPafGfFwYi2hlVlx779_hY7GOaal8aIkAdzUoGJP-M7S0EtUxpaalwM5ZcJd45LOh-PK56CTMpnpMPP5lmunCNeEeGfubxwaPhJEpfKTYYneG-qHjT-ibTdssl9W6qSNUakJ31-5cFSfKMrdOGKc8Udd_MnQqV4iipHEGR8-hwXlgusfPE8RWSo1D_9r_jFa9jeJ_ii4-3SQEly1NjvvDTAO6uPmdYSyB6AsWJjrE73-mKalAlAKe4qacqx8PHJtCeA7u8a_f9rbFuU5eHVcKPcJTI8azuSOj4Lwws5-xDaxfhszk3F12L_ADHRc9RCmj3AbqfZJbmVLDYScg9ba1HjREKCFWX5YWkAB5a34ehFnujcBcdWaEfKo92C3OmHzN2syzO3-8G6r7pPexo_yzfwn4kvTjGdeBTaBFwlcFP2sRkLE_FfwljmDVMpH9pFvE3qg7HwrJSFO5XMlCo9QEO74RcFoGqDI-WwJw_MLQ6MYsNyRyQffjmavZ4NXBd3fHaU1pmX2Vwu27RTjhWT3lWMlNtEEe0rY54CiESMzvtfh2ySFF_RwEG1n3U3bbNuDEkeXvE136mMdcf_kkrDa0Nul6mVVYhS5Ll2CWIoi9YPc5iBx3M9rYZ8sNjrG8rejWo&cid=CAQSMgDICaaNsyRxLjnDU4A7HbN6IsYIpNuZ7BbCLTVG4yQQWy5_PRIFQVg-o3r7Yonk3zdWGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apksum.com%2F&ds=l&xdt=1&iif=1&cor=1323764092838305300&adk=338188162&idt=235&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:51:49 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A400 202 KB
64 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:41 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame A400 11 KB
4 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:58:01 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A400 0
0 146ms
68ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssZuOPskiZ8qxtoaph2NVLz0fkE0CbnSHLxYTQo8czbvFb5tQMV6ci4fk3vQSoEgidmvOOTRUJTE0g-FoG556hMZFSl0aEGP_KLTORXMHXmaoaC6-nciYebb1w_0v-Zp96LcsAWW20NYsbvTO_d7MpoyndnoPMNPN8Xxw&sai=AMfl-YRCRZyEPSc8gFzTjfr3-DdXRYyv5VAzLPR9KTcIl4rffyeX9QL928v8xXfYd-O7N87IZDhFvUzbJBWzdnPiEPlFgmd7bt7flo9vcwhZEt4IOnZi_X3YyHXiqxd95gmolYyU&sig=Cg0ArKJSzMU5en_Dc6jIEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.36116&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A400 41 KB
14 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 15053964853320173265
s0.2mdn.net/simgad/ Frame A400 34 KB
34 KB 147ms
65ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15053964853320173265

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2d69ee5f7c0c14a1c3673a1ea0413f15a4f99d1abf2524b59d8d69a6d59db85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 06:44:28 GMT
x-content-type-options: nosniff
age: 385033
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34728
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 12:14:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 06:44:28 GMT

GET
H2 200 15053964853320173265
s0.2mdn.net/simgad/ Frame 1CC1 34 KB
34 KB 110ms
31ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15053964853320173265

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1DKYo1JprkLl7xAwei3NoWTIG7L6WbKLKAEjRNDun63WjbD33_yDfvXa_8c2gT9H0fxa11Jk6j5-qwcjK-lfEE1QeL6DelJm9YiqqC_9TkO4gJHJlBAUu3oEzagtZKBtr_ylvxiI5yUk8b5aJMH4S3az8j3qNe96WHUD7kroiGyXdXsk&dbm_d=AKAmf-DUDaoaxt4xmBBCpxGSTQD8F5Y4K0LYQuffclEEC_c2KOpOyBFp7H8c_HMgFATD4NejwoLEi2HOYHvfNP_ODydp_eaAszh9wk2uisaR59YyJV191AdtEDPUZdqlj6FpBKSP6IUJTCGR4qFyM12svP01_fISQ3cH6PcQnyLpNUjMGWJxrGDAxikljDPMFXTQGkm2EEvFRF8FwmtTAr1kkZ8pgStxyqScDxtfFbmM27APKnSrlsYBK75KgUQRJsxvwZQtmz7HLixIJmc-6eXi4HKRLM0qx9oxXks3wwLiLfxsl2sjeTmm7mb3PBLUJafrBL7IxP_ohT0w31vIx-5NRwSUjj5p60Z9RIoZjR9Vhb3U7dpo6LNorw7HFXNefZJFRnGlRpgktJjL4toPmG8w8MSVlktfL3kaAqcy5qRXFpWz5NDI2grjxH3r9_GX69qFe3d0E0b9XBtfUbjrd2THS7xaE733Gv4J_AryE1iHOcXVAoOtUibha2lJT0yZLXw3-Eeax37gfH5szKdiURe4NT-j0wyL39wD-opks4bkCzWlkJNh8XE1i9cPKx7SfCKt6b9mLaOKbdTJZ3gDlJbfwKRFwidqJ_rIuX5KwiKuM76TN39Pk5iSkAWrXbdsoenQBujI_2tQe5qzbNHRzIKKxPMViT4LE7F2MsnL0sYhP8U8crUpRcRDaHua_0LdgWjcG0FJtVAzE561Cn_sKBLHArEgtdowijXUasdfmmVdzrMH5tO0lcDHNifLRwBie8AZtC9x2PT7Ym15k3NY3S-VBv3BNIPX6NSdvECDopiB8d8GDFVBV5HFej_jJwrj4wTDfXlFMS_NJX100nKbwNCwQRnuIFUJu4e0fcMZyUWzJ1hv04j1RdQKCFj53ZMSfAYpy15h7VoJclhxZJqUZiXlI1ukfeQIKQyq9Iijpxe3f5yrWROce4acASyIrozRp4nk1OCNxK2XmfKQA3GCkF4-cwLUCbhWzdpJn99uhrFhVV9gO_leoy_xyaz9ob6KNir8vgm3cloKZfdQEdg1QPt18thWjziK8fRALpnlRPhsGd6Y0AiFWsLZCXIB27WAl9rz18kj-ha3zAVqg-Q8frV9In9fM0DC3NrdeZB-VIwGxjlBYIZdWI4nwqCTS2MAbw1S07L0qxlSSanWZaEYW7uUL8vqDF63H8XM55WGkHYWqcRPEXpMGDx_0V-sAzVhLQkMy2wBLtRhqSjCzwAEHtjAiyVlNUaWVDIgWJ1klDM-pSdoudiJY_zVbXf1K-C7QTWnlBPIWzxXle8lDnKoREbdqhAHvQsg93r88fNDw5pFs2ff91S2D_7Cf1cnDRpmbJKhKi0bWMK7sENWUZOAy7OEPUqTfGiYtQirwsJi9MOJxFmCT5-7zFZKuPliOvW6x55RH0zhlNK7X99lqBAaxE1sHvoNcN92AJLkqQc3R1nrnWqk7q9yHcqn5rBLbYsY3CzbMNOMKqWdwNVZd12Q_nCV0qapXXvMPZPkr7GQKFqDcx6NhHYldJzGZToCEiusQLxeHAken2eh25ExA9m8sdLIHR7wUVC1dLSTRE8qIQGAYnldvtP318OGmcBh0285iPRZBtTJKyT5RKW4W1YLAFSqaUPWxYPXdxMHzJ0UVYE0YsGoZwehyet_dNr0fGxkOD_nGXvvGkP_ZVDu8dwLD8kzrawcLW9eWYchSCXFGsR2E63q-D2CtU389nA2ckvLWGj7l2e_I_wGM6pbbdEaUFV3Vbnhl_E-6OFj_8_lUN8kFpUA1oKkiSJnx43zXWbFrzTvx5PaB_7DayjaMUd2WMd4n_i0V03Vh6FCrbs3vocWszIz3bYLqm9gzfm595wOPy65wPLzI72ltsXWoHdtaUITkU_6x2BWizLMv8Nxa1402CzJfmku42wXej615hcuhmygNzqF5r9nOaqU4OzIquBZHV7povctBRMaRXmCgT_KZ7CXj3mrjXA1a2EoRiLcdH9bmOzbKcAQ5RuixsPCb80et0fgW2VcJXbRc2xKlxXLg7FyG8bnXtNpOAgPysueNZueuNLEwddKws-7RMJCWekiPQyBdtxebbkwg3w8EveG2Ig5C6324HeTxx8UV8Qp1NPFlQ-soILGHy30J8k_vSCncPotzfdfGiUjlCCCb4SeKuqZF0bWeIMt3asx5oq_K92plIgk8KzFd4CeidNDiQ2pKyVF0JpMfOH_sUE1kpxzW_Rxs8qYVa6ouz63gcYJuZT2bVno9qddAz7SfkINZld4kLcCsD4kUd1ZY2IMcxCjhS6pdcJqShSscqU76bSHsigqBAbpU4sCkHEP_3ym6bmkstDMt9Vh_uuv76HfiH77YvLOT09mYk5LACgWHTPWTJB1smirwuGRa-SoKC6Mh0qQL1ReZzGqfZ7t8k707bOE0UBv_wDgQV5ogsdI6cIvKMLxMrzeh3G2o7U-jPbT3Om9s_mEpcRj_2_yHi6U-OSOfK148guaCbYd6G30wtg4vmJv6GNVHzJpI-rnw7lT1VseGECQ3mifG_PmyWf29hU76YYij3MbuAp9YxMM8CEFtSmhwOIbvjCui84ShpPojoo-l6HCUlJgEH4EmBvf40neIwpW6IZzyy7kgrZ9QxXEhryvHu3pviiUl_hxBzHXqWC_LjJLYzBDEJhFXWyl-u1tB1Ng1TJH27ZqQSyqmdBCxAIoImi7f-Y6KyMkNm1yFN3FfKHUbS1gz5YZaK5sh6x_jfZ3HXJMNNOvgfMiIk_3sRuPgQT9QivTHvBNc0IOCPUf90poeqief-Ywvszqj5GDL7TEKBwbmVMNmspGC5PzmDDnuWgXBdOGhC49OMkg_FtRJbgiuMOBJhRUwT4TfgBFEEIHmhJOX69LKmX7IHjctNnddNLz40sr02O8s2QRYiX-Wsd0A-w3lo6APZObHdUzVlahBZaXGTnPCqBv-eZr2IvIEiD5we7i_vr9fIEWV8fRayuJy6ZriFjiQotCYw-xbsJvYC2ZqIuJGRgL9Jkt0kdWlOGCUHynUWDakrnUc24Y73TQKYrvHnn3m0YhJ_OnoQezClxQZ6Yc9vyQipCn9n7LYKjAP2rd2W_bVUxiItKD0WS4PHJNeqlyJQvpmpK-u3iEANOMECuGhwPQpK2umhmdN--r2gzXXeZq93HLomqYnJ0PkpYG38oMv0lLVulaCYCqPs3ilJCeISGoVgpwv2b2JKR4_Y3A14PVMUcYHFnnPKRv0iJENx41n4QkCveJSpsfFHMGv_c-mPotvoJwC2XU7rbrfa0wkQlWtI9XUt2CufPXVzC9Fig0GexdYZXUx2s14snACah2owoYvkHmFnsbJ1GP4G8FAjGtufjKQ8Y5Hyr3ke14cZOI51A4QHc3R02RzwaJadZukeBCos7FEb-aC83xWR_7R8NT-MYkC_gxfd8rthEVaqKfovtsu9EVVbcU-p28pEphuvUUFRRVZE_yiQVNTmVLDruHL-CvtAmkggR-RLVr5_pLrL391V-TljEhs0vaazjhX2HamS79VJw1FyZ5g1UU_VI28i19AqhqkqyZrlPSa7FvRA66VjqlRhpQ0lpC-OMdY6eSZ1jvt1q0W_iVcuTFzFBMnyUQHtCPJ3VzSmDfV4OZ8OqsXltzLZ61lMcmmPJQfaB4l42tmSwDRGj9YxzKhArCcqh2HZp7t_XFh8TDXxyt8GDqSGaPnxpzrEuvB8o&cid=CAQSMgDICaaNEVHhAef-VpTmbBNNQDt11tLGQUiVSY7W-UK9Ly66nuI_XnwTKnCYiDT3hJdhGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apksum.com%2F&ds=l&xdt=1&iif=1&cor=10773230996724593000&adk=4187883465&idt=240&cac=0&dtd=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2d69ee5f7c0c14a1c3673a1ea0413f15a4f99d1abf2524b59d8d69a6d59db85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 06:44:28 GMT
x-content-type-options: nosniff
age: 385033
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34728
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 12:14:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 06:44:28 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 1CC1 31 KB
12 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:51:49 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1CC1 202 KB
64 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:41 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 1CC1 11 KB
4 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:58:01 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1CC1 0
0 142ms
68ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7x48jwADVWItSpjD2AiMscWrWdQ0RzOpuX34dBXKFc3NZKPLvJdqAOHPwiwwIq3KyY3eRbG5tQz-xBZLcslqwwRXKnlbYZFzWiQPGd6HQF23EBe-aPuGwb2FD3BqhDmd6ymPYQXrrS9XhStcXHwb-0LQfBZYOMVaHOA&sai=AMfl-YTCg-vB3ky9yfv5Ave_ltqQcqd_ifRg3VsUwKNK9UWGJGEqcpcg-7Ds9x16m-_yw_dHqJAQPtiqlqBjfeamdLRGIFB3iWlRX5VuX11IY_vWzbNJ0T0qH42dG_ooXr7s95MU&sig=Cg0ArKJSzHFqL48IdYrrEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.31242&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1CC1 41 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 n.js Show response
mb.moatads.com/ Frame 47B6 84 B
262 B 219ms
63ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=1683032840&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MwJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lmwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-pL9Y2Zz1Kg7M0g%3D%3D&sc=1&os=1-Rg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=0&qe=0&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=IPONWEB1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.apksum.com&lp=https%3A%2F%2Fwww.apksum.com&t=1701538901610&de=868904362000&m=0&ar=51bd715ca6c-clean&iw=4b74e96&q=2&cb=0&ym=0&cu=1701538901610&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=themediagrid%3Athemediagrid_8GZCTF%3Aapksum.com%3A1&zMoatDspID=16&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.apksum.com%2F&id=0&ii=3&bo=display&bd=null&zMoatOrigSlicer1=display&zMoatOrigSlicer2=null&zMoatDomain=apksum.com&zMoatSubdomain=apksum.com&gw=iponweb503341958152&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=205853&na=327421591&cs=0&ord=1701538901610&jv=1268558527&callback=DOMlessLLDcallback_98691571
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/iponweb503341958152/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 5a1aeb86da02fd6211d34da2db682c615f72d77d98108675e0631bf637316b1d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
server: istio-envoy
etag: "5fa05319ef3c87a902d9f28831173b5ea8bf92a7"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 15
timing-allow-origin: *
content-length: 84

GET
H2 200 pixel.gif
px.moatads.com/ Frame 47B6 43 B
251 B 62ms
35ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=IPONWEB1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.apksum.com&lp=https%3A%2F%2Fwww.apksum.com&t=1701538901610&de=868904362000&m=0&ar=51bd715ca6c-clean&iw=4b74e96&q=3&cb=0&ym=0&cu=1701538901610&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=themediagrid%3Athemediagrid_8GZCTF%3Aapksum.com%3A1&zMoatDspID=16&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.apksum.com%2F&id=0&ii=3&bo=display&bd=null&zMoatOrigSlicer1=display&zMoatOrigSlicer2=null&zMoatDomain=apksum.com&zMoatSubdomain=apksum.com&gw=iponweb503341958152&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=205853&na=72994033&cs=0
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 02 Dec 2023 17:41:41 GMT

GET
H/1.1

200
OK

request.php Show response
hal900014.redintelligence.net/ Frame 508C
Redirect Chain

https://hal900014.redintelligence.net/request.php?zone=c51otf15ln3j&nw=20&renderingType=javascript&namespace=78637d8f66&subid=&uid=835398667e64d05c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900014.redintelligence.net/request.php?zone=c51otf15ln3j&nw=20&renderingType=javascript&namespace=78637d8f66&subid=&uid=835398667e64d05c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

187ms
104ms

Script
application/x-javascript

176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=c51otf15ln3j&nw=20&renderingType=javascript&namespace=78637d8f66&subid=&uid=835398667e64d05c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A38&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpdHcU2xrZa2IF8PI9u8PkMyL8AXGvb_HdNP038-dEpEvEAEgg_3mH2D1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE2QFP0K7b9ZtveJAJzzCtez1DfJvzM-JzC4NmhabJqgbyq9DuDaXk0xN38atO5M9gm-ujtNeRoV_ZGATFYC2o-_TwnA8PhUhkH-xrBHpxMgfltY47v1QIcU4UFQfCvJIG4opoHIJp41y1Uu-wUvXsJK0wCcnejgdBmhAZZAtsFZfIKhS8FGM377qumLYtv8A73SZt5AJpOU6w79rj0Ea8QpZMEXEbZc1jH_vqfWFrDfhmI2Fn7uDJJsgQLonS7OvGVDXWtnp5YYZURCscnQGpALfuPwoVnyEHPE74wATk0qy52QTgBAOIBYuu48pNkAYBoAZNgAf19repBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WPi-rK2m8YID8ggaYmlkZGVyLXRoZW1lZGlhZ3JpZF9kYjgyMTGACgSYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE7TH3hXQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNsX6LHGh0PtFyPkOqUq-75D4wGHReo7a2BDaGlKsFbQtZclbRyqR5J-Z14RU5GAE%26sig%3DAOD64_2JMGw8Mt1gn4ze_faKqsfFchQyQg%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-ARVT6w5WupTTNHvOFd6BKGnepIbxLgmWBtUMlV3hyiKtGTqqmBPTQPr1Zemy-vrSu2uFpBbFqlFFedvMOOJpvH1ksLsXxilpAUXtGKl_SqP8ojGOIgE3iIjWElwOtMLDgI_Vwgt0u3ABag0tQwEIFOyEouD6iEGHIGzjJiFUbt_IcV1AK7__WvP3LqzkA3JeNxjARqVW0r9xQHmddxwQ-jmKyi5g%26cry%3D1%26dbm_d%3DAKAmf-CCLqIxhkkvkpVkHrCN554XL9NffUHlvLdp8O8zT7kBp7i3kmIqCYLfe0hqefa9wB00LiQEmSrW-SNyExTZiVVJswCebjuOsz-UwOIbpDiYx9LUJj92GGKzycFeZhmuRP3Z7T7eDrAOmh5ROYOxgfas1oa9DqB2U9r3io77erFzX9se2uVlXBbJJd_LXkfKcW3sv_2z9WIWH6whRsWW7dex0uEPch4MUg3dIZkEju3OIigtb1nu0irqF92ETQ8iOYRLmv-T_5JxmH9sYX1as6XVqG1ywQ4FYlmawewv43AMSBVJNPbt_4G06CkdMUr-JZGjcTZpI_OibFlhmZA2SHFr1lqxBn3ZtUXA-bD8Xl2kR3xcsFkV9gTv965Zh8q-FPv6l8G1bP8m4rmGOpEKbiLyRF3gPw72zLTml0XegsR9nvTZ0v2Utl3jbojL14NJei3uvvp7HD_hmi2cHabkneSb-_ZA8SGX0Y8noxRFsk9PHHjzAEErSSL7Z9gHdGdPvaYXE2lSZTb2xUEFF8GiazrMXg1rBx3AoLEEj__Akrd3wcpo-6jSbRRxawe87r3DaarKtOSpQPcPEG28gIYAduh0Y_T4hbPurkgdi3BCOzfsiSg0ffrPWePV79R6wsEWW79OVlbm_gD7fcphMAwZOMRtm28ejnuY4nXRNyW3VqVHFJHv74r3ehCr_Q_uzqwk5hEeB9gn%26adurl%3D&documentReferer=https%3A%2F%2Fwww.apksum.com%2F&ancestorOrigins=https%3A%2F%2Fwww.apksum.com&random=7677363539318&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: HTTP/1.1
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 9569bf6018884263a3731d6f9e8c2712dfc8e6dca39e5af3a0c7d24199880368

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:41:41 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 35407500111664610284419012526014
Connection: close
Content-Length: 727
Expires: Sat, 02 Dec 2023 17:41:41 +0100

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:41:41 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=c51otf15ln3j&nw=20&renderingType=javascript&namespace=78637d8f66&subid=&uid=835398667e64d05c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A38&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpdHcU2xrZa2IF8PI9u8PkMyL8AXGvb_HdNP038-dEpEvEAEgg_3mH2D1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE2QFP0K7b9ZtveJAJzzCtez1DfJvzM-JzC4NmhabJqgbyq9DuDaXk0xN38atO5M9gm-ujtNeRoV_ZGATFYC2o-_TwnA8PhUhkH-xrBHpxMgfltY47v1QIcU4UFQfCvJIG4opoHIJp41y1Uu-wUvXsJK0wCcnejgdBmhAZZAtsFZfIKhS8FGM377qumLYtv8A73SZt5AJpOU6w79rj0Ea8QpZMEXEbZc1jH_vqfWFrDfhmI2Fn7uDJJsgQLonS7OvGVDXWtnp5YYZURCscnQGpALfuPwoVnyEHPE74wATk0qy52QTgBAOIBYuu48pNkAYBoAZNgAf19repBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WPi-rK2m8YID8ggaYmlkZGVyLXRoZW1lZGlhZ3JpZF9kYjgyMTGACgSYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE7TH3hXQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNsX6LHGh0PtFyPkOqUq-75D4wGHReo7a2BDaGlKsFbQtZclbRyqR5J-Z14RU5GAE%26sig%3DAOD64_2JMGw8Mt1gn4ze_faKqsfFchQyQg%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-ARVT6w5WupTTNHvOFd6BKGnepIbxLgmWBtUMlV3hyiKtGTqqmBPTQPr1Zemy-vrSu2uFpBbFqlFFedvMOOJpvH1ksLsXxilpAUXtGKl_SqP8ojGOIgE3iIjWElwOtMLDgI_Vwgt0u3ABag0tQwEIFOyEouD6iEGHIGzjJiFUbt_IcV1AK7__WvP3LqzkA3JeNxjARqVW0r9xQHmddxwQ-jmKyi5g%26cry%3D1%26dbm_d%3DAKAmf-CCLqIxhkkvkpVkHrCN554XL9NffUHlvLdp8O8zT7kBp7i3kmIqCYLfe0hqefa9wB00LiQEmSrW-SNyExTZiVVJswCebjuOsz-UwOIbpDiYx9LUJj92GGKzycFeZhmuRP3Z7T7eDrAOmh5ROYOxgfas1oa9DqB2U9r3io77erFzX9se2uVlXBbJJd_LXkfKcW3sv_2z9WIWH6whRsWW7dex0uEPch4MUg3dIZkEju3OIigtb1nu0irqF92ETQ8iOYRLmv-T_5JxmH9sYX1as6XVqG1ywQ4FYlmawewv43AMSBVJNPbt_4G06CkdMUr-JZGjcTZpI_OibFlhmZA2SHFr1lqxBn3ZtUXA-bD8Xl2kR3xcsFkV9gTv965Zh8q-FPv6l8G1bP8m4rmGOpEKbiLyRF3gPw72zLTml0XegsR9nvTZ0v2Utl3jbojL14NJei3uvvp7HD_hmi2cHabkneSb-_ZA8SGX0Y8noxRFsk9PHHjzAEErSSL7Z9gHdGdPvaYXE2lSZTb2xUEFF8GiazrMXg1rBx3AoLEEj__Akrd3wcpo-6jSbRRxawe87r3DaarKtOSpQPcPEG28gIYAduh0Y_T4hbPurkgdi3BCOzfsiSg0ffrPWePV79R6wsEWW79OVlbm_gD7fcphMAwZOMRtm28ejnuY4nXRNyW3VqVHFJHv74r3ehCr_Q_uzqwk5hEeB9gn%26adurl%3D&documentReferer=https%3A%2F%2Fwww.apksum.com%2F&ancestorOrigins=https%3A%2F%2Fwww.apksum.com&random=7677363539318&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sat, 02 Dec 2023 17:41:41 +0100

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7494 38 KB
13 KB 29ms
28ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.vlitag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 570181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D1C6 38 KB
13 KB 30ms
30ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.vlitag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 570181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1AF8 38 KB
13 KB 29ms
28ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.vlitag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 570181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900017.redintelligence.net/ Frame 0E89
Redirect Chain

https://hal900017.redintelligence.net/request.php?zone=mqnp5hgjaan3&nw=20&renderingType=javascript&namespace=cc9a1da930&subid=&uid=cc38fd6658b870c9&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900017.redintelligence.net/request.php?zone=mqnp5hgjaan3&nw=20&renderingType=javascript&namespace=cc9a1da930&subid=&uid=cc38fd6658b870c9&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

177ms
94ms

Script
application/x-javascript

159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request.php?zone=mqnp5hgjaan3&nw=20&renderingType=javascript&namespace=cc9a1da930&subid=&uid=cc38fd6658b870c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A38&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7fbOU2xrZZrtAeuRjuwPs5C--AbGvb_HdPv038-dEpEvEAEgg_3mH2D1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE3QFP0MY5TLQ5V8MFQOsKVay1FQ-ApNx1peS_1B5V85DWax9Q-L6Qj71BjXS5u62A48U9eS_qckJhDfcpfDg9QMXZOO34wQ7kZl2oYIW7m2dWPZv1EKXuMEodI8S_1gY6MOpEMMGCRZx3S5P9vj6fbJnf95owbncHdGjJjWbnwjHD5lDitopD2ea7sf1YMNySbx3QYnLsAb_KJoT6mS7o3qKY0CG5etPJUb1TB_rG7jhmW7FW-ObZTGXFg04LtBORaWpczYvVNUA96mdsSUDUSkjzLMG5X5iVbkX8-NOv6cAE5NKsudkE4AQDiAWLruPKTZAGAaAGTYAH9fa3qQWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYXzICigI6AoBASL39wTpYhaiXrabxggPyCBpiaWRkZXItdGhlbWVkaWFncmlkX2RiODIxMYAKBJgLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJDSLATtMfeFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNdeuMymDjWRIjb63ZXRzIUWuP2EOP6i7-AS3vAu0t1BYNO33JHQhxNJSrltuoGAE%26sig%3DAOD64_1hvnzI___M1SC8zEEm4HNidDiuBg%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-CJ1UpkazE64-xa4Tmg6C4ZtZe0kDfdCE4zmYlxF-_dk9QV6tL8Zt2lgPv_g3MtFQyY-lPA8LZFh3ewPEePzm1J2A7x_BRoJD7YEW7mO8138Uupw2O1vspcm5_Ur_t3uHM21wq-tfZSG9wwjcclBvI2e9QCNd4Wk6hVQXCt5cy6elck9ns021NGqE9lQBKHzc77or-pdNMl2l35m5zxs5ztK_2EEw%26cry%3D1%26dbm_d%3DAKAmf-DiwU2v20S_Fga2sw9nUmctnVVnqM02luEc5BdRvF6F5Q0yyhVLjyMrQH4qh7BO0a62Rtqo4xVNIaueM35xaf4f3dR87cy-TXWHWbGn4TmqvyYlcArUAbbj0b1vRGfuWIR0wRGDfNycP9K-jis5GoEgKzEF2-fC_LIg-K1P3s9Ep1PotNbOwqRauDR49Fnr9tStw6H9qSs23MS2GVIKi7qRkWIYEgaBHWJye4mIz17TsrHqw4jr7fe-xAfD5hWko0hJKwUzRwn0Kej-Wn3GbxoSbE4n4MkBifFZBaNMPwCObRYW5WTmPYzzixj-5XQ9EPF2CHA4EWObbpNo-qeMqxwHVwjht0qo4zy7wKfQ0u6pJEymKuwLYUtTqadjsMbIKnv5P2KcEWNT4SAr6dMb_He-TG1dReclmrZmWnnFKN3cgZzbCZikg5U7mDlkpnCA-V3QeqkCQuEiJV3I_l7SfZuQXqHIwQLmXFZnQibim9UlBWJhFaTkjZBd0ddPMA5BWw1bdpDjTUmU56CjCLr30hxTH6Q-F-qqvuQQLp0_CG14C8Cv_BoA6P4U9tQKj9KWZ2JCrPhxaXyuhwE7CXTy7a3uNtazLgPy27UW3wbwvVOfnZj5sw5PTidH6DAJ1QEJUL9S1Kr0GWUoP5EAMEE8XFB7qV5VEFtnRZfTJHzO5mbEdGLEsErcMlqSNFLkiuguv9_JLC_k%26adurl%3D&documentReferer=https%3A%2F%2Fwww.apksum.com%2F&ancestorOrigins=https%3A%2F%2Fwww.apksum.com&random=5445471826189&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol: HTTP/1.1
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 6bb71d06750c5c11900924e57fe224d52c44c2934724f25688d180d0d4a68d6f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:41:41 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 60636500123059810284423012526017
Connection: close
Content-Length: 727
Expires: Sat, 02 Dec 2023 17:41:41 +0100

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:41:41 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=mqnp5hgjaan3&nw=20&renderingType=javascript&namespace=cc9a1da930&subid=&uid=cc38fd6658b870c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A38&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7fbOU2xrZZrtAeuRjuwPs5C--AbGvb_HdPv038-dEpEvEAEgg_3mH2D1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE3QFP0MY5TLQ5V8MFQOsKVay1FQ-ApNx1peS_1B5V85DWax9Q-L6Qj71BjXS5u62A48U9eS_qckJhDfcpfDg9QMXZOO34wQ7kZl2oYIW7m2dWPZv1EKXuMEodI8S_1gY6MOpEMMGCRZx3S5P9vj6fbJnf95owbncHdGjJjWbnwjHD5lDitopD2ea7sf1YMNySbx3QYnLsAb_KJoT6mS7o3qKY0CG5etPJUb1TB_rG7jhmW7FW-ObZTGXFg04LtBORaWpczYvVNUA96mdsSUDUSkjzLMG5X5iVbkX8-NOv6cAE5NKsudkE4AQDiAWLruPKTZAGAaAGTYAH9fa3qQWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYXzICigI6AoBASL39wTpYhaiXrabxggPyCBpiaWRkZXItdGhlbWVkaWFncmlkX2RiODIxMYAKBJgLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJDSLATtMfeFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNdeuMymDjWRIjb63ZXRzIUWuP2EOP6i7-AS3vAu0t1BYNO33JHQhxNJSrltuoGAE%26sig%3DAOD64_1hvnzI___M1SC8zEEm4HNidDiuBg%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-CJ1UpkazE64-xa4Tmg6C4ZtZe0kDfdCE4zmYlxF-_dk9QV6tL8Zt2lgPv_g3MtFQyY-lPA8LZFh3ewPEePzm1J2A7x_BRoJD7YEW7mO8138Uupw2O1vspcm5_Ur_t3uHM21wq-tfZSG9wwjcclBvI2e9QCNd4Wk6hVQXCt5cy6elck9ns021NGqE9lQBKHzc77or-pdNMl2l35m5zxs5ztK_2EEw%26cry%3D1%26dbm_d%3DAKAmf-DiwU2v20S_Fga2sw9nUmctnVVnqM02luEc5BdRvF6F5Q0yyhVLjyMrQH4qh7BO0a62Rtqo4xVNIaueM35xaf4f3dR87cy-TXWHWbGn4TmqvyYlcArUAbbj0b1vRGfuWIR0wRGDfNycP9K-jis5GoEgKzEF2-fC_LIg-K1P3s9Ep1PotNbOwqRauDR49Fnr9tStw6H9qSs23MS2GVIKi7qRkWIYEgaBHWJye4mIz17TsrHqw4jr7fe-xAfD5hWko0hJKwUzRwn0Kej-Wn3GbxoSbE4n4MkBifFZBaNMPwCObRYW5WTmPYzzixj-5XQ9EPF2CHA4EWObbpNo-qeMqxwHVwjht0qo4zy7wKfQ0u6pJEymKuwLYUtTqadjsMbIKnv5P2KcEWNT4SAr6dMb_He-TG1dReclmrZmWnnFKN3cgZzbCZikg5U7mDlkpnCA-V3QeqkCQuEiJV3I_l7SfZuQXqHIwQLmXFZnQibim9UlBWJhFaTkjZBd0ddPMA5BWw1bdpDjTUmU56CjCLr30hxTH6Q-F-qqvuQQLp0_CG14C8Cv_BoA6P4U9tQKj9KWZ2JCrPhxaXyuhwE7CXTy7a3uNtazLgPy27UW3wbwvVOfnZj5sw5PTidH6DAJ1QEJUL9S1Kr0GWUoP5EAMEE8XFB7qV5VEFtnRZfTJHzO5mbEdGLEsErcMlqSNFLkiuguv9_JLC_k%26adurl%3D&documentReferer=https%3A%2F%2Fwww.apksum.com%2F&ancestorOrigins=https%3A%2F%2Fwww.apksum.com&random=5445471826189&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sat, 02 Dec 2023 17:41:41 +0100

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 58BA 38 KB
13 KB 28ms
28ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.vlitag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 570181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame CAC3 38 KB
13 KB 35ms
35ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.vlitag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 570181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7494 39 KB
15 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 17:33:55 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame D1C6 39 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 17:33:55 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AF8 39 KB
15 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 17:33:55 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1CC1 0
0 68ms
67ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7x48jwADVWItSpjD2AiMscWrWdQ0RzOpuX34dBXKFc3NZKPLvJdqAOHPwiwwIq3KyY3eRbG5tQz-xBZLcslqwwRXKnlbYZFzWiQPGd6HQF23EBe-aPuGwb2FD3BqhDmd6ymPYQXrrS9XhStcXHwb-0LQfBZYOMVaHOA&sai=AMfl-YTCg-vB3ky9yfv5Ave_ltqQcqd_ifRg3VsUwKNK9UWGJGEqcpcg-7Ds9x16m-_yw_dHqJAQPtiqlqBjfeamdLRGIFB3iWlRX5VuX11IY_vWzbNJ0T0qH42dG_ooXr7s95MU&sig=Cg0ArKJSzHFqL48IdYrrEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=144&vt=11&dtpt=143&dett=2&cstd=0&cisv=r20231129.31242&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47B6 202 KB
64 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:41 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/4451089284811474003/ Frame 61F8 6 KB
2 KB 29ms
29ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4451089284811474003/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb2af9b0261f0dd3dbcbc869884f1e95e083e6959dc5d71b1f63d12c5efc7a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.vlitag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 36706
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2097
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 07:29:55 GMT
expires: Sun, 01 Dec 2024 07:29:55 GMT
last-modified: Wed, 01 Nov 2023 13:41:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 47B6 0
0 68ms
67ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulvxskGsL9Ly2UdBL4yKgqIAcRbI_O7pL2m9cdlFVwTmYiTY5F4MfNgWxICBbS8hZd0mf7_kLjcFQH7EyWpXwKHmRiZVOCssMRFWsoRWRt9B7qDNLgiC5yLrMr4VRZKdq1sluX2HukJ235hPL6DET-z7LRuVBZu-ltJhWH&sai=AMfl-YTwlfF3GkpFiM0cl7OPiQR813eqCaSaMkZlk94vjhSl4IOy6RrgoCxFA0zEdLpYi0JxXcJk9wvfY_I7ghI_jXEk23W9AVwgSHuS0czlSrPWFxHJqzxeDxIkSG3TMjdONe0f&sig=Cg0ArKJSzNqWXgku2QVREAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=164&cbvp=1&cstd=162&cisv=r20231129.47241&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 58BA 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 17:33:55 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame CAC3 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 17:33:55 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A400 0
0 70ms
70ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssZuOPskiZ8qxtoaph2NVLz0fkE0CbnSHLxYTQo8czbvFb5tQMV6ci4fk3vQSoEgidmvOOTRUJTE0g-FoG556hMZFSl0aEGP_KLTORXMHXmaoaC6-nciYebb1w_0v-Zp96LcsAWW20NYsbvTO_d7MpoyndnoPMNPN8Xxw&sai=AMfl-YRCRZyEPSc8gFzTjfr3-DdXRYyv5VAzLPR9KTcIl4rffyeX9QL928v8xXfYd-O7N87IZDhFvUzbJBWzdnPiEPlFgmd7bt7flo9vcwhZEt4IOnZi_X3YyHXiqxd95gmolYyU&sig=Cg0ArKJSzMU5en_Dc6jIEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=183&vt=11&dtpt=182&dett=2&cstd=0&cisv=r20231129.36116&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 61F8 236 KB
63 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4451089284811474003/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4451089284811474003/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 17:41:41 GMT

GET
H2 200 vF300x250_Wingo_ATLNov23_InternetStart_rectangle_de.js Show response
s0.2mdn.net/sadbundle/4451089284811474003/ Frame 61F8 30 KB
20 KB 29ms
29ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4451089284811474003/vF300x250_Wingo_ATLNov23_InternetStart_rectangle_de.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4451089284811474003/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4612841d5a1978d752ce6c33afaef6fda9e07e05e29396441f2ad56888922853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4451089284811474003/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 04:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47650
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19876
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 13:41:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 04:27:31 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 47B6 0
0 89ms
89ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulvxskGsL9Ly2UdBL4yKgqIAcRbI_O7pL2m9cdlFVwTmYiTY5F4MfNgWxICBbS8hZd0mf7_kLjcFQH7EyWpXwKHmRiZVOCssMRFWsoRWRt9B7qDNLgiC5yLrMr4VRZKdq1sluX2HukJ235hPL6DET-z7LRuVBZu-ltJhWH&sai=AMfl-YTwlfF3GkpFiM0cl7OPiQR813eqCaSaMkZlk94vjhSl4IOy6RrgoCxFA0zEdLpYi0JxXcJk9wvfY_I7ghI_jXEk23W9AVwgSHuS0czlSrPWFxHJqzxeDxIkSG3TMjdONe0f&sig=Cg0ArKJSzNqWXgku2QVREAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=363&vt=11&dtpt=199&dett=3&cstd=162&cisv=r20231129.47241&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.apksum.com
URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7494 0
20 B 66ms
65ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZCrbVWxrZbbJGrC-1PIPvOal2AsAAAAAOAHgBAI&bg=!Y2ClYC_NAAY3kmNgF5I7ADQBe5WfOLI8mfbIFri00DntxcSqzKLhNbrZ0-arXP6JaUdWymKP8vM7apXsJfIlIeAXe4zDAgAAALlSAAAAAmgBBwoAfkxEJRu15JJNdsMdIVuc5wsAD-9h6jiEk6FEw6NIOwnSba7HHf6QxXkINpa4mb2udKGsXVI9oR3HcoYaIVM_fWC-itaJyLSkqsczrsmMexVrqjKTxyp4xOjlxn3uwj4gAaDMBqFipPC3Fx3VfI0349aDcSIbEDKk3Es0zhRWsZkC8TscySxUG7KGTRfJvLPKi57otlw7RjfqvVI-PaM5t1v7UA3bR8YWhpNqB_VUKJTidOM9wV6R-BIdnUoUsnzm5f0BzRe9vJNO-ZMTjwEsmeu-RxJsXqnqA1qeAatiLaqLiWBPa1HvicmVXZckgjUnDz92Gxvr8UpNBFhQSxwI9QzuyqXTPUKc_07WQHQioZwNCx3NIpOXs8rfiCLywyDxY-FIiZJWTgNXUdpljuHN1eEqeghJ5M54dFHP2BK-VzHTLw7onh7Od9kLrGBf9Wk3ScoQ5WlroBojPqbukgu42xa7AYYKIYn2Wt7GhXRosGDAxwd53zoE_UEXEW2K_lOJ3fhpaYYYSQjJVh3acGguBJ31YzNJEs7pXCiN-l3Z6WK87zsMTbwDxANHT-GIprTALMCB-iaRAOVSDoEI6a8WOo1p-nJe5sPbGbabDfapaqDd_HOUNRusM4giJVWK4gZcPrMB_q9LaEIvxTh1Sa-sJW1WVqZdMet-d2WNvlR42Qbp4jtmDfeuwBzB7hzxvQkUyXGUSAJTJCLtY2dNwRtIFtdsx1o-RXhzz06grX2NdeOyqZ90YQd3Eu_xtFAQ_YgdoCk2NXPzeeq2vXmskwlbhharVitYaj8SDVhb1kVI0XBNwHttxdVJ0a38qqjBTarlx_DcA7TCxw_cJlEP_wziN-KWe_xz0ibibOrewsIqV18YPjMjZTds57M7Iar6IOgc7ES_flSXi7yxQA6u6Ig-OwpZLZQyPhirD5iIlXWkG4mRSDFgFBor1lj60PvDPzCzTgJR17BYUgd2W2ENxeFEI3A-FMtPy4jIiHVhtFBOf8I2FmFl7LT8t0YgaX-V8raXH6OoArdOb-GJxLGtRqMUlaJL8r8C87-uSZzOlit9KFE27uiWIn2RmLsBUwkQHQ7N9iPsrNipc7E2eyC-4wM-300hzh4OvMmHhpqfltGgnAz78F9NLjxhS39pP3jqwodDMGKOpY7zLVxm8WzXhc2-wYcUhw

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1C6 0
20 B 64ms
64ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bs5iWVWxrZbr-HJDKjuwP9feK6AEAAAAAOAHgBAI&bg=!8_Cl8L_NAAY3kmNgF5I7ADQBe5WfOHy731212HUpRoud_yHFseCXSE6IVTE6XiCR_XQI4NC4sUjusqDKMA-Ig1U9v8lDAgAAALxSAAAAAmgBBwoAJynFz27psF7RbJCWwrVuQYlCKYpvy2eVE2ai-u2SdWv9b-tqfEa6sJkC430L3UnTGmNE9PPdj5EgDyy8D3q3XEKWhYLxmEbUCcsnbZ5sHEkTQiixsLcoxvujmKkXi3eblbWRVmvztGqdO7lk-OKTBK6jasEgjHVTJCg2JLPzHMZSk-gA9_oqMP47Uv3NFShlV-cJxY4UVxXp1-xMCXHO5dQ6BYlxofwSIx8KTN5Vk81jCF1xTLXmjUPnNCdyfabM50xBuAvvbrj2NPPoVLJ6vPM8LEwxj5fMyuI6ydHusuSf-EhgWR0-gGIQpIm_NtSGYMJN9P5hIj0SvDyFf47XgBWBYaMuDKqpiffzJLDC6WxwqZSGUaGrfGD_BfotBaS3pPuM5mA2x4Vz_J-zb7H3hMa85FrZ2hdNlMaRHSJm0cWf3J27DeTokAYalW4F8E2oFwVzhn646uJwds7lNOdQ3CBmBbHYShfqArciBG-INE7YWY6MAh0TEuLaw8zsMVB3kXTAKsexzZrBqscihHCdD6NUwAFjvdzrJOIUP8WsMu9G7nRp7LJe2DMKwo81VNdV5y4ramJiI_MtdICSNL9GnyRmIkQjDIHu-wRSrOvsCE-iwV-75FccW3FYyZg-jMONwN21yCj_H1bI4DcgyfjIqLV4IdYQOoV6vAZSorYNQKG5E8Bw1MBWSt4O2o3NESnwAEjC5oJnM4KvUAGixST6TOzedKwFxa7Pa1px6nwubPuWjyXc_zm2yxpVPkvJTdcBkbL7LX0CYKUlgyxM7PjSxnls4cPQX3oEjxOV0vSpxFKu99bkssSRWgeYr43WtvoLUTefeElCOm5VTjdnzoinyHucCPTe3fTRmejC1cQREhF7u7qna0M7bwwofVtS_WAm8HTSjPjMdrucf2XIMIbszYho-2yuJUDr9XIZac6mgKm4jXlQDsZN8xizPSTcVpNqVaeKT7qlmPz-QxM6kmJNUjkO-bv3A6ZhlbY3dKtlrnmVj1e-G81ZeflPhccLP8B1ekjslnk-ojEC1sFMlhI

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AF8 0
20 B 65ms
65ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B3zQ3VWxrZY25HOugjuwPs-mUmAkAAAAAOAHgBAI&bg=!n5ylnNPNAAY3kmNgF5I7ADQBe5WfOKFmzZA8VJ6XgQYOxJHMxojCNgnBT17g56u78E2zd2VvNMqUPnboXUFkGHyUyFbAAgAAAKdSAAAAAWgBB5kCzK1zH52lYEADauU6qcMR1mhypN242PZYGNqBi-NTn6w8lduy027TURycalpVwwvgP6GBODLUVAUG9opPIotky8oYebGEh1JjrY1Nurx912bodft9PzAaQGclGFfIaxDcPeQfFISS-PE2cCj61VFpebMzzTEIUFZBibLk77bBGUzEJtKX_ueb3DebeNWSkzBn1A6wPjpbf5ZwNg4mkvTeH0TOevHez31xlJBKazTO-1l0bfGz8BdZNrLqCmAo1BWIvBgn--nQ7cdzR4lUIBkzoeSTgac6hhoQrVfTCLA5BqsIu-Nnis8oYL5rrzmR-h0brBREJvxdxHn-cLw1nXiSl9eCTbCtjjp7phIJaFGt1xmt9la8K5RrAb4JzCFdNN-CSwUQ0F9WoMMvD3--3VNvLa0-6jJiGP9UPjTMRB519WGD0r1z2o-CCHiZkh0_K0iTCGpNANx_Arwsku3d9hNpq8dGmr4KVqu3o4itagPh67h3wGqNS-SoKaM7_UEY-PCKVOqBGmCYu_u3q5r4epiIsTYn3VrzTwWACUVwPmq3OwY78kRFCS4ulLpTOfRwScEKEPyPW8r01yS1riDo8-7RBgChNBpMyG1AXtmWV3qrHwQkoSjan-QRjpY8rYAGnnRgH9qGJH1foJKz--Clgac5f-YY-Qym9oWnzIsveThqWaVpxEAJ24RwP7gD0KNF6az1VaMm7ka9je5fKEYjS4_ws2w5bsxU5jHgS2af5Eii8XVC_kktCc1wqUVUZHPNZo1J4D5xK3gaexV9BDpR274rntQm4Aggy4aiUMb_HeMd2cG2o4kcMz-G2p7HUZhzY2v7yJWLJOMfwFZ0Zg8whcU4_WiCSV9IcwRkpbiC4ogryyApdS5GzXWJyF6zsIXeQZN-klwNtMbKHDMftyNiCHBlmns92cpAvyLLQXe1Y58NCPnXkkc48NDTViJPQgFW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900017.redintelligence.net/ Frame DD46 7 KB
3 KB 125ms
43ms Document
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request_content.php?s=60636500123059810284423012526017&a=4369996f
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=mqnp5hgjaan3&nw=20&renderingType=javascript&namespace=cc9a1da930&subid=&uid=cc38fd6658b870c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A38&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7fbOU2xrZZrtAeuRjuwPs5C--AbGvb_HdPv038-dEpEvEAEgg_3mH2D1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE3QFP0MY5TLQ5V8MFQOsKVay1FQ-ApNx1peS_1B5V85DWax9Q-L6Qj71BjXS5u62A48U9eS_qckJhDfcpfDg9QMXZOO34wQ7kZl2oYIW7m2dWPZv1EKXuMEodI8S_1gY6MOpEMMGCRZx3S5P9vj6fbJnf95owbncHdGjJjWbnwjHD5lDitopD2ea7sf1YMNySbx3QYnLsAb_KJoT6mS7o3qKY0CG5etPJUb1TB_rG7jhmW7FW-ObZTGXFg04LtBORaWpczYvVNUA96mdsSUDUSkjzLMG5X5iVbkX8-NOv6cAE5NKsudkE4AQDiAWLruPKTZAGAaAGTYAH9fa3qQWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYXzICigI6AoBASL39wTpYhaiXrabxggPyCBpiaWRkZXItdGhlbWVkaWFncmlkX2RiODIxMYAKBJgLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJDSLATtMfeFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNdeuMymDjWRIjb63ZXRzIUWuP2EOP6i7-AS3vAu0t1BYNO33JHQhxNJSrltuoGAE%26sig%3DAOD64_1hvnzI___M1SC8zEEm4HNidDiuBg%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-CJ1UpkazE64-xa4Tmg6C4ZtZe0kDfdCE4zmYlxF-_dk9QV6tL8Zt2lgPv_g3MtFQyY-lPA8LZFh3ewPEePzm1J2A7x_BRoJD7YEW7mO8138Uupw2O1vspcm5_Ur_t3uHM21wq-tfZSG9wwjcclBvI2e9QCNd4Wk6hVQXCt5cy6elck9ns021NGqE9lQBKHzc77or-pdNMl2l35m5zxs5ztK_2EEw%26cry%3D1%26dbm_d%3DAKAmf-DiwU2v20S_Fga2sw9nUmctnVVnqM02luEc5BdRvF6F5Q0yyhVLjyMrQH4qh7BO0a62Rtqo4xVNIaueM35xaf4f3dR87cy-TXWHWbGn4TmqvyYlcArUAbbj0b1vRGfuWIR0wRGDfNycP9K-jis5GoEgKzEF2-fC_LIg-K1P3s9Ep1PotNbOwqRauDR49Fnr9tStw6H9qSs23MS2GVIKi7qRkWIYEgaBHWJye4mIz17TsrHqw4jr7fe-xAfD5hWko0hJKwUzRwn0Kej-Wn3GbxoSbE4n4MkBifFZBaNMPwCObRYW5WTmPYzzixj-5XQ9EPF2CHA4EWObbpNo-qeMqxwHVwjht0qo4zy7wKfQ0u6pJEymKuwLYUtTqadjsMbIKnv5P2KcEWNT4SAr6dMb_He-TG1dReclmrZmWnnFKN3cgZzbCZikg5U7mDlkpnCA-V3QeqkCQuEiJV3I_l7SfZuQXqHIwQLmXFZnQibim9UlBWJhFaTkjZBd0ddPMA5BWw1bdpDjTUmU56CjCLr30hxTH6Q-F-qqvuQQLp0_CG14C8Cv_BoA6P4U9tQKj9KWZ2JCrPhxaXyuhwE7CXTy7a3uNtazLgPy27UW3wbwvVOfnZj5sw5PTidH6DAJ1QEJUL9S1Kr0GWUoP5EAMEE8XFB7qV5VEFtnRZfTJHzO5mbEdGLEsErcMlqSNFLkiuguv9_JLC_k%26adurl%3D&documentReferer=https%3A%2F%2Fwww.apksum.com%2F&ancestorOrigins=https%3A%2F%2Fwww.apksum.com&random=5445471826189&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: da7985b1a5fd3c737a3dce27f99e39861faac619d3e851b467ce40516f8a3266

Request headers

Referer: https://assets.vlitag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2313
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Dec 2023 17:41:42 GMT
Expires: Sat, 02 Dec 2023 17:41:42 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0E89 43 B
702 B 202ms
112ms Image
image/gif 23.212.218.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3498956&v=41538&q=475802&r=414915&pref1=60636500123059810284423012526017&pv=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-218-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:41:42 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame 433C 7 KB
3 KB 126ms
43ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=35407500111664610284419012526014&a=b180f359
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=c51otf15ln3j&nw=20&renderingType=javascript&namespace=78637d8f66&subid=&uid=835398667e64d05c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A38&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpdHcU2xrZa2IF8PI9u8PkMyL8AXGvb_HdNP038-dEpEvEAEgg_3mH2D1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE2QFP0K7b9ZtveJAJzzCtez1DfJvzM-JzC4NmhabJqgbyq9DuDaXk0xN38atO5M9gm-ujtNeRoV_ZGATFYC2o-_TwnA8PhUhkH-xrBHpxMgfltY47v1QIcU4UFQfCvJIG4opoHIJp41y1Uu-wUvXsJK0wCcnejgdBmhAZZAtsFZfIKhS8FGM377qumLYtv8A73SZt5AJpOU6w79rj0Ea8QpZMEXEbZc1jH_vqfWFrDfhmI2Fn7uDJJsgQLonS7OvGVDXWtnp5YYZURCscnQGpALfuPwoVnyEHPE74wATk0qy52QTgBAOIBYuu48pNkAYBoAZNgAf19repBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WPi-rK2m8YID8ggaYmlkZGVyLXRoZW1lZGlhZ3JpZF9kYjgyMTGACgSYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CQ0iwE7TH3hXQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNsX6LHGh0PtFyPkOqUq-75D4wGHReo7a2BDaGlKsFbQtZclbRyqR5J-Z14RU5GAE%26sig%3DAOD64_2JMGw8Mt1gn4ze_faKqsfFchQyQg%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-ARVT6w5WupTTNHvOFd6BKGnepIbxLgmWBtUMlV3hyiKtGTqqmBPTQPr1Zemy-vrSu2uFpBbFqlFFedvMOOJpvH1ksLsXxilpAUXtGKl_SqP8ojGOIgE3iIjWElwOtMLDgI_Vwgt0u3ABag0tQwEIFOyEouD6iEGHIGzjJiFUbt_IcV1AK7__WvP3LqzkA3JeNxjARqVW0r9xQHmddxwQ-jmKyi5g%26cry%3D1%26dbm_d%3DAKAmf-CCLqIxhkkvkpVkHrCN554XL9NffUHlvLdp8O8zT7kBp7i3kmIqCYLfe0hqefa9wB00LiQEmSrW-SNyExTZiVVJswCebjuOsz-UwOIbpDiYx9LUJj92GGKzycFeZhmuRP3Z7T7eDrAOmh5ROYOxgfas1oa9DqB2U9r3io77erFzX9se2uVlXBbJJd_LXkfKcW3sv_2z9WIWH6whRsWW7dex0uEPch4MUg3dIZkEju3OIigtb1nu0irqF92ETQ8iOYRLmv-T_5JxmH9sYX1as6XVqG1ywQ4FYlmawewv43AMSBVJNPbt_4G06CkdMUr-JZGjcTZpI_OibFlhmZA2SHFr1lqxBn3ZtUXA-bD8Xl2kR3xcsFkV9gTv965Zh8q-FPv6l8G1bP8m4rmGOpEKbiLyRF3gPw72zLTml0XegsR9nvTZ0v2Utl3jbojL14NJei3uvvp7HD_hmi2cHabkneSb-_ZA8SGX0Y8noxRFsk9PHHjzAEErSSL7Z9gHdGdPvaYXE2lSZTb2xUEFF8GiazrMXg1rBx3AoLEEj__Akrd3wcpo-6jSbRRxawe87r3DaarKtOSpQPcPEG28gIYAduh0Y_T4hbPurkgdi3BCOzfsiSg0ffrPWePV79R6wsEWW79OVlbm_gD7fcphMAwZOMRtm28ejnuY4nXRNyW3VqVHFJHv74r3ehCr_Q_uzqwk5hEeB9gn%26adurl%3D&documentReferer=https%3A%2F%2Fwww.apksum.com%2F&ancestorOrigins=https%3A%2F%2Fwww.apksum.com&random=7677363539318&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: b0b85b15587fdf6af762cb5ca4ef47618c1ba26ccad5220ab17acfeae837c409

Request headers

Referer: https://assets.vlitag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2307
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Dec 2023 17:41:42 GMT
Expires: Sat, 02 Dec 2023 17:41:42 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 508C 43 B
702 B 228ms
139ms Image
image/gif 23.212.218.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3498960&v=41538&q=475802&r=414915&pref1=35407500111664610284419012526014&pv=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-218-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:41:42 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 58BA 0
20 B 67ms
66ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BfaMLVWxrZZfyHMSajuwP-8uSkAoAAAAAOAHgBAI&bg=!ZWalZinNAAY3kmNgF5I7ADQBe5WfON_a4e8oMRmdl0HEzyYbnG6YTtkPLeKPKE-T9Rc6dszT1l49wIgBx04KpRFzm4JiAgAAAKBSAAAAAmgBB5kC0Nu11gZOX_rQ_msdki9CViAh8z5IK7GAHY-nzMa5RMR89_MNCcMyDgWGhhNOemMcayu4IGyY4QCwHosow_rl9EmNjTatjlgdmPSrXUWM8OUU3cYq_m1485IJfoZ3Rfmpm097rCPxUiCTYouk3sbSna3Mr2YLqI-s71Er8wa0jqtak7yhx3L0s5ezKvpozTD5eKAiWzrUzyK4Z2QaCYTs92d1x_6nnlPini7lYLii0jhpOuRQFWPrnOB5cu9hFRwTkbLVagRva-Dx-BijvFXs1sOhGGStgqYUdqPCS5vz2rKQESzM5E96aYGsnMMg67A9qqqNIdSH7hTrs2vdhmz083T7pJFkd41Dwj9_syil5TASKhLoJc1OyIpG2hnTQWHG69jxr4XX3XguK7NFChUU2ASVJ1dUt2odjNNSHUq2-y94lLuKgms4eZKXgvwDDP4T32leziyv2v2lhdAYp1QtMAgBZ9H4j1WlVwi65er7dEtkCXRSrsE-bfvtcF1NWSjiccLtXwWtSHYjk86OG-VN1Bt_8BiasIBGSnJTxE8bmERUZHQqy_DxkzxmfWQNln5EtA7DxrEtEv73E9uOPQP08NQ5DZ7NyZ5eJjqZJ3xcJdBj0jMLCKfj9SLnSKDSJNPXQgU0oEBsSJiBJS6-m2M3MmAmjbnuh5vlqFzIsy6k9xRAmWB1HR6OLqLl_8WMtQ64AfRVFRv743fsH7q7qJHQbU1yF9R_WcEKlcQOVUKSXQpdftWKYmmNj7VFyK3PIMLOS8PHujOedTDx0D0Io4EK31jgh3G8r9aGbuLWu9o-AWVwHhVBiAlp622MaIu-uqRsqc_4nm4edeUiFp3QIeXhQ9V-44pHFCv_qmjONkRGrXhzHJaGiWIgNz-40miMaa_O_0P1PbjYUq6xyV_ZAjYhDIohhKq7DDEMnkhnbA2EpV5D2p9VDSvXvBGxOOGBPu7z8g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CAC3 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BXtW1VWxrZcqhHeftx_AP0pu86AcAAAAAOAHgBAI&bg=!j4yljMPNAAY3kmNgF5I7ADQBe5WfOBSy6rEZGM-vcWw_kM1XBew9LF4BHnTPAIpQbbbAPdG6xN7CdJ6XY0gN96-UcH7HAgAAAKdSAAAAAWgBBwoAJjZT5PTg6Vtfo_4_fOrwDlvSq9V5cMBCxCorZF43g0NTw0AFQ2FjmQLj1SpJS5zQ5YhiEvUj7XweFisNg6o5HqOu3yLE0c34oEIU2GRHrbSpsOl8S9gmhz336xXDYpkPIMvKYAizUY4ikg8nYSKj0b3w7bDW0oRkITqk9Fi6HFmmnMF-9QDewvtu6iW0hHoGnRRVM3pNBA-rLW3qdBrhE-860vmheGdL3hck7tBT32zvNu7DTw-EUqob9lTwGu1HGQw8v1nEIa8Oqify4v-FWFkaFFgPNsZnLV3xd0ALwukuzw4MIOxP-0Sk9anTs0FVquWgapTJAPb4rm9mAgXVYy3iaKy9a5OgJP-6c48GcAdgDD2sQV_v62hO2RfjuqkQhpqLTc1xbH_fLxrzCpor9zDXcDFaD7-SSPdCjzE5MRLzIo3qWyVqwHNmwh_HtVqQV_89YhbQPTuQSnls1871gfznskA7A_pZBmKAXMf1h-q8RCa_xLjyqb1-linezgGNVlhOVGa2vKtJe7qKAQCsE4Ko6DXyuH7MujzWF0nAoFwQmUPE0YzzF6CzpaRS9fESduuEuGv13WdnEFy_320ySU0_vblC-Az2HNe0S-scjNNnos3F2JLijbvA6LOxa0cuSzus4xiqjh9Fq-hEmVHnmashoL0UgKfjLWgA7-LdEb25a5z9C6Zd2HC9DIChvjS2GEXYXEfy2Cy8TTWgmDcRrl_W40owl1dAdoTNO9gCm58LYYtVvfNNq8tEjvpAxS-CaMInFomB63sDGlE3ZUh4Y2jZyIeFX1mjccTisArnI0nSnhANsyHAXY8CBlI1hvsVA6B0mSkQ6EqSjbEL7atNTZ1ptkjFf2CIo7iH34bTL3kzKOsDYSRN5J-bwT-4fj2jWxxBFpuBLfsPyE-zvOm_uuY00eGpaUsTIYTyB0tVcQ-HcGlSaa7vKBa6pWTKYo9zMWkpjU-R7tOP6EgH7FxL68Su9B9k3HiV9MR2TIY6_EiFGRZa28iYH61CbMrwi-OMirCxOoq6xgbiEH2rSw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v2 Show response
mb.moatads.com/s/ Frame 47B6 117 B
217 B 54ms
54ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.apksum.com%2F&pcode=iponweb503341958152&ord=1701538901610&jv=1653995566&callback=BrandSafetyNadoscallback_98691571
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/iponweb503341958152/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: faf8be5ff3b665b00f93e764f110463fe003a7b4bb46ecc7b54cd713aae91a62

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
server: istio-envoy
etag: "73bf7d38e79565d84894de7fb9455072be8dc116"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 7
timing-allow-origin: *
content-length: 117

GET
H2 200 pixel.gif
iponweb503341958152.s.moatpixel.com/ Frame 47B6 43 B
251 B 132ms
35ms Image
image/gif 2.19.103.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=100&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=apksum.com&L1id=themediagrid&L2id=themediagrid_8GZCTF&L3id=apksum.com&L4id=1&S1id=display&S2id=null&ord=1701538901610&r=868904362000&t=meas&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.apksum.com%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatImpID=6281f3ff_86b1331d-c5b0-49bd-a728-df349232ed06&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.103.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-103-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 02 Dec 2023 17:41:42 GMT

GET
H2 200 pixel.gif
iponweb503341958152.s.moatpixel.com/ Frame 47B6 43 B
251 B 133ms
36ms Image
image/gif 2.19.103.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=100&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=apksum.com&L1id=themediagrid&L2id=themediagrid_8GZCTF&L3id=apksum.com&L4id=1&S1id=display&S2id=null&ord=1701538901610&r=868904362000&t=nht&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.apksum.com%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatImpID=6281f3ff_86b1331d-c5b0-49bd-a728-df349232ed06&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.103.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-103-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 02 Dec 2023 17:41:42 GMT

GET
H2 200 pixel.gif
iponweb503341958152.s.moatpixel.com/ Frame 47B6 43 B
251 B 133ms
36ms Image
image/gif 2.19.103.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=100&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=apksum.com&L1id=themediagrid&L2id=themediagrid_8GZCTF&L3id=apksum.com&L4id=1&S1id=display&S2id=null&ord=1701538901610&r=868904362000&t=bs&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.apksum.com%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatImpID=6281f3ff_86b1331d-c5b0-49bd-a728-df349232ed06&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.103.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-103-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 02 Dec 2023 17:41:42 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 47B6 43 B
251 B 36ms
36ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F4451089284811474003%2Findex.html%3Fev%3D01_250&i=IPONWEB1&ol=1683032840&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MwJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lmwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-pL9Y2Zz1Kg7M0g%3D%3D&sc=1&os=1-Rg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.apksum.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.apksum.com&lp=https%3A%2F%2Fwww.apksum.com&t=1701538901610&de=868904362000&cu=1701538901610&m=563&ar=51bd715ca6c-clean&iw=4b74e96&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=287&lg=1&lh=11&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A864%3A593&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=100&cd=0&ah=100&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=themediagrid%3Athemediagrid_8GZCTF%3Aapksum.com%3A1&bo=display&bd=null&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=null&zMoatDomain=apksum.com&zMoatSubdomain=apksum.com&zMoatDspID=16&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tc=0&fs=205853&na=540923491&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 02 Dec 2023 17:41:42 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame DD46 89 KB
32 KB 161ms
51ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=60636500123059810284423012526017&a=4369996f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:42:01 GMT

GET
H2

200

img2310_xmas_1_sea_affiliate_marketing_iab_kt_300x250-1699442187772.jpg
a1.awin1.com/ads/awin/41538/ Frame DD46
Redirect Chain

https://www.awin1.com/cshow.php?s=3498956&v=41538&q=475802&r=414915&pref1=60636500123059810284423012526017&pv=0
https://ui2.awin.com/ads/awin/41538/img2310_xmas_1_sea_affiliate_marketing_iab_kt_300x250-1699442187772.jpg
https://a1.awin1.com/ads/awin/41538/img2310_xmas_1_sea_affiliate_marketing_iab_kt_300x250-1699442187772.jpg

69 KB
70 KB

109ms
35ms

Image
image/jpeg

65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a1.awin1.com/ads/awin/41538/img2310_xmas_1_sea_affiliate_marketing_iab_kt_300x250-1699442187772.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=60636500123059810284423012526017&a=4369996f
Protocol: H2
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af3a723038378a748e4b6310e4412f1f627057be419940c509b36040acd5e8cc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: QeP6um3RyxOEuxSf4TMilmU9jGWTe.Nj
date: Sat, 02 Dec 2023 16:48:00 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 24784
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 71132
last-modified: Wed, 08 Nov 2023 11:16:28 GMT
server: AmazonS3
etag: "6a3f573687d1c69360e4601e12f9efab"
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
x-amz-cf-id: gqlFbO3a78rJv35sRojMTMIXG25keu13h8vUZcLz3a0Mzzk-aoZW4g==

Redirect headers

location: https://a1.awin1.com/ads/awin/41538/img2310_xmas_1_sea_affiliate_marketing_iab_kt_300x250-1699442187772.jpg
date: Sat, 02 Dec 2023 17:41:42 GMT
content-length: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 433C 89 KB
32 KB 217ms
111ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=35407500111664610284419012526014&a=b180f359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:42:01 GMT

GET
H2

200

img2310_xmas_1_sea_affiliate_marketing_iab_kt_728x90-1699442188140.jpg
a1.awin1.com/ads/awin/41538/ Frame 433C
Redirect Chain

https://www.awin1.com/cshow.php?s=3498960&v=41538&q=475802&r=414915&pref1=35407500111664610284419012526014&pv=0
https://ui2.awin.com/ads/awin/41538/img2310_xmas_1_sea_affiliate_marketing_iab_kt_728x90-1699442188140.jpg
https://a1.awin1.com/ads/awin/41538/img2310_xmas_1_sea_affiliate_marketing_iab_kt_728x90-1699442188140.jpg

94 KB
95 KB

109ms
35ms

Image
image/jpeg

65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a1.awin1.com/ads/awin/41538/img2310_xmas_1_sea_affiliate_marketing_iab_kt_728x90-1699442188140.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=35407500111664610284419012526014&a=b180f359
Protocol: H2
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df868461765cede922d48d93396efff9c03460c576cdec442b06cd6822f9e1ae

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: d1ftocYH2NF7CpK4EiVlnlrlNVp5BOLK
date: Sat, 02 Dec 2023 10:46:41 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 37031
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 96384
last-modified: Wed, 08 Nov 2023 11:16:29 GMT
server: AmazonS3
etag: "2979d1e7055fb19f468108f323b65e0f"
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
x-amz-cf-id: tLlKToh5SvCN4Pf2EqGg6zOOP_9JLz66D66VsZUgWZHXSzoOpzgNig==

Redirect headers

location: https://a1.awin1.com/ads/awin/41538/img2310_xmas_1_sea_affiliate_marketing_iab_kt_728x90-1699442188140.jpg
date: Sat, 02 Dec 2023 17:41:42 GMT
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ Frame 47B6 43 B
251 B 37ms
36ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=IPONWEB1&ol=1683032840&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MwJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lmwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-pL9Y2Zz1Kg7M0g%3D%3D&sc=1&os=1-Rg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.apksum.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.apksum.com&lp=https%3A%2F%2Fwww.apksum.com&t=1701538901610&de=868904362000&cu=1701538901610&m=654&ar=51bd715ca6c-clean&iw=4b74e96&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=287&lg=1&lh=11&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A864%3A593&aa=0&ad=50&cn=0&gk=50&gl=0&ik=50&ic=50&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=100&cd=100&ah=100&am=100&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=themediagrid%3Athemediagrid_8GZCTF%3Aapksum.com%3A1&bo=display&bd=null&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=null&zMoatDomain=apksum.com&zMoatSubdomain=apksum.com&zMoatDspID=16&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tc=0&fs=205853&na=1058934863&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 02 Dec 2023 17:41:42 GMT

GET
H2 200 pixel.gif
iponweb503341958152.s.moatpixel.com/ Frame 47B6 43 B
251 B 44ms
38ms Image
image/gif 2.19.103.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=50&fi=1&apd=200&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=apksum.com&L1id=themediagrid&L2id=themediagrid_8GZCTF&L3id=apksum.com&L4id=1&S1id=display&S2id=null&ord=1701538901610&r=868904362000&t=hdn&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.apksum.com%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatImpID=6281f3ff_86b1331d-c5b0-49bd-a728-df349232ed06&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.103.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-103-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 02 Dec 2023 17:41:42 GMT

GET
H2 200 pixel.gif
iponweb503341958152.s.moatpixel.com/ Frame 47B6 43 B
251 B 43ms
37ms Image
image/gif 2.19.103.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=50&fi=1&apd=200&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=apksum.com&L1id=themediagrid&L2id=themediagrid_8GZCTF&L3id=apksum.com&L4id=1&S1id=display&S2id=null&ord=1701538901610&r=868904362000&t=fv&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.apksum.com%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatImpID=6281f3ff_86b1331d-c5b0-49bd-a728-df349232ed06&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.103.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-103-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 02 Dec 2023 17:41:42 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 102ms
34ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.apksum.com%2F&domain=www.apksum.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.apksum.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.apksum.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 02 Dec 2023 17:41:41 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 191399
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
id.a-mx.com/sync/ 66 B
266 B 171ms
38ms Fetch
application/json 131.153.158.209
SECUREDSERVERS-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2&tl=https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2&nf=0&rt=true&v=8.21.0&av=2.0&vg=vlipb&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.158.209 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software: /
Resource Hash: 75095b4b9fe5b638406c3474540205afa8424c164d5d827d0291872595ea75bb

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 2 Dec 2023 17:41:42 GMT
access-control-allow-credentials: true
content-length: 66
content-type: application/json

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
372 B 43ms
41ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.apksum.com%2F&domain=www.apksum.com&cw=1&pbt=1&lsw=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apksum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 211767
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
415 B 94ms
29ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 pbjs Show response
sync.quantumdex.io/usersync/ Frame A796 5 KB
1 KB 175ms
166ms Document
text/html 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc17905a1e9200c1df220442920e301caaf665767f74f239df892655ffc24993

Request headers

Referer: https://www.apksum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 82f55cbbc8f03762-MXP
content-encoding: gzip
content-type: text/html
date: Sat, 02 Dec 2023 17:41:42 GMT
server: cloudflare

GET
H2 204 isyn
prebid.a-mo.net/ Frame 4594 0
0 35ms
35ms Document
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.apksum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Sat, 02 Dec 2023 17:41:41 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 1

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 15AB 6 KB
2 KB 66ms
56ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c

Request headers

Referer: https://www.apksum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f55cbbc99dbae8-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:41:42 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame A824 37 B
140 B 90ms
29ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.apksum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 02 Dec 2023 17:41:42 GMT

GET
H/1.1 200
OK viewability Show response
hal900017.redintelligence.net/ Frame DD46 0
150 B 125ms
42ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/viewability?s=60636500123059810284423012526017&a=3d4bcd4e&vb=m
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=60636500123059810284423012526017&a=4369996f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900017.redintelligence.net/request_content.php?s=60636500123059810284423012526017&a=4369996f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:42 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame DD46 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame 433C 0
150 B 125ms
42ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=35407500111664610284419012526014&a=cfc3c203&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=35407500111664610284419012526014&a=b180f359
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=35407500111664610284419012526014&a=b180f359
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:42 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 433C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
274 B 95ms
29ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

339246ad17fb7e219221c6e3dcdc46e4100715f078de6c7d1e3f419aa383d75b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 15AB 48 KB
12 KB 45ms
36ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 401131
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 82f55cbc9aacbae8-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET b6931342ce0a4afaad148709b51fe102.gif
cs.admanmedia.com/ Frame A796 0
0

GET

45f6616f8301569fb3628edffa5edae8.gif
cs.admanmedia.com/ Frame A796
Redirect Chain

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid...

0
0

GET
H2

200

setuid
sync.quantumdex.io/ Frame A796
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5851632322476081320

43 B
94 B

136ms
136ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5851632322476081320
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f55cbddc173762-MXP
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
an-x-request-uuid: 92586310-e665-41e7-b4a8-63fae8729939
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5851632322476081320
x-proxy-origin: 185.195.71.221; 185.195.71.221; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame A796
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=smaato&uid=2b9632f880

43 B
106 B

136ms
136ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=smaato&uid=2b9632f880
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f55cbd7b993762-MXP
content-length: 43
content-type: image/gif

Redirect headers

date: Sat, 02 Dec 2023 17:41:12 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
age: 30
x-cache: Hit from cloudfront
location: https://sync.quantumdex.io/setuid?bidder=smaato&uid=2b9632f880
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: hAyRzuobh2Z8u0Q-iE8AyQHX1yW0kS92DnZn8v7_XIjy_wlb_G3Ehw==

GET
H2

200

setuid
sync.quantumdex.io/ Frame A796
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-6477533191372521033
https://sync.quantumdex.io/setuid?bidder=between&uid=e7cf8d84-ec72-5250-83b4-5fffe6df33a9

43 B
94 B

134ms
134ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=e7cf8d84-ec72-5250-83b4-5fffe6df33a9
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f55cbddc083762-MXP
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=e7cf8d84-ec72-5250-83b4-5fffe6df33a9
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame A796 0
35 B 106ms
31ms Image
text/plain 35.156.254.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.254.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-254-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame A796 0
277 B 128ms
41ms Image
text/plain 216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 02 Dec 2023 17:41:42 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 0.gif
id5-sync.com/i/495/ Frame A796 43 B
920 B 91ms
33ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 02 Dec 2023 17:41:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

setuid Show response
sync.quantumdex.io/ Frame A061
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=

43 B
94 B

136ms
136ms

Document
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 82f55cbd9bb13762-MXP
content-length: 43
content-type: image/gif
date: Sat, 02 Dec 2023 17:41:42 GMT
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Sat, 02 Dec 2023 17:41:42 GMT
etag: OPTOUT
expires: 0
location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
pragma: no-cache

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 6905 0
134 B 111ms
35ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Sat, 02 Dec 2023 17:41:42 GMT
Server: nginx

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 5CE3 0
134 B 114ms
36ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Sat, 02 Dec 2023 17:41:42 GMT
Server: nginx

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 2F6B 0
134 B 109ms
35ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Sat, 02 Dec 2023 17:41:42 GMT
Server: nginx

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 9545 0
134 B 108ms
34ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Sat, 02 Dec 2023 17:41:42 GMT
Server: nginx

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 1C2D
Redirect Chain

https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1

1 KB
2 KB

30ms
30ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 7e777f86afedca632acf280624fe356b92c24a9632d0e7c6fdd6f7ebae7382a4

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1343
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 17:41:42 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 02 Dec 2023 17:41:42 GMT
location: /sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 37E2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
876 B

58ms
58ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f594282f7b0be1af36dc25f392627fde46393c0e392339e20d3d3752d655bdc9

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82f55cbd8b9f01db-ZRH
content-encoding: br
content-type: text/html
date: Sat, 02 Dec 2023 17:41:42 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peyfBvfY6ma5bQZQhiYVA%2BW5d8oqHjcwxqydVyBWvBthsX4XZVD51u8rEFrIkMbtrUHIyxrbgIwxdmCNRWlG9OOtGQ1WD32bALMCTBJGXrUEwQYhhIGVhmp5RvUO5fvxrtyIAzzi%2BvBpNg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82f55cbd3b0b01db-ZRH
content-length: 0
date: Sat, 02 Dec 2023 17:41:42 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8v0wS0Ak2hBFJ10QCNPvvNbEQVu3N1maxZaPsnQ%2B9%2B%2BATSf7J%2FrngRMVFOCwvti3MldYbs0Vk5xKZIJlSrgU7S9HdHXptTCAxaxZtRgqFZmJCCccWYbkQlJS%2BLY%2BiJYFYxcdpri%2BTcBUbg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame FFCF 563 B
1015 B 359ms
114ms Document
text/html 54.147.45.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.147.45.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-45-225.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 852cf2bcdc04a44f770247d9418e3a6b2cd783636b37567b57229d0643ccae4f

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://sync.quantumdex.io/
content-length: 563
content-type: text/html
date: Sat, 02 Dec 2023 17:41:42 GMT
server: istio-envoy
x-envoy-upstream-service-time: 2

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2EAF 16 KB
6 KB 97ms
29ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92260
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 02 Dec 2023 17:41:42 GMT
expires: Sun, 03 Dec 2023 19:19:22 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame EDE2 4 KB
2 KB 98ms
30ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

8301e55ad5a752b9604a74cbc12509c1a2120437cc8bb9e6b22561069a2fbf04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1538
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 6D27 0
319 B 52ms
52ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f55cbceb26bae8-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:41:42 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

1678579404281054647 Show response
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 5EF3
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
https://csync.smilewanted.com/set_partner_userid_get/smart/1678579404281054647

0
411 B

58ms
58ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/smart/1678579404281054647
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f55cbecd71bae8-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:41:42 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache,no-store
content-length: 0
date: Sat, 02 Dec 2023 17:41:42 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/smart/1678579404281054647
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

POST
H2 200 696.json Show response
id5-sync.com/g/v2/ 251 B
531 B 84ms
32ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/696.json

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a624c307e4f9d30523a7d182ebc167f6dd62f8185d9b9349c41a8d1821c937ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.apksum.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apksum.com
date: Sat, 02 Dec 2023 17:41:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2

200

3374126541201223746 Show response
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame CAA5
Redirect Chain

https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fappnexus%2F%24UID
https://csync.smilewanted.com/set_partner_userid_get/appnexus/3374126541201223746

0
371 B

51ms
51ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/appnexus/3374126541201223746
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f55cbe2c7fbae8-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:41:42 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: a54a4f35-c350-4ffa-b59c-e911afe8ec16
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 17:41:42 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/appnexus/3374126541201223746
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 185.195.71.221; 185.195.71.221; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1C2D 70 B
148 B 157ms
50ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

ebda
eb2.3lift.com/ Frame 1C2D
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIxNDIxNzk5MDQzNDMyNTkyNTYzOA%3D%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

30ms
30ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 1C2D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKTuLg9vtfLRjnHS2NgCTjU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

31ms
30ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKTuLg9vtfLRjnHS2NgCTjU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 02 Dec 2023 17:41:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKTuLg9vtfLRjnHS2NgCTjU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C2D
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIxNDIxNzk5MDQzNDMyNTkyNTYzOA%3D%3D

170 B
243 B

40ms
39ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIxNDIxNzk5MDQzNDMyNTkyNTYzOA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIxNDIxNzk5MDQzNDMyNTkyNTYzOA%3D%3D
date: Sat, 02 Dec 2023 17:41:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 1C2D 0
864 B 242ms
181ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2214217990434325925638&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8B9D4159FD8647A491701EBB6BF94D65 Ref B: ZRHEDGE1122 Ref C: 2023-12-02T17:41:42Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLimXehiexLF8YCS0dwg==

GET
H2

200

xuid
eb2.3lift.com/ Frame 1C2D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/2214217990434325925638?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-L1EfnudE2oR2bHLCHSEm2Ya.x5gZwwLozHfCq8haBA--~A&dongle=0883

37 B
139 B

31ms
30ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-L1EfnudE2oR2bHLCHSEm2Ya.x5gZwwLozHfCq8haBA--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Sat, 02 Dec 2023 17:41:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-L1EfnudE2oR2bHLCHSEm2Ya.x5gZwwLozHfCq8haBA--~A&dongle=0883
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 1C2D
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=2214217990434325925638&gdpr=0&gdpr_consent=${GDPR_CONSENT}
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2
https://x.bidswitch.net/sync?dsp_id=340&user_id=9c8eebdf-6f72-429c-9453-3d53f76791c5&expires=10&ssp=triplelift&bsw_param=82263c05-3075-4a5c-b9b7-b768ec51d5e2
https://eb2.3lift.com/xuid?mid=2409&xuid=82263c05-3075-4a5c-b9b7-b768ec51d5e2&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
354 B

31ms
31ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=82263c05-3075-4a5c-b9b7-b768ec51d5e2&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 02 Dec 2023 17:41:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: //eb2.3lift.com/xuid?mid=2409&xuid=82263c05-3075-4a5c-b9b7-b768ec51d5e2&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
date: Sat, 02 Dec 2023 17:41:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 1C2D
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
https://eb2.3lift.com/xuid?mid=2711&xuid=0d1ca073-de08-4ec8-9fe0-3c7bb812a290&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=

37 B
354 B

30ms
30ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=0d1ca073-de08-4ec8-9fe0-3c7bb812a290&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 02 Dec 2023 17:41:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:41 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://eb2.3lift.com/xuid?mid=2711&xuid=0d1ca073-de08-4ec8-9fe0-3c7bb812a290&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 916468
content-length: 0
expires: Sat, 02 Dec 2023 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 1C2D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=3335&xuid=5851632322476081320&dongle=4d58&gdpr=0&gdpr_consent=

37 B
354 B

32ms
32ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=5851632322476081320&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 02 Dec 2023 17:41:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
an-x-request-uuid: 2d89e79d-15af-482b-90fa-7b7f9a70883c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://eb2.3lift.com/xuid?mid=3335&xuid=5851632322476081320&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin: 185.195.71.221; 185.195.71.221; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/prebid/ Frame 1C2D 43 B
963 B 54ms
35ms Image
image/gif 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2214217990434325925638

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
an-x-request-uuid: f7525a27-f378-4d5a-95da-fca38317d7fd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.195.71.221; 185.195.71.221; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2EAF 2 KB
3 KB 132ms
34ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4655738&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 97afcf91c3df414c9be4f7892a9f8f6f1e51a432d72f15a1da10e6d533729a75

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:41:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

LPOCBW1D-Q-M2U Show response
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 7495
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LPOCBW1D-Q-M2U?gdpr=0

0
402 B

63ms
63ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LPOCBW1D-Q-M2U?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f55cbe7d01bae8-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:41:42 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LPOCBW1D-Q-M2U?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
content-length: 0

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame EDE2 43 B
442 B 94ms
39ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1143 599e619 master zrh zrh-pixel-x28 config_version:"121" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:42 GMT
Server: MT3 1143 599e619 master zrh zrh-pixel-x28 config_version:"121"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sat, 02 Dec 2023 17:41:41 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame EDE2 0
239 B 141ms
32ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame EDE2
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5851632322476081320

0
340 B

29ms
29ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5851632322476081320

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
an-x-request-uuid: 76496103-9746-4278-a5f9-090e1f2ed1ff
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5851632322476081320
x-proxy-origin: 185.195.71.221; 185.195.71.221; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame EDE2
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=6ab8d3b47f58598b86fbd4323239f5ed&gdpr_consent=&gdpr=1

0
340 B

29ms
29ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=6ab8d3b47f58598b86fbd4323239f5ed&gdpr_consent=&gdpr=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:41:42 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=6ab8d3b47f58598b86fbd4323239f5ed&gdpr_consent=&gdpr=1
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1701538902717090-601

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame EDE2 42 B
924 B 126ms
30ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=vk4UYCwQWjBRmuV9ZLm32KOhm9i83S5QNVCCeqLCZyc
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET 73c1e1bfc3bde354d60b80e601ae3914.gif
cs.admanmedia.com/ Frame EDE2 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDE2
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCufMpgMkXPC6zz5aHgqz81Ymn7FR9MvJA

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCufMpgMkXPC6zz5aHgqz81Ymn7FR9MvJA

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCufMpgMkXPC6zz5aHgqz81Ymn7FR9MvJA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame EDE2 0
75 B 250ms
40ms Image
text/plain 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame EDE2 0
0 95ms
37ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame EDE2
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=vk4UYCwQWjBRmuV9ZLm32KOhm9i83S5QNVCCeqLCZyc

43 B
479 B

353ms
117ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=vk4UYCwQWjBRmuV9ZLm32KOhm9i83S5QNVCCeqLCZyc

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:41:42 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GAF1QHW9CPTHSC1JKA73
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=vk4UYCwQWjBRmuV9ZLm32KOhm9i83S5QNVCCeqLCZyc
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame EDE2 0
42 B 148ms
43ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame EDE2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPvQQyZs6lb3Ml6-YJpqZsY&google_cver=1

0
340 B

29ms
29ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPvQQyZs6lb3Ml6-YJpqZsY&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEPvQQyZs6lb3Ml6-YJpqZsY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame EDE2 0
125 B 123ms
33ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame EDE2 70 B
148 B 87ms
51ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame EDE2 43 B
145 B 30ms
29ms Image
image/gif 18.158.157.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.157.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-157-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 setuid
sync.quantumdex.io/ Frame EDE2 43 B
94 B 145ms
145ms Image
image/gif 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=onetag&uid=vk4UYCwQWjBRmuV9ZLm32KOhm9i83S5QNVCCeqLCZyc
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f55cbe4c8f3762-MXP
content-length: 43
content-type: image/gif

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7BC2 16 KB
6 KB 47ms
46ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92260
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 02 Dec 2023 17:41:42 GMT
expires: Sun, 03 Dec 2023 19:19:22 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 37E2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWtsVjK4EBB1RtiBuOLTcAAAFIMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOuFCt2mn5vQZ-Yxs6NVb-Y&google_cver=1

43 B
773 B

60ms
60ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOuFCt2mn5vQZ-Yxs6NVb-Y&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YW6jmDO%2F%2FlLzYKhL8nj%2FfYaqE5KkQ1rEF5mTLv4AiEmnrJs4UWMLSt2hEKKqRrUQfS6K%2FjWZ3i0Nmx6uX%2BoYXLjYTMnxTSkhYWZilnO3OhgSsWinUxz%2FiShpn3559WYIQFZkeeY77iDr6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f55cbe2dd60221-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOuFCt2mn5vQZ-Yxs6NVb-Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 37E2
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWtsVjK4EBB1RtiBuOLTcAAA%265251&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZWtsVjK4EBB1RtiBuOLTcAAA%265251&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=4da300a7034242c29d69651ea6636afa
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-T1rlwcSb5waxYsk3eWWh0sbqbFE7geY1BVtLyg
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-T1rlwcSb5waxYsk3eWWh0sbqbFE7geY1BVtLyg

43 B
548 B

510ms
111ms

Image
image/gif

2600:1f18:ed:550e:2d2e:9af7:db33:d77c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-T1rlwcSb5waxYsk3eWWh0sbqbFE7geY1BVtLyg

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:2d2e:9af7:db33:d77c -, , ASN (),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:43 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-T1rlwcSb5waxYsk3eWWh0sbqbFE7geY1BVtLyg
Date: Sat, 02 Dec 2023 17:41:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 37E2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWtsVjK4EBB1RtiBuOLTcAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIeZFIM3qPg_rBw8n6Cq128&google_cver=1

43 B
737 B

48ms
47ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIeZFIM3qPg_rBw8n6Cq128&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FM1pAEWCIxRnt%2FhqI6VlsX%2FDwsvZC8dJXHCzvBOorCTsjU8MAkC3267wQH8ogTt0ijS%2FoFm0ahpA8vA%2FD3hy9KiQjXHmG3z4uIRygIAtzMHN0mV2G36W4xIL5%2BkFOhTnVuYlRviJML6zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f55cbe8e6e0221-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIeZFIM3qPg_rBw8n6Cq128&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 37E2 70 B
149 B 52ms
49ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 37E2
Redirect Chain

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZWtsVjK4EBB1RtiBuOLTcAAA%265251
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=e8dd340f-3d96-421e-ad80-a69687598815

43 B
729 B

57ms
56ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=e8dd340f-3d96-421e-ad80-a69687598815
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjvGRreFaDkB2KKvJi7dyOtZi8s7CUnOZ8uWXzoCVEwCkrJ0qgWqKCiIYItNY1%2B0C1EuWfxIfcXdhSrH4oJ23Ud6O4Zykk6ZfuK4xaw0tBwvu7XxXs5egAjp0bHr1A5gpJ5YbGW6G3XSOg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f55cc6dd850221-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=e8dd340f-3d96-421e-ad80-a69687598815
Date: Sat, 02 Dec 2023 17:41:44 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 37E2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZWtsVgAD-eNSIwBd
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWtsVgAD-eNSIwBd&_test=ZWtsVgAD-eNSIwBd

43 B
733 B

51ms
51ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWtsVgAD-eNSIwBd&_test=ZWtsVgAD-eNSIwBd
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjWVkHf92D6Re66H6LNCYogxXB6a41F5ZbYYL55rHTGeJh2xqkonr6BXBSISLDD1Hh0VGU4NWP9oWag5%2FxndDg%2BgEVFEQw4kgN2RaHUqQFShTbE3C%2BJxpqWO6L2ILlajJ1sJwOWk9oTrLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f55cbf4fa30221-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

x-served-by: cache-mxp6925-MXP
pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1701538903.902271,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWtsVgAD-eNSIwBd&_test=ZWtsVgAD-eNSIwBd
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 37E2
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWtsVjK4EBB1RtiBuOLTcAAAFIMAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWtsVjK4EBB1RtiBuOLTcAAAFIMAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

143ms
143ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWtsVjK4EBB1RtiBuOLTcAAAFIMAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:41:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TSYX8W8045JH61MWAGFM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:41:42 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FX84VZHD98B772XT3BRS
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWtsVjK4EBB1RtiBuOLTcAAAFIMAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 37E2
Redirect Chain

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWtsVjK4EBB1RtiBuOLTcAAA%265251
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWtsVjK4EBB1RtiBuOLTcAAA%265251&tc=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=L6zMNCx6HCkkACtv2N8Ew5D6srn2ivTcJAKKiqH-fn4&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWtsVjK4EBB1RtiBuOLTcAAA%265251&tc=1

43 B
725 B

58ms
58ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=L6zMNCx6HCkkACtv2N8Ew5D6srn2ivTcJAKKiqH-fn4&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWtsVjK4EBB1RtiBuOLTcAAA%265251&tc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxigP5iSeWF8NsaPnlOwYec5gAachIGHayHysinlGD2FMmdyybhpFn07EdPgqSW2btjdbMUt1UCeIKNmo4le%2BsAsZtTdH46s2WjHmX2D48arHjwToAPNgG2xOKdH2n20cEXk315tnqSJFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f55cbedf040221-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=L6zMNCx6HCkkACtv2N8Ew5D6srn2ivTcJAKKiqH-fn4&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWtsVjK4EBB1RtiBuOLTcAAA%265251&tc=1
pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT, Sat, 02 Dec 2023 17:41:42 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame 37E2 43 B
94 B 134ms
133ms Image
image/gif 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=ZWtsVjK4EBB1RtiBuOLTcAAAFIMAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f55cbdfc2a3762-MXP
content-length: 43
content-type: image/gif

GET
H2

200

de386e47-80fb-46cc-bd39-3d0531cfcb9a&partner_id=1010 Show response
csync.smilewanted.com/set_partner_userid_get/improve/ Frame EA35
Redirect Chain

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
https://csync.smilewanted.com/set_partner_userid_get/improve/de386e47-80fb-46cc-bd39-3d0531cfcb9a&partner_id=1010

0
706 B

53ms
53ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/improve/de386e47-80fb-46cc-bd39-3d0531cfcb9a&partner_id=1010
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f55cbf9e70bae8-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:41:43 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Sat, 02 Dec 2023 17:41:42 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/improve/de386e47-80fb-46cc-bd39-3d0531cfcb9a&partner_id=1010
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK img Show response
sync.mathtag.com/sync/ Frame 28C5 43 B
442 B 26ms
26ms Document
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1143 599e619 master zrh zrh-pixel-x13 config_version:"121" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 02 Dec 2023 17:41:42 GMT
Expires: Sat, 02 Dec 2023 17:41:41 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1143 599e619 master zrh zrh-pixel-x13 config_version:"121"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame BE92
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
245 B

147ms
42ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:41:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:42 GMT
expires: Sat, 02 Dec 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1025667
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame B9BA
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EF62157B-E772-4800-8158-D9BACC7E1431&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EF62157B-E772-4800-8158-D9BACC7E1431&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

212ms
212ms

Document
image/gif

52.95.115.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EF62157B-E772-4800-8158-D9BACC7E1431&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 02 Dec 2023 17:41:43 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 98SK1N9242VE8V21B5X7

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 02 Dec 2023 17:41:42 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=EF62157B-E772-4800-8158-D9BACC7E1431&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: P0FXQ79D8ZDXF033NSQR

GET
H2 200 setuid Show response
sync.quantumdex.io/ Frame 3A9E 43 B
94 B 148ms
145ms Document
image/gif 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=EF62157B-E772-4800-8158-D9BACC7E1431
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 82f55cbe7cb63762-MXP
content-length: 43
content-type: image/gif
date: Sat, 02 Dec 2023 17:41:42 GMT
server: cloudflare

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2EAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=72IVe-dySACBWNm6zH4UMQ%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

62ms
62ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=92260
accept-ranges: bytes
content-length: 5622
expires: Sun, 03 Dec 2023 19:19:22 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 2EAF
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EF62157B-E772-4800-8158-D9BACC7E1431&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EF62157B-E772-4800-8158-D9BACC7E1431&gdpr=0&gdpr_consent=&ct=y

49 B
545 B

94ms
94ms

Image
image/gif

52.212.46.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EF62157B-E772-4800-8158-D9BACC7E1431&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 52.212.46.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-46-188.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.15.84
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EF62157B-E772-4800-8158-D9BACC7E1431&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.45.7.10
content-length: 0
expires: 0

GET
H2

204

cr
cr.frontend.weborama.fr/ Frame 2EAF
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1805111187

0
45 B

39ms
38ms

Image
text/plain

34.111.129.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1805111187
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.129.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
via: 1.1 google
last-modified: Sat, 02 Dec 2023 17:41:42 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
via: 1.1 google
last-modified: Sat, 02 Dec 2023 17:41:42 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1805111187
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200

p
a.audrte.com/ Frame 2EAF
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=EF62157B-E772-4800-8158-D9BACC7E1431
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZTk3dThQLU1qdE9UUXVUWVV3UDR4eXR4UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=4137139064124650715&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

50ms
50ms

Image
image/png

46.137.164.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: HTTP/1.1
Server: 46.137.164.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-164-248.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:43 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sat, 02 Dec 2023 17:41:43 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2EAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUY2MjE1N0ItRTc3Mi00ODAwLTgxNTgtRDlCQUNDN0UxNDMx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

114ms
36ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:41:41 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2EAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEL_x7Y9-3ljUlSAWl9NXWJs&google_cver=1

42 B
497 B

104ms
35ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEL_x7Y9-3ljUlSAWl9NXWJs&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:41:41 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEL_x7Y9-3ljUlSAWl9NXWJs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 2EAF 43 B
608 B 127ms
39ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 01 Dec 2023 17:41:42 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2EAF
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4137139064124650715

42 B
321 B

138ms
43ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4137139064124650715
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:41:41 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4137139064124650715
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2EAF 70 B
148 B 50ms
48ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 EF62157B-E772-4800-8158-D9BACC7E1431
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2EAF 43 B
599 B 54ms
52ms Image
image/gif 2a05:d018:d29:3602:1a0:3675:b602:a15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/EF62157B-E772-4800-8158-D9BACC7E1431?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:1a0:3675:b602:a15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 2EAF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EF62157B-E772-4800-8158-D9BACC7E1431&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_CTsSWhE2uXfVL1wYuNF2zHSqj0jLbQ-~A&gdpr=0

0
260 B

121ms
34ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_CTsSWhE2uXfVL1wYuNF2zHSqj0jLbQ-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:40 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_CTsSWhE2uXfVL1wYuNF2zHSqj0jLbQ-~A&gdpr=0
date: Sat, 02 Dec 2023 17:41:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A400 0
20 B 64ms
62ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=347028461959&version=m202309260101&ct=76&x=38&cor=1323764092838305300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A400 42 B
64 B 188ms
86ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssurnrJw3QExOEkOgL_5dcVehlr_7ZO_9vCCPm5C_7D55bN07tOis1BfOCksSr-vxEvlWH4NE1zO8XdyLgmi_ZNyIe_2MtLtRyCWzbuvlcxGifF7vSUg1l_URjZ&sig=Cg0ArKJSzCc547jjafRqEAE&id=lidar2&mcvt=1005&p=0,0,90,728&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538901099&rpt=681&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

586be0a6-eefe-4591-890e-32181b40f1f5 Show response
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 22A1
Redirect Chain

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
https://csync.smilewanted.com/set_partner_userid_get/openx/586be0a6-eefe-4591-890e-32181b40f1f5

0
438 B

51ms
51ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/openx/586be0a6-eefe-4591-890e-32181b40f1f5
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f55cbf5e23bae8-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:41:42 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 0
content-type: text/html
date: Sat, 02 Dec 2023 17:41:42 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/openx/586be0a6-eefe-4591-890e-32181b40f1f5
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame EECB 0
0 40ms
38ms Document
text/plain 216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Sat, 02 Dec 2023 17:41:42 GMT
X-Sovrn-Pod: ad_ap3ams1

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CC1 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5586549315277&version=m202309260101&ct=76&x=38&cor=10773230996724593000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1CC1 42 B
64 B 111ms
88ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuffTeqpeCCbadnHyCSX1HN2M2rD-E0gMXMeSsU8PxyDCgwZJNqAZxD2_5s7lUJK9w3SEhsTpI_4ViB2LDldL-gBp9DsrVq34UTcRZ3yJf6XbmvNxc1wOjeCPH5&sig=Cg0ArKJSzD_g3WIclG_CEAE&id=lidar2&mcvt=1007&p=0,0,90,728&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538901102&rpt=727&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4137139064124650715 Show response
csync.smilewanted.com/set_partner_userid_get/adform/ Frame A1FE
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
https://csync.smilewanted.com/set_partner_userid_get/adform/4137139064124650715

0
485 B

51ms
50ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/adform/4137139064124650715
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f55cbffedfbae8-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:41:43 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/plain
date: Sat, 02 Dec 2023 17:41:42 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/adform/4137139064124650715
server: nginx

GET
H2

200

cs
cs-server-s2s.yellowblue.io/ Frame FFCF
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=575fabdf-5c7a-4796-a589-08cd9b2ea88d-656b6c57-4348&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EF62157B-E772-4800-8158-D9BACC7E1431&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=259ee09f9b051693&is_secure=true&networkId=17100&version=1&nuid=EF62157B-E772-4800-8158-D9BACC7E1431&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIXfUGw2-TPAMJz07fAAAAAAA&expiration=1701625303&nuid=EF62157B-E772-4800-8158-D9BACC7E1431&...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=EF62157B-E772-4800-8158-D9BACC7E1431

0
329 B

113ms
113ms

Image
application/javascript

54.147.45.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=EF62157B-E772-4800-8158-D9BACC7E1431
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 54.147.45.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-45-225.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:43 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

location: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=EF62157B-E772-4800-8158-D9BACC7E1431
date: Sat, 02 Dec 2023 17:41:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 115
content-type: text/html; charset=utf-8

GET
H2 204 v1
match.sharethrough.com/universal/ Frame FFCF 0
34 B 30ms
29ms Image
text/plain 35.156.254.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.254.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-254-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT

GET
H2

200

cs
cs.yellowblue.io/ Frame FFCF
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
https://cs.yellowblue.io/cs?aid=11601&id=6ab8d3b47f58598b86fbd4323239f5ed&gdpr_consent=&gdpr=0

0
330 B

168ms
53ms

Image
application/javascript

18.200.44.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11601&id=6ab8d3b47f58598b86fbd4323239f5ed&gdpr_consent=&gdpr=0
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.200.44.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-44-133.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:43 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:41:42 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cs.yellowblue.io/cs?aid=11601&id=6ab8d3b47f58598b86fbd4323239f5ed&gdpr_consent=&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1701538902893025-552

GET
H2 200 setuid
sync.quantumdex.io/ Frame FFCF 43 B
117 B 149ms
149ms Image
image/gif 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=rise&uid=OGvt8Ir-kp_s
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f55cbf2d743762-MXP
content-length: 43
content-type: image/gif

GET
H2

200

/ Show response
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame FDA9
Redirect Chain

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

0
80 B

53ms
53ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f55cc25acabae8-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:41:43 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 92
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Dec 2023 17:41:43 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma: no-cache

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 47B6 0
20 B 63ms
63ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=199193674805&version=m202309260101&ct=119&x=38&cor=5964607571727176000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 47B6 42 B
64 B 86ms
86ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYAl8XFKDJrHhgojs_MOHcgGP_LPRgqYXhRrXUvcGMcVtCsWtakIlJAz4FSrnoGs8du9bhPuZpCU24u32sBNodn2x9yOsknMbfH1GWZRrp9O44Ka3s5l0d-X1I&sig=Cg0ArKJSzL70_LNJiTr0EAE&id=lidar2&mcvt=1008&p=0,0,250,300&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=2075474804&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538901096&rpt=847&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

L6zMNCx6HCkkACtv2N8Ew5D6srn2ivTcJAKKiqH-fn4 Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 7F64
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/L6zMNCx6HCkkACtv2N8Ew5D6srn2ivTcJAKKiqH-fn4?pi=smilewanted

0
527 B

51ms
51ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/L6zMNCx6HCkkACtv2N8Ew5D6srn2ivTcJAKKiqH-fn4?pi=smilewanted
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f55cbfeed9bae8-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:41:43 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Sat, 02 Dec 2023 17:41:42 GMT Sat, 02 Dec 2023 17:41:42 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/L6zMNCx6HCkkACtv2N8Ew5D6srn2ivTcJAKKiqH-fn4?pi=smilewanted
pragma: no-cache

GET
H2 200 pixel.gif
px.moatads.com/ Frame 47B6 43 B
251 B 36ms
35ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=IPONWEB1&ol=1683032840&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MwJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lmwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-pL9Y2Zz1Kg7M0g%3D%3D&sc=1&os=1-Rg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.apksum.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.apksum.com&lp=https%3A%2F%2Fwww.apksum.com&t=1701538901610&de=868904362000&cu=1701538901610&m=1678&ar=51bd715ca6c-clean&iw=4b74e96&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=287&lg=1&lh=11&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A864%3A593&aa=1&ad=1075&cn=50&gn=1&gk=1075&gl=50&ik=1075&ic=1075&ez=1&co=1075&cp=1016&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1016&cd=100&ah=1016&am=100&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=themediagrid%3Athemediagrid_8GZCTF%3Aapksum.com%3A1&bo=display&bd=null&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=null&zMoatDomain=apksum.com&zMoatSubdomain=apksum.com&zMoatDspID=16&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=205853&na=75554784&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 02 Dec 2023 17:41:43 GMT

GET
H2 200 pixel.gif
iponweb503341958152.s.moatpixel.com/ Frame 47B6 43 B
251 B 37ms
36ms Image
image/gif 2.19.103.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1016&tet=1075&fi=1&apd=1225&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=apksum.com&L1id=themediagrid&L2id=themediagrid_8GZCTF&L3id=apksum.com&L4id=1&S1id=display&S2id=null&ord=1701538901610&r=868904362000&t=iv&os=1&fi2=0&div1=1&ait=0&url=https%253A%252F%252Fwww.apksum.com%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatImpID=6281f3ff_86b1331d-c5b0-49bd-a728-df349232ed06&bedc=1&q=6&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.103.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-103-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 02 Dec 2023 17:41:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 47B6 43 B
251 B 35ms
35ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=IPONWEB1&ol=1683032840&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MwJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lmwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-pL9Y2Zz1Kg7M0g%3D%3D&sc=1&os=1-Rg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.apksum.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.apksum.com&lp=https%3A%2F%2Fwww.apksum.com&t=1701538901610&de=868904362000&cu=1701538901610&m=1679&ar=51bd715ca6c-clean&iw=4b74e96&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=287&lg=1&lh=11&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A864%3A593&aa=1&ad=1075&cn=1075&gn=1&gk=1075&gl=1075&ik=1075&ic=1075&ez=1&co=1075&cp=1016&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1016&cd=1016&ah=1016&am=1016&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=themediagrid%3Athemediagrid_8GZCTF%3Aapksum.com%3A1&bo=display&bd=null&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=null&zMoatDomain=apksum.com&zMoatSubdomain=apksum.com&zMoatDspID=16&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=205853&na=697322376&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 02 Dec 2023 17:41:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 47B6 43 B
251 B 35ms
35ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=IPONWEB1&ol=1683032840&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MwJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-0lmwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-pL9Y2Zz1Kg7M0g%3D%3D&sc=1&os=1-Rg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.apksum.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.apksum.com&lp=https%3A%2F%2Fwww.apksum.com&t=1701538901610&de=868904362000&cu=1701538901610&m=1679&ar=51bd715ca6c-clean&iw=4b74e96&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=287&lg=1&lh=11&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A864%3A593&aa=1&ad=1075&cn=1075&gn=1&gk=1075&gl=1075&ik=1075&ic=1075&ez=1&co=1075&cp=1016&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1016&cd=1016&ah=1016&am=1016&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=themediagrid%3Athemediagrid_8GZCTF%3Aapksum.com%3A1&bo=display&bd=null&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=null&zMoatDomain=apksum.com&zMoatSubdomain=apksum.com&zMoatDspID=16&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=205853&na=1427617400&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 02 Dec 2023 17:41:43 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 508C 0
20 B 63ms
62ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7705689210672&version=m202311060101&ct=77&x=38&cor=4295937500513244000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 508C 42 B
64 B 86ms
86ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT-D91xFrPibuxurx6vH3F7UO3eBFiipiqkWKyvHJwtubatm938dY3SRty9RY-aRg5NuF_SElVhoJh8hPbzeEX_YhHvHxzsrK5J6so2vth3s4Rn10N7lkGQYuwXl0&sig=Cg0ArKJSzNe0kqvSHQHfEAE&id=lidar2&mcvt=1017&p=0,0,90,728&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=948955621&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538901058&rpt=1561&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E89 0
20 B 63ms
63ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5238503411872&version=m202309260101&ct=77&x=38&cor=14446814646774192000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0E89 42 B
64 B 87ms
87ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkmUmKZFkFQqzxQbqJTK6Xxbo7P_sBOeNJ5Q6dKrEsw-LyPkam-eZA20MnXOLpsjybiQblGBrHxEluGvNguvjOdP5DhyOzqp0lf8FGfd1ITQf8VDma7uhwYKMg&sig=Cg0ArKJSzJbEaMNvHxeMEAE&id=lidar2&mcvt=1007&p=0,0,250,300&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=3860748336&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538901105&rpt=1555&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://assets.vlitag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame 433C 0
150 B 126ms
43ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=35407500111664610284419012526014&a=cfc3c203&vb=v
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=35407500111664610284419012526014&a=b180f359
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=35407500111664610284419012526014&a=b180f359
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:43 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal900017.redintelligence.net/ Frame DD46 0
150 B 126ms
43ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/viewability?s=60636500123059810284423012526017&a=3d4bcd4e&vb=v
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=60636500123059810284423012526017&a=4369996f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900017.redintelligence.net/request_content.php?s=60636500123059810284423012526017&a=4369996f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:41:43 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 2EAF 0
128 B 47ms
34ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:42 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/b6931342ce0a4afaad148709b51fe102.gif?gdpr=&gdpr_consent=&ccpa=[CCPA]&coppa=[COPPA]&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dillumin%26uid%3D%5BUID%5D

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtMTZkM2YyODAtYmEzYS0zZTdmLWJlNDgtNmUyMDVlNDdhNWYzMgIYDDgB&gdpr=&gdpr_consent=

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&ccpa=&coppa=

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

91 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 18:48:34	Name: sync Value: CgoIoQEQsOT83MIxCgoIkQIQsOT83MIxCgoItAIQsOT83MIxCgoI5gEQsOT83MIxCgoIhwIQsOT83MIxCgoItwIQsOT83MIxCgkIOhCw5PzcwjEKCgiMAhCw5PzcwjEKCQhfELDk_NzCMQoJCB8QsOT83MIx
i.liadm.com/s	1970-01-20 17:22:10	Name: _li_ss Value: ChMKBgjdARDRFgoJCP____8HENsW
.apksum.com/	1970-01-20 16:39:00	Name: PHPSESSID Value: 797hm18fgvq055bc2u1nfl7l48
.apksum.com/	1970-01-21 02:14:58	Name: _ga_8JFH2XCMDR Value: GS1.1.1701538898.1.0.1701538898.0.0.0
.apksum.com/	1970-01-21 02:14:58	Name: _ga Value: GA1.1.637028135.1701538898
.apksum.com/	1970-01-21 01:24:34	Name: cf_clearance Value: piY7RJiToTRwUGCs9XanROH9rFvHEHMGqktgEV.wrDk-1701538898-0-1-6f499a48.63664f33.6f37381f-0.2.1701538898
www.apksum.com/	1970-01-20 18:05:22	Name: __ppIdCC Value: wpjaun_xon217915388.8468
.apksum.com/	1970-01-20 17:19:18	Name: sharedid Value: 63e27e6e-48c3-49eb-9547-41cabc2fb5d0
.apksum.com/	1970-01-20 17:19:18	Name: sharedid_cst Value: zix7LPQsHA%3D%3D
prebid.a-mo.net/	1970-01-20 16:38:59	Name: _Amc_b Value: 0
.quantumdex.io/	1970-01-20 16:53:22	Name: uid Value: bc9cab8e-9b1e-4d01-a98e-20804c33fb77
.prebid.a-mo.net/	1970-01-21 01:24:34	Name: __amc Value: 2_1701538898_1701538899
.criteo.com/	1970-01-21 02:00:34	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:00:34	Name: uid Value: 0d1ca073-de08-4ec8-9fe0-3c7bb812a290
.apksum.com/	1970-01-21 02:00:34	Name: cto_bundle Value: MQ6QGF9wJTJCYzMyS3d2S1BBZmRId21NcG02OFNvJTJGOWxVdUw5cU52SzlrOXdsdTY3bGNJT25vJTJCQndnU3FvS2o3YmdBdE96YTRuRjROVnE4WkR5QUZob1cwN2YlMkZua1p2bHIyMWRsUHBvck9ldnlSWEVQNEE4WXJ5cThNdk8zWDFZZFhKQkRZYnhCOFhPUEhmeGZIZmRlWXZsTUI4dyUzRCUzRA
.bidswitch.net/	1970-01-21 01:24:34	Name: c Value: 1701538901
.bidswitch.net/	1970-01-21 01:24:34	Name: tuuid_lu Value: 1701538901
.bidswitch.net/	1970-01-21 01:24:34	Name: tuuid Value: 82263c05-3075-4a5c-b9b7-b768ec51d5e2
.nrich.ai/	1970-01-21 02:14:58	Name: _nauid Value: 41d251df-236e-4b24-bcfb-57c00c6c8902
.doubleclick.net/	1970-01-21 02:14:58	Name: IDE Value: AHWqTUl1EUBdody4yUgQhLzUGHf-GPbyh0wdhO6nzZsTA7d4V3NIHz3JBW-pnE8Fe2A
.doubleclick.net/	1970-01-20 20:58:10	Name: APC Value: AfxxVi6kZ-kwuAJyjY5O_OSbOfqiWbWIuPq8SpFMaKbEQIxYX9E2Jw
.adform.net/	1970-01-20 17:23:37	Name: C Value: 1
.doubleclick.net/	1970-01-20 17:22:10	Name: ar_debug Value: 1
.adform.net/	1970-01-20 18:05:22	Name: uid Value: 4137139064124650715
.redintelligence.net/	1970-01-20 18:48:34	Name: 8lcfmzhxc8d6_uid Value: a824ea2c3f07099c
.awin1.com/	1970-01-20 16:41:51	Name: awpv41538 Value: 414915\|1701538902\|0de24f50-913a-11ee-825d-22629e669530
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 475802:3498960
.3lift.com/	1970-01-20 18:48:34	Name: tluid Value: 2214217990434325925638
.smaato.net/	1970-01-20 17:09:13	Name: SCM Value: 2b9632f880
.smaato.net/	1970-01-20 17:09:13	Name: SCMp Value: 2b9632f880
.onetag-sys.com/	1970-01-21 02:08:45	Name: OTP Value: vk4UYCwQWjBRmuV9ZLm32KOhm9i83S5QNVCCeqLCZyc
.casalemedia.com/	1970-01-21 01:24:34	Name: CMID Value: ZWtsVjK4EBB1RtiBuOLTcAAA
.casalemedia.com/	1970-01-20 18:48:34	Name: CMPS Value: 5251
.casalemedia.com/	1970-01-20 18:48:34	Name: CMPRO Value: 5251
.ads.pubmatic.com/	1970-01-20 16:40:25	Name: KCCH Value: YES
.betweendigital.com/	1970-01-21 01:24:34	Name: dc Value: lux1
.betweendigital.com/	1970-01-21 01:24:34	Name: tuuid Value: e7cf8d84-ec72-5250-83b4-5fffe6df33a9
.betweendigital.com/	1970-01-21 01:24:34	Name: ss Value: 1
.adnxs.com/	1970-01-20 18:48:34	Name: anj Value: dTM7k!M4/YDunaTF']wIg2GTxo9cZI!]tbP6j2F-.aDE7BAf@@gkMqTe8u@aifKvPk^qJejG+Jkgm/<Cl8[QDki'Hq*g0D(K)J[(
.adnxs.com/	1970-01-20 18:48:34	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIyMjE0MjE3OTkwNDM0MzI1OTI1NjM4IiwiZXhwaXJlcyI6IjIwMjQtMDMtMDFUMTc6NDE6NDJaIn19LCJiaXJ0aGRheSI6IjIwMjMtMTItMDJUMTc6NDE6NDJaIn0=
.betweendigital.com/	1970-01-21 01:24:34	Name: ut Value: ZWtsVgAKFgg2l0TVG_1ENIgu8BmzPgLvmfIacg==
.adnxs.com/	1970-01-20 18:48:34	Name: uuid2 Value: 3374126541201223746
.yahoo.com/	1970-01-21 01:24:56	Name: A3 Value: d=AQABBFZsa2UCENh50ta21nYIQdZY80wR_1cFEgEBAQG9bGV1ZQAAAAAA_eMAAA&S=AQAAAk4o8_WcKPD3kABepgZRVoc
.pubmatic.com/	1970-01-21 01:24:34	Name: KADUSERCOOKIE Value: EF62157B-E772-4800-8158-D9BACC7E1431
.pubmatic.com/	1970-01-20 18:48:34	Name: DPSync3 Value: 1702684800%3A201_245_241_235
pixel.rubiconproject.com/	1970-01-20 18:48:34	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 01:24:34	Name: khaos Value: LPOCBW1G-C-BJBJ
.rubiconproject.com/	1970-01-21 01:24:34	Name: audit Value: 1\|uz2DitVx6r+Zchry95jGfk0ksDBKtHlnm9tsvqH1wIz9MbvQsxHvgJrwRCSioyUy1ODfIV5rFkiM1KxoLazIt6NWShwHx7KI6rocrMY9/A/N+fnzAvnl0+sWketRR86mcnKZGGSqZjXh/Xf/ZcDgtZmjgvWAHjpOK51GNxbL0hE1q5ML1gZE+c9sdGeFC9lF
.smartadserver.com/	1970-01-21 01:26:01	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 01:26:01	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.ads.stickyadstv.com/	1970-01-20 17:22:10	Name: UID Value: 6ab8d3b47f58598b86fbd4323239f5ed
.creativecdn.com/	1970-01-21 01:24:34	Name: u Value: gILrbWXTGgGN2yHt7oZR
.creativecdn.com/	1970-01-21 01:24:34	Name: g Value: gILrbWXTGgGN2yHt7oZR_1701538902792
.creativecdn.com/	1970-01-21 01:24:34	Name: ts Value: 1701538902
.analytics.yahoo.com/	1970-01-21 01:24:34	Name: IDSYNC Value: 18z8~2fdt
.smadex.com/	1970-01-21 01:17:22	Name: smxtrack Value: 9c8eebdf-6f72-429c-9453-3d53f76791c5
.smadex.com/	1970-01-20 16:53:22	Name: smxbds Value: 1
.smartadserver.com/	1970-01-21 01:26:01	Name: pid Value: 1678579404281054647
.linkedin.com/	1970-01-21 01:24:34	Name: bcookie Value: "v=2&1d77a3ca-91c5-4916-8a18-d1d96d068c23"
.linkedin.com/	1970-01-20 20:58:10	Name: li_gc Value: MTswOzE3MDE1Mzg5MDI7MjswMjEjDYUxGKMGrFrTU+1hHEOmpRhYtnLZ0dgJ5oL93KnsMA==
.linkedin.com/	1970-01-20 16:40:25	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2772:u=1:x=1:i=1701538902:t=1701625302:v=2:sig=AQH2fMVBXHptX-BjECCLpffh7nWnWKo2"
.weborama.fr/	1970-01-21 02:04:54	Name: AFFICHE_W Value: rXg-osOY2@Ct65
.openx.net/	1970-01-21 01:24:34	Name: i Value: 2e8d1d69-771c-44f8-95ad-3d1c01db6a7a\|1701538902
.disqus.com/	1970-01-21 01:24:34	Name: zeta-ssp-user-id Value: ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3
.everesttech.net/	1970-01-21 01:24:34	Name: everest_g_v2 Value: g_surferid~ZWtsVgAD-eNSIwBd
.yellowblue.io/	1970-01-20 17:22:10	Name: wrvUserID Value: OGvt8Ir-kp_s
.simpli.fi/	1970-01-21 01:26:01	Name: suid Value: 670AC4B63A1C43B192B213276211262D
.360yield.com/	1970-01-20 18:48:34	Name: tuuid Value: de386e47-80fb-46cc-bd39-3d0531cfcb9a
.360yield.com/	1970-01-20 18:48:34	Name: tuuid_lu Value: 1701538902
.pubmatic.com/	1970-01-20 18:48:34	Name: KRTBCOOKIE_80 Value: 22987-CAESEL_x7Y9-3ljUlSAWl9NXWJs&KRTB&23025-CAESEL_x7Y9-3ljUlSAWl9NXWJs&KRTB&23386-CAESEL_x7Y9-3ljUlSAWl9NXWJs
.pubmatic.com/	1970-01-20 17:22:10	Name: SPugT Value: 1701538900
.pubmatic.com/	1970-01-20 16:40:25	Name: pi Value: 160295:3
.pubmatic.com/	1970-01-20 17:22:10	Name: KRTBCOOKIE_391 Value: 22924-4137139064124650715&KRTB&23263-4137139064124650715&KRTB&23481-4137139064124650715
.audrte.com/	1970-01-20 17:00:34	Name: arcki2 Value: e97u8P-MjtOTQuTYUwP4xytxQ!20220908!1701538902975!ip#185.195.71.221
.audrte.com/	1970-01-20 17:00:34	Name: arcki2_pubmatic Value: EF62157B-E772-4800-8158-D9BACC7E1431!20220908!1701538902975
.crwdcntrl.net/	1970-01-20 23:07:44	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 23:07:44	Name: _cc_id Value: 87b3e4f24eb5917c528f5d0f29b35714
.sitescout.com/	1970-01-21 01:24:34	Name: ssi Value: 575fabdf-5c7a-4796-a589-08cd9b2ea88d#1701538903036
.smilewanted.com/	1970-01-21 01:24:55	Name: sw_user_params_infos Value: NQ%2FZElg3LRkKjso2Kk6KA6xZfQXM35F%2Fd7ZLVZfcDiO%2FdxBwDKv4mS79ALpJHeXEzUCu7PZ2lv%2BGpLKcUUuOiumTNQ1Bg1EDEbedASVc174XvGji1PXbUQ5hTrSMa0QONdARLYp4k7LBjIdNy8OjeWqdn4PjAYJAnuS96emQuY3zZUCWyMQmpRabxy2lY%2Fhjdl0d%2BBVZ1VrVPhGWEDaAJUI4FAAgq8EW3hZLJDmvjQTyFwTaZo7Uss0OiZuKpCclvN2sxFXO7yYiZVmcXIzSV%2BvmM9oRJBAMog%2F490WLUPDfZ1USzpTPA0Azkb1swHxwWFuTkvQD36jBcVqu9b%2FEXA%3D%3D
.audrte.com/	1970-01-20 17:00:34	Name: arcki2_ddp2 Value: e97u8P-MjtOTQuTYUwP4xytxQ!20220908!1701538903068
.sitescout.com/	1970-01-20 17:22:10	Name: _ssuma Value: eyI0NSI6MTcwMTUzODkwMzA3MH0
.pubmatic.com/	1970-01-20 18:48:34	Name: KRTBCOOKIE_188 Value: 3189-575fabdf-5c7a-4796-a589-08cd9b2ea88d-656b6c57-4348&KRTB&23418-575fabdf-5c7a-4796-a589-08cd9b2ea88d-656b6c57-4348
.amazon-adsystem.com/	1970-01-21 02:14:58	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-20 18:48:34	Name: SyncRTB3 Value: 1702684800%3A21_220_55_56_251_71_7_54_13%7C1702771200%3A35%7C1702080000%3A223_15
.audrte.com/	1970-01-20 17:00:34	Name: arcki2_adform Value: 4137139064124650715!20220908!1701538903165
.amazon-adsystem.com/	1970-01-20 21:44:15	Name: ad-id Value: A5MCpmybX0cJtFjdolWRY-w
.liadm.com/	1970-01-21 02:14:58	Name: lidid Value: 4da300a7-0342-42c2-9d69-651ea6636afa
.dotomi.com/	1970-01-20 16:38:58	Name: DotomiTest Value: 259ee09f9b051693
.pubmatic.com/	1970-01-20 18:48:34	Name: KRTBCOOKIE_32 Value: 11175-AAAIXfUGw2-TPAMJz07fAAAAAAA&KRTB&22713-AAAIXfUGw2-TPAMJz07fAAAAAAA&KRTB&22715-AAAIXfUGw2-TPAMJz07fAAAAAAA&KRTB&23519-AAAIXfUGw2-TPAMJz07fAAAAAAA
.pubmatic.com/	1970-01-20 17:22:10	Name: PugT Value: 1701538903
.pubmatic.com/	1970-01-20 18:48:34	Name: chkChromeAb67Sec Value: 4

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
javascript	error	URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2 Message: Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.apksum.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2 Message: Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.apksum.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2 Message: Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.apksum.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.apksum.com/app/five-nights-at-freddys-2/com.scottgames.fnaf2 Message: Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.apksum.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.awin1.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ajax.googleapis.com
ap.lijit.com
assets.vlitag.com
aws-fr-sync.bidswitch.net
b1sync.zemanta.com
bidder.criteo.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
chart.apis.google.com
cm.adform.net
cm.g.doubleclick.net
cm.smadex.com
cr.frontend.weborama.fr
creativecdn.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.yellowblue.io
csync.smilewanted.com
dis.criteo.com
dmp.adform.net
dsp.nrich.ai
dsum-sec.casalemedia.com
eb2.3lift.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid-mercury.criteo.com
gum.criteo.com
hal9000.redintelligence.net
hal900014.redintelligence.net
hal900017.redintelligence.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
iponweb503341958152.s.moatpixel.com
lb.eu-1-id5-sync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
mb.moatads.com
media.grid.bidswitch.net
media.vlitag.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pbc.vliplatform.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.vliplatform.com
r4---sn-1gieen7e.googlevideo.com
redirector.googlevideo.com
region1.google-analytics.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
scontent-mxp1-1.xx.fbcdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
services.vlitag.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
static.smilewanted.com
static.xx.fbcdn.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.mathtag.com
sync.quantumdex.io
sync.smartadserver.com
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
ui2.awin.com
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
www.apksum.com
www.awin1.com
www.facebook.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
z.moatads.com
cs.admanmedia.com
prebid.smilewanted.com
103.132.192.30
104.18.36.155
104.22.68.131
131.153.158.209
138.201.63.116
141.147.81.223
141.95.98.64
142.250.185.66
147.75.84.158
15.197.193.217
151.101.66.49
159.69.70.9
162.19.138.82
176.9.26.250
178.250.1.6
178.250.1.9
18.158.157.189
18.192.135.64
18.200.44.133
18.66.112.102
185.184.8.90
185.29.132.245
185.64.190.79
185.64.191.210
185.86.138.154
185.86.139.57
185.89.210.90
185.89.211.12
188.42.34.65
198.47.127.19
198.47.127.20
198.47.127.205
2.19.103.55
2.19.107.55
2001:4860:4802:34::36
209.54.182.161
216.52.2.16
216.58.206.34
216.58.206.38
23.212.218.19
23.35.236.201
23.36.162.83
2600:1f18:ed:550e:2d2e:9af7:db33:d77c
2600:9000:211e:be00:1b:5138:8a40:93a1
2606:4700:10::6816:2560
2606:4700:10::6816:3ac7
2606:4700:10::ac43:15e3
2606:4700:20::681a:8a9
2606:4700:3030::6815:5286
2606:4700:3033::6815:59a3
2606:4700:4400::ac40:994e
2606:4700::6810:5714
2606:4700::6811:180e
2607:ae80:4::26
2620:1ec:21::14
2a00:1450:4001:801::200a
2a00:1450:4001:803::200e
2a00:1450:4001:808::2006
2a00:1450:4001:811::2001
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::200a
2a00:1450:400a:8::9
2a02:2638:3::28
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:21::1690
2a03:2880:f008:8:face:b00c:0:1
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:d29:3602:1a0:3675:b602:a15
3.126.74.121
3.71.149.231
34.111.129.221
34.98.64.218
35.156.254.191
35.204.158.49
35.244.174.68
37.157.6.237
37.157.6.243
46.137.164.248
46.228.174.115
46.228.174.117
51.255.68.171
51.89.9.251
52.202.8.176
52.212.46.188
52.30.100.123
52.95.115.196
54.147.45.225
64.227.64.62
65.9.66.18
69.173.144.165
70.42.32.223
76.223.111.18
77.245.57.72
98.98.134.241
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05daf39ce01efa0d9e48a25f8b4f89e80d36df0bc5d615fd3646bbf23e912d14
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08bc90c582ba4de7a52efe77d318d835c61d0ba823887dfe8bef776e568ae0c3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140
11a17985df569ff36abed824be6eae6ad8a4222ce087261d87cf6443f91d3b20
11f26fc6509c9e28ffa7c65cd4322155dc5bc1f6def68658afec90b89cc13270
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
155609db9230dabe92284b66273f3750ed15081cae67ff402df665dc6d40d2d4
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1a938db6678da5a81cef2c31ef7c5d6cdbc9234af244005a426718873ad7e601
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1cebe36aaeabc9e82a39d593c725c3bc53f5adb53f7dec6dee083ea000cd7678
1dc3a65f22fe774dd096eafe4e01f8833ac0eb61d2e891d0dee6385bfff4a0aa
1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87
20eb692d7e54b1992776015beb0cc19aa121ebbcc37f6e5ee59d5b0f03a6b558
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
339246ad17fb7e219221c6e3dcdc46e4100715f078de6c7d1e3f419aa383d75b
3827a6dd36894e2178e76226f61a99f2099896b5d088e2a8db6c405402b4bcbd
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c5d8ef60466c91377d39f53506bb1e464c796d5fae22bcdab04e7a3ca5160c6
41f04948acda4721b58d06676a168fcc2c63f8c4de42df7c8e1daf8062318b50
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
460e9b1fb4ce26294c621f7b955f633fa9139f7cfc94ab65f6bb2d7a28954c49
4612841d5a1978d752ce6c33afaef6fda9e07e05e29396441f2ad56888922853
4665d46340f929ec34de79d948ed95fb5d7bd822d5804797c3d50519c18b1043
479d76866ae9806c2ee1fde44ba89316c499a40bd519bac4c2d4d9892c2ad7ca
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b70160b597fbdb2090591ecf892f97e7d99f25dfa89157f4f1fe7e82b899e81
4bdd4055f9c5925d4a52ae73f82df83d22c5fc35599c1f02cae63e156abdfb86
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f55fd1fe27f57048077884d013958e9cae65c992d154de8dfc34bc88b524d99
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58fb8c5c7c02d8fd3dc57c1730f16cb784cd230c51a68e84d3e0332401e16376
5a1aeb86da02fd6211d34da2db682c615f72d77d98108675e0631bf637316b1d
5a787d539cf38c44227edae3b32f9baffcccf721d2ada015b732e11bac0db170
5ebc4801aab1d019cd8ee036b894c46b644297f4705437607cf7efebddd2f634
66358359131a262af5a0780aed3b12b107453dd93696ea5bc5c43ae4a42542ec
66f41a2bd0dd29893160500f30386366e74009b405ae606322d6109835b32242
6757cac382fac13f0662af36d2ee9361b8344e7263adcb9af592b8d03085a11d
6bb71d06750c5c11900924e57fe224d52c44c2934724f25688d180d0d4a68d6f
6e0fe743974d890be92b347ded49e907110f0029642e15918512d494c07a09ed
75095b4b9fe5b638406c3474540205afa8424c164d5d827d0291872595ea75bb
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7776dbea4cc697f968c9676a972d6ab37f75efd709124917c863cdc9fc4422fd
798d357e08c07a6e91ee0c087b74d5b94d4e92db6e2318b8494037b0059a63d9
7b288c57c8eca34f70aedc276b9ae19697b87895db06e097da629ba7e39f7d1d
7e777f86afedca632acf280624fe356b92c24a9632d0e7c6fdd6f7ebae7382a4
814290fbf6213c9ca8ea4507ab866c00fe770d76dc1bff80324caa7a2dc45dc2
8301e55ad5a752b9604a74cbc12509c1a2120437cc8bb9e6b22561069a2fbf04
852cf2bcdc04a44f770247d9418e3a6b2cd783636b37567b57229d0643ccae4f
8567a4a47d35ecb0e690d9657b5fb952ed85cc492d21228189305710b1e582c0
8a282ff363e5e2bc38e95db6f73e4b4ce6f735176f4876774c2f1fdb339ac38b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e22a1fb3eb482747b1bd015e0a163905eccb9bd7e295074aafae20fdfab5402
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
93b47be8dc356454f920599dabd4ba6830e60776cae2f9b073b6c7732b4c8bcf
9506f38868511479a9f344c89a9f458ef7be7de16aa28d205a1491df482ef403
9569bf6018884263a3731d6f9e8c2712dfc8e6dca39e5af3a0c7d24199880368
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
96e84db0c8e05c1f595db634482fb2d861bb653d5108d392fb9cc199b5aebe75
96ed86b493513d9c410bb3937d5636c9b9360a63ad132ad416f37668136b534f
97afcf91c3df414c9be4f7892a9f8f6f1e51a432d72f15a1da10e6d533729a75
97bedd52af17d7690e9b0c9b4c6d6178b987dae954f282ecf4f2cdfd1dbb116b
9a556fe4585a633ef681ff4cd88d384ee25f0f8fcdc0269ae74b200b25b7017c
9cb503cd7d6fd3621ac1194ab5d32301d5268af2f05450404f68c5376bdc23e6
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9fcfbd0cf70630020499b0fde2537935b42ad37dbc83c9028427ccba4160e2d1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12b2b589a2a7aafe31a40aee94acc4c820dbb81caa41cdbe2f2508e3e6ba866
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90
a624c307e4f9d30523a7d182ebc167f6dd62f8185d9b9349c41a8d1821c937ee
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af3a723038378a748e4b6310e4412f1f627057be419940c509b36040acd5e8cc
af61c702d5e3e77ce672bb58faa0b74619f9c9eba2d7731d55bd05ad32d071aa
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b0b85b15587fdf6af762cb5ca4ef47618c1ba26ccad5220ab17acfeae837c409
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
bad9f93907f98d38d0579e436919546105fc89fddb91ce0ba173eebff5058e17
baec110706eb72947df7d42993d3132cc00de6043d8cfbd4e589736abb9c9ac0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf5064b405dbe25537cb2537a766d4c797dc5b44b95ee2f8589e542a33e7214
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c34619c2052f5e49d6f5bce5092b76a4268c9fa1adbb6dca5a9a9b2736827d89
c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccfacc9373b897507697610863a2dbc5300afe97dbab9590d425f2b70281729d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1c225b2eaeffb92aea8402d3bb867236b13d12b3bc8b62ac523dc3cf35a2aa6
d4f44d55b29bbda2a8e8bd399cb0343935c774d7dc937c76e5ce47be9d0281fe
da7985b1a5fd3c737a3dce27f99e39861faac619d3e851b467ce40516f8a3266
df868461765cede922d48d93396efff9c03460c576cdec442b06cd6822f9e1ae
e19399e35bcba2d1fcda91d90c66dd16d9670b1136f6fb07bc4d18b5057cfe18
e2d69ee5f7c0c14a1c3673a1ea0413f15a4f99d1abf2524b59d8d69a6d59db85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4103e1bce92760f53f4d299c521e4f079c6bfb3787e88e4e47582345c6e4fff
e5d68b8c324a7ebbea12cc0ec2ecd212cd6f15d32ff102284673af1392f6da3f
e5eb8778fb1a579dffa7e2281318437ffbb0b7e7f10aa353611c696539464f07
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea66f12ea7091c4f0afe68925085a3deda599cb778301b924e81e22397ca209a
eb2af9b0261f0dd3dbcbc869884f1e95e083e6959dc5d71b1f63d12c5efc7a5d
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec26bc231404feec9d6f5251917a86ba7a0ab35fae804560d6355a5f36e553d3
ecdd8086b0b7ca4704226c7fe754e9d9c5e26b62f2e86fb1806ce6856a7f1c94
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f594282f7b0be1af36dc25f392627fde46393c0e392339e20d3d3752d655bdc9
f6e5691d4b77fba76c1289c8cc642a4d324ac3cc2173af47e534b2a0435221de
f72d7d1793dd9eb7b7697f2c6307a471d644734747381e10794fbe9e82181e1a
faf8be5ff3b665b00f93e764f110463fe003a7b4bb46ecc7b54cd713aae91a62
fc17905a1e9200c1df220442920e301caaf665767f74f239df892655ffc24993
fe639785b378acbc44b4e97ee461d4ebf76a4d759d7959b9966b4203d1570886

www.apksum.com Open in urlscan Pro 2606:4700:3033::6815:59a3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

383 Requests

87 %HTTPS

34 %IPv6

70 Domains

115 Subdomains

80 IPs

12 Countries

3065 kBTransfer

8020 kBSize

91 Cookies

9 Outgoing links

Redirected requests

383 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.apksum.com Open in urlscan Pro
2606:4700:3033::6815:59a3 Public Scan

Screenshot
Live screenshot

Full Image

383
Requests

87 %
HTTPS

34 %
IPv6

70
Domains

115
Subdomains

80
IPs

12
Countries

3065 kB
Transfer

8020 kB
Size

91
Cookies

383 HTTP transactions
2 data transactions