urlscan.io logo urlscan.io
SecurityTrails logo

www.91mobiles.com Open in urlscan Pro
13.126.49.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Submission: On April 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 13 domains to perform 139 HTTP transactions. The main IP is 13.126.49.44, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is www.91mobiles.com. The Cisco Umbrella rank of the primary domain is 226152.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 3rd 2022. Valid for: a year.
This is the only time www.91mobiles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    13.126.49.44 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-126-49-44.ap-south-1.compute.amazonaws.com
www.91mobiles.com
46    13.33.243.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-243-9.hel50.r.cloudfront.net
www.91-cdn.com
cdn.91mobiles.com
img.91mobiles.com
www.91-img.com
7    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
17    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
2    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
13    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
20    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
36 91-cdn.com
www.91-cdn.com — Cisco Umbrella Rank: 324275
634 KB
25 googlesyndication.com
7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
129 KB
23 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
ad.doubleclick.net — Cisco Umbrella Rank: 196
187 KB
20 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
968 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
245 KB
7 91mobiles.com
www.91mobiles.com — Cisco Umbrella Rank: 226152
cdn.91mobiles.com
img.91mobiles.com — Cisco Umbrella Rank: 887293
118 KB
6 91-img.com
www.91-img.com — Cisco Umbrella Rank: 924517
15 KB
5 gstatic.com
fonts.gstatic.com
147 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 4
adservice.google.com — Cisco Umbrella Rank: 77
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
ajax.googleapis.com — Cisco Umbrella Rank: 282
33 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5383
adservice.google.de — Cisco Umbrella Rank: 7579
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
37 KB
139 13
Domain Requested by
36 www.91-cdn.com www.91mobiles.com
www.91-cdn.com
20 s0.2mdn.net 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
s0.2mdn.net
www.91mobiles.com
17 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.91mobiles.com
7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
13 tpc.googlesyndication.com 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 www.googletagservices.com www.91mobiles.com
securepubads.g.doubleclick.net
7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
6 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 www.91-img.com www.91mobiles.com
securepubads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
4 stats.g.doubleclick.net www.91mobiles.com
www.google-analytics.com
3 img.91mobiles.com www.91mobiles.com
securepubads.g.doubleclick.net
3 www.91mobiles.com www.91mobiles.com
www.91-cdn.com
2 www.google.com www.91mobiles.com
tpc.googlesyndication.com
2 ad.doubleclick.net 1 redirects www.91mobiles.com
2 www.google-analytics.com www.91mobiles.com
www.google-analytics.com
2 fonts.googleapis.com www.91mobiles.com
www.91-cdn.com
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.google.de www.91mobiles.com
1 www.googletagmanager.com www.91mobiles.com
1 cdn.91mobiles.com www.91mobiles.com
139 22
Subject Issuer Validity Valid
*.91mobiles.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-03 -
2023-04-03		 a year crt.sh
ik.imagekit.io
R3		 2022-03-24 -
2022-06-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Frame ID: 90C48404A80609D43B07BCC786C95AFE
Requests: 79 HTTP requests in this frame

Frame: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FAB6E8B70F673C613ABAD6DDB0305897
Requests: 1 HTTP requests in this frame

Frame: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 56D316D8F7C6387F5F0E68B72D82BA5B
Requests: 7 HTTP requests in this frame

Frame: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7123694B5000A4995132544238834AC2
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEtXjyQhVcDK1Be-coZY25G1qnEKtd715y4j8wcti1wizK5gnYk6gQWE0nDEoTKhW3lVrFqFH42VX1P2IcpcJJjkn8veWV3R3ytkjn0hSaOGKck-PJg69srguueStjWuZgjKjJjkdb-tMqNXw4Tq-c4txx00yq1tGS-MTy54p6Qmy0sM7KsB61-h2JRM-w4CjsDcnkbzjxRcABRScBo-qKuAhyQZU7KFncpGd7p8ouL-P7x_E96shad384VMo3tEQxa0kSxs2olawPkY5yjXz3xeNyzCOO7pbMRK51cpP-mSE667Sp&sai=AMfl-YR0pUYcmQHU3SAus6z-fIc7JDyXnJ8Z1a7VWel6-s7v37g5EwoZdmnRZRLxvH-Z77twt5h4PXQMIz4CrNbCAmDcG-hKCCaoyJ_qLqpeSrRqekro_WaX4bW7ZZyA6VGp&sig=Cg0ArKJSzH835vg5SerSEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0DF37938098441BAD4F655A500A1863C
Requests: 9 HTTP requests in this frame

Frame: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 750FCF64FAD584FD99F92C7B8761E7D3
Requests: 8 HTTP requests in this frame

Frame: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CE0224E309BF42A0606FE602C3F45A6E
Requests: 7 HTTP requests in this frame

Frame: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 811A918DB57884E08573D937119261C3
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/index.html
Frame ID: 1DEB3FC1A0638A75433890EA617D5A62
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/295578/4634032972/1649335575523/index.html
Frame ID: D731ADD7E94D3C9469C119B07C83D58E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/295578/4634032972/1649335598203/index.html
Frame ID: D98DCB3EF7937B5A24CF809E834E9ACF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/index.html
Frame ID: 7182FB0F7E30FF6A760DB4B6CC39FC9C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/295578/4634032972/1649335598203/index.html
Frame ID: 49D7CE9191B25CBEE037D20B42AA9E5A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6F3B5C36ED06866857B7BC674513BF10
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D7031189793CEC5E53842910A5104521
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

6 anti-virus apps on Google Play Store steal 15,000 Android users’ data | 91mobiles.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

139
Requests

99 %
HTTPS

79 %
IPv6

13
Domains

22
Subdomains

20
IPs

4
Countries

2545 kB
Transfer

6301 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://ad.doubleclick.net/ddm/trackimp/N558202.138283891MOBILES.COM0/B27602429.333567476;dc_trk_aid=525878491;dc_trk_cid=169859676;ord=1649690821170;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N558202.138283891MOBILES.COM0/B27602429.333567476;dc_pre=CNWhlJupjPcCFdmIgwcdcoQDGw;dc_trk_aid=525878491;dc_trk_cid=169859676;ord=1649690821170;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

139 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/ 		284 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.126.49.44 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-126-49-44.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
0316fcdf7ebc2c02a622317ba4160d38fd914ffae213503442e65de83b20b245
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gsmarena.com *.killerfeatures.com *.91mobiles.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-language
bytes
access-control-allow-headers
x-requested-with
access-control-allow-origin
*
cache-control
max-age=600, public
content-encoding
gzip
content-length
41478
content-security-policy
frame-ancestors 'self' *.gsmarena.com *.killerfeatures.com *.91mobiles.com
content-type
text/html; charset=UTF-8
date
Mon, 11 Apr 2022 15:22:44 GMT
expires
Mon, 11 Apr 2022 15:32:44 GMT
link
<https://www.91mobiles.com/hub/wp-json/>; rel="https://api.w.org/", <https://www.91mobiles.com/hub/?p=453947>; rel=shortlink
vary
Accept-Encoding
x-cache
HIT
x-cache-hits
1
autoptimize_single_74f58e58a0247899a4917cd031bbb397.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_74f58e58a0247899a4917cd031bbb397.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
ee67bcd5c1241e5cac648147e7b5a9efd3dc8cbd2f9f43ea51d7d045884a9d67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:12 GMT
content-encoding
gzip
age
5904228
etag
W/"73c2-10OrZq0C6IPqzWDPASDcug"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
zJ03gjpyQ6nwSDvcQ6VL_RJN4wnmhtqKoPxQOI0fmY1JPb2GVY9iIg==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
autoptimize_single_fba122a787a2ab1d45b695b5cb83ad87.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_fba122a787a2ab1d45b695b5cb83ad87.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
d677f78d9b650e03129b05a84a50c72c4faae375338a34d5049ccbcd32da7423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:12 GMT
content-encoding
gzip
age
5904228
etag
W/"1509-Gmqr08Qt3HTIYaAbe71+hA"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
H4VJbgKiQlmQWvo9sWRae976f9tL4O_CSqXVuQLsQZe7QSe-wTThgg==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
autoptimize_single_f9faba678c4d6dcfdde69e5b11b37a2e.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_f9faba678c4d6dcfdde69e5b11b37a2e.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
6a0468648ffe97030317cf7938ebeec64bf6217fcd904f8949a3bfd1a53c4fdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:22:04 GMT
content-encoding
br
age
5904296
etag
W/"af4-r8qUCPpJKr2EaL6jQ6WcNw"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
yhQr39nxDVzq1HXAbmUlurwEozbAkmjVeE6tv7Nm3C8JDR82YL3tNQ==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
autoptimize_single_f38b2db10e01b1572732a3191d538707.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		1 KB
891 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_f38b2db10e01b1572732a3191d538707.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:12 GMT
content-encoding
gzip
age
5904228
etag
W/"532-1a3E3GT2c85qDVgB5TOWIg"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
jwnRnbZ0uH3vT0qEUWY8Kg5zzhDyVmiTeUf3FQKXRoJNY9cFLPhQhw==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
mashsb.min.css
www.91-cdn.com/hub/wp-content/plugins/mashsharer/assets/css/ 		46 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/plugins/mashsharer/assets/css/mashsb.min.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
86cd78910d7aa8ef53f28ffd7043cd760392270bb56c3810302fd2a20bc2db1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:22:04 GMT
content-encoding
br
age
5904296
etag
W/"b616-iarAIifvejmAMkcg1jNzTQ"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
ZOsFkh5ZrOcFhbgDh2WCOMlRVMl024YZFswhWiRUPMKAvBBnxcyPew==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
autoptimize_single_fffd5e87da12fd86869f0850817fb9c7.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_fffd5e87da12fd86869f0850817fb9c7.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
2d0ae838c34be443f3b1ad1955f5641b58cd62ddacf24adf3bcebe0d665d03ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:22:04 GMT
content-encoding
br
age
5904296
etag
W/"47bc-Ctl1jo6hf4+manwbg0+sUw"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
ndKTNkPLIp5K7EOjyCHi6bWgocJY46pPTmmbzDdi6UZsqMASjvSdpA==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
autoptimize_single_ed4c733e7190b359376c7e349a0169a7.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		909 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_ed4c733e7190b359376c7e349a0169a7.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
a97c8102bc8a089052b3fa94bc0d13c5d5779024d475ecdcc8ba6ba4a47838c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:12 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
5904228
etag
W/"38d-/4d9t9Wrc+GvgLbQjM37BQ"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
909
x-amz-cf-id
LeIzB_DXWRz6H-EgInlR-u5zOqcJu81u6LLjEkAzZj1Vt-Gc6FBJAA==
autoptimize_single_a388d8682bb44f71c8a223f4131bf2d1.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_a388d8682bb44f71c8a223f4131bf2d1.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
5cd8414a3c4929a2797e032056bcc4c5e83a40b5a460fb973728a486be1681d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:12 GMT
content-encoding
gzip
age
5904228
etag
W/"16d9-Zq8RL0ihbHDzmHld0Tkagg"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
BG4S_mfyTgyrr7kAB5L99eW316ljWIudRmEmMReFU7gl3V72BMY_gA==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
autoptimize_single_b3d01a50dc2ae8f32f47452dab10e7d5.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		65 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_b3d01a50dc2ae8f32f47452dab10e7d5.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
b1b9c207343dae2da50b485b299eb9d69163eb6d4f20d010698b84649aa84331

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:13 GMT
content-encoding
gzip
age
5904227
etag
W/"102a8-izFv4QxgjlSJPvVjWKBxLA"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
iUqrCufQ8vIxjw57yeYoPQw5B21XnKnLGEFBVFisKkufCfD5QMKOPQ==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
autoptimize_single_64ebe6db63539681a2ebcb6a6b85929b.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		108 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_64ebe6db63539681a2ebcb6a6b85929b.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
8ac81227c387fe20bb2f7866b97d86fd644e2120bd565c55808bac399e363c5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:13 GMT
content-encoding
gzip
age
5904227
etag
W/"1b15b-iwhd3caqGRj/zXR6wTFgpA"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
EbPJ0EmAMkj6BIvnV8g-vreNr7Dnw9QCdEhBeAHJDUPG3FEDL4Evfw==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
autoptimize_single_54490ef5f0485eab9288aac9c050adc1.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_54490ef5f0485eab9288aac9c050adc1.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
eddb21aab10180b41b8889ddac6485accad744c559244a81d6122f989c7cf5d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:13 GMT
content-encoding
gzip
age
5904227
etag
W/"b20e-9ED+AqgQLas6ziPXs11J1w"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
HN5L4ta0L5Y6zIBEuvCieWanGyzUz_T1A2gRmSRtfhye34MD9ht2kQ==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
autoptimize_single_c4f1b8c9e35a00ccc2f55bddec839ac0.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		285 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_c4f1b8c9e35a00ccc2f55bddec839ac0.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
13f78ca33f69ae91029e1c9ed76a6a99f9c973e4430e489e06364bcfe85d63f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:13 GMT
content-encoding
gzip
age
5904227
etag
W/"4732d-rXcCeIifIYRZaMwsrm4z6A"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
gVG__nR1Xaad8l8g8dfdDkme9MfdWRinXlpuolPb77h1Y9R2IvcK3w==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
autoptimize_single_5d9ac8db1d8328de6afe744a909b6f56.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		440 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_5d9ac8db1d8328de6afe744a909b6f56.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
d1035db8647e5204930d38b00663c7a3c44b1190d6c6d82e98d021c66c549901

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:13 GMT
content-encoding
gzip
age
5904227
etag
W/"6e160-GA/v2D6u53oO4FneabI2ng"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
IVIAmw5xjhdgnh2lfPEmY8IiIBKpifoHZtOecqNOTVHezKlj1Ncc-Q==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
autoptimize_single_3b366da54f1b8e4bc8659f11a22d7ed5.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		81 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_3b366da54f1b8e4bc8659f11a22d7ed5.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
8accd53067d6aa0c73ab17dc24ea253ba2c320f0b8d38d8faf1bb9574c9e5151

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:23:13 GMT
content-encoding
gzip
age
5904227
etag
W/"14319-pW1OWZoQlJaBkLUSn/8ozA"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
_yT7ha5ol7U5L9CEe9Exzbfi5hzT1aaaiozMCt5vYj4gaUhGBTroSw==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0dbeec4cc12d0406830bb508a6b9d6086c4fcc1aee5e3f7879d9240f9946bf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28396
x-xss-protection
0
server
sffe
etag
"1184 / 134 of 1000 / last-modified: 1649675379"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 11 Apr 2022 15:27:00 GMT
autotrack.js
cdn.91mobiles.com/tracking/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.91mobiles.com/tracking/autotrack.js
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
f3552215efd8efc3354791f2ba0dadb6c449a2009723ec21f832f12b615b80a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 13:25:54 GMT
content-encoding
gzip
age
14349666
etag
W/"604f-gh9tCngDDVNoFTY90fuPOQ"
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
MQczpUXuNQ9-YNUkuhTpZRirikwdeMZMd33XE44t4ieNDvtlz5EwRg==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
logo-169x45-white.png
www.91-cdn.com/hub/wp-content/uploads/2021/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-cdn.com/hub/wp-content/uploads/2021/03/logo-169x45-white.png
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
24b9dad9df698159001473e476f474aaf3472f913d26124fde366f0f7ceaad8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 14:00:28 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
11669192
etag
W/"77b-0fswEKVUwlxuCO/TNBpO9Q"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
1915
x-amz-cf-id
F4epqui9_YOUp8Z3W1RXEVICOwDx4eHF-2Nwd-SOyyOvJ7wcbHrymA==
malware.jpg
www.91-cdn.com/hub/wp-content/uploads/2022/04/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-cdn.com/hub/wp-content/uploads/2022/04/malware.jpg
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
5b1263340325154c690e68bbaa0ecd2e4aa7fef109a91b052baad2a29b5cf556

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 09:53:28 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
279212
etag
W/"306a-aZ2bP7GeeRUKcJhZMuBopZbFd+Q"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
12394
x-amz-cf-id
awsfMppVu6PP2NMPxSPvuxwaIjxIBLesxxfi6dN4N1xBSHBVo1Z6SA==
x-request-id
8c72a340-e0ca-4f24-8157-454e60f3bab3
windows-11-download-fake-website.png
www.91-cdn.com/hub/wp-content/uploads/2022/02/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-cdn.com/hub/wp-content/uploads/2022/02/windows-11-download-fake-website.png?tr=w-217,h-115,c-force,dpr-2/
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
90d65d46d8b8ec9abc88f37a91fc1302da5d9027a75cb6225a0b110c9cd7b47c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 09:53:27 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
279213
etag
W/"223e-6fnQI4Rd2k5vkIeN9EcQWUV/A90"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
8766
x-amz-cf-id
sE5G7pKueXIgLlwjBwS1pwN39iaggs0tWG9YP-upUQ8LHnD66yIMMA==
x-request-id
a6aaa29a-010f-49d9-a0dc-88639f684aa5
Malware_Play_Store_photo.jpg
www.91-cdn.com/hub/wp-content/uploads/2022/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-cdn.com/hub/wp-content/uploads/2022/02/Malware_Play_Store_photo.jpg?tr=w-217,h-115,c-force,dpr-2/
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
083a2ad58efa24fd9c9b5f6277958c050998d927cc27a62e94565dda4c005b28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 09:53:27 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
279213
etag
W/"27cc-xgZs0mpteJOKkq3Bt81RwuO0vQk"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
10188
x-amz-cf-id
dWQP23-LVtGsSxIPca59RVKu61v9XQqTHTF58dnUws8D5fMK4auLhg==
x-request-id
1451609d-8324-42f0-b08f-f5b55312f3d2
Android_malware_Flubot.jpeg
www.91-cdn.com/hub/wp-content/uploads/2021/04/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-cdn.com/hub/wp-content/uploads/2021/04/Android_malware_Flubot.jpeg?tr=w-217,h-115,c-force,dpr-2/
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
d51830d817025affbd73092e61732fbe4746d1119244aa105163e89db5e9cebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 09:53:27 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
279213
etag
W/"34ce-ePsVe7hF/nCgmfPjNz6tyY/3wag"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
13518
x-amz-cf-id
Ws_Wbw6mgw3SWpACRYSzTQpwhV7agKCCEGHkr3mvnQEaDIDg53VrNQ==
x-request-id
88c4d830-1938-4d50-aac5-53dde3e0df1f
autoptimize_d1c57cf389842194f1b3f8e740b7dc61.js
www.91-cdn.com/hub/wp-content/cache/autoptimize/js/ 		572 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/js/autoptimize_d1c57cf389842194f1b3f8e740b7dc61.js
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
5f265fbcef2e2749697bcb19f15bf884f4e886dd38b2b8cde7f5fa3a2a44e208

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 18:51:45 GMT
content-encoding
gzip
age
160515
etag
W/"8f0ad-CMAaifdynAPkb8d0x94vDsBxObY"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
3DUu7mqPmcDUIBzJEAWiFZtYIh1CpKl3tBDoipCFKYR7BBeoITux6A==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
x-request-id
b92f51b3-cc32-450c-80dc-a44cdf92f588
css
fonts.googleapis.com/ 		32 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7CLato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7CLato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2942c364310f3a05e3b0903c79759785212334d900c10babb4e876b7a817d108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:27:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Apr 2022 15:27:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Apr 2022 15:27:00 GMT
jquery.js
www.91-cdn.com/hub/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-includes/js/jquery/jquery.js
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 08:13:51 GMT
content-encoding
gzip
age
8752389
etag
W/"17a69-Se3M6i57qYXK3JugUxy+0Q"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
IU6atMeqEJWhe9_UbtRhpVYqVJCycr-NTVVgcc3lm6N3DbyyUbktZQ==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
lazysizes.min.js
www.91-cdn.com/hub/wp-content/plugins/autoptimize_old/classes/external/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/plugins/autoptimize_old/classes/external/js/lazysizes.min.js?ao_version=2.9.3
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 08:35:57 GMT
content-encoding
gzip
age
6677463
etag
W/"2655-0e2/+95QzTKrdwdGtBQJBg"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
uQt07-qJGKENprV9SA8jzmeOjEwn1KSR1xlBrY3llfNW_SNxIhbyzg==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
autoptimize_single_aceacf5c4e3295d6dbab9118d672d1e4.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		47 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_aceacf5c4e3295d6dbab9118d672d1e4.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
512846f1a77c4273ca6f5430a6d0def8e05dcfe50e90425d22c8688095df3e1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:22:05 GMT
content-encoding
br
age
5904295
etag
W/"ba12-PivWGrFD4oc1dOaYIWNDCQ"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
XkYstBrd2VJaBuDajgOekjDu790r6a0zwkXzwcpVLy4w6s1qI6a9lg==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
autoptimize_single_69d6aa1f5bafc0d02da2d4470496ea12.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_69d6aa1f5bafc0d02da2d4470496ea12.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
61b17f135b85bcbbb7d0636b3606cf6365fd6115da2728dd8c5782f02ebf4d53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 07:22:05 GMT
content-encoding
br
age
5904295
etag
W/"890-BffhNMh4LyN7omUs6r6tqQ"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
DWlmQ5iUR2L7cvtv8Pec-rCimTNgRvxlPm6rq5eZzzKF8S9MWCGfOw==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
autoptimize_single_fe75c80ddda7a352efba8246f5292e42.css
www.91-cdn.com/hub/wp-content/cache/autoptimize/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_fe75c80ddda7a352efba8246f5292e42.css
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
65ebaa4d116fce07c0c82e39aeebf21d7c6e435df716e5d9812f88c0e8ec7e6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 18:40:23 GMT
content-encoding
br
age
161197
etag
W/"dfc-306sWszx2PgtoaX9j8qgx8QBVaI"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
k6CD-rzLG9PeUSnrna8uAh8xkJYQhPa8-djBDKjexhGrmG9CEYEfhA==
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
x-request-id
1b90eba4-8a96-4b3d-a679-a1f04d4f3693
gtm.js
www.googletagmanager.com/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PFPBJ9P
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cfe83b7511b06aebc9631a14c703ba5f329a724ee0732ca26a797f513a7f5c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:27:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36917
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Apr 2022 15:27:00 GMT
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6415
date
Mon, 11 Apr 2022 13:40:05 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 11 Apr 2022 15:40:05 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6730
date
Mon, 11 Apr 2022 13:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 11 Apr 2022 15:34:50 GMT
newspaper.woff
www.91-cdn.com/hub/wp-content/themes/Newspaper/images/icons/ 		121 KB
121 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/themes/Newspaper/images/icons/newspaper.woff?17
Requested by
Host: www.91-cdn.com
URL: https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_64ebe6db63539681a2ebcb6a6b85929b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
905ce0d8fef384dc4f22450bfb19b6811c0704e467f9970d116ac3d8c3e9b700

Request headers

Referer
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_64ebe6db63539681a2ebcb6a6b85929b.css
Origin
https://www.91mobiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 04:04:51 GMT
via
1.1 8e24576ebf8b347c902c6c8cb2ee4948.cloudfront.net (CloudFront)
age
11964129
etag
W/"1e260-7bH1UcvjzxxlZGe/xvdnGg"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
123488
x-amz-cf-id
Hx5DMZbE8EgIRU_ugiPKoS-zvBdIjpD6I2AwUpKdhDZJkV8vpU4mmQ==
91Mob-Desktop_275x6_3X-bg.png
img.91mobiles.com/uploadpanel/ads/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.91mobiles.com/uploadpanel/ads/91Mob-Desktop_275x6_3X-bg.png
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
826965376cd4872ec30663f297456de09c3c30b851fca824954c1fddd1b29c2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 18:35:34 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
161486
etag
W/"17de-3di7gltQFoWN3LYNx73VW1FQeTY"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
6110
x-amz-cf-id
y571OowX6ILzi476CcnQmECKkdlr2qEQ9w73DKrrNxDCzqqBQrSHTg==
x-request-id
0bf12396-af1d-4ba6-9399-feb840000fe4
HelveticaNeue%20Medium.ttf
www.91-cdn.com/hub/wp-content/themes/Newspaper-child/fonts/ 		39 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.91-cdn.com/hub/wp-content/themes/Newspaper-child/fonts/HelveticaNeue%20Medium.ttf
Requested by
Host: www.91-cdn.com
URL: https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_54490ef5f0485eab9288aac9c050adc1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
898bc09bab4f20f00658ed9f8e961ef50395a945c19e9966f0ce7e53bd7a4ecf

Request headers

Referer
https://www.91-cdn.com/hub/wp-content/cache/autoptimize/css/autoptimize_single_54490ef5f0485eab9288aac9c050adc1.css
Origin
https://www.91mobiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 06:25:49 GMT
content-encoding
gzip
age
637271
etag
W/"9ae8-WyNb2KsBqpnjoqZtrqEDUKnSVO0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
x-amz-cf-id
IsNE7HD4yJYtYHV7O9KnjBeaU6ZIYv1iHCT5P5nG0DrlpU7AlwRHsQ==
via
1.1 8e24576ebf8b347c902c6c8cb2ee4948.cloudfront.net (CloudFront)
x-request-id
4b1b42bb-2c2f-4d49-af99-17cfa6781353
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
450cc16cb2c03f96064b809858a6e7a5c81ea6a2caa516ec7556bf2100248967

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88e9647332e2521c847452c6ea7df81517c98b298b1a840e0e6e1aed9a3b0c56

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db448fb064d0f9c095a25132a62d9f6c56001c1d67a3eb015b045ecd81d54fec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
745caffca4b97cf5cf2374d82c6dfb6fb7c7b694e85432f92ec4dcb35f4418c9

Request headers

Referer
Origin
https://www.91mobiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbbf96f0f3672bebde653f53907599dbc7843cd4cd628a5d32420b0afbb27bba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7CLato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7CLato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.91mobiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 22:45:30 GMT
x-content-type-options
nosniff
age
492091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 22:45:30 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7CLato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7CLato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.91mobiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:30:55 GMT
x-content-type-options
nosniff
age
417366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 19:30:55 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v28/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7CLato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7CLato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.91mobiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 22:46:00 GMT
x-content-type-options
nosniff
age
492061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47836
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:01:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 22:46:00 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7CLato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7CLato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.91mobiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 20:39:33 GMT
x-content-type-options
nosniff
age
413248
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 20:39:33 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7CLato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7CLato%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.91mobiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 18:59:49 GMT
x-content-type-options
nosniff
age
505632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Apr 2023 18:59:49 GMT
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=254851733&t=pageview&_s=1&dl=https%3A%2F%2Fwww.91mobiles.com%2Fhub%2F6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data%2F&ul=en-us&de=UTF-8&dt=6%20anti-virus%20apps%20on%20Google%20Play%20Store%20steal%2015%2C000%20Android%20users%E2%80%99%20data%20%7C%2091mobiles.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=67878699&gjid=827805812&cid=1363421240.1649690821&tid=UA-13102071-1&_gid=351981766.1649690821&_r=1&_slc=1&cd2=News%2CSoftware%20and%20Apps&z=2044416226
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.91mobiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 15:27:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.91mobiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022040501.js
securepubads.g.doubleclick.net/gpt/ 		369 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
e8a56b7248517b052849b0d606b0c402c9a147d231cfba361af5dfb5794a3766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128191
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 08:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Apr 2023 15:24:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		196 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.91mobiles.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
97dda19a2a0b56aefd1b0ed3d7905a5867bcaf36966cb0d37e22757934613436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127
x-xss-protection
0
expires
Mon, 11 Apr 2022 15:27:01 GMT
__utm.gif
stats.g.doubleclick.net/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=991660089&utmhn=www.91mobiles.com&utmt=event&utme=5(countdown-widget*OPPO_F21_Pro_Timer1X-imp*)(1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=6%20anti-virus%20apps%20on%20Google%20Play%20Store%20steal%2015%2C000%20Android%20users%E2%80%99%20data%20%7C%2091mobiles.com&utmhid=254851733&utmr=-&utmp=%2Fhub%2F6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data%2F&utmht=1649690821127&utmac=UA-13102071-1&utmcc=__utma%3D76036829.1363421240.1649690821.1649690821.1649690821.1%3B%2B__utmz%3D76036829.1649690821.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=4BAAACAAAAAAAAAAAAABAAAE~
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 01:23:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50641
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
loadingAnimation.gif
www.91mobiles.com/hub/wp-includes/js/thickbox/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91mobiles.com/hub/wp-includes/js/thickbox/loadingAnimation.gif
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.126.49.44 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-126-49-44.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gsmarena.com *.killerfeatures.com *.91mobiles.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:06:45 GMT
content-encoding
gzip
last-modified
Tue, 22 Mar 2022 10:38:36 GMT
accept-language
bytes
etag
"3b86-5dacc37172300-gzip"
vary
Accept-Encoding,User-Agent
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
expires
Sun, 10 Jul 2022 15:06:45 GMT
cache-control
max-age=7776000, public, must-revalidate
content-security-policy
frame-ancestors 'self' *.gsmarena.com *.killerfeatures.com *.91mobiles.com
access-control-allow-headers
x-requested-with
content-length
14880
x-cache-hits
52
__utm.gif
stats.g.doubleclick.net/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=1388260185&utmhn=www.91mobiles.com&utmt=event&utme=5(hub_news*ab_Test*truncated)(1)8(ab_test_page)9(truncated)11(1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=6%20anti-virus%20apps%20on%20Google%20Play%20Store%20steal%2015%2C000%20Android%20users%E2%80%99%20data%20%7C%2091mobiles.com&utmhid=254851733&utmr=-&utmp=%2Fhub%2F6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data%2F&utmht=1649690821168&utmac=UA-13102071-1&utmni=1&utmcc=__utma%3D76036829.1363421240.1649690821.1649690821.1649690821.1%3B%2B__utmz%3D76036829.1649690821.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=4RAAACAAAAAAAAAAAAABAAAE~
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Apr 2022 23:22:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57891
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
countdowntimer.js
www.91mobiles.com/hi/tech/wp-content/plugins/91dops/js/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.91mobiles.com/hi/tech/wp-content/plugins/91dops/js/countdowntimer.js
Requested by
Host: www.91-cdn.com
URL: https://www.91-cdn.com/hub/wp-content/cache/autoptimize/js/autoptimize_d1c57cf389842194f1b3f8e740b7dc61.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.126.49.44 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-126-49-44.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
2fc21c83168e3e9c90431636b28c050840f98bff9b32750945939483f11b611e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.gsmarena.com *.killerfeatures.com *.91mobiles.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:15:14 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 06:12:42 GMT
accept-language
bytes
etag
"61a46f5a-457c"
vary
X-Device, Accept-Encoding, X-Device, X-Device, X-Device, X-Device
x-cache
HIT
content-type
application/javascript; charset=utf-8
expires
Mon, 11 Apr 2022 15:35:14 GMT
cache-control
max-age=1200, public, must-revalidate
content-security-policy
frame-ancestors 'self' *.gsmarena.com *.killerfeatures.com *.91mobiles.com
content-length
3491
x-cache-hits
532
css
fonts.googleapis.com/ 		1020 B
416 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Questrial
Requested by
Host: www.91-cdn.com
URL: https://www.91-cdn.com/hub/wp-content/cache/autoptimize/js/autoptimize_d1c57cf389842194f1b3f8e740b7dc61.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd31f22ba68ed6e6cc531b1198585508022d1cc3b97fc60252bf3a445e772c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 14:25:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Apr 2022 15:27:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Apr 2022 15:27:01 GMT
B27602429.333567476;dc_pre=CNWhlJupjPcCFdmIgwcdcoQDGw;dc_trk_aid=525878491;dc_trk_cid=169859676;ord=1649690821170;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_cons...
ad.doubleclick.net/ddm/trackimp/N558202.138283891MOBILES.COM0/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N558202.138283891MOBILES.COM0/B27602429.333567476;dc_trk_aid=525878491;dc_trk_cid=169859676;ord=1649690821170;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N558202.138283891MOBILES.COM0/B27602429.333567476;dc_pre=CNWhlJupjPcCFdmIgwcdcoQDGw;dc_trk_aid=525878491;dc_trk_cid=169859676;ord=1649690821170;dc_lat=;dc_rd...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N558202.138283891MOBILES.COM0/B27602429.333567476;dc_pre=CNWhlJupjPcCFdmIgwcdcoQDGw;dc_trk_aid=525878491;dc_trk_cid=169859676;ord=1649690821170;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H3
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 15:27:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Apr 2022 15:27:01 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N558202.138283891MOBILES.COM0/B27602429.333567476;dc_pre=CNWhlJupjPcCFdmIgwcdcoQDGw;dc_trk_aid=525878491;dc_trk_cid=169859676;ord=1649690821170;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-13102071-1&cid=1363421240.1649690821&jid=67878699&gjid=827805812&_gid=351981766.1649690821&_u=YEBAAEAAAAAAAC~&z=171016063
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.91mobiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 11 Apr 2022 15:27:01 GMT
content-type
text/plain
access-control-allow-origin
https://www.91mobiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
147549-v8-xiaomi-redmi-note-11-pro-mobile-phone-medium-1.jpg
www.91-img.com/pictures/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-img.com/pictures/147549-v8-xiaomi-redmi-note-11-pro-mobile-phone-medium-1.jpg
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
cba48ddffeccc49672080965abdaabac02002999b2fb6cc8eb840ba36b451ed6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 13:53:55 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
1215186
etag
W/"b90-zQMjmrg9MEk+mlqH7naEkzLHg3o"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
2960
x-amz-cf-id
h-5iUAtLSYCxL0Lz-qzWB6XPvXiA50oPL6eo9cuENV_vNY_-DBH5vQ==
x-request-id
521b8cfb-a959-4744-b222-7348e98364a7
147524-v7-vivo-t1-mobile-phone-medium-1.jpg
www.91-img.com/pictures/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-img.com/pictures/147524-v7-vivo-t1-mobile-phone-medium-1.jpg
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
72d9f04240e48ad4149cf2f568e5a14550875b3764fe5be16eab232dc55a4ad1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 11:01:24 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
4163137
etag
W/"8ec-X4pow1+wRyVrgkTZzZ4QzA"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
2284
x-amz-cf-id
KdBhhoQ3wg-VoQcwC8eUikZaVePc9AbCfjWsusROzjnxbnfK_hZNLw==
149295-v5-oneplus-nord-ce-2-5g-mobile-phone-medium-1.jpg
www.91-img.com/pictures/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-img.com/pictures/149295-v5-oneplus-nord-ce-2-5g-mobile-phone-medium-1.jpg
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
e3fb76dbc238b710578fccb3d11dbb189fd6e3092d85a4ea02392a297f2c6539

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:33:49 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
3455592
etag
W/"7a0-10ZFNIZ1efI+lgjmFRL6MQ"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
1952
x-amz-cf-id
FXPH8z-Y_F8-HMljHe_pLrOX_I5R_AhiGqqmkQRy1F-fBPxdnbKKAQ==
147646-v2-samsung-galaxy-a53-5g-mobile-phone-medium-1.jpg
www.91-img.com/pictures/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-img.com/pictures/147646-v2-samsung-galaxy-a53-5g-mobile-phone-medium-1.jpg
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
a55a9c0685b36544d1cc9ba1e3b82ed74991ffaf4c4dcd785cdd41fc9ec6b3f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 11:36:48 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
1309813
etag
W/"894-p2BTDAGm8tBh+qN8pJQUs4JF+YY"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
2196
x-amz-cf-id
moYwDnPDxpq_ale0MWFlhc1Hvy7zFG9bfCr9_sZkLtzi-hhFcS8DdA==
x-request-id
7ed35a90-065f-4b75-ab65-67418b47f27b
144223-v2-realme-9-pro-mobile-phone-medium-1.jpg
www.91-img.com/pictures/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-img.com/pictures/144223-v2-realme-9-pro-mobile-phone-medium-1.jpg
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
a2ac8bfc0cfe5c448c06e8071021910ee3fca74bc5407e7e4e5bd6bc7046b14c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 11:34:10 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
3642770
etag
W/"b2c-QGV2tfmMlumNyYE2RTHsyg"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
2860
x-amz-cf-id
NyoNAMrWpXP-f_7VUfVe11KWXJoRxkRPXcm-ASFbihFIqL_b3_ERFw==
OPPO-F21-Pro-feat-2-100x70.jpg
www.91-cdn.com/hub/wp-content/uploads/2022/04/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-cdn.com/hub/wp-content/uploads/2022/04/OPPO-F21-Pro-feat-2-100x70.jpg?w=100&h=70&c=1
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
2e3b5c40fc47cf66a4c01d216750ade0f44f7c18656d84993214b43576cae732

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 03:41:56 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
42305
etag
W/"4c0-e73vH/xTp5Gvn7fh0UXYQjFHS5U"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
1216
x-amz-cf-id
EOijbOlX8ji5zOSGKC1aHIdlePMezR9V-JaXbx4KTKDUBRY6rRRYGw==
x-request-id
138e81ed-8520-4cc8-9594-e30c96251308
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-13102071-1&cid=1363421240.1649690821&jid=67878699&_u=YEBAAEAAAAAAAC~&z=153299300
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 15:27:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-13102071-1&cid=1363421240.1649690821&jid=67878699&_u=YEBAAEAAAAAAAC~&z=153299300
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 15:27:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.91mobiles.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.91mobiles.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		123 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3513225266079195&correlator=828457929348389&eid=31063377%2C31066961%2C31066965%2C31065518&output=ldjh&gdfp_req=1&vrg=2022040501&ptt=17&impl=fifs&iu_parts=10578778%2CHub_970x90%2C91mobiles_ROS_300x250%2Clatest-article-300x250%2Chub-best-selling-300x250%2CHub_RB_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C970x60%2C300x250%2C300x250%2C200x200%7C250x250%7C300x250%2C728x90&ifi=1&adks=1844346783%2C2941961772%2C2123823384%2C3142887825%2C3260642332&sfv=1-0-38&ecs=20220411&fsapi=false&cust_params=pagetype%3Dnews&sc=1&cookie_enabled=1&abxe=1&dt=1649690821343&lmt=1649690821&dlt=1649690820393&idt=915&biw=1600&bih=1200&adxs=315%2C-9%2C1022%2C1022%2C267&adys=104%2C-9%2C833%2C4686%2C1735&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.91mobiles.com%2Fhub%2F6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x60%7C0x-1%7C324x250%7C324x250%7C696x1261&msz=970x60%7C0x-1%7C300x-1%7C300x-1%7C728x-1&fws=4%2C2%2C4%2C4%2C4&ohw=1600%2C0%2C1600%2C1600%2C1600&ga_vid=1363421240.1649690821&ga_sid=1649690821&ga_hid=254851733&ga_fc=true&btvi=0%7C-1%7C0%7C1%7C2&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
d05c1c4857ce00dcdabd3e87490194bf1db14548f3f58919c11b47cfaba7619c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24339
x-xss-protection
0
google-lineitem-id
5980013904,5979981720,5979981720,5979981720,5979981720
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138388509013,138388019697,138387937823,138388509016,138388509034
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.91mobiles.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3513225266079195&correlator=828457929348389&eid=31063377%2C31066961%2C31066965%2C31065518&output=ldjh&gdfp_req=1&vrg=2022040501&ptt=17&impl=fifs&iu_parts=10578778%2Chub-desk-related-story-728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x250&ifi=6&adks=2455051133&sfv=1-0-38&ecs=20220411&fsapi=false&cust_params=pagetype%3Dnews&sc=1&cookie_enabled=1&abxe=1&dt=1649690821358&lmt=1649690821&dlt=1649690820393&idt=915&biw=1600&bih=1200&adxs=267&adys=3100&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.91mobiles.com%2Fhub%2F6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=696x3531&msz=728x90&fws=4&ohw=1600&ga_vid=1363421240.1649690821&ga_sid=1649690821&ga_hid=254851733&ga_fc=true&btvi=3&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
92b9968500461b31559d5c4d41eee23526d39075fcb8652a3c817958a0258cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9518
x-xss-protection
0
google-lineitem-id
5979981720
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138388509019
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.91mobiles.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3513225266079195&correlator=828457929348389&eid=31063377%2C31066961%2C31066965%2C31065518&output=ldjh&gdfp_req=1&vrg=2022040501&ptt=17&impl=fifs&iu_parts=10578778%2Carticle-footer-970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=7&adks=2876947189&sfv=1-0-38&ecs=20220411&fsapi=false&cust_params=pagetype%3Dnews&sc=1&cookie_enabled=1&abxe=1&dt=1649690821361&lmt=1649690821&dlt=1649690820393&idt=915&biw=1600&bih=1200&adxs=315&adys=5754&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.91mobiles.com%2Fhub%2F6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x90&msz=970x-1&fws=4&ohw=1600&ga_vid=1363421240.1649690821&ga_sid=1649690821&ga_hid=254851733&ga_fc=true&btvi=4&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b53a6b60fbf923b0809782dba170e157b640172e76245b020c89bfcc6cc2718b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9430
x-xss-protection
0
google-lineitem-id
5979981720
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138388501321
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.91mobiles.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FAB6 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.91mobiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 15:27:01 GMT
expires
Tue, 11 Apr 2023 15:27:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 56D3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.91mobiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 15:27:01 GMT
expires
Tue, 11 Apr 2023 15:27:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7123 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.91mobiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 15:27:01 GMT
expires
Tue, 11 Apr 2023 15:27:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0DF3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEtXjyQhVcDK1Be-coZY25G1qnEKtd715y4j8wcti1wizK5gnYk6gQWE0nDEoTKhW3lVrFqFH42VX1P2IcpcJJjkn8veWV3R3ytkjn0hSaOGKck-PJg69srguueStjWuZgjKjJjkdb-tMqNXw4Tq-c4txx00yq1tGS-MTy54p6Qmy0sM7KsB61-h2JRM-w4CjsDcnkbzjxRcABRScBo-qKuAhyQZU7KFncpGd7p8ouL-P7x_E96shad384VMo3tEQxa0kSxs2olawPkY5yjXz3xeNyzCOO7pbMRK51cpP-mSE667Sp&sai=AMfl-YR0pUYcmQHU3SAus6z-fIc7JDyXnJ8Z1a7VWel6-s7v37g5EwoZdmnRZRLxvH-Z77twt5h4PXQMIz4CrNbCAmDcG-hKCCaoyJ_qLqpeSrRqekro_WaX4bW7ZZyA6VGp&sig=Cg0ArKJSzH835vg5SerSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 11 Apr 2022 15:27:01 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.0/ Frame 0DF3 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 01:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30281
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Apr 2023 01:19:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0DF3 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649247338736001"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Apr 2022 15:27:01 GMT
110422_realme_gt2_pro_970X90.jpg
img.91mobiles.com/uploadpanel/ads/ Frame 0DF3 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.91mobiles.com/uploadpanel/ads/110422_realme_gt2_pro_970X90.jpg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
8d178d99a8056fb8c20c17ee95bc5705ac242eab13e2b4098d6b6f312546b8d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 18:33:42 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
75199
etag
W/"47ac-plb+w07BYoh/GbVNiBZonvuPdMQ"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
18348
x-amz-cf-id
0aQrQyXeWmhmhjPpBFHFR5fZUW_nNy0_bH0NpzEpcdBXt0iNqcYE4g==
x-request-id
80786ec0-1d87-41eb-a3bb-a41c15d139ff
revised11apr_rb_realme_970x400.png
img.91mobiles.com/uploadpanel/ads/ Frame 0DF3 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.91mobiles.com/uploadpanel/ads/revised11apr_rb_realme_970x400.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
95f6714f8b6821e547764e0b39dc3b05f1d3d4cb415865293bd9beb5d96fd755

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 18:33:42 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
75199
etag
W/"61ca-rw+nEA9zTtTa6r1J3fdTpTVVPW8"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
25034
x-amz-cf-id
GSkJbDhF0k-eR9qQMW_rj1nooLn1kFU42OcNaQMu7p2mE_ptJ8C9ew==
x-request-id
b166f8e6-e2db-4186-815e-176078fafa4f
close-head-expando.png
www.91-img.com/images/ Frame 0DF3 		572 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-img.com/images/close-head-expando.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
5a9419d0a7ea5d802ee27b0304447dd7ffc1e2c727a321020b86bbe855e41e05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 18:34:23 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
75158
etag
W/"23c-FzKuRGpSmsOvxXPSww2XhDY3/qQ"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
572
x-amz-cf-id
tmrsR2rL9wXRNCtvu_6cwQJZP3Vc-YpNBgcl73SsWePHBxH-qNU9kw==
x-request-id
e27ea1fb-0e46-475a-94ce-0a4a476cedbe
container.html
7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 750F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.91mobiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 15:27:01 GMT
expires
Tue, 11 Apr 2023 15:27:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CE02 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.91mobiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 15:27:01 GMT
expires
Tue, 11 Apr 2023 15:27:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 811A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.91mobiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 15:27:01 GMT
expires
Tue, 11 Apr 2023 15:27:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame CE02 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
server
cafe
etag
3330746967810570135
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 15:19:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CE02 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26041
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Apr 2023 08:13:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CE02 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649247338736001"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Apr 2022 15:27:01 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 811A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
server
cafe
etag
3330746967810570135
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 15:19:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 811A 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26041
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Apr 2023 08:13:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 811A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649247338736001"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Apr 2022 15:27:01 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 56D3 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
server
cafe
etag
3330746967810570135
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 15:19:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 56D3 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26041
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Apr 2023 08:13:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 56D3 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649247338736001"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Apr 2022 15:27:01 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 7123 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
server
cafe
etag
3330746967810570135
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 15:19:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7123 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26041
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Apr 2023 08:13:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7123 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649247338736001"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Apr 2022 15:27:01 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 750F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
server
cafe
etag
3330746967810570135
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 15:19:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 750F 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26041
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Apr 2023 08:13:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 750F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649247338736001"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Apr 2022 15:27:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0DF3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXsSCjRHA9akalM_z5W2eIJt71uC2fxSjgKwsEZK876xsP9MiULIM3niIWWlFOUBt18B_3yVXOjQgmjzFXFOsqqgDeURQcmw-lDGsqVSufbAE-_0i73nQ6NLbP_F967J-gTQ6yova3etkZPEqWig_uqGY-jGNa15bXh0xgV3K9aiH1ApoDAyInKlu51uuek9pIFRO03f7Nw0J7aypkcDym91CekQ8xlCmAb1QgDaFEc-rKI9VNZMDXIJOfnyvbcRM79faPX8d4apwokzyP-FZhVnLSQ1UG0ap_vLG-QpCzGASu0raVLm0&sai=AMfl-YQBrgcVcTk2XyX8k9YevFe-8bg1WxF8_A7jlF92Ib8eU55wUICi-6mXJ3uqyTgveZm3af_Cvjobaw3msYePx8JED6irkfyDQaChm5gsRO5qL-hYk8OTczX2bCfJ2qkC&sig=Cg0ArKJSzDhyFWBj-jmTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 11 Apr 2022 15:27:01 GMT
truncated
/ Frame 0DF3 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adb976c3f3aa6167881d793ddd2ef36b5d4ad24e304e03b3b819015493d29c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame CE02 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
Origin
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 13:55:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Apr 2022 13:55:08 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 811A 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
Origin
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 13:55:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Apr 2022 13:55:08 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 56D3 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
Origin
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 13:55:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Apr 2022 13:55:08 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 7123 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
Origin
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 13:55:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Apr 2022 13:55:08 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 750F 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
Origin
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 13:55:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Apr 2022 13:55:08 GMT
index.html
s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/ Frame 1DEB 		63 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395f64ebf966c84c53c66826dd44005de93373c676afc6d6778935b07c8d83fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
75376
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
17768
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Apr 2022 18:30:46 GMT
expires
Mon, 11 Apr 2022 18:30:46 GMT
last-modified
Fri, 08 Apr 2022 06:31:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame CE02 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDZEaghhS2TXG-BPuwn02cXxfKy2qpxP7nAj47h74IuU4YFAecm-IadEral0mRIqtk2MRN7ZgDvaG_THkP7yA_wu5pFsg8cFOHrbVKqeOx3RhsV2Mx7pBapeRUDrCQiuygBCT8Z0mnuEYwHMNOAy5ZWMtfIdl3wQmIinI_NfET_1RKtokNm5bCVLhYvoxwgv5t3dAuEFtTFDb_ypMfw1IQQsopTbmcMUrAPS8zflePjgS5WfDPWJiffojS-t-ScuYCcHQDTKv_PTHLS7OeAQ08QkkfvkU1rwzkzTDs8lsqpt_7HSHzqiroG5b6D_-wQ19dTjUP&sai=AMfl-YSWJnhf0qjokmYzdcAVMgzfHipmTjKsCPEdQgCIrhf9-44RqTBOvi358v9Sk2-TfnsYnODdJSJdhTlf2k5ISYiVTn6ITTl2wLotc0OAx5uSMind-c0fUjTSDhH3YoIO&sig=Cg0ArKJSzFjcAM8OYaGdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/dfp/295578/4634032972/1649335575523/ Frame D731 		62 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/295578/4634032972/1649335575523/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0dab8e14bafae064401df1589b6bf328af7a685b644cfe18aeade2985104c50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
74726
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
17733
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Apr 2022 18:41:36 GMT
expires
Mon, 11 Apr 2022 18:41:36 GMT
last-modified
Thu, 07 Apr 2022 12:46:15 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7123 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXEqDXNnjg6jOy9thuRXok9QXCPUQAONgSZ7pLC_tulYRugZp4LppXZy4k6vM382IsFYNItfWrM5UMujDG93fEkw63PaqV_PMtZQel0tqREcw1mtTmQNsJhb07dyjn3TXm4s9s6QEmZixqmSe1ZhK3QZ9jrFt9CsYEeALUciKJdGE5sEEO-hb-0r5Eb3uvX9CCpX9eD_ycUJ-Axv8KSucGcsvIZLOjLrtyAGQsaiuORETi5ahmvCpzAN9hPL18xhup0xPPQbU5QePjLr6MYZ7R7CzWG-6iN9-3TyQOcsv5NaGA_3kvl76ujB-lndo1PqFMSTc&sai=AMfl-YT_2nMhzKsVtOmmx5BeOUCQEislmUrVEc7kSK0pxEfprevUFky4ZZc3Nopo0KDWurH_j33doQkyhz5Thmb8lHY6H3WLpwB_Z1N0z60Zc_ZA9WDIQT0ULGVp95PEp2c&sig=Cg0ArKJSzMsrKoxRrSZBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/dfp/295578/4634032972/1649335598203/ Frame D98D 		62 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/295578/4634032972/1649335598203/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17e0bc35c676253c13224a8b0a72018fd7d415d3adbb76d23ab39ae9d10b9e64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
74727
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
17740
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Apr 2022 18:41:35 GMT
expires
Mon, 11 Apr 2022 18:41:35 GMT
last-modified
Thu, 07 Apr 2022 12:46:38 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 811A 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPu0ch8dD112dK0bSAJ9z9BFeeibTHMXmYZuwFV1ddUqUCfJF0UQC-l_KibHZSXS-ed0T9dMLevbgCyTkHMqiKKapD51XLzhdRkV0Ba0cOEljdqMg0GQwwpYchT6-7Xwlsl9Qbmrrj0tMCLEzbi6IdWxwWbE50NV8hz32zxCcjO2k4Ib7EcnWNP0fP7N7PDc6NKrnnB4rNDGWw5fR2MY7lCnsxFLEVDorGCbvutflelWjAmikmXL1vsDt4gMVI1om9l_shUz0AEDnah9e-n8HPTD3b2BxPM4Pv6Z7xTMoZZTEyWRuw-8O8&sai=AMfl-YSMwZtd7ZZ1nWOflfNN0o7QwH19zLXfr_3xKaDgnaUeguPgJTuAUltXbVKfZYPmFYmkSO80MhMKEPPMinJMeF7zqXXLurg55-xbdaeCPHODzNYb_JIRxGOwq42ZGhjZ&sig=Cg0ArKJSzHYnCncWVmDSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/ Frame 7182 		63 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395f64ebf966c84c53c66826dd44005de93373c676afc6d6778935b07c8d83fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
75376
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
17768
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Apr 2022 18:30:46 GMT
expires
Mon, 11 Apr 2022 18:30:46 GMT
last-modified
Fri, 08 Apr 2022 06:31:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 750F 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1o7DpeC6EoKdqkA7xeHkRZf9VRPKZHpkawMXP0jT1LGuZEJnyRH_bbdVv63EWbfuCyQ0ifN0u_AWVhhxSypWT0a2_CsW7aVIVBthCTBYacNGDocUD0HK4KuokOyHX1Rw1JjqWCXeDM5sQ981ooRKX7dQ_elchP5QCZ8fkaA115Zcx342Bkb6pFUj0-gensA-1_28n-N-ernb6I7-57GmE82hvnYmVlwOFvZ5gmYjlPKARD8ykRsIZ6hEfyf303f9vmPRctQAV2mqNNfts0zsHz_J_RVNKmOa8dlQx9ud4_oGs0W7wEa4YoH4kfI5aR7gamAIw&sai=AMfl-YR70_n1zcvGweU6qHp9Hh8mN4Hlp6cTE_xikBbtV3S0EZLyNuwmTAoZhX9IOL6_PHdDcHYxI7vNJvWur8qFv60PhikpFHljuPC4uJbtXHGUSlNuizbkiyHfqhotCBaD&sig=Cg0ArKJSzDKbwVkyhAktEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/dfp/295578/4634032972/1649335598203/ Frame 49D7 		62 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/295578/4634032972/1649335598203/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17e0bc35c676253c13224a8b0a72018fd7d415d3adbb76d23ab39ae9d10b9e64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
74727
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
17740
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Apr 2022 18:41:35 GMT
expires
Mon, 11 Apr 2022 18:41:35 GMT
last-modified
Thu, 07 Apr 2022 12:46:38 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 56D3 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSl_keB-d0sJnJoMTmhUogXblut_sG6s4S-hnU6kWaQJX4cJgv03FUQ22eR79w0L4uwxF2pLnHBTI1aKDhhZm7uE-sf7KVGFMxC3RoR9DRVL2TMzFpBcwj0vsf_ClIOsLqhCDugpCW8yZehu3_Ry8I14YiggaJ4tyFiB2x9fNoNIL2cmPIbxb3IubbnP9uceCOhZn3jreumQiEE2t7CLg06ve_IrA5U_52BJrlZ8WoH6K8BKZL_OTnpkw4hNjDr8YK9GOaymEv-DFXohXgIP-Iy2oIquRMIl1KeD8W7dayUImySoXMQGmEjSFrfGzONRKweQC9txtaHQ&sai=AMfl-YRYTOyzMXzW9IMp2pp7cLE-gtK23vpBsho1j1QYKNiJGx2lk26XKvE3I6xH_JwquWvUheI6ecEWgKWkADOgWXAKTkHb1DIdsu0lN1lWicj_C80FAg-Qz50FnD6bQxmw&sig=Cg0ArKJSzK5q6dEj7in5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
URL: https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
DcmEnabler_01_243.js
s0.2mdn.net/879366/ Frame 1DEB 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_243.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 15:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10603
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 01:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Apr 2022 15:54:46 GMT
DcmEnabler_01_243.js
s0.2mdn.net/879366/ Frame 7182 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_243.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 15:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10603
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 01:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Apr 2022 15:54:46 GMT
DcmEnabler_01_243.js
s0.2mdn.net/879366/ Frame D731 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_243.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/295578/4634032972/1649335575523/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/295578/4634032972/1649335575523/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 15:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10603
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 01:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Apr 2022 15:54:46 GMT
DcmEnabler_01_243.js
s0.2mdn.net/879366/ Frame 49D7 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_243.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/295578/4634032972/1649335598203/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/295578/4634032972/1649335598203/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 15:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10603
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 01:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Apr 2022 15:54:46 GMT
DcmEnabler_01_243.js
s0.2mdn.net/879366/ Frame D98D 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_243.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/295578/4634032972/1649335598203/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/295578/4634032972/1649335598203/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 15:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10603
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 01:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Apr 2022 15:54:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CE02 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtXp1IA0nkf0iFyaVzu1WAyroxKm5RJ9hGBAzMd-9OT6Scn_h-IyjDtcQl3urBiNjyo_MC8Ac7baZr5ljyQTQYPAjJv-1f1g8mW5r_K8ZDZVilwV2taFBldY4q7VTOVUFzpBZm3KknwzYgx9MCAHKR7iu8DV9FIloD68XJLaLbHkiXLSN9ofMT0m_ffaMbSRV_TTgfnwfDm5E_2YVZ558nygciKgaj9Td9zdEM3EenEdeTzveZTTq1BaeiARLfbF__Rda2cbjB5rdSoYzwomuP092yqykq3HibQyrlxMc-aghw9XuNPSvY-ekT4bzY7xYFd6isAyw&sai=AMfl-YR01nBL3jJUCNEExb6QSHZPSjC2pIQ0k3vsfnODNhKbLHFJjdwPZ5JdVFbx9peTtER1G8mYM1Nyf6UAxR_kKXl3P7c1onsj2cEfxaCR6kthpAIlLrX6QumKQ-mNDKeJ&sig=Cg0ArKJSzNm9H8Ed6ykNEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 11 Apr 2022 15:27:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 750F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstu9x1fPK3iShJVu3bRNjUDPv_hWI8-elKUpiu6PWo2_7VG14YbjtZ-hBDJFvQMY5fA5LIplt9ogc51of3Kokrl08IirZAfHzSKEkPzbpAK5De8BYun0pCKu69v48bsGkFMGHHNmdvd1-vf4ORbl8eYzFfm7OtAGYjNmK3Jlbi4SWGZfH0OQ49fNv5bkLiaV0V2uFaGhmao6XMeF1e7l-2cqLpe0wojXN1Ta9AJ1LS5t9I4wuzoP62NwU6i-04-7H9Ys-F1d7d8DEYVGaPJI75P5agcP50egyv19fVb7QP46WCBiTwv0MYApVDgnJja2ohnVrtHCcY&sai=AMfl-YSy1r9w08aJsI-IFMc6CH63EQJI3ZOyCCn-q2m9ADKY_e3darto_rskO8QWkAxfwbN0wZThnftzu5x926-fbwCZirIMDlG7TMv3bppf6Kch2VYPyzJi2Q9Sy_9qIMVn&sig=Cg0ArKJSzBPGEE72VWorEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 11 Apr 2022 15:27:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7123 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstS3MpsaMl4Axx82I7RdndsRALPlYtzhOiexndxUbiMoc3jEBwwF-TljBQH0wO4_JMZ_N0jBkUF25IuFZHYo_DpYTmv1lR3N29_3BTaC4u1mJ_RzwYQqaGV19QkEsiK2HMWnN5ABM1i9V_2kMwXVWQfWZrBu7AvHmWZF4Q1q3FWkCZtAqRofe7xGa7oU4JWPj2Qs7HjJLbXcc-R_Ot-q35F6gwozO3JD8DSHdQClhUfmn5ANO2qQ7Lv3GTOMb7_-9liou3LMLQAQ7eIn4BbCQCBoH7XkjcICHfg1Wfw-w0PNHey4fffQGCmhacKkmJabBCGZlYGsg&sai=AMfl-YRfm7nHjqfUt-B1hUJaQ7LpEUFHpoqZSqg3_MpMe7EKBvSBXldfF7J9PsspMd2UgBf2MiQcrJKfWy7PaSQSO-7NcbnzyrA3Azl3x8lIiT6t0rcWT-o8HZc3tS0wx6o&sig=Cg0ArKJSzFdwixL0L60dEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 11 Apr 2022 15:27:02 GMT
300x250.png
s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/ Frame 1DEB 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/300x250.png
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2d0d317211d940899123734455ad2828519a0e2e9c35880c80a9387bfe528a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 18:30:46 GMT
x-content-type-options
nosniff
age
75376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164541
x-xss-protection
0
last-modified
Fri, 08 Apr 2022 06:31:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Apr 2022 18:30:46 GMT
300x250.png
s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/ Frame 7182 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/300x250.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2d0d317211d940899123734455ad2828519a0e2e9c35880c80a9387bfe528a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/295578/4634032972/1649399481056/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 18:30:46 GMT
x-content-type-options
nosniff
age
75376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164541
x-xss-protection
0
last-modified
Fri, 08 Apr 2022 06:31:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Apr 2022 18:30:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 56D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9r3COodnCX0FwWEGTOPuOsA1Y4g-8Nnx-B_khtEJGQybShzn4hDNYahQvUrzM3ya79xeuMfxra32pe4buE-ctEykDMxzje1odJhFJq-NY0FYLQ7L-8QrhXumQPQN2LK3PkJ1lKZHZ1jsVs4w7DWgVx_4ESqVMwMgwYy5UJlygs5F3juCqQN0dnSClWwKoj20d5F6PUpWZTP7GiSq7GmM0sYuOXUGtbh5FAcWhiFcG6tCyQnFtnQDFSxkbmgYN2UbxDIoSafTfDg51A0eGxb9hYnzK3AKhBFd1cm7fzY8QaEjbKBjrl3hv9q5gbb-ZNQPBVOova2o1KfOn&sai=AMfl-YRZn9bSyeM5rR3Jk5fwoBYAchKbrQEDcKH1QIEdqz55meLa3GHBEewCx8hBL283nwd0uOPhh6pXwTmekn5vkEiTOz15ETbKceSeFXQLsPqIWId8AjSa8rlDXpLArrxy&sig=Cg0ArKJSzMeiLsQpvMNbEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 11 Apr 2022 15:27:02 GMT
970X90.jpg
s0.2mdn.net/dfp/295578/4634032972/1649335575523/ Frame D731 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/295578/4634032972/1649335575523/970X90.jpg
Requested by
Host: www.91mobiles.com
URL: https://www.91mobiles.com/hub/6-anti-virus-apps-on-google-play-store-steal-15000-android-users-data/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9d4cdeeb85f91e82340e0223984457e3ab2188c69729e7c61e144d6ba9ff97c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/295578/4634032972/1649335575523/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 18:41:38 GMT
x-content-type-options
nosniff
age
74724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117203
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 12:46:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Apr 2022 18:41:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 811A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQi9E4ZV7JyAMzO9IJDd4lOUCavgRMs8zWbwpS3GwBn3u6EZydJAJXnmSD2Daf2063qIO9yQuFSrRL6wJ0dZf17MfEFwJFn0Vy0LHst0_6_XNNgkOmsfvw-uRduOMJgJ-y-R35FHy3pdxGDepcrhQ1aN7K-oB_9vi8QVjX3jpbGRVkX-ptriCy3NWK0kONUbuQ8Lo0q-IIfHxYl313NgMScKHYle8CzQOMtWhaWMHtywx27N51UxYlg7D8IEyOp3-GyfrV5cAXOtiVOd5IcYMXNoaes3OA9TY2YGHZADuDTJ2OGR_RMqxmb6I&sai=AMfl-YTpsCe1SVQcFbIn76IjMFf6fbMa122A8uGelmvPkaiCa-l-H95FDIR2Y2JsqniE9KYmFglb0pB7n-ggGbFJHmITCrqk-Tyu97-csgUX0Dj6ekqIijcHedQdCXL6R-bp&sig=Cg0ArKJSzLNyDAaEouvoEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 11 Apr 2022 15:27:02 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcb466e6b64a99342256d1bbae01c80c9f2bb5eba00d1360dd4eea08fb55056c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Apr 2022 15:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10535
x-xss-protection
0
728X90.jpg
s0.2mdn.net/dfp/295578/4634032972/1649335598203/ Frame 49D7 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/295578/4634032972/1649335598203/728X90.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95a33e5f19d47ae5cde80e82477c86cb5f02cd021c8c0af83f75fa2833230fdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/295578/4634032972/1649335598203/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 18:41:38 GMT
x-content-type-options
nosniff
age
74724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104524
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 12:46:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Apr 2022 18:41:38 GMT
728X90.jpg
s0.2mdn.net/dfp/295578/4634032972/1649335598203/ Frame D98D 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/295578/4634032972/1649335598203/728X90.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/295578/4634032972/1649335598203/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95a33e5f19d47ae5cde80e82477c86cb5f02cd021c8c0af83f75fa2833230fdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/295578/4634032972/1649335598203/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 18:41:38 GMT
x-content-type-options
nosniff
age
74724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104524
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 12:46:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Apr 2022 18:41:38 GMT
oneplus-nord-2t-render-100x70.jpg
www.91-cdn.com/hub/wp-content/uploads/2022/04/ 		652 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-cdn.com/hub/wp-content/uploads/2022/04/oneplus-nord-2t-render-100x70.jpg?w=100&h=70&c=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
085b1e847c16b52feb84711d3e034f75749750229a670eb02f50d50440a1d64f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 14:40:27 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
89195
etag
W/"28c-VQsw1Vlx2z/6yE76lAvfoj53RGs"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
652
x-amz-cf-id
XGtQo2PPsHcmEXkC7rRgSLSWWvZOy2rfjArcoEOh4hHUHapWfCgSuw==
x-request-id
1113adc1-de0f-4e1f-88fe-0e5e6aed6133
Galaxy-A54-5G-100x70.jpg
www.91-cdn.com/hub/wp-content/uploads/2022/04/ 		578 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-cdn.com/hub/wp-content/uploads/2022/04/Galaxy-A54-5G-100x70.jpg?w=100&h=70&c=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
3cead45b6d4088605fa15784976df38be859e898366fa39febfbb59aa940e1b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 03:41:56 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
42306
etag
W/"242-ErnLyvaW2OKVg4SyDpvn6TvPg7g"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
578
x-amz-cf-id
jBc6s4c6jxIDsL-8tRAo6pD9Adg0m_NuC9Hngv529rd6PwTQQgk2Yw==
x-request-id
293b8661-af85-4851-a085-1d0b7863c545
OnePlus-Ace-feat-100x70.jpg
www.91-cdn.com/hub/wp-content/uploads/2022/04/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-cdn.com/hub/wp-content/uploads/2022/04/OnePlus-Ace-feat-100x70.jpg?w=100&h=70&c=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
b46088e2645c91bb42a699396cdfce454b5899138051433db5c7cdab86e170d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 03:41:56 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
42306
etag
W/"42c-G4yqsO7rbi+SRmETiPUjye0rKrQ"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
1068
x-amz-cf-id
yVkNB_mztaYmw2qmovnbc5dsACzeBMY1sJTR0GVkIorpN-2mdKjNOA==
x-request-id
914d008a-eec9-4b03-8a52-7542bd5adfbf
Ola-feat-100x70.jpg
www.91-cdn.com/hub/wp-content/uploads/2022/04/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-cdn.com/hub/wp-content/uploads/2022/04/Ola-feat-100x70.jpg?w=100&h=70&c=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
149dceb9b356442bcb50cb659f956f11ecd415141a59e5c616d7a720bb48c0c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 03:41:56 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
42306
etag
W/"5fa-cEXlisDD/eDF6mTvPJbsf7WhtQg"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
1530
x-amz-cf-id
T6PskGcLZhNjQaTr3K5eEEV7AzTdywrAhCUZWuDKqU3PJpvDWAWYqA==
x-request-id
a10483dd-b967-4162-9628-11e14bb8cf01
Bose-QC45-100x70.jpg
www.91-cdn.com/hub/wp-content/uploads/2022/04/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-cdn.com/hub/wp-content/uploads/2022/04/Bose-QC45-100x70.jpg?w=100&h=70&c=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
a53886cb4e83368c43e2b25c890e64613f7c5ece35e648f4bfe84600784df359

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 03:41:57 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
42305
etag
W/"4be-u6vOhwEHAAT0JzNsfS1/lnLrDSU"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
1214
x-amz-cf-id
wuf2Q6CigY29XQK_0AgyzAw425BAZL45Hga5vV2h-35PA7kvUDvSrA==
x-request-id
7d618db0-92b8-44ce-a5cf-2854238bd1bb
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:27:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Apr 2022 15:27:03 GMT
six-apps.jpg
www.91-cdn.com/hub/wp-content/uploads/2022/04/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-cdn.com/hub/wp-content/uploads/2022/04/six-apps.jpg?tr=q-100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
da587842ea49ebab98110e339c817ccd97ffe3cb3c4f60bda5186e303a1b0da2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 09:53:30 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
279212
etag
W/"1069c-VFkBX0vP6JnY4XfK9+eB2z7bZEs"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
67228
x-amz-cf-id
lBNCVUvCCugVHihUBwMdbMR1p_YBWt8kPMO6GiKGk93cb_4OuYvhpw==
x-request-id
0b980b98-bfcc-4c92-a8e6-5d15a600b784
oneplus-10r-specifications-feat-100x70.jpg
www.91-cdn.com/hub/wp-content/uploads/2022/04/ 		608 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-cdn.com/hub/wp-content/uploads/2022/04/oneplus-10r-specifications-feat-100x70.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
128670f9b97d7385833c1aa07256476d09ae42efc1532113ed19772a35596f1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:04:34 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
1348
etag
W/"260-OW0PkwZ3DjL9k8vA1P6TkMwRw1Y"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
608
x-amz-cf-id
B6I9u7RIjH7t06vLOlBMvGwKxloeJ5P7ymmUETUM_1ajueFGpbP1dA==
x-request-id
7278e722-127a-446c-afae-c7cb6eee7418
Jitendra-EV-100x70.jpg
www.91-cdn.com/hub/wp-content/uploads/2022/04/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91-cdn.com/hub/wp-content/uploads/2022/04/Jitendra-EV-100x70.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.243.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-243-9.hel50.r.cloudfront.net
Software
/
Resource Hash
fb6bf60e9f03c99a4bc24186ccd6e62ba8ca2d0d85f1cbaa23bd612a41f188c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 12:57:51 GMT
via
1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
age
8951
etag
W/"5a0-jQCsx9yyAd+Cn9/jZFb1mNCzF4o"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
x-amz-cf-pop
HEL50-C1
timing-allow-origin
*
content-length
1440
x-amz-cf-id
gAu8Uf6TuGkSmSLI4ddwHTaTTBSydoNS4vNetpf2_iu-QjCXcRP7fA==
x-request-id
57370a24-b281-425d-a644-d9b839379668
activeview
pagead2.googlesyndication.com/pcs/ Frame 0DF3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7xW9Z2DPqXwqS75uD5oMgCbSIXsNIqMZA3PTMVsel4uhL_7UIK9Q_MXA-1dpmyEWyROhOF64yINP3Fr-MClab9iuX61QRRpbvRmooVZ_1vnfdUMh5&sig=Cg0ArKJSzFtx8K0juGm2EAE&id=lidar2&mcvt=1000&p=104,315,224,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220406&bin=7&avms=nio&bs=1600,1200&mc=0.75&vu=1&app=0&itpl=19&adk=1844346783&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649690821536&rpt=228&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 15:27:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 750F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9tmBkOJRqIGvDUk8ygXcvHD3j5yXnsUapWtgele8FrUZFZFsUW4RzOUMCJopCnrWFxkAuE7AS-yZ8ALhgv8GMzoF62D2RMtrXwZVcrOglJxsN3iQ2&sig=Cg0ArKJSzKGYNW7YkEKMEAE&id=lidar2&mcvt=1001&p=863,1022,1113,1322&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=2123823384&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649690821545&rpt=786&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 15:27:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6F3B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.91mobiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
512
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 15:18:31 GMT
expires
Tue, 11 Apr 2023 15:18:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D703 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
766c935d7c64ec93eaec71e67aded203082faf0c6f4e770c45abb9d3e9c7b313
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QNvt0kgshi3vMFxiASo9EQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.91mobiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-QNvt0kgshi3vMFxiASo9EQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 15:27:04 GMT
expires
Mon, 11 Apr 2022 15:27:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js
pagead2.googlesyndication.com/bg/ Frame 6F3B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 05:39:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
35229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13627
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Apr 2023 05:39:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D703 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040501&jk=3513225266079195&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6F3B 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pR6IaA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:27:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022040501&jk=3513225266079195&bg=!r6ylrOjNAAZAkm7qYJI7ACkAdvg8WmoxKfeLf2aC4UJg20eC4Y80YKD5iBFWkJDpJdNJTkdAtQ8rJQIAAAB0UgAAAAFoAQcKAOQ_YmTLULe9dNaCV_2Vw1SppOfBA1BQMurFS1BrbchGrnlCyWxNc00tqswxF7YyaiZ71zppXCnFeaP54GPric-8jGLXIUBMrjvWyy5haAY9ipz1sEccnVAUIIelzgmDkHFErBBoC_6Ily-oSIHtoRLoeGKYqNFfw0m-cnDNX1LvDq9LZCoTtIhBZ6t4izTXAY86CD_ovOQnPlAcnQbGZfQ608yIXOlrUOOw3wJjkPBur0oSDfwRv-j8o3PRFWoTazylR6D9gKqN7Er2JdbI9kU6YA6MictvwtqqAYnCj0pG2J9Qe_SZAqNhsWxw_SV-8Aox3RV8PFgDFB6-9cGx4HwzHl4YUCGOhTAiLue1Yoa5AkyI0ypHa71Oa3NAlGklYf9UvWu9f2ye1MvlxpVlLY9ztV1xmkBASYoT6JnPAcHriP1VM8SHe_gzbZ0Mh-JvX5TuTjBQH6tBi2HowFmug8oXeaB-TkC9WaFmv8S6CRW-CsifFmQZ3W5QtXZCVJ4NZ2W65hSz2RBruapCq46TF3pyxouKsB3RGm1ztqpN8bonM0QdIcjWEyAEWnLTWReuEp7tqudRWPBus34Y0L8-EJw7tbRMpbbdXFx5SJnKqNzGuU0B6kHdmtero6YifZi5hdzRblPuBlJDpW3onJoqQq6U8IhXF8W7dOy9TnHdalbJkIgzqswfhq_21aWhekFLVcNUt7lMO4oCTvK6uzccdRm5PvcUtlaZHSsqY2mLGjR1p1UEaFjEeCaBMKfLmnaDSRFCnSqodynBTwf0StovaZvrUvfayh5pZAGO4v8tXGi7zz8IJYY6V-ClHsnBeRjB6ZdA_HNRdScRTGO9minKseJ3R3Rwp6cMIg4wx4Dj1g0LsV5oniumve1Pbrw2ZPq8-6br3vxI75x30-2suZBl_U89QpMlfNQF78ntvcE2Ft3Ah4gFPYeKF1nsJIRQ83gfF-5WGZATbNeRnRRW4rId17Es5L6YjIB90ooENo_UVYPCV9zOQryfMEkIPBCsm_hWhnqSlExmsqrLXNKuLMXjp6430ElZBZxaDH5r5O17S8Dx4Xjvz2zgyBr2rJDDRGzFCX3n6i14Q3EphQOqO5tXk0njFxqPuvmS-5bznR_PFJw-RCSMYYNxj8ukhRI88XmZwUt7BDsu88J6qDmXvJcQkFyA2IqTNmD3pCL8fFhSRJ4G23mzMBtEm2Kf7DU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.91mobiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Apr 2022 15:27:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails number| post_id string| gtm4wp_datalayer_name object| dataLayer object| googletag undefined| loadedAds function| adScrollCustom string| gaAdStr string| gaFltBar object| _gaq function| trackOutboundLink string| GoogleAnalyticsObject function| ga object| tdb_globals object| tdwGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target function| mobileAndTabletcheck string| countdown_widget_end_date string| msiteendDate string| countdown_timer_imp_tracking_url object| block_tdi_4_78c object| block_tdi_5_90f object| block_tdi_6_68b object| block_tdi_7_655 function| $ function| jQuery object| mashsb object| thickboxL10n object| _gat function| domainNameCheck function| saveSubscriber function| getDocHeight undefined| winheight undefined| docheight undefined| trackLength undefined| throttlescroll undefined| scroll20 undefined| scroll40 undefined| scroll60 undefined| scroll80 undefined| scroll100 function| getmeasurements function| amountscrolled function| percentBlocks number| myVar function| myTimer object| jQuery112407581170537275279 object| lazySizesConfig function| include number| _sf_startpt object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| google_tag_manager object| lazySizes object| scroll_events undefined| strict function| checkMobileAndTablet object| WONDERPLUGIN_CAROUSEL_SKIN_OPTIONS function| ASTimer object| ACPlatforms object| wonderplugincarouselObjects boolean| ASYouTubeIframeAPIReady number| ASYouTubeTimeout number| wonderplugincarouselId object| tdbAutoload object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch string| tb_pathToImage function| tb_init function| tb_click function| tb_show function| tb_showIframe function| tb_remove function| tb_position function| tb_parseQuery function| tb_getPageSize function| tb_detectMacXFF function| onYouTubeIframeAPIReady function| ResizeSensor function| _ function| $f object| wp object| imgLoader string| $story string| $default object| gaDevIds undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ampInaboxIframes object| ampInaboxPendingMessages string| regexpMatchFormat_given_date string| regexpReplaceWith_given_date string| startDate string| endDate string| timer_startDate object| startDategiven_date object| endDategiven_date number| timer_startDategiven_date object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
.91mobiles.com/ Name: _ga
Value: GA1.2.1363421240.1649690821
.91mobiles.com/ Name: _gid
Value: GA1.2.351981766.1649690821
.91mobiles.com/ Name: _gat
Value: 1
.91mobiles.com/ Name: __utma
Value: 76036829.1363421240.1649690821.1649690821.1649690821.1
.91mobiles.com/ Name: __utmc
Value: 76036829
.91mobiles.com/ Name: __utmz
Value: 76036829.1649690821.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.91mobiles.com/ Name: __utmv
Value: 76036829.|1=ab_test_page=truncated=1
.91mobiles.com/ Name: __utmb
Value: 76036829.2.8.1649690821
.91mobiles.com/ Name: __gads
Value: ID=ae7995c69531bb23-221c6c2874cd00e2:T=1649690821:S=ALNI_MZhz7v5BPXzMeccjY7QjikDPk503g
.doubleclick.net/ Name: IDE
Value: AHWqTUniNiMYUlpw7yWNNl0f0YcW2ZWDfIKxzQgbhGnoDr0HYW6c7fOrJrQZF2fM5pc
www.91mobiles.com/ Name: bredcrum_roadblock
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.gsmarena.com *.killerfeatures.com *.91mobiles.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7945ef05d9a88811cc846d4ea2b565be.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.91mobiles.com
fonts.googleapis.com
fonts.gstatic.com
img.91mobiles.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.91-cdn.com
www.91-img.com
www.91mobiles.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
13.126.49.44
13.33.243.9
142.250.185.198
142.250.186.162
2a00:1450:4001:801::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2006
2a00:1450:4001:811::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9b
0316fcdf7ebc2c02a622317ba4160d38fd914ffae213503442e65de83b20b245
083a2ad58efa24fd9c9b5f6277958c050998d927cc27a62e94565dda4c005b28
085b1e847c16b52feb84711d3e034f75749750229a670eb02f50d50440a1d64f
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
128670f9b97d7385833c1aa07256476d09ae42efc1532113ed19772a35596f1a
13f78ca33f69ae91029e1c9ed76a6a99f9c973e4430e489e06364bcfe85d63f1
149dceb9b356442bcb50cb659f956f11ecd415141a59e5c616d7a720bb48c0c5
17e0bc35c676253c13224a8b0a72018fd7d415d3adbb76d23ab39ae9d10b9e64
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
24b9dad9df698159001473e476f474aaf3472f913d26124fde366f0f7ceaad8f
2942c364310f3a05e3b0903c79759785212334d900c10babb4e876b7a817d108
2d0ae838c34be443f3b1ad1955f5641b58cd62ddacf24adf3bcebe0d665d03ad
2e3b5c40fc47cf66a4c01d216750ade0f44f7c18656d84993214b43576cae732
2fc21c83168e3e9c90431636b28c050840f98bff9b32750945939483f11b611e
395f64ebf966c84c53c66826dd44005de93373c676afc6d6778935b07c8d83fe
3cead45b6d4088605fa15784976df38be859e898366fa39febfbb59aa940e1b3
450cc16cb2c03f96064b809858a6e7a5c81ea6a2caa516ec7556bf2100248967
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
512846f1a77c4273ca6f5430a6d0def8e05dcfe50e90425d22c8688095df3e1c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a9419d0a7ea5d802ee27b0304447dd7ffc1e2c727a321020b86bbe855e41e05
5b1263340325154c690e68bbaa0ecd2e4aa7fef109a91b052baad2a29b5cf556
5cd8414a3c4929a2797e032056bcc4c5e83a40b5a460fb973728a486be1681d1
5f265fbcef2e2749697bcb19f15bf884f4e886dd38b2b8cde7f5fa3a2a44e208
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61b17f135b85bcbbb7d0636b3606cf6365fd6115da2728dd8c5782f02ebf4d53
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65ebaa4d116fce07c0c82e39aeebf21d7c6e435df716e5d9812f88c0e8ec7e6a
6a0468648ffe97030317cf7938ebeec64bf6217fcd904f8949a3bfd1a53c4fdf
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
72d9f04240e48ad4149cf2f568e5a14550875b3764fe5be16eab232dc55a4ad1
745caffca4b97cf5cf2374d82c6dfb6fb7c7b694e85432f92ec4dcb35f4418c9
766c935d7c64ec93eaec71e67aded203082faf0c6f4e770c45abb9d3e9c7b313
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
826965376cd4872ec30663f297456de09c3c30b851fca824954c1fddd1b29c2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86cd78910d7aa8ef53f28ffd7043cd760392270bb56c3810302fd2a20bc2db1c
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88e9647332e2521c847452c6ea7df81517c98b298b1a840e0e6e1aed9a3b0c56
898bc09bab4f20f00658ed9f8e961ef50395a945c19e9966f0ce7e53bd7a4ecf
8ac81227c387fe20bb2f7866b97d86fd644e2120bd565c55808bac399e363c5c
8accd53067d6aa0c73ab17dc24ea253ba2c320f0b8d38d8faf1bb9574c9e5151
8d178d99a8056fb8c20c17ee95bc5705ac242eab13e2b4098d6b6f312546b8d2
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
905ce0d8fef384dc4f22450bfb19b6811c0704e467f9970d116ac3d8c3e9b700
90d65d46d8b8ec9abc88f37a91fc1302da5d9027a75cb6225a0b110c9cd7b47c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92b9968500461b31559d5c4d41eee23526d39075fcb8652a3c817958a0258cc4
95a33e5f19d47ae5cde80e82477c86cb5f02cd021c8c0af83f75fa2833230fdd
95f6714f8b6821e547764e0b39dc3b05f1d3d4cb415865293bd9beb5d96fd755
97dda19a2a0b56aefd1b0ed3d7905a5867bcaf36966cb0d37e22757934613436
a0dab8e14bafae064401df1589b6bf328af7a685b644cfe18aeade2985104c50
a0dbeec4cc12d0406830bb508a6b9d6086c4fcc1aee5e3f7879d9240f9946bf2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2ac8bfc0cfe5c448c06e8071021910ee3fca74bc5407e7e4e5bd6bc7046b14c
a2d0d317211d940899123734455ad2828519a0e2e9c35880c80a9387bfe528a4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53886cb4e83368c43e2b25c890e64613f7c5ece35e648f4bfe84600784df359
a55a9c0685b36544d1cc9ba1e3b82ed74991ffaf4c4dcd785cdd41fc9ec6b3f4
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a97c8102bc8a089052b3fa94bc0d13c5d5779024d475ecdcc8ba6ba4a47838c2
a9d4cdeeb85f91e82340e0223984457e3ab2188c69729e7c61e144d6ba9ff97c
adb976c3f3aa6167881d793ddd2ef36b5d4ad24e304e03b3b819015493d29c42
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1b9c207343dae2da50b485b299eb9d69163eb6d4f20d010698b84649aa84331
b46088e2645c91bb42a699396cdfce454b5899138051433db5c7cdab86e170d9
b53a6b60fbf923b0809782dba170e157b640172e76245b020c89bfcc6cc2718b
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5
cba48ddffeccc49672080965abdaabac02002999b2fb6cc8eb840ba36b451ed6
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cfe83b7511b06aebc9631a14c703ba5f329a724ee0732ca26a797f513a7f5c47
d05c1c4857ce00dcdabd3e87490194bf1db14548f3f58919c11b47cfaba7619c
d1035db8647e5204930d38b00663c7a3c44b1190d6c6d82e98d021c66c549901
d51830d817025affbd73092e61732fbe4746d1119244aa105163e89db5e9cebe
d677f78d9b650e03129b05a84a50c72c4faae375338a34d5049ccbcd32da7423
da587842ea49ebab98110e339c817ccd97ffe3cb3c4f60bda5186e303a1b0da2
db448fb064d0f9c095a25132a62d9f6c56001c1d67a3eb015b045ecd81d54fec
dbbf96f0f3672bebde653f53907599dbc7843cd4cd628a5d32420b0afbb27bba
dcb466e6b64a99342256d1bbae01c80c9f2bb5eba00d1360dd4eea08fb55056c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fb76dbc238b710578fccb3d11dbb189fd6e3092d85a4ea02392a297f2c6539
e8a56b7248517b052849b0d606b0c402c9a147d231cfba361af5dfb5794a3766
eddb21aab10180b41b8889ddac6485accad744c559244a81d6122f989c7cf5d1
ee67bcd5c1241e5cac648147e7b5a9efd3dc8cbd2f9f43ea51d7d045884a9d67
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3552215efd8efc3354791f2ba0dadb6c449a2009723ec21f832f12b615b80a3
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
fb6bf60e9f03c99a4bc24186ccd6e62ba8ca2d0d85f1cbaa23bd612a41f188c6
fd31f22ba68ed6e6cc531b1198585508022d1cc3b97fc60252bf3a445e772c3e