appsfire.co Open in urlscan Pro
2606:4700:20::681a:d1c  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 84

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELwXgu7u4Iu8HmAXaQMCzeQ&google_cver=1&google_push=ASkJ3FYbszaN7r28Om-iXESr7qW2lXg0PkS_KfciDT9vMNelfmWghCiUjIeU3caKsV08Qb5kzu_gF-J5ysmytEP8_1MDhDfo_sckAg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYbszaN7r28Om-iXESr7qW2lXg0PkS_KfciDT9vMNelfmWghCiUjIeU3caKsV08Qb5kzu_gF-J5ysmytEP8_1MDhDfo_sckAg

Request Chain 85

• https://um.simpli.fi/gp_match?google_gid=CAESEKXWsI9g5YdiLe9YQeg3e0I&google_cver=1&google_push=ASkJ3FasV409RusBC2PuPdpKvKfYNIKIawMO-Ux4P0MSh7I5Bd2JFNSg3-ZRthTl2vN4eDPHjHgSyv_IRbJV9ZVZRJw8YoXVyjBZNlM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=13621A62EC624457BFD92123DCCABF6F&google_push=ASkJ3FasV409RusBC2PuPdpKvKfYNIKIawMO-Ux4P0MSh7I5Bd2JFNSg3-ZRthTl2vN4eDPHjHgSyv_IRbJV9ZVZRJw8YoXVyjBZNlM

Request Chain 88

• https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFUjXufl2Vk5fE401XQhZF8&google_cver=1&google_push=ASkJ3FZ0WnSZCGWDqKJsc8RGY84a38kJGJvbIx6IO7iBZ09d2WKgdPmO93txHJhyPW6Lnp6g7BYc8FOlvyIftBI_N8aoL5y_pwXLvig HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FZ0WnSZCGWDqKJsc8RGY84a38kJGJvbIx6IO7iBZ09d2WKgdPmO93txHJhyPW6Lnp6g7BYc8FOlvyIftBI_N8aoL5y_pwXLvig

Request Chain 89

• https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FZVbi43AhrhyjIuhgEu_MDR2RtGuoohqZOmb-vpQRBjVqU3jS_hAc8DS4Vv3oPs-FrJyFFELU7TXseAqe7Wx_TCjwRtonsUffE?google_gid=CAESEHRHho3WBf-zeTR2kkm-9Bo&google_cver=1 HTTP 302
• https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FZVbi43AhrhyjIuhgEu_MDR2RtGuoohqZOmb-vpQRBjVqU3jS_hAc8DS4Vv3oPs-FrJyFFELU7TXseAqe7Wx_TCjwRtonsUffE?google_gid=CAESEHRHho3WBf-zeTR2kkm-9Bo&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f8ac701-d411-4f3e-af7d-395879a46c87&&google_push=ASkJ3FZVbi43AhrhyjIuhgEu_MDR2RtGuoohqZOmb-vpQRBjVqU3jS_hAc8DS4Vv3oPs-FrJyFFELU7TXseAqe7Wx_TCjwRtonsUffE

Request Chain 91

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

• https://um.simpli.fi/gp_match?google_gid=CAESEKXWsI9g5YdiLe9YQeg3e0I&google_cver=1&google_push=ASkJ3FYZucJl1c1bDTfnPVGIz7F_AZRnIFqxEgFo6r6ThVcbWvCvRzCaM9PetxLRzEJzSPXRluYL4hCLdzqSs9MJ1w1RSSIoDSZ3ug HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=13621A62EC624457BFD92123DCCABF6F&google_push=ASkJ3FYZucJl1c1bDTfnPVGIz7F_AZRnIFqxEgFo6r6ThVcbWvCvRzCaM9PetxLRzEJzSPXRluYL4hCLdzqSs9MJ1w1RSSIoDSZ3ug

Request Chain 106

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKgZMfnfiEdv37JK25_9h2Y&google_cver=1&google_push=ASkJ3FZU7A52BrxmOKmFHlH2mc-R8TFvtph9CQnBA1beJzAP2KuBExW4D3ieptG5xYJpDz5OvLB72jlO7FaLHWR6qv_zi8baa3hIjQ HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKgZMfnfiEdv37JK25_9h2Y&google_cver=1&google_push=ASkJ3FZU7A52BrxmOKmFHlH2mc-R8TFvtph9CQnBA1beJzAP2KuBExW4D3ieptG5xYJpDz5OvLB72jlO7FaLHWR6qv_zi8baa3hIjQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk2ODg0ODY3MjE5OTgxMTE5OQ&google_push=ASkJ3FZU7A52BrxmOKmFHlH2mc-R8TFvtph9CQnBA1beJzAP2KuBExW4D3ieptG5xYJpDz5OvLB72jlO7FaLHWR6qv_zi8baa3hIjQ

Request Chain 108

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJMJ4QStW00UQj3ATQetY0I&google_cver=1&google_push=ASkJ3FbyleNCGC4Spm1WoLLISEZZpaP_3U-BFJ4LCxmc4iRb-Rj_J50TpaO2LmtJcqDM4vv_8e6zbuMwaiPyNg9FGZv1PlK096ivWw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE4NUlOQUEtUy0yT05I&google_push=ASkJ3FbyleNCGC4Spm1WoLLISEZZpaP_3U-BFJ4LCxmc4iRb-Rj_J50TpaO2LmtJcqDM4vv_8e6zbuMwaiPyNg9FGZv1PlK096ivWw

Request Chain 109

• https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESENpgq-FQbj6KzsHjT62DnAs&google_cver=1&google_push=ASkJ3FY_nGbRY8Ydt1AMWkYphzljNPt2FHxtO0iBBvgWVAQtnh5OBnsnLfNbAt1l6FFq3Fu20e8SR6oHl04QAiMAFTSTJOU826ELWw HTTP 302
• https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FY_nGbRY8Ydt1AMWkYphzljNPt2FHxtO0iBBvgWVAQtnh5OBnsnLfNbAt1l6FFq3Fu20e8SR6oHl04QAiMAFTSTJOU826ELWw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1667908266834 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-250e3024-ef01-4f87-85cc-ba5987d3e351-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FY_nGbRY8Ydt1AMWkYphzljNPt2FHxtO0iBBvgWVAQtnh5OBnsnLfNbAt1l6FFq3Fu20e8SR6oHl04QAiMAFTSTJOU826ELWw%26google_hm%3DAyUOMCTvAU-Hhcy6WYfT41E HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FY_nGbRY8Ydt1AMWkYphzljNPt2FHxtO0iBBvgWVAQtnh5OBnsnLfNbAt1l6FFq3Fu20e8SR6oHl04QAiMAFTSTJOU826ELWw&google_hm=AyUOMCTvAU-Hhcy6WYfT41E

Request Chain 110

• https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEQ8QSnJwdfy4ioD65wRC1M&google_cver=1&google_push=ASkJ3FY5tPJgylFinenQ4-Cdvz-c-WPsGlIpOQ5d79L9U93bDS0BKFZesEJbUrDrgdp7Uf2miquInbvHK2XkzefJZY2q_IvwdPyjr-U HTTP 302
• https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEQ8QSnJwdfy4ioD65wRC1M&google_cver=1&google_push=ASkJ3FY5tPJgylFinenQ4-Cdvz-c-WPsGlIpOQ5d79L9U93bDS0BKFZesEJbUrDrgdp7Uf2miquInbvHK2XkzefJZY2q_IvwdPyjr-U&verify=true HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wSWhBT05sRTJ1RlgwclMzalFqZ3QubDJ4UWlOVFpWZX5B&google_push=ASkJ3FY5tPJgylFinenQ4-Cdvz-c-WPsGlIpOQ5d79L9U93bDS0BKFZesEJbUrDrgdp7Uf2miquInbvHK2XkzefJZY2q_IvwdPyjr-U

Request Chain 112

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request download-selfishnet Show response appsfire.co/en/windwos/	95 KB 23 KB	169ms 97ms	Document text/html	2606:4700:20::681a:d1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://appsfire.co/en/windwos/download-selfishnet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 365298cc3bc79f3f988f826303e21fa9528bf1ed4874a2e9c6824492affe21ad Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=600 cf-cache-status EXPIRED cf-ray 766e1837ecbd68e5-FRA content-encoding br content-type text/html date Tue, 08 Nov 2022 11:51:03 GMT expires Tue, 08 Nov 2022 12:00:38 GMT feature-policy camera 'none'; fullscreen 'self'; geolocation *; microphone 'self' https://appsfire.co/* last-modified Mon, 07 Nov 2022 01:20:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygON1yN9v6od9nokPF470zur%2FH1EbdHwR1pf0L4KX6k0lCXNpRe2YexQjGGJZo9urMPCi0asm%2FC98IPyUSdl9P%2FkptPk%2FHNdbWoxf%2BPs52tWtCs9yJI30JxmxY1iRHh3Fl%2BqXkh7j2lL"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff x-frame-options DENY x-nginx-upstream-cache-status HIT x-permitted-cross-domain-policies none x-server-powered-by Engintron x-xss-protection 1; mode=block 1; mode=block
GET H2	200	fontawesome-webfont.woff appsfire.co/theme/fonts/	96 KB 96 KB	97ms 96ms	Font font/woff	2606:4700:20::681a:d1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://appsfire.co/theme/fonts/fontawesome-webfont.woff?v=4.7.0 Requested by Host: appsfire.co URL: https://appsfire.co/en/windwos/download-selfishnet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://appsfire.co/en/windwos/download-selfishnet Origin https://appsfire.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:03 GMT x-server-powered-by Engintron x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 98024 x-xss-protection 1; mode=block, 1; mode=block x-nginx-upstream-cache-status STALE last-modified Wed, 12 Dec 2018 14:31:38 GMT server cloudflare x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBlrZ5Y%2FEtBjHE%2F60hOOJgAAHLww3psl5f%2Bj1d09i6WsOfchFUIahe9igLIRulGuJxIeA4is9sMeZ6vAE3jAY%2Box0hIfGSwfFUK8%2BZrrUXnMFrz6HSsehB%2BGcSt7UGA0Rm5t6QQi6d0C"}],"group":"cf-nel","max_age":604800} content-type font/woff access-control-allow-origin https://appsfire.co cache-control max-age=5184000 feature-policy camera 'none'; fullscreen 'self'; geolocation *; microphone 'self' https://appsfire.co/* access-control-allow-credentials true vary Accept-Encoding accept-ranges bytes cf-ray 766e18389e2168e5-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept expires Sat, 07 Jan 2023 11:51:03 GMT
GET H2	200	fontawesome-webfont.ttf appsfire.co/theme/fonts/	162 KB 97 KB	111ms 110ms	Font font/ttf	2606:4700:20::681a:d1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://appsfire.co/theme/fonts/fontawesome-webfont.ttf?v=4.7.0 Requested by Host: appsfire.co URL: https://appsfire.co/en/windwos/download-selfishnet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://appsfire.co/en/windwos/download-selfishnet Origin https://appsfire.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:03 GMT x-server-powered-by Engintron x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block, 1; mode=block x-nginx-upstream-cache-status STALE last-modified Wed, 12 Dec 2018 14:31:34 GMT server cloudflare x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgXQ8DltHOlrfssUm1MRReszbPoZ%2FwR48xT4k9Jvb6%2BXTejV%2BN3V3HQgJxzt10N5baf424B4bItnUQFFB%2BqQlF67kASm4gc0Mrm6tXd%2BeDg8HS%2FG4u%2BtyiLoHuSauWI3JXoGeE222Gb4"}],"group":"cf-nel","max_age":604800} content-type font/ttf access-control-allow-origin https://appsfire.co cache-control max-age=5184000 feature-policy camera 'none'; fullscreen 'self'; geolocation *; microphone 'self' https://appsfire.co/* access-control-allow-credentials true vary Accept-Encoding cf-ray 766e18389e2268e5-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept expires Sat, 07 Jan 2023 11:51:03 GMT
GET H2	200	all.css appsfire.co/theme/standard/	223 KB 38 KB	110ms 110ms	Stylesheet text/css	2606:4700:20::681a:d1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://appsfire.co/theme/standard/all.css Requested by Host: appsfire.co URL: https://appsfire.co/en/windwos/download-selfishnet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0c00b7ea23adbd476831a4c48c9ac3af859ca2b0327b1a81a13ee1ec5ed71e8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/en/windwos/download-selfishnet User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:03 GMT x-server-powered-by Engintron x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block, 1; mode=block x-nginx-upstream-cache-status STALE last-modified Sun, 22 Nov 2020 21:34:23 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdsAoA%2FEVvbESlXJSYyd3fRrFBUpDdjCLzPvO8y02Gi11jnST%2B9gGiyrT9nrXtWBvOI2No2ZuTs9p0jZ65gGr3n%2FVM%2BrEObdrVG2DOzT5K37sNCknfP%2FdYWqY6frpymTLP3f5x3mwe3I"}],"group":"cf-nel","max_age":604800} cache-control max-age=2592000 feature-policy camera 'none'; fullscreen 'self'; geolocation *; microphone 'self' https://appsfire.co/* access-control-allow-credentials true cf-ray 766e18389e1f68e5-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept expires Thu, 08 Dec 2022 11:51:03 GMT
GET H2	200	logo.png fireimages.site/uploads/	6 KB 7 KB	130ms 88ms	Image image/png	2606:4700:3037::6815:2bbb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://fireimages.site/uploads/logo.png Requested by Host: appsfire.co URL: https://appsfire.co/en/windwos/download-selfishnet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:2bbb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a18bfbe4f2bac532e497c094fb13ad498e3de4f632eb56198199425aace2a506 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:03 GMT x-server-powered-by Engintron x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none age 214791 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5811 x-xss-protection 1; mode=block, 1; mode=block x-nginx-upstream-cache-status STALE last-modified Sat, 21 Sep 2019 01:15:14 GMT server cloudflare x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8IWII%2B1z1sx0GcPX5781J5ZhAWvfvwIVHlTXuMSXu1Jx53RfTtXtXbC%2FL9qwav2Fjpeio1l1xYe3dp5dIDnSblogXWfM3bxaCerqRivkAbjM%2BZHo%2FZZ7Evl9iLNPGGfEwJrpt9djf5zI%2FR4BWE%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=31536000 feature-policy camera 'none'; fullscreen 'self'; geolocation *; microphone 'self' https://appsfire.co/* access-control-allow-credentials true accept-ranges bytes cf-ray 766e1838eb66bb43-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept expires Thu, 05 Jan 2023 00:11:12 GMT
GET H2	200	img.jpg dl.appsfire.co/theme/standard/images/	2 KB 2 KB	115ms 99ms	Image image/jpeg	2606:4700:20::681a:d1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dl.appsfire.co/theme/standard/images/img.jpg Requested by Host: appsfire.co URL: https://appsfire.co/en/windwos/download-selfishnet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 458c69560f14a9f386478e88facf26e67f5daf3e7aa978cc769bbf48deb8ec96 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:03 GMT x-server-powered-by Engintron x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1631 x-xss-protection 1; mode=block, 1; mode=block x-nginx-upstream-cache-status STALE last-modified Thu, 07 Nov 2019 23:59:14 GMT server cloudflare x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GfK4Xn8LBUBw3MmDFps85Emw71px9ZpAJTvf56%2FvCaraiFXuZAZL16YDWnzZZ32M2YqVMnGbLC2oYBixRjhchPBU8CptEwQnQGRBScDH9W0TxjXy0xXL3G8y7CLmareVoDWDFCKCy7uOT8P"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=5184000 feature-policy camera 'none'; fullscreen 'self'; geolocation *; microphone 'self' https://appsfire.co/* access-control-allow-credentials true accept-ranges bytes cf-ray 766e1838ce8068e5-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept expires Sat, 07 Jan 2023 11:51:03 GMT
GET H2	200	img.jpg appsfire.co/theme/standard/images/	2 KB 2 KB	97ms 96ms	Image image/jpeg	2606:4700:20::681a:d1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://appsfire.co/theme/standard/images/img.jpg Requested by Host: appsfire.co URL: https://appsfire.co/en/windwos/download-selfishnet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 458c69560f14a9f386478e88facf26e67f5daf3e7aa978cc769bbf48deb8ec96 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/en/windwos/download-selfishnet User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:03 GMT x-server-powered-by Engintron x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1631 x-xss-protection 1; mode=block, 1; mode=block x-nginx-upstream-cache-status STALE last-modified Thu, 07 Nov 2019 23:59:14 GMT server cloudflare x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdStnNneqTwLSKGxLIhP55ng6s80GU71d6tzVljdFzasbGZX2S5NHO4ARxGF%2FZCb2IZk0h8%2BC0SVNWpLQHHkK9PYgXJCuoNAkRPimprDYceXZZPuI%2FefVgkDZL8XigpHJ23Pb0NrRrlu"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=5184000 feature-policy camera 'none'; fullscreen 'self'; geolocation *; microphone 'self' https://appsfire.co/* access-control-allow-credentials true accept-ranges bytes cf-ray 766e1838ae5568e5-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept expires Sat, 07 Jan 2023 11:51:03 GMT
GET H2	200	jq.js Show response appsfire.co/js/	86 KB 31 KB	104ms 103ms	Script application/javascript	2606:4700:20::681a:d1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://appsfire.co/js/jq.js Requested by Host: appsfire.co URL: https://appsfire.co/en/windwos/download-selfishnet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d828af8f5f6c035a2265d1028ef9364e9b03e43b21e77765491bca43a0d9f893 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/en/windwos/download-selfishnet User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:03 GMT x-server-powered-by Engintron x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block, 1; mode=block x-nginx-upstream-cache-status STALE last-modified Tue, 29 Oct 2019 17:06:37 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n30lrjPB5Q6NSDi2tvGJp0plXzm9T14TXJBfwb4zE0qlZbPGCw74jUw561BUvfexTnNefLk3EB%2FAkKf3WQfLe2lj0hWwOim60sGCZa7Te8K%2Fnrh%2F8D%2BFTsvA5Mk%2FKXDVB3IJ66xbQ5WQ"}],"group":"cf-nel","max_age":604800} cache-control max-age=2592000 feature-policy camera 'none'; fullscreen 'self'; geolocation *; microphone 'self' https://appsfire.co/* access-control-allow-credentials true cf-ray 766e1838ae4268e5-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept expires Thu, 08 Dec 2022 11:51:03 GMT
GET H2	200	lg.js Show response appsfire.co/js/	176 KB 44 KB	103ms 101ms	Script application/javascript	2606:4700:20::681a:d1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://appsfire.co/js/lg.js Requested by Host: appsfire.co URL: https://appsfire.co/en/windwos/download-selfishnet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:d1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7fa23ef1477031de1d43420203756701f754619d160bac6d0ebbe612eff9a11 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block, 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/en/windwos/download-selfishnet User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:03 GMT x-server-powered-by Engintron x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block, 1; mode=block x-nginx-upstream-cache-status STALE last-modified Sun, 22 Nov 2020 22:31:02 GMT server cloudflare vary Accept-Encoding x-frame-options DENY content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJ%2Bqe%2FWzTlPV4X%2B7Je65YJ%2BvPy7GO3dfEEZado2FUBk%2BhU3y9BmQtg3lor%2B5w8TVrhFNLkIeGsrngMvdN1rzaVZ3nm4Nh5U1RQKBXZ7CsY%2Be9%2FMY%2FIQx8mpGTL61V4bY37mm%2Bly9vdwR"}],"group":"cf-nel","max_age":604800} cache-control max-age=2592000 feature-policy camera 'none'; fullscreen 'self'; geolocation *; microphone 'self' https://appsfire.co/* access-control-allow-credentials true cf-ray 766e1838ae4968e5-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept expires Thu, 08 Dec 2022 11:51:03 GMT
GET H2	200	search.png static.apkpure.com/www/static/imgs/	294 B 485 B	161ms 20ms	Image image/webp	2606:4700:10::ac43:87f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.apkpure.com/www/static/imgs/search.png Requested by Host: appsfire.co URL: https://appsfire.co/en/windwos/download-selfishnet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:87f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55780a674b4a7bc497730e76ea8fd29ac19dcd2ad0d160b2b4272815d234d8bb Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:04 GMT strict-transport-security max-age=15724800; includeSubDomains cf-cache-status HIT age 498101 cf-polished origFmt=png, origSize=480 content-disposition inline; filename="search.webp" content-length 294 cf-bgj imgq:100,h2pri last-modified Fri, 19 Jan 2018 01:33:48 GMT server cloudflare etag "a46accdc1200eb1acf611a184c6b4ce8" vary Accept content-type image/webp access-control-allow-origin * cache-control max-age=31536000 x-rgw-object-type Normal accept-ranges bytes timing-allow-origin * cf-ray 766e183a4e08921f-FRA expires Wed, 26 Oct 2022 17:36:47 GMT
GET H2	200	day_list_number.png static.apkpure.com/www/static/imgs/	180 B 556 B	96ms 19ms	Image image/webp	2606:4700:10::ac43:87f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.apkpure.com/www/static/imgs/day_list_number.png Requested by Host: appsfire.co URL: https://appsfire.co/en/windwos/download-selfishnet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:87f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b725691812d1a01c237f50068bff0efd90eab44c8b39d78889ea7b85bc6ef371 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:04 GMT strict-transport-security max-age=15724800; includeSubDomains cf-cache-status HIT age 1708729 cf-polished origFmt=png, origSize=292 content-disposition inline; filename="day_list_number.webp" content-length 180 cf-bgj imgq:100,h2pri last-modified Fri, 19 Jan 2018 01:35:41 GMT server cloudflare etag "adc95e240de679cbf80fcb821bab9557" vary Accept content-type image/webp access-control-allow-origin * cache-control max-age=31536000 x-rgw-object-type Normal accept-ranges bytes timing-allow-origin * cf-ray 766e183a4e0c921f-FRA expires Wed, 19 Oct 2022 22:10:58 GMT
GET H3	200	invisible.js Show response appsfire.co/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 6DF7	32 KB 14 KB	17ms 17ms	Script application/javascript	2606:4700:20::681a:d1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://appsfire.co/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667894400 Requested by Host: appsfire.co URL: https://appsfire.co/en/windwos/download-selfishnet Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:d1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fab84ad0872a732bb08100a1ae2f2a1d2228b1e10058986bfd6e36a17b4be2a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:03 GMT content-encoding br x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CQpriLv4qK7lTGY2%2BOiQMSsfOybJ9VwAyiMlzmtg9J193F66XGrEICSJPXvjMN2iatgQK01OY%2F43r8jrKqbVKr8tZk7oTozp%2FvkJTmtH3Mxe0KfrMCGI5i5vyyQKUZTG1MS%2Bdzh5grV"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 766e1839eb289b76-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	pica.js appsfire.co/cdn-cgi/challenge-platform/h/g/scripts/ Frame 6DF7	24 KB 10 KB	17ms 17ms	Other application/javascript	2606:4700:20::681a:d1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://appsfire.co/cdn-cgi/challenge-platform/h/g/scripts/pica.js Requested by Host: appsfire.co URL: https://appsfire.co/en/windwos/download-selfishnet Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:d1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b62652e97d4b528bf88dd8087d3143bc4f32c42b8d86a018820eebaec6834b9 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:04 GMT content-encoding br x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upPw%2FfgacNKLHWGoyQU6n4yt9PBKGbjC983QgY7rJiydVINB0RqTwlhr8OXoRmckF3d5iiPfZEJr9815cNMDESU9Bc9sdhIiBwEikonvRpIJ5jARwYa20WTqSZybkOW4ZiQEu9bF4wZx"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 766e183a5c049b76-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	167 KB 54 KB	71ms 39ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: appsfire.co URL: https://appsfire.co/en/windwos/download-selfishnet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 288da525de98174920777cf853b39f59808b714710f53b744c9eeec0d8b2f11c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55171 x-xss-protection 0 server cafe etag 11744850112784077286 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Tue, 08 Nov 2022 11:51:04 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/	353 KB 116 KB	71ms 53ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c971389a7bb90ea605c232d434b87ca107b0e767ddd638e2ebb17e3705e79934 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 119055 x-xss-protection 0 server cafe etag 13450870198160191229 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 08 Nov 2022 11:51:04 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/ Frame 7F6C	10 KB 5 KB	33ms 8ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://appsfire.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1268 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:29:56 GMT etag 2424782735605397694 expires Tue, 22 Nov 2022 11:29:56 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	200	766e1837ecbd68e5 Show response appsfire.co/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 6DF7	2 B 649 B	30ms 29ms	XHR text/plain	2606:4700:20::681a:d1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://appsfire.co/cdn-cgi/challenge-platform/h/g/cv/result/766e1837ecbd68e5 Requested by Host: appsfire.co URL: https://appsfire.co/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667894400 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:d1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type application/json Response headers date Tue, 08 Nov 2022 11:51:04 GMT content-encoding br x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWRBosO7yy2%2BB%2FL0lOYauKXFVqsRGjKZM0ovg1FrC0MczO8gHBrumMalDQ3%2BCJdn0GvmZqwrO8JNYmQfcAKZeL5oxCD8Vs%2Fd0on1Jpv4eZE3wXNE1SZldTvyY3q0akxGK9%2B5jaFL16xp"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 766e183c58789b76-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	204	ping pagead2.googlesyndication.com/pagead/	0 0	60ms 43ms	Fetch text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ping?e=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://appsfire.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	12 B 476 B	54ms 17ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=appsfire.co&callback=_gfp_s_&client=ca-pub-5205003917248233&gpid_exp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	45ms 16ms	Script application/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=appsfire.co Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:04 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	48ms 16ms	Script application/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=appsfire.co Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:04 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 3006	89 KB 31 KB	553ms 534ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&slotname=2438225450&adk=4103414174&adf=4272225274&pi=t.ma~as.2438225450&w=1140&fwrn=4&fwrnh=100&lmt=1667784005&rafmt=1&format=1140x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908264169&bpp=4&bdt=407&idt=241&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=2581565166818&frm=20&pv=2&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IMheSrRrqf&p=https%3A//appsfire.co&dtd=260 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 069ee0d48b013dc0d21ab50fd2c6c24fbcaf56f547d6db677e8dbda571a0baaf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://appsfire.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 31518 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:51:04 GMT expires Tue, 08 Nov 2022 11:51:04 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	24ms 23ms	XHR application/json	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a843a01cd659a598525280ec870a140f9bb43fa70348e184d532ab21d18171a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:04 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11284 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame D8E8	178 KB 43 KB	1268ms 1261ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&adk=1812271804&adf=3025194257&lmt=1667784005&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&ea=0&pra=7&wgl=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&aspe=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908264186&bpp=1&bdt=424&idt=250&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280&nras=1&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=255 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c608306cd70750347554564987eb9af916ef3e89e7c698efdbd0aec74ae04a2c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://appsfire.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 44404 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:51:05 GMT expires Tue, 08 Nov 2022 11:51:05 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	52ms 23ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:04 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 08 Nov 2022 11:51:04 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 826A	13 KB 5 KB	26ms 8ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://appsfire.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 14413 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 07:50:51 GMT expires Wed, 08 Nov 2023 07:50:51 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame A25E	783 B 1 KB	40ms 17ms	Document text/html	2a00:1450:4001:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ab4288ac8253507707022a5a82f5d6889f1f4054a2ff6513289c66f819646136 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-UE87BclIK1a-ujg33Ml47g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://appsfire.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 514 content-security-policy script-src 'report-sample' 'nonce-UE87BclIK1a-ujg33Ml47g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:51:04 GMT expires Tue, 08 Nov 2022 11:51:04 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H3	204	ping pagead2.googlesyndication.com/pagead/	0 0	42ms 42ms	Fetch text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ping?e=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://appsfire.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H3	200	nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response pagead2.googlesyndication.com/bg/ Frame 826A	36 KB 15 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 08:10:08 GMT content-encoding gzip x-content-type-options nosniff age 13256 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Thu, 20 Oct 2022 10:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 08 Nov 2023 08:10:08 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame A25E	0 0	41ms 41ms	Image text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=2926540591887640&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 826A	0 10 B	7ms 7ms	Image text/plain	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?Z7BseA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:04 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H2	200	css fonts.googleapis.com/ Frame 3006	6 KB 1 KB	183ms 18ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&slotname=2438225450&adk=4103414174&adf=4272225274&pi=t.ma~as.2438225450&w=1140&fwrn=4&fwrnh=100&lmt=1667784005&rafmt=1&format=1140x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908264169&bpp=4&bdt=407&idt=241&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=2581565166818&frm=20&pv=2&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IMheSrRrqf&p=https%3A//appsfire.co&dtd=260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 08 Nov 2022 11:51:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 08 Nov 2022 10:22:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 08 Nov 2022 11:51:05 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 3006	2 KB 765 B	65ms 63ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&slotname=2438225450&adk=4103414174&adf=4272225274&pi=t.ma~as.2438225450&w=1140&fwrn=4&fwrnh=100&lmt=1667784005&rafmt=1&format=1140x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908264169&bpp=4&bdt=407&idt=241&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=2581565166818&frm=20&pv=2&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IMheSrRrqf&p=https%3A//appsfire.co&dtd=260 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 14:50:17 GMT content-encoding br x-content-type-options nosniff age 75648 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 21 Nov 2022 14:50:17 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 3006	23 KB 9 KB	65ms 62ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&slotname=2438225450&adk=4103414174&adf=4272225274&pi=t.ma~as.2438225450&w=1140&fwrn=4&fwrnh=100&lmt=1667784005&rafmt=1&format=1140x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908264169&bpp=4&bdt=407&idt=241&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=2581565166818&frm=20&pv=2&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IMheSrRrqf&p=https%3A//appsfire.co&dtd=260 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 14:03:04 GMT content-encoding br x-content-type-options nosniff age 78481 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9180 x-xss-protection 0 server cafe etag 12585499704757265805 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 21 Nov 2022 14:03:04 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 3006	3 KB 1 KB	91ms 54ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&slotname=2438225450&adk=4103414174&adf=4272225274&pi=t.ma~as.2438225450&w=1140&fwrn=4&fwrnh=100&lmt=1667784005&rafmt=1&format=1140x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908264169&bpp=4&bdt=407&idt=241&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=2581565166818&frm=20&pv=2&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IMheSrRrqf&p=https%3A//appsfire.co&dtd=260 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:29:57 GMT content-encoding br x-content-type-options nosniff age 1268 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 22 Nov 2022 11:29:57 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 3006	17 KB 7 KB	66ms 62ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&slotname=2438225450&adk=4103414174&adf=4272225274&pi=t.ma~as.2438225450&w=1140&fwrn=4&fwrnh=100&lmt=1667784005&rafmt=1&format=1140x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908264169&bpp=4&bdt=407&idt=241&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=2581565166818&frm=20&pv=2&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IMheSrRrqf&p=https%3A//appsfire.co&dtd=260 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 14:38:45 GMT content-encoding br x-content-type-options nosniff age 76340 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7305 x-xss-protection 0 server cafe etag 12747696668401323709 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 21 Nov 2022 14:38:45 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 3006	154 KB 48 KB	182ms 15ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&slotname=2438225450&adk=4103414174&adf=4272225274&pi=t.ma~as.2438225450&w=1140&fwrn=4&fwrnh=100&lmt=1667784005&rafmt=1&format=1140x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908264169&bpp=4&bdt=407&idt=241&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=2581565166818&frm=20&pv=2&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IMheSrRrqf&p=https%3A//appsfire.co&dtd=260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48209 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1667824238049716" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 08 Nov 2022 11:51:05 GMT
GET H2	200	0d3fd3b530a886383bd6b91513e5ed38.js Show response www.gstatic.com/mysidia/ Frame 3006	34 KB 14 KB	161ms 8ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&slotname=2438225450&adk=4103414174&adf=4272225274&pi=t.ma~as.2438225450&w=1140&fwrn=4&fwrnh=100&lmt=1667784005&rafmt=1&format=1140x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908264169&bpp=4&bdt=407&idt=241&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=2581565166818&frm=20&pv=2&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IMheSrRrqf&p=https%3A//appsfire.co&dtd=260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 20:18:51 GMT content-encoding gzip x-content-type-options nosniff age 401534 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14033 x-xss-protection 0 last-modified Mon, 31 Oct 2022 22:32:29 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 01 Feb 2023 20:18:51 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 3006	0 0	103ms 51ms	Fetch text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CLzePqEJqY7z4HIiFlgSa4LeACOmCtZ5tmt60upMQwI23ARABIL_MmENglaqUgqAHoAHIsanNA8gBCagDAcgDywSqBOMBT9AsGbBSSExpNrA6DABVf3iQgpmC2F1lINBr_wXSSR4IZ-iJ9yNl4YR-AkeesyMiihYVuSD7f2SVHomaTWth6Oee_DRW8WxtrDGOo-Ljfwg22sV02kc1umTewsRdAhqzubYIE9jURYV2IYbBV1ZnPKgiBd5Upa5ccx6n0jmIRC69yM9p0VahCch73o2QwO8d3dWY_X6ppqgJvJ9q_u3OK85J_lLXE3htmy_xFiddi60GqwzwpQgWxVYknCNTfAAefqtRJxXcMBWAYFuNSZPTDynoNNaoU-jmTu_3yoj2ziUoVZvABOuapsj8A5IFBAgEGAGSBQQIBRgEoAYugAfk6uI1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQya1E0ggRCIDhgBAQARhfMgKqAjoCgECACgHICwG4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTUyMDUwMDM5MTcyNDgyMzMYAA&sigh=EhnSsxF3OCA&uach_m=[UACH]&cid=CAQSGwDq26N9fbMuDQHiUvLHjuGzo71QNhKXkHnBaRgBIA4&template_id=484 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&slotname=2438225450&adk=4103414174&adf=4272225274&pi=t.ma~as.2438225450&w=1140&fwrn=4&fwrnh=100&lmt=1667784005&rafmt=1&format=1140x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908264169&bpp=4&bdt=407&idt=241&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=2581565166818&frm=20&pv=2&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IMheSrRrqf&p=https%3A//appsfire.co&dtd=260 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&slotname=2438225450&adk=4103414174&adf=4272225274&pi=t.ma~as.2438225450&w=1140&fwrn=4&fwrnh=100&lmt=1667784005&rafmt=1&format=1140x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908264169&bpp=4&bdt=407&idt=241&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=2581565166818&frm=20&pv=2&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IMheSrRrqf&p=https%3A//appsfire.co&dtd=260 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 08 Nov 2022 11:51:05 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Tue, 08 Nov 2022 11:51:05 GMT
GET H3	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/6528039975527766319/ Frame 3006	14 KB 14 KB	89ms 37ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/6528039975527766319/downsize_200k_v1?w=400&h=209 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&slotname=2438225450&adk=4103414174&adf=4272225274&pi=t.ma~as.2438225450&w=1140&fwrn=4&fwrnh=100&lmt=1667784005&rafmt=1&format=1140x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908264169&bpp=4&bdt=407&idt=241&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=2581565166818&frm=20&pv=2&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IMheSrRrqf&p=https%3A//appsfire.co&dtd=260 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b3f9e0eec5b585b86c19bc175b155922daf524f542bba4703c5d1675e0f01b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 08:01:25 GMT x-content-type-options nosniff age 100180 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14771 x-xss-protection 0 last-modified Fri, 06 Mar 2020 14:22:35 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 07 Nov 2023 08:01:25 GMT
GET H3	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/12716027339367561314/ Frame 3006	3 KB 3 KB	67ms 8ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12716027339367561314/downsize_200k_v1?w=100&h=100 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&slotname=2438225450&adk=4103414174&adf=4272225274&pi=t.ma~as.2438225450&w=1140&fwrn=4&fwrnh=100&lmt=1667784005&rafmt=1&format=1140x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908264169&bpp=4&bdt=407&idt=241&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=2581565166818&frm=20&pv=2&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IMheSrRrqf&p=https%3A//appsfire.co&dtd=260 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6689eac91c4d16353d523f0f3da1ad4a51faa1defbd3954182a4ac8d8ea6b909 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:47:34 GMT x-content-type-options nosniff age 493411 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2659 x-xss-protection 0 last-modified Fri, 27 Aug 2021 12:48:45 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 02 Nov 2023 18:47:34 GMT
GET DATA	200 OK	truncated / Frame 3006	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7e79d1fdc69e7a3e8a8cd88efed5c40624bf8c55483be9fd1803de34f0cab53f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Type image/png
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	46ms 46ms	Image text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=2926540591887640&bg=!YWKlYibNAAZPh4lnb4c7ACkAdvg8WkmYiRLETO867_OwtXDEwLJArYGUSCp4NbXDxKS7UtxxyTZXPgIAAABGUgAAAAVoAQcKAImkiAu3bEFOIpaETrctY2dNP06qB87-F0M97IlzTvMHdqAh56cOpwCN7iggOuggqlXR0C965VIigMZWB252iIpcWx_eK_ws2bg3Y9eZt8999y2nO7Rg76rW2kZ0hWy5NQNGVP6h7yH2bxpse7JDqKQ2lUZC0ckCmXAO1cbU1J4eIbgCNgjJiCLMLpkCkEVcsRZc2NFb_s11ES5z8fjawgj2OmW5cVLJzf0JOaDRxrQl6HIPxDkLH_zdmF7monK4G4liaDSBixy7oH7ZzsvCtByKVa4IVJZeV_kZa9HJJ_WegZXqaw7sAxaDBRG-7dJQ2fTykrhxXMpgMqAAGVQvmxlD6l5cYzEyfwRxAo-Vs_aemeqL3SnpPX8Z51pKYC2dkaduOyQMz-tIFZxq61Z9F945ewnpOUTDXRN-80iRvyGnLX_EhUnI0L8cXq2219nTwLywLhybnmjWyuQKp75Oa1f_M1GyCTk7pdSsVQNPetAGH0a_7Q8akAIVBQWtRH56xQsYGq0EH7pga8DqoD0jHZldBtSNbUEtmbZdouV0N8JKVwkg_lQzIrPxAwmL4aY4i5twlcbDlvjx9GDW9fonVcSeqVubCJpZLHDz3-rfl2EJdlEWJi9ssof0kd6d7A_4SUQGIOUsCVJTj7nsz5xxNSvKPy_8XuKcNspXhftbYUniHT-lCaEOQ0K4QAflNWCVWqToE0tSB6Yma79u1CA07qSvRwYkxEFmL3J_Tvr9REWnFlH-7RWRdFKbQ-Qczc6wVJDNni3T89YfX48bk2XxPUoIn1TJf81CRquMXX3GKZwLIL2EzYneLir5ZW8ngtQhiK9MiKb-v20IWC3vcnvX7HX0uy427NqhlI3NaFD3Eb35NDhr5aMm4lJzzqGHlUPUC-FF1daaB5hfT3OhWAGfoYClwGYwBVAYO4pBpHagxEojMEzYiBu9agNg9WAVqkeC7qmOWFFCaYPSxshBgQLBwi0Vj9ETKUxkSWFgfYMnH6LpwhCq00MZFsPoU5uxEGGUoeDPKReN5GY9Mnw303D_RAVX0k8mhhrRoYIJLuRK Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 3006	15 KB 16 KB	40ms 14ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 04 Nov 2022 20:40:44 GMT x-content-type-options nosniff age 313821 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 04 Nov 2023 20:40:44 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 3006	15 KB 16 KB	42ms 17ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 16:44:52 GMT x-content-type-options nosniff age 68773 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Nov 2023 16:44:52 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 3006	15 KB 15 KB	44ms 19ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 16:40:56 GMT x-content-type-options nosniff age 501009 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 02 Nov 2023 16:40:56 GMT
GET H3	200	nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response pagead2.googlesyndication.com/bg/ Frame A9C9	36 KB 15 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&slotname=2438225450&adk=4103414174&adf=4272225274&pi=t.ma~as.2438225450&w=1140&fwrn=4&fwrnh=100&lmt=1667784005&rafmt=1&format=1140x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908264169&bpp=4&bdt=407&idt=241&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=2581565166818&frm=20&pv=2&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=IMheSrRrqf&p=https%3A//appsfire.co&dtd=260 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 08:10:08 GMT content-encoding gzip x-content-type-options nosniff age 13257 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Thu, 20 Oct 2022 10:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 08 Nov 2023 08:10:08 GMT
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/	150 KB 51 KB	29ms 29ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 96585b7f0d0c17abcf3bfec016be78196fa16c8ec5d86bce5a504f6e4f1b93bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:05 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52276 x-xss-protection 0 server cafe etag 5369666133554135835 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Tue, 08 Nov 2022 11:51:05 GMT
GET H3	200	css2 fonts.googleapis.com/	606 B 388 B	33ms 16ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Google+Material+Icons:wght@400;500;700 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9e132e6ec1f3853fe883cd3eb4e56a97ef75da3de1f47c930b83a5e70dc886c5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 08 Nov 2022 11:51:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 08 Nov 2022 11:51:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 08 Nov 2022 11:51:05 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-5205003917248233&c=17&e=44776449&h=appsfire.co&ld=en&lx=ar&m=29&n=0&o=sl&p=442&t=0&w=1684&x=7&sap=0&tap=1&bap=1&nsr=0&im=0&mo=0&hesa=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	36ms 17ms	Script application/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=appsfire.co Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:05 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	34ms 18ms	Script application/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=appsfire.co Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://appsfire.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:05 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 8B51	75 KB 31 KB	888ms 888ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ed5787d97a687aa6f03cf2dac4442264ed6216270a7d6944ad38893d46fb7456 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://appsfire.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-encoding br content-length 31246 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:51:06 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame D838	75 KB 31 KB	694ms 693ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e625d7a9e1c6d2e771a08f1f770bf7f6756e0ea4165ffb94af0249eb06109949 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://appsfire.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-encoding br content-length 31379 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:51:06 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/ Frame 891E	10 KB 4 KB	8ms 7ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://appsfire.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1772 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:21:33 GMT etag 2424782735605397694 expires Tue, 22 Nov 2022 11:21:33 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	6ab016790426e7d037bac2fbd741d34d.js Show response www.gstatic.com/mysidia/ Frame 891E	9 KB 4 KB	25ms 8ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/6ab016790426e7d037bac2fbd741d34d.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13697b2938b3527230451d30c39cd2212348f6e36d5c6f2bd373c57bd153cad7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 08:51:22 GMT content-encoding gzip x-content-type-options nosniff age 442783 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4168 x-xss-protection 0 last-modified Mon, 31 Oct 2022 22:32:29 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 01 Feb 2023 08:51:22 GMT
GET H3	200	40f44225e0a1c31e628c89e0882e5f2b.js Show response www.gstatic.com/mysidia/ Frame 891E	10 KB 4 KB	26ms 9ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/40f44225e0a1c31e628c89e0882e5f2b.js?tag=text/vanilla_highlight Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 01 Nov 2022 19:20:33 GMT content-encoding gzip x-content-type-options nosniff age 577832 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4273 x-xss-protection 0 last-modified Thu, 27 Oct 2022 19:54:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 30 Jan 2023 19:20:33 GMT
GET H3	200	error_handler.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 891E	7 KB 3 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/error_handler.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0e14e8eaae88081e226f2ad0dda29bd3389bc59183d066734ead9d10d3bfaa72 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 16:16:01 GMT content-encoding br x-content-type-options nosniff age 70504 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3132 x-xss-protection 0 server cafe etag 18405294637493023780 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 21 Nov 2022 16:16:01 GMT
GET H3	200	css fonts.googleapis.com/ Frame 891E	8 KB 895 B	20ms 19ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 08 Nov 2022 11:51:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 08 Nov 2022 11:14:26 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 08 Nov 2022 11:51:05 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 891E	154 KB 47 KB	39ms 22ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48209 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1667824238049716" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 08 Nov 2022 11:51:05 GMT
GET H3	200	0d3fd3b530a886383bd6b91513e5ed38.js Show response www.gstatic.com/mysidia/ Frame 891E	34 KB 14 KB	24ms 9ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 20:18:51 GMT content-encoding gzip x-content-type-options nosniff age 401534 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14033 x-xss-protection 0 last-modified Mon, 31 Oct 2022 22:32:29 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 01 Feb 2023 20:18:51 GMT
GET H3	200	subresource.wbn tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 891E	0 51 KB	29ms 9ms	Other application/webbundle	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/subresource.wbn Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 20:43:03 GMT content-encoding br x-content-type-options nosniff age 54482 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51748 x-xss-protection 0 server cafe etag 18211200228657591791 vary Accept-Encoding content-type application/webbundle access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 21 Nov 2022 20:43:03 GMT
POST H3	204	ping pagead2.googlesyndication.com/pagead/	0 0	43ms 42ms	Fetch text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ping?e=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5205003917248233&plah=appsfire.co Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://appsfire.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H/1.1	200 OK	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 891E	2 KB 2 KB	7ms 7ms	Script text/javascript
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol HTTP/1.1 Server -, , ASN (), Reverse DNS Software / Resource Hash 751d553428d5a12f48713eded93b897b76a86182d7636ab668da62efaa55b100 Security Headers Name Value X-Content-Type-Options nosniff, nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers access-control-allow-origin * X-Content-Type-Options nosniff, nosniff content-type text/javascript; charset=utf-8
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 891E	0 0	54ms 53ms	Fetch text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CwDzMqEJqY6eSIPPAj-8PsOSywA7yqqTrbOi1h4fwD64CEAEgv8yYQ2CVqpSCoAegAZmYrdsDyAEBqAMByAPLBKoE5AFP0KCHAgSNQ3Q9jxbOQrIfJN-c5Mk3zBziYc6TUO3LnvdXr-9WI_Kqjwjk0GbNT2U1BKxLbRBJxpJSPicQfE88P0E-2iI3pX0MGna2J8XfZBh-VUh8e1pROQpGoOFI2zxCLwd-cbcXbftBnA6dMJ-gOLnFzdIIf2tSLnE0_acKQHvTuV087U0mtPD7EIrR6kxdSSuuBG0iFQmpAUiLiKCRFeRFlLbgj8wzVMtDGLGMlOxhrDnxwfrTZS_Thbm6wgYur_jbRx-KYicYndIFrl95-LCq6A-JzZkLGW-lGN4voUAGfM3ABN6-k7b-A5IFBAgEGAGSBQQIBRgEgAfP59IkqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ--0W0ggRCIDhgBAQARhfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItNTIwNTAwMzkxNzI0ODIzMxgA&sigh=XZBD7w0QIa8&uach_m=[UACH]&cid=CAQSGwDq26N9goPczs-ApfbKkwlXJFh-Cnam7nlpfxgBIA4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 08 Nov 2022 11:51:05 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H/1.1	200 OK	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 891E	23 KB 23 KB	6ms 6ms	Script text/javascript
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol HTTP/1.1 Server -, , ASN (), Reverse DNS Software / Resource Hash e652cb5e69552aed5fa1491d622979f5d5ee494ba528d80e4508effb655a2fad Security Headers Name Value X-Content-Type-Options nosniff, nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers access-control-allow-origin * X-Content-Type-Options nosniff, nosniff content-type text/javascript; charset=utf-8
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 0D7A	143 B 166 B	8ms 7ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 2141 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:15:24 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 891E	3 KB 3 KB	0ms 0ms	Script text/javascript
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol HTTP/1.1 Server -, , ASN (), Reverse DNS Software / Resource Hash b2286ec341537b6ac60edddc2db84438c2cce9c6629f3cd633ae139d6cd741de Security Headers Name Value X-Content-Type-Options nosniff, nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers access-control-allow-origin * X-Content-Type-Options nosniff, nosniff content-type text/javascript; charset=utf-8
GET H/1.1	200 OK	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 891E	18 KB 18 KB	0ms 0ms	Script text/javascript
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol HTTP/1.1 Server -, , ASN (), Reverse DNS Software / Resource Hash f51b910ee1ddcecb61aa5d6230240971ff8437ff36fc24f95897471e7e5f510c Security Headers Name Value X-Content-Type-Options nosniff, nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers access-control-allow-origin * X-Content-Type-Options nosniff, nosniff content-type text/javascript; charset=utf-8
GET DATA	200 OK	truncated / Frame 891E	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2111d0f36d07db3d69b02cf583b67888bff6b2ec6ddd240bdd41d70b5c1bfdfc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Type image/png
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 0D7A Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 18 B	21ms 21ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:51:06 GMT expires Tue, 08 Nov 2022 11:51:06 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:51:05 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response pagead2.googlesyndication.com/bg/ Frame 4033	36 KB 15 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 08:10:08 GMT content-encoding gzip x-content-type-options nosniff age 13257 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Thu, 20 Oct 2022 10:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 08 Nov 2023 08:10:08 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 3006	42 B 64 B	45ms 45ms	Fetch image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4UHiO7SzhcyLSVqRpy1xqbdbM3--OLusoHCfFsBO5Q4vzP304WmqFkgbh5UWvJPhAM8D_jCsjiLW_LNYxSFMRCSpQHt7rV6tQQ-fyoeHjjDU1RsR4TXtNi_tXDzhYLtUTjK1AiQ&sai=AMfl-YQQ-9-R2FRrpEMMFuoLRPcR27Srb2Kpp3ECKe4KG_wdsOfdEXdHpzzDZYDTfln_g5gCK3B192XEj-ZPdMo&sig=Cg0ArKJSzGOmX5qBlzoEEAE&cid=CAQSGwDq26N9fbMuDQHiUvLHjuGzo71QNhKXkHnBaRgBIA4&id=lidar2&mcvt=1000&p=0,0,280,1140&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221107&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4103414174&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667908264430&rpt=807&met=mue&wmsd=0&pbe=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	15597994596663640079 tpc.googlesyndication.com/simgad/ Frame D838	56 KB 56 KB	10ms 9ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15597994596663640079?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmpNihwHrYirKx9-M0wu8TrQFnzKQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e20c3e54e7b13876258546aa2b05156d890651256d8525420a5e015516d8703c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 00:40:20 GMT x-content-type-options nosniff age 40246 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 56890 x-xss-protection 0 last-modified Wed, 17 Nov 2021 09:20:48 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 08 Nov 2023 00:40:20 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame D838	23 KB 9 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 14:03:04 GMT content-encoding br x-content-type-options nosniff age 78482 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9180 x-xss-protection 0 server cafe etag 12585499704757265805 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 21 Nov 2022 14:03:04 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame D838	3 KB 1 KB	11ms 9ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:29:57 GMT content-encoding br x-content-type-options nosniff age 1269 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 22 Nov 2022 11:29:57 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame D838	17 KB 7 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 14:38:45 GMT content-encoding br x-content-type-options nosniff age 76341 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7305 x-xss-protection 0 server cafe etag 12747696668401323709 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 21 Nov 2022 14:38:45 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame D838	0 0	16ms 15ms	Image text/html	2a00:1450:4001:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHr9g_XcKKL2gmZs6Tz8mEsUXszDb2v-MTmPs2tD15BYeZe33AJqaFwaxSiU2YPKmvJBvR4E4aH6rgTiIKpTiZ2j_VPg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D838	154 KB 47 KB	26ms 24ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:06 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48209 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1667824238049716" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 08 Nov 2022 11:51:06 GMT
GET H3	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame D838	33 KB 13 KB	11ms 10ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6a7c8b587c68526f2c60fd49e7ee891628f72fe2d826a9c4d9d4ddeb1127eaca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 15:07:54 GMT content-encoding br x-content-type-options nosniff age 74592 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13493 x-xss-protection 0 server cafe etag 7904785543377395088 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 21 Nov 2022 15:07:54 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame D838	0 0	54ms 53ms	Fetch text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Cy4gjqUJqY9iYNL210_wPw5qw-AeWv7aTbYDq5Z31ENnZHhABIL_MmENglaqUgqAHoAGcr_uoAsgBAqgDAcgDyQSqBOUBT9Bgvdh-sUmtgEoHeLilwUiIndoZdPR-4qyc91hKOYl935w1NyCk5YdoAduBOdPh1_LCmtdtXoQCf-Fuki99BvCOa50RV7LSx-I9nZZHZ5bqVhi6P0XknjLRSPSID4tbWD3OOtwghT5GOXk8ragXwbSzE_1UDxUhuroKLsfi_rtVNT1GLQuSPdpi_lDfYUemcLX1GMuIp6fCaVwaspIbvDiDiuQuid-JurJsf1MjNPecVsqRwgXc0DvpV7qG3SYIGr0uwtYE1AqJkmXVcleiG77U3ggfkR3PQEFDOWpKjVqmVmHmMsAEu-e_pJwEkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ3L4E0ggRCIDhgBAQARhfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTIwNTAwMzkxNzI0ODIzMxgA&sigh=xdMNzLRUwFc&uach_m=[UACH]&cid=CAQSKQDq26N9kgiQ_v1lToNsUOj-WmRuC7Zy3W5jPsMH-3Ln5WRAzd6PaUOCGAEgDg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 08 Nov 2022 11:51:06 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 4FCB	143 B 166 B	10ms 7ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 2142 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:15:24 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 5B4D	1 KB 643 B	10ms 9ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 77606 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 07 Nov 2022 14:17:40 GMT etag 48472445140208031 expires Tue, 08 Nov 2022 14:17:40 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame D838	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 45abb4c0b6f1b230d91146504f978008bedba491ee6496914f68348dad8552f2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Type image/png
GET H2	200	dpixel cms.quantserve.com/ Frame 5B4D	35 B 463 B	46ms 12ms	Image image/gif	2620:116:800d:21:b314:a0ef:ab7c:d546 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEDGFw8f_m2GE1iE5nOoBB0&google_cver=1&google_push=ASkJ3FYxtrRSxS6YWc5m9cJEykZCVlPDMJXxUleQvLKzJeqSdxTx7oalXPrwtHOoZLMKQQ7HSuOpf0lgHTmkPc2QBKaKJXU0M_TijeY Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5B4D Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELwXgu7u4Iu8HmAXaQMCzeQ&google_cver=1&google_push=ASkJ3FYbszaN7r28Om-iXESr7qW2lXg0PkS_KfciDT9vMNelfmWghCiUjIeU3caKsV08Qb5kzu_gF-J5ysmytEP8... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYbszaN7r28Om-iXESr7qW2lXg0PkS_KfciDT9vMNelfmWghCiUjIeU3caKsV08Qb5kzu_gF-J5ysmytEP8_1MDhDfo_sckAg	170 B 188 B	39ms 23ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYbszaN7r28Om-iXESr7qW2lXg0PkS_KfciDT9vMNelfmWghCiUjIeU3caKsV08Qb5kzu_gF-J5ysmytEP8_1MDhDfo_sckAg Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Tue, 08 Nov 2022 11:51:06 GMT Server MT3 4629 97bee97 master cdg-pixel-x24 config:1.0.0 Content-Type image/gif Access-Control-Allow-Origin * location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYbszaN7r28Om-iXESr7qW2lXg0PkS_KfciDT9vMNelfmWghCiUjIeU3caKsV08Qb5kzu_gF-J5ysmytEP8_1MDhDfo_sckAg P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Tue, 08 Nov 2022 11:51:05 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5B4D Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEKXWsI9g5YdiLe9YQeg3e0I&google_cver=1&google_push=ASkJ3FasV409RusBC2PuPdpKvKfYNIKIawMO-Ux4P0MSh7I5Bd2JFNSg3-ZRthTl2vN4eDPHjHgSyv_IRbJV9ZVZRJw8YoXVyjBZNlM https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=13621A62EC624457BFD92123DCCABF6F&google_push=ASkJ3FasV409RusBC2PuPdpKvKfYNIKIawMO-Ux4P0MSh7I5Bd2JFNSg3-ZRthTl2vN4eDPHjHgSyv_IRbJV9ZV...	170 B 188 B	33ms 18ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=13621A62EC624457BFD92123DCCABF6F&google_push=ASkJ3FasV409RusBC2PuPdpKvKfYNIKIawMO-Ux4P0MSh7I5Bd2JFNSg3-ZRthTl2vN4eDPHjHgSyv_IRbJV9ZVZRJw8YoXVyjBZNlM Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 08 Nov 2022 11:51:06 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=13621A62EC624457BFD92123DCCABF6F&google_push=ASkJ3FasV409RusBC2PuPdpKvKfYNIKIawMO-Ux4P0MSh7I5Bd2JFNSg3-ZRthTl2vN4eDPHjHgSyv_IRbJV9ZVZRJw8YoXVyjBZNlM access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 07 Nov 2022 11:51:06 GMT
GET H2	204	pixelSync pixel-sync.sitescout.com/dmp/ Frame 5B4D	0 191 B	156ms 90ms	Image text/plain	66.155.71.25 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEPovA906IsdWHJqAS5_oac8&google_cver=1&google_push=ASkJ3FZGy-f20ZDxuF0gXP-AgDA4_ws4-jkIaUOhdTia4lqu7mIj2ICkwM8HpvLS7wokzmHdLCShuT-ZGr9gDjYjLhE7BxIp0hi8904 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" pragma no-cache date Tue, 08 Nov 2022 11:51:05 GMT cache-control max-age=0,no-cache,no-store server AC1.1 expires Tue, 11 Oct 1977 12:34:56 GMT
GET H2	200	dds rtb.openx.net/sync/ Frame 5B4D	43 B 350 B	48ms 18ms	Image image/gif	35.227.252.103 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.openx.net/sync/dds?google_gid=CAESEFGup947p1_zH7TGFWGsHP0&google_cver=1&google_push=ASkJ3FaPoKjJvdMkETo8YTm2ki7u6Y3vCD7KidwZPxnzpKHRz8mT0l5w7MpBnqOmEe_Ahh-thlfWsLU_rYds7bf4Hxy6Jvo5nMsCOiI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 103.252.227.35.bc.googleusercontent.com Software Cowboy / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT via 1.1 google server Cowboy vary Origin p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-request-id 23o2dga6fhasb0g00a4b51phfem33rpr
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5B4D Redirect Chain https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFUjXufl2Vk5fE401XQhZF8&google_cver=1&google_push=ASkJ3FZ0WnSZCGWDqKJsc8RGY84a38kJGJvbIx6IO7iBZ09d2WKgdPmO93txHJhyPW6Lnp6g7BYc8FOlvyIftBI_... https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FZ0WnSZCGWDqKJsc8RGY84a38kJGJvbIx6IO7iBZ09d2WKgdPmO93txHJhyPW6Lnp6g7BYc8FOlvyIftBI_N8aoL5y_pwXLvig	170 B 188 B	42ms 20ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FZ0WnSZCGWDqKJsc8RGY84a38kJGJvbIx6IO7iBZ09d2WKgdPmO93txHJhyPW6Lnp6g7BYc8FOlvyIftBI_N8aoL5y_pwXLvig Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 08 Nov 2022 11:51:06 GMT via 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA56-P5 x-cache FunctionGeneratedResponse from cloudfront p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FZ0WnSZCGWDqKJsc8RGY84a38kJGJvbIx6IO7iBZ09d2WKgdPmO93txHJhyPW6Lnp6g7BYc8FOlvyIftBI_N8aoL5y_pwXLvig cache-control no-cache, must-revalidate content-length 0 x-amz-cf-id ttvqNjK47gCU6Z6GbYKIqQa8f-ZVqYEfpVdAkpRcEB5sbz3WCvGuUg==
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5B4D Redirect Chain https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FZVbi43AhrhyjIuhgEu_MDR2RtGuoohqZOm... https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FZVbi43AhrhyjIuhgEu_MDR2RtGuo... https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f8ac701-d411-4f3e-af7d-395879a46c87&&google_push=ASkJ3FZVbi43AhrhyjIuhgEu_MDR2RtGuoohqZOmb-vpQRBjVqU3jS_hAc8DS4Vv3oPs-FrJyF...	170 B 188 B	22ms 20ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f8ac701-d411-4f3e-af7d-395879a46c87&&google_push=ASkJ3FZVbi43AhrhyjIuhgEu_MDR2RtGuoohqZOmb-vpQRBjVqU3jS_hAc8DS4Vv3oPs-FrJyFFELU7TXseAqe7Wx_TCjwRtonsUffE Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f8ac701-d411-4f3e-af7d-395879a46c87&&google_push=ASkJ3FZVbi43AhrhyjIuhgEu_MDR2RtGuoohqZOmb-vpQRBjVqU3jS_hAc8DS4Vv3oPs-FrJyFFELU7TXseAqe7Wx_TCjwRtonsUffE Date Tue, 08 Nov 2022 11:51:06 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 5B4D	0 232 B	59ms 16ms	Image text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KVbjIbSYca5pjhpyh1LmUHJmC-GPF9v40Hsy1FYcofjDzelgsKIUVtraizApPeftvsJlLZ8w Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:06 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 4FCB Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	21ms 20ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:51:06 GMT expires Tue, 08 Nov 2022 11:51:06 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:51:06 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response pagead2.googlesyndication.com/bg/ Frame 722A	36 KB 15 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=1937637455&pi=t.aa~a.3430552284~i.20~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2004&idt=1&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0%2C603x280&nras=3&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=IhX9pq8W4d&p=https%3A//appsfire.co&dtd=13 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 08:10:08 GMT content-encoding gzip x-content-type-options nosniff age 13258 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Thu, 20 Oct 2022 10:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 08 Nov 2023 08:10:08 GMT
GET H3	200	15597994596663640079 tpc.googlesyndication.com/simgad/ Frame 8B51	56 KB 56 KB	9ms 8ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15597994596663640079?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmpNihwHrYirKx9-M0wu8TrQFnzKQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e20c3e54e7b13876258546aa2b05156d890651256d8525420a5e015516d8703c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 00:40:20 GMT x-content-type-options nosniff age 40246 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 56890 x-xss-protection 0 last-modified Wed, 17 Nov 2021 09:20:48 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 08 Nov 2023 00:40:20 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 8B51	23 KB 9 KB	10ms 10ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 14:03:04 GMT content-encoding br x-content-type-options nosniff age 78482 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9180 x-xss-protection 0 server cafe etag 12585499704757265805 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 21 Nov 2022 14:03:04 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 8B51	3 KB 1 KB	14ms 10ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:29:57 GMT content-encoding br x-content-type-options nosniff age 1269 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 22 Nov 2022 11:29:57 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 8B51	17 KB 7 KB	14ms 11ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 14:38:45 GMT content-encoding br x-content-type-options nosniff age 76341 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7305 x-xss-protection 0 server cafe etag 12747696668401323709 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 21 Nov 2022 14:38:45 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 8B51	0 0	19ms 15ms	Image text/html	2a00:1450:4001:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMFd4sOVMdjvtyG7hiwjbRep-h09y4tvgVRZN9H83XlwcpyKx_W686Yy9zMr8xLBM3Bx0opV8BFVaL_w-uA-xDXbscgQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8B51	154 KB 47 KB	28ms 24ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:06 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48209 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1667824238049716" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 08 Nov 2022 11:51:06 GMT
GET H3	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 8B51	33 KB 13 KB	15ms 11ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6a7c8b587c68526f2c60fd49e7ee891628f72fe2d826a9c4d9d4ddeb1127eaca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 15:07:54 GMT content-encoding br x-content-type-options nosniff age 74592 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13493 x-xss-protection 0 server cafe etag 7904785543377395088 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 21 Nov 2022 15:07:54 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 8B51	0 0	54ms 51ms	Fetch text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CK9O-qUJqY4r2M8PA0_wPo6ycwAmWv7aTbYDq5Z31ENnZHhABIL_MmENglaqUgqAHoAGcr_uoAsgBAqgDAcgDyQSqBOUBT9CRDBbZzLPne1ntfrO2K_1LcIjezxJveLGrzBIHKj3R9WEZmLg7Xyh9lP8-XDCf-K4ywrT6YNDR7HaYbbjz0hwRnb39raFdgbP-ze_820d3mG0_IiLBa8T0Fp5dKnx0FSWjR-VGJocuWgkmqVUAmF3A9GHBBrDcuUe0KNvuySRI4HoF-OW-ScVRZtpMnHqCNPfPhV0_loQEAifDYY3nq6aKxQKngDUDCwGly5aUhtT0yttZ1nDen0QpLkWcmufS2uERzW_JjWDFXLgKgsZiy46T5adHPZh_9wk0xF-Xhog46FTl2sAEu-e_pJwEkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQrucD0ggRCIDhgBAQARhfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTIwNTAwMzkxNzI0ODIzMxgA&sigh=9EdC_9dvCwI&uach_m=[UACH]&cid=CAQSKQDq26N9_-IdqUP-95hgB7KCg5FHZOBRwUvdYg8HAlO3TO7WQNqFQMJiGAEgDg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 08 Nov 2022 11:51:06 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 0286	143 B 166 B	12ms 11ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 2142 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:15:24 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 8B59	1 KB 643 B	13ms 8ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 77606 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 07 Nov 2022 14:17:40 GMT etag 48472445140208031 expires Tue, 08 Nov 2022 14:17:40 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 8B51	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7e75286622301dea747c089ac22d9bfedb4a61495687cf040935ad9da096e241 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Type image/png
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8B59 Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEKXWsI9g5YdiLe9YQeg3e0I&google_cver=1&google_push=ASkJ3FYZucJl1c1bDTfnPVGIz7F_AZRnIFqxEgFo6r6ThVcbWvCvRzCaM9PetxLRzEJzSPXRluYL4hCLdzqSs9MJ1w1RSSIoDSZ3ug https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=13621A62EC624457BFD92123DCCABF6F&google_push=ASkJ3FYZucJl1c1bDTfnPVGIz7F_AZRnIFqxEgFo6r6ThVcbWvCvRzCaM9PetxLRzEJzSPXRluYL4hCLdzqSs9M...	170 B 188 B	19ms 18ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=13621A62EC624457BFD92123DCCABF6F&google_push=ASkJ3FYZucJl1c1bDTfnPVGIz7F_AZRnIFqxEgFo6r6ThVcbWvCvRzCaM9PetxLRzEJzSPXRluYL4hCLdzqSs9MJ1w1RSSIoDSZ3ug Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 08 Nov 2022 11:51:06 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=13621A62EC624457BFD92123DCCABF6F&google_push=ASkJ3FYZucJl1c1bDTfnPVGIz7F_AZRnIFqxEgFo6r6ThVcbWvCvRzCaM9PetxLRzEJzSPXRluYL4hCLdzqSs9MJ1w1RSSIoDSZ3ug access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Mon, 07 Nov 2022 11:51:06 GMT
GET H2	200	google match.adsrvr.org/track/cmf/ Frame 8B59	70 B 265 B	106ms 33ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBlLn2HdIe5BOQ7_4szOdUA&google_cver=1&google_push=ASkJ3Fbez4ZHSq_yaUxtynl8GXGIxfGw1j-rct7tPIdMmjw9nJQwthm_7KhmDO7dp9QKwVwgOb9Ghy8CeAAosIdCCd4P1VmEgIpMkQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers content-type image/gif pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8B59 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKgZMfnfiEdv37JK25_9h2Y&google_cver=1&google_push=ASkJ3FZU7A52BrxmOKmFHlH2mc-R8TFvtph9CQnBA1beJzAP2KuBExW4D3ieptG5xYJpDz5OvLB72jlO... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKgZMfnfiEdv37JK25_9h2Y&google_cver=1&google_push=ASkJ3FZU7A52BrxmOKmFHlH2mc-R8TFvtph9CQnBA1beJzAP2KuBExW4D3ieptG5xYJpDz5OvLB... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk2ODg0ODY3MjE5OTgxMTE5OQ&google_push=ASkJ3FZU7A52BrxmOKmFHlH2mc-R8TFvtph9CQnBA1beJzAP2KuBExW4D3ieptG5xYJpDz5OvLB72j...	170 B 188 B	20ms 20ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk2ODg0ODY3MjE5OTgxMTE5OQ&google_push=ASkJ3FZU7A52BrxmOKmFHlH2mc-R8TFvtph9CQnBA1beJzAP2KuBExW4D3ieptG5xYJpDz5OvLB72jlO7FaLHWR6qv_zi8baa3hIjQ Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk2ODg0ODY3MjE5OTgxMTE5OQ&google_push=ASkJ3FZU7A52BrxmOKmFHlH2mc-R8TFvtph9CQnBA1beJzAP2KuBExW4D3ieptG5xYJpDz5OvLB72jlO7FaLHWR6qv_zi8baa3hIjQ access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	dds rtb.openx.net/sync/ Frame 8B59	43 B 64 B	72ms 60ms	Image image/gif	35.227.252.103 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.openx.net/sync/dds?google_gid=CAESEFGup947p1_zH7TGFWGsHP0&google_cver=1&google_push=ASkJ3FancTltt5lxhi2vtmR6HwqzAJjc2G1nyrPAYKiR1ao50ay5y-YKoiNWWI-fXEkui0myQx0m_WVa2Kw9hqbz6GkRxNfMPjttoQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 103.252.227.35.bc.googleusercontent.com Software Cowboy / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT via 1.1 google server Cowboy vary Origin p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-request-id qo9g40ic50u37m4d3osuqrrsndlp89td
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8B59 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJMJ4QStW00UQj3ATQetY0I&google_cver=1&google_push=ASkJ3FbyleNCGC4Spm1WoLLISEZZpaP_3U-BFJ4LCxmc4iRb-Rj_J50TpaO2LmtJcqDM4vv_8e6... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE4NUlOQUEtUy0yT05I&google_push=ASkJ3FbyleNCGC4Spm1WoLLISEZZpaP_3U-BFJ4LCxmc4iRb-Rj_J50TpaO2LmtJcqDM4vv_8e6zbuMwaiPyNg9FGZv1PlK096ivWw	170 B 188 B	19ms 19ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE4NUlOQUEtUy0yT05I&google_push=ASkJ3FbyleNCGC4Spm1WoLLISEZZpaP_3U-BFJ4LCxmc4iRb-Rj_J50TpaO2LmtJcqDM4vv_8e6zbuMwaiPyNg9FGZv1PlK096ivWw Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE4NUlOQUEtUy0yT05I&google_push=ASkJ3FbyleNCGC4Spm1WoLLISEZZpaP_3U-BFJ4LCxmc4iRb-Rj_J50TpaO2LmtJcqDM4vv_8e6zbuMwaiPyNg9FGZv1PlK096ivWw Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 78e3bdce5107450057bade54d54a0a7e Expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8B59 Redirect Chain https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN... https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FY_nGbRY8Ydt1AMWkYphzljNPt2FHxtO0iBBvgWVAQtnh5OBnsnLfNbAt1l6FFq3Fu20e8SR6oHl04QAiMAFTSTJOU826ELWw&redir=https%3A%2F%2Fcm.g.dou... https://sync.targeting.unrulymedia.com/csync/RX-250e3024-ef01-4f87-85cc-ba5987d3e351-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FY_nGbRY8Ydt1AMWkYph... https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FY_nGbRY8Ydt1AMWkYphzljNPt2FHxtO0iBBvgWVAQtnh5OBnsnLfNbAt1l6FFq3Fu20e8SR6oHl04QAiMAFTSTJOU826ELWw&google_hm=AyUOMCTvAU-Hhcy6WYfT41E	170 B 188 B	19ms 19ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FY_nGbRY8Ydt1AMWkYphzljNPt2FHxtO0iBBvgWVAQtnh5OBnsnLfNbAt1l6FFq3Fu20e8SR6oHl04QAiMAFTSTJOU826ELWw&google_hm=AyUOMCTvAU-Hhcy6WYfT41E Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FY_nGbRY8Ydt1AMWkYphzljNPt2FHxtO0iBBvgWVAQtnh5OBnsnLfNbAt1l6FFq3Fu20e8SR6oHl04QAiMAFTSTJOU826ELWw&google_hm=AyUOMCTvAU-Hhcy6WYfT41E date Tue, 08 Nov 2022 11:51:06 GMT p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" etag RX250e3024ef014f8785ccba5987d3e351003 content-type text/html
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8B59 Redirect Chain https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEQ8QSnJwdfy4ioD65wRC1M&google_cver=1&google_push=ASkJ3FY5tPJgylFinenQ4-Cdvz-c-WPsGlIpOQ5d79L9U93bDS0BKFZesEJbUrDrgdp7Uf2miq... https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEQ8QSnJwdfy4ioD65wRC1M&google_cver=1&google_push=ASkJ3FY5tPJgylFinenQ4-Cdvz-c-WPsGlIpOQ5d79L9U93bDS0BKFZesEJbUrDrgdp7Uf2miq... https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wSWhBT05sRTJ1RlgwclMzalFqZ3QubDJ4UWlOVFpWZX5B&google_push=ASkJ3FY5tPJgylFinenQ4-Cdvz-c-WPsGlIpOQ5d79L9U93bDS0BKFZes...	170 B 188 B	18ms 18ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wSWhBT05sRTJ1RlgwclMzalFqZ3QubDJ4UWlOVFpWZX5B&google_push=ASkJ3FY5tPJgylFinenQ4-Cdvz-c-WPsGlIpOQ5d79L9U93bDS0BKFZesEJbUrDrgdp7Uf2miquInbvHK2XkzefJZY2q_IvwdPyjr-U Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wSWhBT05sRTJ1RlgwclMzalFqZ3QubDJ4UWlOVFpWZX5B&google_push=ASkJ3FY5tPJgylFinenQ4-Cdvz-c-WPsGlIpOQ5d79L9U93bDS0BKFZesEJbUrDrgdp7Uf2miquInbvHK2XkzefJZY2q_IvwdPyjr-U date Tue, 08 Nov 2022 11:51:06 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 8B59	0 12 B	17ms 16ms	Image text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JYvY-ias_PxgySwx5jdjfxOjEmkQkk6xIA0sVYrCXLiVoLfrqIt7aZOjoAbcBwhZCmHwvsFQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 11:51:06 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 0286 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	28ms 27ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:51:06 GMT expires Tue, 08 Nov 2022 11:51:06 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 08 Nov 2022 11:51:06 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response pagead2.googlesyndication.com/bg/ Frame 4F80	36 KB 15 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5205003917248233&output=html&h=280&adk=2707222990&adf=2230191360&pi=t.aa~a.3430552284~i.16~rp.4&w=603&fwrn=4&fwrnh=100&lmt=1667784005&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4439319166&ad_type=text_image&format=603x280&url=https%3A%2F%2Fappsfire.co%2Fen%2Fwindwos%2Fdownload-selfishnet&fwr=0&pra=3&rh=151&rw=603&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667908265765&bpp=1&bdt=2003&idt=-M&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x280%2C0x0&nras=2&correlator=2581565166818&frm=20&pv=1&ga_vid=740998812.1667908264&ga_sid=1667908264&ga_hid=477193522&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=3560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775017%2C44776449&oid=2&psts=AMjMPc0xYZfxaMb1JdpJBs7nnNBY4D3VaNFEjo8hEgE8tsTQ2XBIqDguviy4lyTnLsE6SMN2PrF_OqRJtvftw5I&pvsid=2926540591887640&tmod=1748883529&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=A4XqglV3XO&p=https%3A//appsfire.co&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 08:10:08 GMT content-encoding gzip x-content-type-options nosniff age 13258 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Thu, 20 Oct 2022 10:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 08 Nov 2023 08:10:08 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 891E	42 B 64 B	46ms 45ms	Fetch image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuofOAlK3enQdsk2WwEm9unRg80J3xtEqWpMqQiJX0g62Z1-rIb6lOjg2sjVaJnv48Dhnpo0w2H7jI0ouPN2Tz_Lg3DzrSi2ezpnlNKyymElpcuoQjWQY-WPODFJUOWigOk5DnKuw&sai=AMfl-YRVZyrP8kyFWT2dyCVMqxpLsZL86JCGV7OkRyCBDvo3w2TwBzoaU1b4p_5XtJycaTBXIit-o_Ms8ao5b_I&sig=Cg0ArKJSzNrea6j9BrGEEAE&cid=CAQSGwDq26N9goPczs-ApfbKkwlXJFh-Cnam7nlpfxgBIA4&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=84,767,1000,1116,1278&tos=84,683,233,116,162&v=20221107&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667908265813&rpt=124&met=mue&wmsd=0&pbe=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 11:51:07 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT