sgx-mobile.en.aptoide.com Open in urlscan Pro
34.248.244.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sgx-mobile.en.aptoide.com/
Effective URL:
https://sgx-mobile.en.aptoide.com/app
Submission: On July 20 via manual (July 20th 2021, 10:51:48 pm UTC) from SG

Summary HTTP 248 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 23 domains to perform 248 HTTP transactions. The main IP is 34.248.244.124, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is sgx-mobile.en.aptoide.com.
TLS certificate: Issued by Amazon on May 7th 2021. Valid for: a year.

This is the only time sgx-mobile.en.aptoide.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	34.248.244.124 34.248.244.124	16509 (AMAZON-02) (AMAZON-02)
50	2606:4700:10:... 2606:4700:10::ac43:1dce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 28	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
3	2600:9000:218... 2600:9000:2182:5000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700:10:... 2606:4700:10::6816:b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	13.226.159.94 13.226.159.94	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:e200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	34.252.202.225 34.252.202.225	16509 (AMAZON-02) (AMAZON-02)
4 10	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
2	3.120.90.149 3.120.90.149	16509 (AMAZON-02) (AMAZON-02)
2	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
2 12	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 4	209.54.178.82 209.54.178.82	16509 (AMAZON-02) (AMAZON-02)
2 2	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
248	32

6 34.248.244.124 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-244-124.eu-west-1.compute.amazonaws.com

sgx-mobile.en.aptoide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
en.aptoide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2606:4700:10::ac43:1dce (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-mobile.aptoide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws2-cache.aptoide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.181.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

spn-v1.revampcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2182:5000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::6816:b53 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn6.aptoide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-94.dus51.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:e200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.252.202.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-202-225.eu-west-1.compute.amazonaws.com

ws75.aptoide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.33.220.242 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.90.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-90-149.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (Dublin, Ireland) 2 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.178.82 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.127 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	aptoide.com 1 redirects sgx-mobile.en.aptoide.com cdn-mobile.aptoide.com cdn6.aptoide.com en.aptoide.com ws75.aptoide.com ws2-cache.aptoide.com	973 KB
53	googlesyndication.com f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	414 KB
41	doubleclick.net 3 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	720 KB
16	ampproject.org cdn.ampproject.org	318 KB
14	3lift.com 2 redirects tlx.3lift.com eb2.3lift.com	7 KB
12	google.com 1 redirects adservice.google.com www.google.com	2 KB
12	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com	40 KB
6	googletagservices.com www.googletagservices.com	214 KB
6	google.de adservice.google.de	1 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	1 KB
4	yahoo.com 2 redirects c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com	2 KB
3	consensu.org quantcast.mgr.consensu.org	86 KB
3	revampcdn.com spn-v1.revampcdn.com	95 KB
2	zemanta.com 2 redirects b1sync.zemanta.com	602 B
2	bing.com c.bing.com	721 B
2	adsrvr.org match.adsrvr.org	529 B
2	gstatic.com fonts.gstatic.com	31 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	2mdn.net s0.2mdn.net	110 KB
2	quantcount.com rules.quantcount.com pixel.quantcount.com	556 B
1	googleusercontent.com lh4.googleusercontent.com	93 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com	22 KB
1	quantserve.com secure.quantserve.com	9 KB
248	23

	Domain	Requested by
47	cdn-mobile.aptoide.com	sgx-mobile.en.aptoide.com cdn-mobile.aptoide.com
31	tpc.googlesyndication.com	sgx-mobile.en.aptoide.com securepubads.g.doubleclick.net tpc.googlesyndication.com f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com googleads.g.doubleclick.net cdn.ampproject.org
28	securepubads.g.doubleclick.net	1 redirects sgx-mobile.en.aptoide.com spn-v1.revampcdn.com securepubads.g.doubleclick.net www.datadoghq-browser-agent.com www.googletagservices.com
19	pagead2.googlesyndication.com	www.datadoghq-browser-agent.com tpc.googlesyndication.com f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com sgx-mobile.en.aptoide.com
16	cdn.ampproject.org	securepubads.g.doubleclick.net
12	eb2.3lift.com	2 redirects spn-v1.revampcdn.com eb2.3lift.com
12	cdn6.aptoide.com	sgx-mobile.en.aptoide.com
10	ib.adnxs.com	4 redirects www.datadoghq-browser-agent.com eb2.3lift.com
6	www.googletagservices.com	securepubads.g.doubleclick.net f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
6	www.google.com	1 redirects tpc.googlesyndication.com f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com sgx-mobile.en.aptoide.com
6	adservice.google.com	securepubads.g.doubleclick.net
6	adservice.google.de	securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	sgx-mobile.en.aptoide.com f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
5	sgx-mobile.en.aptoide.com	1 redirects sgx-mobile.en.aptoide.com
4	s.amazon-adsystem.com	2 redirects eb2.3lift.com
4	cm.g.doubleclick.net	2 redirects eb2.3lift.com
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net sgx-mobile.en.aptoide.com
3	f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	ws2-cache.aptoide.com	cdn-mobile.aptoide.com www.datadoghq-browser-agent.com
3	ws75.aptoide.com	cdn-mobile.aptoide.com www.datadoghq-browser-agent.com
3	quantcast.mgr.consensu.org	sgx-mobile.en.aptoide.com quantcast.mgr.consensu.org
3	spn-v1.revampcdn.com	sgx-mobile.en.aptoide.com spn-v1.revampcdn.com
2	b1sync.zemanta.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	c.bing.com	eb2.3lift.com
2	match.adsrvr.org	eb2.3lift.com
2	acdn.adnxs.com	spn-v1.revampcdn.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	s0.2mdn.net	f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
2	c2shb.ssp.yahoo.com	www.datadoghq-browser-agent.com
2	tlx.3lift.com	www.datadoghq-browser-agent.com
1	lh4.googleusercontent.com	sgx-mobile.en.aptoide.com
1	pixel.quantcount.com	sgx-mobile.en.aptoide.com
1	en.aptoide.com	quantcast.mgr.consensu.org
1	rules.quantcount.com	secure.quantserve.com
1	www.datadoghq-browser-agent.com	spn-v1.revampcdn.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
248	38

This site contains links to these domains. Also see Links.

Domain
en.aptoide.com
tv.aptoide.com
appcoins-wallet.en.aptoide.com
aptoide-uploader.en.aptoide.com
aptoide.zendesk.com
blog.aptoide.com

Subject Issuer	Validity	Valid
*.en.aptoide.com Amazon	`2021-05-07` - `2022-06-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-15` - `2022-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.revampcdn.com R3	`2021-06-12` - `2021-09-10`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.datadoghq-browser-agent.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-17` - `2022-03-17`	a year	crt.sh
*.aptoide.com Amazon	`2021-05-07` - `2022-06-05`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-18` - `2021-09-08`	6 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://sgx-mobile.en.aptoide.com/app
Frame ID: 514968E508CB4AFD06A89B174507DCD0
Requests: 115 HTTP requests in this frame

Frame: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 126E6D58A4F2C308CE53457DEBE2ED81
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: 32161239589D1C9F75CD905613D20011
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 06AEAD9D492FB085DCEBF70DCD089FAA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E5B8B395B2AB420D0FE310E735E9A61
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssToPZ2ybCZ_7GTkvWwKz_2NJQyrE1sGZUjhcr30w9FAEvp_vI-u0N_4VjFgtytsEzvd0AGD6KNlPxaIZdyqD14Jrxgjt1bDJ4XwjSv0XA8bq1G-pNMdoCyI-3g8ttb-I7I1-mD02h2JvlrpwyqGYvLibp5E11cwPOUd7eWJXcGUGI80PUsOKsjIJSo4j-wGvQ3PjRUSc6MK8olh0RpYnc7y_jORjjeN9cQr6J7ZokMpN6V5WeJHuXCkDHtwLGO6PjljfFClXY7yOHGr6GQkbPDPLXEO8IrWNaAwAy45nLTRk0bQ569yxfFVRy98PGQhyz_bfIW0-hE-w51D0ES5xbt_t6P_FbRRbmIveRFQh9h7JAZFxFLVKely79iZ3cIenLpVg&sai=AMfl-YQ5vjb6OK_jpvEpGb14Bk-yUJkcKnGOr5rUyrF6555pYunNVzC4AyyHj69jVOlEhTzS5no0pXqemIqNl8QFsG4pApV4ntiQHyTY9J3aIFrxfu_SaHYCld5Ahz5OBKw&sig=Cg0ArKJSzG4YKj1uSZSbEAE&urlfix=1&adurl=
Frame ID: 1CCA340BD22B717AAFBC27B223A73D7F
Requests: 8 HTTP requests in this frame

Frame: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A57AE2EDBEF2FA127A56F7C3DC7E14BD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIDKjAEQzcuzowIYy4ermwEwAQ&v=APEucNX7Jb9-14LbCHtlo6d0Wo8RjD2n7XH9oHTGOD-iXvhH0MDTmOtChiJ0hK9jSrcfX80U6IAe29nRY6sPWxR87IlTpYrOrg
Frame ID: E34E123B06D652882CBAC7DDAA615167
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhiaPlvMySwuN_246aOWcuhxTtPkty488JjWC4Bw6sQxdQkiZWWWtCqRX156nWv86TlRgKq4i_EIzAsmUz2lgM6y6pEQlGek3nLkcKlMLuMx9mzsMx6FvqDGjundOx91zihbmqiBx8dcSdpl2_n0Tup2WalQYUQVDYwsK-vNhfaDJj4UDd5Ouh7QIGvOUoc2A4zjs__JsX_azO-ZY3dUdNdyqh4c0qyWTswMhdGQqaECdiqOPVqCi2a-9dROziftX_HgkwSZkaGAYI_SUveRGTMFjKJE2X2rtgXimqxgYMxJmQaXYnGmMa7V_7xunwk2msabNkDVt1ETfZX-Ghdo3Nedt9wlbSF4pqRB3NfuXnARWqLurjZ4mwELgH4oVgHQwKYA&sai=AMfl-YTsL7QMpDj_jBR1kyG4yUcbnYjVZUdXmoOF1PVC8xIcWlRO_ZkmQqRjKpLGHGb9BejhLcQ824k-jqT96nJ8HxpOiOJufLnK5soZOALshnoH5ruvguxIed-iocnbFfpH&sig=Cg0ArKJSzP1vjtSdIH0nEAE&urlfix=1&adurl=
Frame ID: D6E1683F70AC3C5E4AE837B2AFE04214
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUcLwy0LySAdmzCbL00QGfob3oWPrGdg31_KKGZUydoxzfob0sNQgC3SlpdxYXszDXWpfOSc4RqQinOAsvuu9vjD7wzTrU5iRqpFqXv-xvc2EtNEPgjBpMWeIbT7OgGt-5G8iHxfZXvKHRTF-kqZIG6TmxZaB6gPlTEYYVxnrXAPf5rOGyF9hyao3DZUe10688HyBmxGtWGrDDAznmQMtreYlSMeB0rj-43KP2jzgql_6t7henHsuIQi4LFcaJVq-5aetKSSfxqLZJXyQkwlZgRObtzVPkhjxscKcjHfMIH3l7Og9pMnXzlOZyUTKm5z7MrXKGsnlkBnluR6uYWsg5dmzVVMcype05ognC-n8v50P_UIxYSMYSKIllZppNTS06iw&sai=AMfl-YS_XWFWFCAharV0jRuFH29DhwxeXv-MqBBF6tqwaoBoeJ7Xzjh4hvPsKO9XigJC2Vhdn6H24ExJECgBUu927rgUu4SuKMDJEItS1CF6DzMQGLAIpN1StgowGTh3w46A&sig=Cg0ArKJSzCnVMEJ2oGNhEAE&urlfix=1&adurl=
Frame ID: DE84C5A815FA7D8E9D5927AA77C81C0F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8418A1F18BCE74965E3665A7E520E7B6
Requests: 3 HTTP requests in this frame

Frame: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F23E9123EFA4A45528F575154CB6A222
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPq54AEQlLq82AIY95XmrgEwAQ&v=APEucNXBQwzQebir8p-K8r582R5Pmowk4gVoNpn2pXCOd1qLKqK4HYFvUlaUgPB84v44Nlrwp_TRiIqOtxcAfWsd9wS54E-ayg
Frame ID: C85BC0D0C7FEFC33DC6D5978E7D90244
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D90EB07C85C8D8E11F85B01D55142F82
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: 733B11EAC9EF49CCA0F0672FF6486499
Requests: 25 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: 27FE3DE1817D7430C208B42CB0CA5C6A
Requests: 16 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CF44A1F6668D185C3793C8D4210FDD48
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Frame ID: 1CC46319FF77C792C2E78C1A77FB4D68
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Frame ID: 3BFB8730931F691AE9949CDA58EBF4B1
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7AF1638B2F16F46907CE1A5810E21888
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sgx-mobile.en.aptoide.com/ HTTP 301
https://sgx-mobile.en.aptoide.com/app Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

248
Requests

99 %
HTTPS

56 %
IPv6

23
Domains

38
Subdomains

32
IPs

4
Countries

3134 kB
Transfer

7460 kB
Size

4
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://en.aptoide.com/download
Title: Aptoide App

Search URL Search Domain Scan URL

URL: https://tv.aptoide.com/
Title: Aptoide TV

Search URL Search Domain Scan URL

URL: https://appcoins-wallet.en.aptoide.com/app
Title: AppCoins Wallet

Search URL Search Domain Scan URL

URL: https://aptoide-uploader.en.aptoide.com/app
Title: Uploader

Search URL Search Domain Scan URL

URL: https://aptoide.zendesk.com/home
Title: Support

Search URL Search Domain Scan URL

URL: https://blog.aptoide.com/
Title: Blog

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sgx-mobile.en.aptoide.com/ HTTP 301
https://sgx-mobile.en.aptoide.com/app Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://securepubads.g.doubleclick.net/tag/js/gpt.js?v=2 HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 235

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENxHbePJgLPUba95S7C3kUY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 236

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTgxMDM2NzkxOTMwNzIzNDE5NA%3D%3D

Request Chain 238

https://pr-bh.ybp.yahoo.com/sync/triplelift/9810367919307234194?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-7wXrGItE2oSfTzwWCf5RF0p5H7SsiJHAMJtPyeL4.Q--~A&dongle=0883

Request Chain 239

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=1691616540957548057&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 240

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9810367919307234194 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9810367919307234194&dcc=t

Request Chain 241

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 245

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENxHbePJgLPUba95S7C3kUY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 246

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTgxMDM2NzkxOTMwNzIzNDE5NA%3D%3D

Request Chain 248

https://pr-bh.ybp.yahoo.com/sync/triplelift/9810367919307234194?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-jxvAfBtE2oQ7d6dyXPbgOVwGyKLzxon9AuFI79PTwQ--~A&dongle=0883

Request Chain 249

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=3184320003953986613&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 250

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9810367919307234194 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9810367919307234194&dcc=t

Request Chain 251

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

248 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request app Show response
sgx-mobile.en.aptoide.com/
Redirect Chain

https://sgx-mobile.en.aptoide.com/
https://sgx-mobile.en.aptoide.com/app

138 KB
29 KB

889ms
888ms

Document
text/html

34.248.244.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.244.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-244-124.eu-west-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: b751bdca92335b3a0174b7ff195094e63ba6d715bfd24f217bda0b60172c7733

Request headers

:method: GET
:authority: sgx-mobile.en.aptoide.com
:scheme: https
:path: /app
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: next-i18next=en_GB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-type: text/html; charset=utf-8
server: nginx
x-powered-by: Express
content-language: en_GB
set-cookie: next-i18next=en_GB; path=/; expires=Wed, 20 Jul 2022 22:51:17 GMT
etag: W/"228a7-G3VHyOydTtN0KOBqeajt+ypBy3c"
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

date: Tue, 20 Jul 2021 22:51:16 GMT
content-type: text/html; charset=utf-8
content-length: 130
location: https://sgx-mobile.en.aptoide.com/app
server: nginx
x-powered-by: Express
content-language: en_GB
set-cookie: next-i18next=en_GB; path=/; expires=Wed, 20 Jul 2022 22:51:16 GMT
vary: Accept, Accept-Encoding

GET
H2 200 aptoide-logo-dark.svg
cdn-mobile.aptoide.com/static/imgs/ 5 KB
3 KB 62ms
15ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/aptoide-logo-dark.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e6d0591e3b03d4913436bb01fadef2f838b8b99cd7ed07813d6e0428ca4fde67

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"1595-1785a7eb2a0"
cf-cache-status: HIT
last-modified: Mon, 22 Mar 2021 15:12:36 GMT
server: cloudflare
age: 10372758
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b8a4dbe-FRA

GET
H2 200 9eaba6c7f9dac1b457db.css
cdn-mobile.aptoide.com/_next/static/css/ 615 B
299 B 62ms
15ms Stylesheet
text/css 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/css/9eaba6c7f9dac1b457db.css
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a7247f0b138febf529e5a01ff4d0758c2bd9b8cfe75191de411f47f49be2697d

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"267-17aa9cd7fd8"
cf-cache-status: HIT
last-modified: Thu, 15 Jul 2021 10:54:15 GMT
server: cloudflare
age: 474895
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b714dbe-FRA

GET
H2 200 c8f7fe3b0e41be846d5687592cf2018ff6e22687.bd3b3b3cb630f83556ae.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 28 KB
7 KB 69ms
22ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/c8f7fe3b0e41be846d5687592cf2018ff6e22687.bd3b3b3cb630f83556ae.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f52770e73b1db0888c877b4e673b4868de7fd8ad5db068c72fe0ec0f42515bf9

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"6ea3-17a57f96500"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 13:33:20 GMT
server: cloudflare
age: 1847662
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b734dbe-FRA

GET
H2 200 84afd3ba861b78d1ee8fdd5020b73ae8180797d2.a1bb98ce1abea2b73156.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 24 KB
8 KB 71ms
24ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/84afd3ba861b78d1ee8fdd5020b73ae8180797d2.a1bb98ce1abea2b73156.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4da1f126ab83f7589f5352d5acaf134c518e6906cdcc9ad066775c9e3b4b5b7e

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"60c3-17a57f96500"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 13:33:20 GMT
server: cloudflare
age: 1847669
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b754dbe-FRA

GET
H2 200 58.cf4fe99590eeb6437d33.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 7 KB
3 KB 69ms
22ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/58.cf4fe99590eeb6437d33.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6cb2264c758feefc1b2075c289f556db8439a3f2c21b4f3f1b22551ad6336cd2

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"1cc3-17a57f96500"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 13:33:20 GMT
server: cloudflare
age: 1847539
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b774dbe-FRA

GET
H2 200 webpack-0b9a40d72b0faba13bde.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 3 KB
2 KB 68ms
22ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/webpack-0b9a40d72b0faba13bde.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 12cef8b6c193cf70b48f5f6df479f0d4d9ae6053175146942eed0de34fd872eb

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"c20-17a61c490f0"
cf-cache-status: HIT
last-modified: Thu, 01 Jul 2021 11:11:50 GMT
server: cloudflare
age: 1683377
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b794dbe-FRA

GET
H2 200 framework.680bc0e0eceecc124b13.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 129 KB
42 KB 68ms
22ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/framework.680bc0e0eceecc124b13.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 94645447c61aeebebc618e1e62bfb1d9c7d7e7cfb142e92d2e4a291fc07fa36f

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"20230-17a57544f48"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 10:33:01 GMT
server: cloudflare
age: 1858522
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b7a4dbe-FRA

GET
H2 200 commons.a3582971b9d7446db178.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 304 KB
97 KB 62ms
15ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/commons.a3582971b9d7446db178.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ca172c383463271945d7cf96f76295a9e5da9b6b1fecdb5e0758569cc6b2ca3e

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"4bf75-17ac3ce2950"
cf-cache-status: HIT
last-modified: Tue, 20 Jul 2021 12:05:06 GMT
server: cloudflare
age: 38576
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b7b4dbe-FRA

GET
H2 200 main-59cf073e03fa30783803.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 18 KB
7 KB 71ms
25ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/main-59cf073e03fa30783803.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 736ee6c386bdfb2bcc0dfb0ba1cd9db58b80e507f629749cd401b1a29b18fe33

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"4906-17a57f96500"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 13:33:20 GMT
server: cloudflare
age: 1847664
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b7d4dbe-FRA

GET
H2 200 76d9fea82e18a498d729e9128c4e7929cb8f7dbc.076617a979ab38a805bd.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 16 KB
4 KB 70ms
24ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/76d9fea82e18a498d729e9128c4e7929cb8f7dbc.076617a979ab38a805bd.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e596dcc13b8c026690ca9b55bfc9606714445001e32c5ee2764c86788e1ddb87

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"3f01-17a810c7860"
cf-cache-status: HIT
last-modified: Wed, 07 Jul 2021 12:58:36 GMT
server: cloudflare
age: 1158577
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b874dbe-FRA

GET
H2 200 02bb9af4977c06137c5652511d2a49f8cab66bf1.28ccde0e5a43b76c895a.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 25 KB
8 KB 69ms
23ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/02bb9af4977c06137c5652511d2a49f8cab66bf1.28ccde0e5a43b76c895a.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 17c7ffc28045f7e907defc18f67ac8a61ddd2ba0e3539027f91bbbaede2b252e

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"6304-17a57f96500"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 13:33:20 GMT
server: cloudflare
age: 1847638
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b894dbe-FRA

GET
H2 200 f5b53e8c0254fa4ff5f4524e06215b664b099b24.9386cbee11f80ee33729.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 29 KB
10 KB 68ms
22ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/f5b53e8c0254fa4ff5f4524e06215b664b099b24.9386cbee11f80ee33729.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ddc383ef6590a17f19fec824f11042ade740dded7bbee8bfaae98ebe7a85fba4

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"73e3-17a57f96500"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 13:33:20 GMT
server: cloudflare
age: 1847653
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b7c4dbe-FRA

GET
H2 200 e4c2891068f8b0dedaff624ee0c883bafcbe5f85.7fe4957dd58072abb89d.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 8 KB
3 KB 69ms
23ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/e4c2891068f8b0dedaff624ee0c883bafcbe5f85.7fe4957dd58072abb89d.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fecff18752325a5ba077d5459e8e289d3d6597f3e6477630154c418e45bad991

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"1edd-17a57f96500"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 13:33:20 GMT
server: cloudflare
age: 1847669
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b804dbe-FRA

GET
H2 200 5314eaaefba2b31780fbb6ddc6572417caad4891.174fe1b10adc2a80fbaa.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 12 KB
4 KB 69ms
24ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/5314eaaefba2b31780fbb6ddc6572417caad4891.174fe1b10adc2a80fbaa.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1f351d9aa5077a0e7812134a06fd2b1233ee4b8bedfe67bd048c7f597cd1da00

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"312b-17aa0016988"
cf-cache-status: HIT
last-modified: Tue, 13 Jul 2021 13:14:45 GMT
server: cloudflare
age: 639231
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b7f4dbe-FRA

GET
H2 200 b1542cc239bf56c8a14913c0a930efe682b5cf86.914594e733d401e257a2.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 94 KB
27 KB 69ms
23ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/b1542cc239bf56c8a14913c0a930efe682b5cf86.914594e733d401e257a2.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fb87abb154857308f8b72bc50ab7ab2e75863c2fcbfdb12ed21c3281812e11eb

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"178b3-17a806ce0e8"
cf-cache-status: HIT
last-modified: Wed, 07 Jul 2021 10:04:17 GMT
server: cloudflare
age: 1169052
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b7e4dbe-FRA

GET
H2 200 _app-5002a35290aff8606cf3.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/pages/ 101 KB
24 KB 68ms
22ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/pages/_app-5002a35290aff8606cf3.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f982ab0b978be4ab9ff3a3019798442b18d89205ebcbc206a56da3bf12bb1e9c

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"19502-17ac4598518"
cf-cache-status: HIT
last-modified: Tue, 20 Jul 2021 14:37:19 GMT
server: cloudflare
age: 29466
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b854dbe-FRA

GET
H2 200 cb1608f2.b2d47cacf457f22ce1ae.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 810 B
571 B 71ms
26ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/cb1608f2.b2d47cacf457f22ce1ae.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0980b963368db3fb0dc4100bb9cfae882c4317a5099e5ec024930c27bf51c393

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"32a-17a57f96500"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 13:33:20 GMT
server: cloudflare
age: 1847639
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b834dbe-FRA

GET
H2 200 8f34a4913fd9d8241134dac56db077465fbf2dd7.5b7fa7e454f826e0f92d.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 23 KB
5 KB 68ms
23ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/8f34a4913fd9d8241134dac56db077465fbf2dd7.5b7fa7e454f826e0f92d.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2b6eaf2fde7666a1de9463a3ae28505685a338cb38dc4c24a120c708d2bf576f

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"5b27-17ac4598518"
cf-cache-status: HIT
last-modified: Tue, 20 Jul 2021 14:37:19 GMT
server: cloudflare
age: 29464
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b824dbe-FRA

GET
H2 200 app-view-3e7f14a8580ca386adb0.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/pages/ 102 KB
29 KB 68ms
23ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/pages/app-view-3e7f14a8580ca386adb0.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74c10b0085d4650eac8b4da7bdb7508fa512c6789ee7431048c31b27032c8c23

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"1974e-17aa9cd7fd8"
cf-cache-status: HIT
last-modified: Thu, 15 Jul 2021 10:54:15 GMT
server: cloudflare
age: 474880
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b814dbe-FRA

GET
H3-29

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

https://securepubads.g.doubleclick.net/tag/js/gpt.js?v=2
https://securepubads.g.doubleclick.net/tag/js/gpt.js

69 KB
24 KB

33ms
16ms

Script
text/javascript

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

8b02c932a1571f099b28ac87a27785d47ed772c8b7b8d6953f3dbad43a07488b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "936 / 491 of 1000 / last-modified: 1626819085"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24203
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:17 GMT

Redirect headers

date: Tue, 20 Jul 2021 22:41:21 GMT
x-content-type-options: nosniff
server: sffe
age: 596
content-type: text/html; charset=UTF-8
location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Tue, 20 Jul 2021 23:11:21 GMT

GET
H2 200 aptoide.js Show response
spn-v1.revampcdn.com/publishers/ 151 KB
35 KB 49ms
7ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/publishers/aptoide.js?modern=1&v=2
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a9ff588bdc579b68f2d84698105b68dea46e6c07049c0931b581c1b7c514909

Request headers

Origin: https://sgx-mobile.en.aptoide.com
Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-version: 1.627.0
date: Tue, 20 Jul 2021 22:51:17 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 515123
x-cache: HIT, HIT
x-region: HE
content-encoding: br
content-length: 35473
x-served-by: cache-ams21062-AMS, cache-hhn4081-HHN
server: nginx
x-publisher-id: aptoide
x-timer: S1626821478.698448,VS0,VE0
etag: W/"91da4f8ac5377a349969eea0f0a90d3c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region
cache-control: max-age=604500, public, s-maxage=604800, stale-if-error=31536000, stale-while-revalidate=1209600
accept-ranges: bytes
x-country-code: DE
x-cache-hits: 1, 14262

GET
H2 200 games-ic.svg
cdn-mobile.aptoide.com/static/imgs/ 714 B
471 B 27ms
21ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/games-ic.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d5af3bf2f46a33c2e6953188d57efbb50e6649dfadef145a95c118fed77c552e

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"2ca-178b2a61888"
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 18:02:13 GMT
server: cloudflare
age: 8370399
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b8b4dbe-FRA

GET
H2 200 show-more-arrow-ic.svg
cdn-mobile.aptoide.com/static/imgs/ 614 B
400 B 28ms
22ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/show-more-arrow-ic.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4488274aef364da49cfc0ddeb0c8d8012c40dc14113e4c11f29341a8d168a807

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"266-1785a7eb2a0"
cf-cache-status: HIT
last-modified: Mon, 22 Mar 2021 15:12:36 GMT
server: cloudflare
age: 10372762
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b8c4dbe-FRA

GET
H2 200 apps-ic.svg
cdn-mobile.aptoide.com/static/imgs/ 690 B
423 B 27ms
21ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/apps-ic.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3e9b4a3424a162eb57d6ea30a206d9d9aaaf100c2afd079a0a52af2010c8da07

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"2b2-1785a7eb2a0"
cf-cache-status: HIT
last-modified: Mon, 22 Mar 2021 15:12:36 GMT
server: cloudflare
age: 10372762
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b8e4dbe-FRA

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/Xn3-SSF37qUB6/aptoide.com/ 5 KB
2 KB 32ms
9ms Script
application/javascript 2600:9000:2182:5000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/Xn3-SSF37qUB6/aptoide.com/choice.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ef38348b68e110da0e46ab69b3ce8b37ad587e549356028a49efc04fcaefc44

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 20 Jul 2021 22:50:37 GMT
content-encoding: br
last-modified: Tue, 08 Jun 2021 17:02:17 GMT
server: AmazonS3
age: 73
etag: W/"a8e4a9c0a7c1d3aeda80ba069500717c"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 5zxBv_WMQ4xq-B9JuRUqxsfLL-Wr7YHS6jvt04tQ6SARmeXIvFPjaA==

GET
H2 200 black-arrow-ic.svg
cdn-mobile.aptoide.com/static/imgs/ 630 B
423 B 27ms
21ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/black-arrow-ic.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c7f0b23a0cf806135e9b2e8e7779351b37a9688d91e21aa62b3f5184716cf502

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"276-178b2a61888"
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 18:02:13 GMT
server: cloudflare
age: 8690862
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b904dbe-FRA

GET
H2 200 d8c61336a6fc98571bda85d337ebb268_icon.png
cdn6.aptoide.com/imgs/d/8/c/ 7 KB
7 KB 76ms
57ms Image
image/png 2606:4700:10::6816:b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn6.aptoide.com/imgs/d/8/c/d8c61336a6fc98571bda85d337ebb268_icon.png?w=160
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b53039eaac3d0b84b115e14f7280c70257d5fe0dce4e51e8dc9d0b945aa35cd1

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-lb-source: lb12
date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Dec 2018 08:32:39 GMT
server: cloudflare
etag: W/"5c1ca527-45a8"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
via: 1.1 varnish (Varnish/6.2)
cache-control: max-age=315360000, public
x-varnish: 754844519
cf-ray: 671fc0db7af81766-FRA

GET
H2 200 roboto-v27-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
cdn-mobile.aptoide.com/static/font/Roboto-400/ 49 KB
49 KB 193ms
161ms Font
font/woff2 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/static/font/Roboto-400/roboto-v27-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4

Request headers

Origin: https://sgx-mobile.en.aptoide.com
Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
cf-cache-status: MISS
x-powered-by: Express
content-length: 50240
last-modified: Tue, 20 Jul 2021 14:48:14 GMT
server: cloudflare
etag: W/"c440-17ac46383b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
access-control-expose-headers: Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 671fc0db9da705d8-FRA

GET
H2 200 roboto-v27-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-500.woff2
cdn-mobile.aptoide.com/static/font/Roboto-500/ 49 KB
50 KB 182ms
149ms Font
font/woff2 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/static/font/Roboto-500/roboto-v27-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-500.woff2
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ee7e4a24daafdb8c937da249dc9bf3786eb966f53cbcb436a950e49298e8da75

Request headers

Origin: https://sgx-mobile.en.aptoide.com
Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
cf-cache-status: MISS
x-powered-by: Express
content-length: 50460
last-modified: Tue, 20 Jul 2021 14:48:14 GMT
server: cloudflare
etag: W/"c51c-17ac46383b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
access-control-expose-headers: Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 671fc0db9daa05d8-FRA

GET
H2 200 roboto-v27-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2
cdn-mobile.aptoide.com/static/font/Roboto-700/ 49 KB
49 KB 187ms
155ms Font
font/woff2 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/static/font/Roboto-700/roboto-v27-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f

Request headers

Origin: https://sgx-mobile.en.aptoide.com
Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
cf-cache-status: MISS
x-powered-by: Express
content-length: 50196
last-modified: Tue, 20 Jul 2021 14:48:14 GMT
server: cloudflare
etag: W/"c414-17ac46383b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
access-control-expose-headers: Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 671fc0db9dac05d8-FRA

GET
H2 200 golden-star.svg
sgx-mobile.en.aptoide.com/static/imgs/ 234 B
570 B 31ms
31ms Image
image/svg+xml 34.248.244.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sgx-mobile.en.aptoide.com/static/imgs/golden-star.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.244.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-244-124.eu-west-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 55fb1cdb93b86b3df6aee83ed794d99d34d5bc70756b58dcd55cb2756885a189

Request headers

:path: /static/imgs/golden-star.svg
pragma: no-cache
cookie: next-i18next=en_GB
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sgx-mobile.en.aptoide.com
referer: https://sgx-mobile.en.aptoide.com/app
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sgx-mobile.en.aptoide.com/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
last-modified: Tue, 20 Jul 2021 14:48:14 GMT
server: nginx
x-powered-by: Express
etag: W/"ea-17ac46383b0"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
access-control-expose-headers: Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 234

GET
H2 200 download-icon-orange.svg
cdn-mobile.aptoide.com/static/imgs/ 202 B
254 B 28ms
22ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/download-icon-orange.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a0556bc61d9fd0cd6753683a1399d807fcf41d15f1a80e9d76f1fcb7b75a8a60

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"ca-1785a7eb2a0"
cf-cache-status: HIT
last-modified: Mon, 22 Mar 2021 15:12:36 GMT
server: cloudflare
age: 10372762
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b914dbe-FRA

GET
H2 200 size-icon-orange.svg
cdn-mobile.aptoide.com/static/imgs/ 255 B
307 B 28ms
23ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/size-icon-orange.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5fc5a89fa041f4fcaa3437a45d8c4f11057dd62a86128dd219e6b3d91a765c70

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"ff-178ea358f90"
cf-cache-status: HIT
last-modified: Mon, 19 Apr 2021 12:58:02 GMT
server: cloudflare
age: 7912982
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b954dbe-FRA

GET
H2 200 droid-icon-orange.svg
cdn-mobile.aptoide.com/static/imgs/ 858 B
573 B 27ms
22ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/droid-icon-orange.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f9318326f128931f430b3f098ec05d4ce7c2cc4f73f64135f083e3743294d52a

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"35a-1785a7eb2a0"
cf-cache-status: HIT
last-modified: Mon, 22 Mar 2021 15:12:36 GMT
server: cloudflare
age: 10372762
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b974dbe-FRA

GET
H2 200 good-app-icon.svg
cdn-mobile.aptoide.com/static/imgs/ 845 B
518 B 28ms
22ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/good-app-icon.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 02e4bd571ba9300735158c4f5bf44ee497384d4c9bd266145f19b9d8df8e21de

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"34d-1785a7eb2a0"
cf-cache-status: HIT
last-modified: Mon, 22 Mar 2021 15:12:36 GMT
server: cloudflare
age: 10372762
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b984dbe-FRA

GET
H2 200 cf87f82afd8f68bf7f3b0818ddb51687_icon.png
cdn6.aptoide.com/imgs/c/f/8/ 2 KB
3 KB 20ms
11ms Image
image/png 2606:4700:10::6816:b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn6.aptoide.com/imgs/c/f/8/cf87f82afd8f68bf7f3b0818ddb51687_icon.png?w=128
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02a82799c7d2de2262fd6a36822fa78acb7cb270aa9518563cda217127482070

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7968493
x-cache-status: HIT
cf-ray: 671fc0db7aff1766-FRA
x-lb-source: lb03
last-modified: Fri, 17 May 2019 13:37:45 GMT
server: cloudflare
etag: W/"5cdeb929-2193"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 554041433
via: 1.1 varnish (Varnish/6.2)
cache-control: max-age=315360000, public
content-type: image/png

GET
H2 200 star.svg
sgx-mobile.en.aptoide.com/static/imgs/ 228 B
564 B 35ms
34ms Image
image/svg+xml 34.248.244.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sgx-mobile.en.aptoide.com/static/imgs/star.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.244.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-244-124.eu-west-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 88cf662e4776fe07a91356a61a49fdeec695474f7556bd95ddc75139345d5536

Request headers

:path: /static/imgs/star.svg
pragma: no-cache
cookie: next-i18next=en_GB
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sgx-mobile.en.aptoide.com
referer: https://sgx-mobile.en.aptoide.com/app
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sgx-mobile.en.aptoide.com/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
last-modified: Tue, 20 Jul 2021 14:48:14 GMT
server: nginx
x-powered-by: Express
etag: W/"e4-17ac46383b0"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
access-control-expose-headers: Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 228

GET
H2 200 dcd244917fa1f22762b9ca3d00fa1c3d_icon.png
cdn6.aptoide.com/imgs/d/c/d/ 8 KB
9 KB 21ms
13ms Image
image/png 2606:4700:10::6816:b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn6.aptoide.com/imgs/d/c/d/dcd244917fa1f22762b9ca3d00fa1c3d_icon.png?w=128
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03d2cc7a5a8780975285e5ee1989c0bd28e625b60ee4c538e9b10bafd44f6e08

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2845837
x-cache-status: HIT
cf-ray: 671fc0db7b001766-FRA
content-length: 8711
x-lb-source: lb11
last-modified: Thu, 16 Apr 2020 09:48:13 GMT
server: cloudflare
etag: W/"5e9829dd-31348"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 382009887
via: 1.1 varnish (Varnish/6.2)
cache-control: max-age=315360000, public
accept-ranges: bytes
content-type: image/png

GET
H2 200 5698ec2d0bb764d451fcefe2fb1c1ed1_icon.png
cdn6.aptoide.com/imgs/5/6/9/ 7 KB
7 KB 24ms
16ms Image
image/png 2606:4700:10::6816:b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn6.aptoide.com/imgs/5/6/9/5698ec2d0bb764d451fcefe2fb1c1ed1_icon.png?w=128
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f35296326b64eaddc8782d403e21a60670f548dec801948dbd90365088691f10

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7666078
x-cache-status: HIT
cf-ray: 671fc0db7afe1766-FRA
content-length: 7383
x-lb-source: lb05
last-modified: Sat, 08 Jun 2019 07:08:44 GMT
server: cloudflare
etag: W/"5cfb5efc-2bed6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 469634204
via: 1.1 varnish (Varnish/6.2)
cache-control: max-age=315360000, public
accept-ranges: bytes
content-type: image/png

GET
H2 200 9e3dafc62cc3be90377bdd8478b9b1d6_icon.png
cdn6.aptoide.com/imgs/9/e/3/ 3 KB
3 KB 23ms
15ms Image
image/png 2606:4700:10::6816:b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn6.aptoide.com/imgs/9/e/3/9e3dafc62cc3be90377bdd8478b9b1d6_icon.png?w=128
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 408d657fd771d14d5e0c7e375b737aa8d822dfa0250366f9c310f04d7adcc614

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2836985
x-cache-status: HIT
cf-ray: 671fc0db7afc1766-FRA
content-length: 2719
x-lb-source: lb12
last-modified: Tue, 07 Jul 2020 01:54:51 GMT
server: cloudflare
etag: W/"5f03d5eb-245b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 485330576
via: 1.1 varnish (Varnish/6.2)
cache-control: max-age=315360000, public
accept-ranges: bytes
content-type: image/png

GET
H2 200 0917b90d1400c6ad24b4a5ebbae35d51_icon.png
cdn6.aptoide.com/imgs/0/9/1/ 13 KB
13 KB 20ms
12ms Image
image/png 2606:4700:10::6816:b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn6.aptoide.com/imgs/0/9/1/0917b90d1400c6ad24b4a5ebbae35d51_icon.png?w=128
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebc3a4015f3fef42c2f627291b0f3f199c7b9ded57a0a8dc262b13156de8494f

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 972014
x-cache-status: HIT
cf-ray: 671fc0db7af91766-FRA
content-length: 13618
x-lb-source: lb12
last-modified: Fri, 13 Dec 2019 04:31:13 GMT
server: cloudflare
etag: W/"5df31411-2acd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 938710182
via: 1.1 varnish (Varnish/6.2)
cache-control: max-age=315360000, public
accept-ranges: bytes
content-type: image/png

GET
H2 200 37f8fea50f9cc3fbb20e0af2bd297288_icon.png
cdn6.aptoide.com/imgs/3/7/f/ 4 KB
4 KB 18ms
12ms Image
image/png 2606:4700:10::6816:b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn6.aptoide.com/imgs/3/7/f/37f8fea50f9cc3fbb20e0af2bd297288_icon.png?w=128
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0179da6f742dcb9b460ce9c8afd2020e884dd537bc027a68139ac52c907915c

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1590374
x-cache-status: HIT
cf-ray: 671fc0db9b131766-FRA
x-lb-source: lb10
last-modified: Tue, 26 Jun 2018 11:57:41 GMT
server: cloudflare
etag: W/"5b322a35-2ee0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 71238949
via: 1.1 varnish (Varnish/6.2)
cache-control: max-age=315360000, public
content-type: image/png

GET
H2 200 aaaeaef2d90555108695c31af91f66ad_icon.png
cdn6.aptoide.com/imgs/a/a/a/ 5 KB
5 KB 18ms
12ms Image
image/png 2606:4700:10::6816:b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn6.aptoide.com/imgs/a/a/a/aaaeaef2d90555108695c31af91f66ad_icon.png?w=128
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e129093f05154f3111a93aa7c2536931dd907ad3cc21d2794fc369cda74830

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2834401
x-cache-status: HIT
cf-ray: 671fc0db9b141766-FRA
x-lb-source: lb12
last-modified: Sat, 09 May 2020 12:02:37 GMT
server: cloudflare
etag: W/"5eb69bdd-76cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 527503673
via: 1.1 varnish (Varnish/6.2)
cache-control: max-age=315360000, public
content-type: image/png

GET
H2 200 aptoide-black.svg
cdn-mobile.aptoide.com/static/imgs/ 6 KB
3 KB 29ms
23ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/aptoide-black.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 55ab04de22cc1d08b0a69cf2c7410134ef9670257375f54232545f7a15b174c1

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"1633-1786a0f4d38"
cf-cache-status: HIT
last-modified: Thu, 25 Mar 2021 15:44:51 GMT
server: cloudflare
age: 9651745
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b994dbe-FRA

GET
H2 200 facebook-black.svg
cdn-mobile.aptoide.com/static/imgs/social/ 559 B
432 B 29ms
24ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/social/facebook-black.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 037f690e471548f1c5c67a00d3f0548872a4850eb1175ba553ef743ad3ede9b6

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"22f-1785a7eb2a0"
cf-cache-status: HIT
last-modified: Mon, 22 Mar 2021 15:12:36 GMT
server: cloudflare
age: 10372762
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b9a4dbe-FRA

GET
H2 200 twitter-black.svg
cdn-mobile.aptoide.com/static/imgs/social/ 782 B
526 B 28ms
23ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/social/twitter-black.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c6216961bfca9041ee146a693403a41fb2e752b3198cfe99557465c70213024e

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"30e-1785a7eb2a0"
cf-cache-status: HIT
last-modified: Mon, 22 Mar 2021 15:12:36 GMT
server: cloudflare
age: 10372762
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b9b4dbe-FRA

GET
H2 200 instagram-black.svg
cdn-mobile.aptoide.com/static/imgs/social/ 944 B
581 B 28ms
22ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/social/instagram-black.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c44f7ab63e5e7860889203b61a9f52c026c1e82413f28e36c2b1cba08329dba6

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"3b0-1785a7eb2a0"
cf-cache-status: HIT
last-modified: Mon, 22 Mar 2021 15:12:36 GMT
server: cloudflare
age: 10372762
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b9c4dbe-FRA

GET
H2 200 youtube-black.svg
cdn-mobile.aptoide.com/static/imgs/social/ 506 B
418 B 32ms
26ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/social/youtube-black.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e29c112752b027fed633aacf19f4611fce7f1bdea02f3d12bdad48a8389c9f97

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"1fa-1785a7eb2a0"
cf-cache-status: HIT
last-modified: Mon, 22 Mar 2021 15:12:36 GMT
server: cloudflare
age: 10372762
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b9d4dbe-FRA

GET
H2 200 linkedin-black.svg
cdn-mobile.aptoide.com/static/imgs/social/ 612 B
460 B 29ms
24ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/social/linkedin-black.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e27e409be4f1a02f34fee2137fa249267120d43d6184444b80ae9403693ed7dd

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"264-1785a7eb2a0"
cf-cache-status: HIT
last-modified: Mon, 22 Mar 2021 15:12:36 GMT
server: cloudflare
age: 10372762
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b9e4dbe-FRA

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 _buildManifest.js Show response
cdn-mobile.aptoide.com/_next/static/AhYM6tl5O8TaJMfTxN4nL/ 3 KB
1 KB 29ms
23ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/AhYM6tl5O8TaJMfTxN4nL/_buildManifest.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: bc568441741bd618115f078ac040fc4fae6a0436ecfaa7d6b1daef6723b23f75

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"b17-17ac466c7a0"
cf-cache-status: HIT
last-modified: Tue, 20 Jul 2021 14:51:48 GMT
server: cloudflare
age: 28626
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9b9f4dbe-FRA

GET
H2 200 _ssgManifest.js Show response
cdn-mobile.aptoide.com/_next/static/AhYM6tl5O8TaJMfTxN4nL/ 76 B
161 B 29ms
23ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/AhYM6tl5O8TaJMfTxN4nL/_ssgManifest.js
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"4c-17ac466c7a0"
cf-cache-status: HIT
last-modified: Tue, 20 Jul 2021 14:51:48 GMT
server: cloudflare
age: 28626
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9ba04dbe-FRA

GET
H2 200 trusted-new.svg
cdn-mobile.aptoide.com/static/imgs/ 1 KB
721 B 29ms
24ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/trusted-new.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6482769d91f6fb74c7d49b9d6dc713da62e0db7796f47bc419a543ccdd454e01

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"4a3-1786a0f4d38"
cf-cache-status: HIT
last-modified: Thu, 25 Mar 2021 15:44:51 GMT
server: cloudflare
age: 9641374
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0db9ba14dbe-FRA

GET
H2 200 app-view-share.svg
sgx-mobile.en.aptoide.com/static/imgs/ 2 KB
1 KB 32ms
32ms Image
image/svg+xml 34.248.244.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sgx-mobile.en.aptoide.com/static/imgs/app-view-share.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.244.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-244-124.eu-west-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: f474ee525d15c55776e2963c3524185e29a4ac22f6ba9b786904876308db9977

Request headers

:path: /static/imgs/app-view-share.svg
pragma: no-cache
cookie: next-i18next=en_GB
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sgx-mobile.en.aptoide.com
referer: https://sgx-mobile.en.aptoide.com/app
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sgx-mobile.en.aptoide.com/app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 14:48:14 GMT
server: nginx
x-powered-by: Express
etag: W/"6b9-17ac46383b0"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
access-control-expose-headers: Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 27ms
8ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/Xn3-SSF37qUB6/aptoide.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 27 Jul 2021 22:51:17 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 183 KB
48 KB 10ms
9ms Script
text/javascript 2600:9000:2182:5000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=aptoide.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/Xn3-SSF37qUB6/aptoide.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4a4d8e0e571845383def3c32dc0d974d326f743ead85ce1a8ca0701d8f925cf

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:50:27 GMT
content-encoding: gzip
age: 75
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 15 Jul 2021 19:17:24 GMT
server: AmazonS3
etag: W/"3594b5f8de5502f14ef84ed666288cc3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 4sfXVz6LbJr0XYWRb9V3GIOdV-7PeflyUezhNIScQfsoM2KMeXifUA==

GET
H2 200 datadog-rum.js Show response
www.datadoghq-browser-agent.com/ 64 KB
22 KB 50ms
15ms Script
application/javascript 13.226.159.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/aptoide.js?modern=1&v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:50:31 GMT
content-encoding: gzip
last-modified: Mon, 19 Jul 2021 12:21:08 GMT
server: AmazonS3
age: 46
etag: W/"6f16bc452a225d7da116aa4c430872f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: gzKzHntBRhz418Rd1-SCiUYzLFs-KzZjTZ-NY9EXzGs-ccn3orNGWw==

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
24 KB 16ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/aptoide.js?modern=1&v=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

39ce1bc1e83864ebf947f3f606dfd962d3b6015ff71cae7c90d71a66d14ca885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "936 / 261 of 1000 / last-modified: 1626819085"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24913
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:17 GMT

GET
H2 200 prebid-client.js Show response
spn-v1.revampcdn.com/prebid/aptoide/ 206 KB
60 KB 24ms
7ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/prebid/aptoide/prebid-client.js
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/aptoide.js?modern=1&v=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c327a92f0230ab1472aa4b55e23464e501f632c3e6184efcc23f905a185db021

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 20549
x-cache: HIT, HIT
x-region: HE
content-encoding: br
content-length: 60626
x-served-by: cache-ams21062-AMS, cache-hhn4028-HHN
last-modified: Tue, 20 Jul 2021 08:36:06 GMT
server: nginx
x-timer: S1626821478.856938,VS0,VE0
etag: W/"60f68af6-33673"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region
cache-control: max-age=86400, public, s-maxage=86100, stale-if-error=31536000, stale-while-revalidate=172800
accept-ranges: bytes
x-country-code: DE
x-cache-hits: 1, 190

HEAD
H2 200 aptoide.js
spn-v1.revampcdn.com/publishers/ 0
0 7ms
7ms Fetch
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/publishers/aptoide.js?modern=1
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/aptoide.js?modern=1&v=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-version: 1.627.0
date: Tue, 20 Jul 2021 22:51:17 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 515124
x-cache: HIT, HIT
x-region: HE
content-encoding: br
content-length: 35473
x-served-by: cache-ams21062-AMS, cache-hhn4081-HHN
server: nginx
x-publisher-id: aptoide
x-timer: S1626821478.840189,VS0,VE0
etag: W/"91da4f8ac5377a349969eea0f0a90d3c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region
cache-control: max-age=604500, public, s-maxage=604800, stale-if-error=31536000, stale-while-revalidate=1209600
accept-ranges: bytes
x-country-code: DE
x-cache-hits: 1, 14263

GET
H2 200 rules-p-Xn3-SSF37qUB6.js Show response
rules.quantcount.com/ 2 B
346 B 30ms
9ms Script
application/javascript 2600:9000:2182:e200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Xn3-SSF37qUB6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:e200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:04:49 GMT
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
server: AmazonS3
age: 2787
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-C1
content-length: 2
x-amz-cf-id: Me7MXjA1NrXzbWrx885iHv4sf0DECUIHJ3Brz9j4ibKaGw6bZWc1KQ==

GET
H2 200 consent Show response
en.aptoide.com/api/ 2 B
319 B 91ms
73ms XHR
application/json 34.248.244.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://en.aptoide.com/api/consent
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=aptoide.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.244.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-244-124.eu-west-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/plain, */*
Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
server: nginx
x-powered-by: Express
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
access-control-expose-headers: Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma
access-control-allow-credentials: true
content-length: 2

GET
H3-29 200 pubads_impl_2021071401.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 16ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js?v=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Jul 2021 08:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117283
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:17 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 98 B
117 B 29ms
15ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=sgx-mobile.en.aptoide.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js?v=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c5f1e0cc8798bef8941a67d7c93bd94512c3a848ff95d209fc6a9c17b70cb332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:17 GMT

GET
H2 200 59.a52e47b65fa9c97e9b3c.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 5 KB
2 KB 11ms
11ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/59.a52e47b65fa9c97e9b3c.js
Requested by: Host: cdn-mobile.aptoide.com
URL: https://cdn-mobile.aptoide.com/_next/static/chunks/webpack-0b9a40d72b0faba13bde.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: daf3f13813a7bfb3f66f83ecbce5a62d9892b95de165346b7ab0075dc5f6cc03

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
etag: W/"1567-17a57f96500"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 13:33:20 GMT
server: cloudflare
age: 1847377
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0dd2dc84dbe-FRA

GET
H2 200 29.7c33954d925829a97fc6.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 1 KB
750 B 22ms
21ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/29.7c33954d925829a97fc6.js
Requested by: Host: cdn-mobile.aptoide.com
URL: https://cdn-mobile.aptoide.com/_next/static/chunks/webpack-0b9a40d72b0faba13bde.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c2808594f40e059b0c545d2f838773aa46b84aeb11a41a3f8208ac5b91c90c6b

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
etag: W/"526-17a57f96500"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 13:33:20 GMT
server: cloudflare
age: 1847602
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0dd9e944dbe-FRA

GET
H2 200 28.298b2164a1f395dd72eb.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 1 KB
743 B 11ms
10ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/28.298b2164a1f395dd72eb.js
Requested by: Host: cdn-mobile.aptoide.com
URL: https://cdn-mobile.aptoide.com/_next/static/chunks/webpack-0b9a40d72b0faba13bde.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c3ab3f54f8ac601cf0d0e4d0468031abcc28a64d3d1a55e99b66cdeee7b17ffd

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
etag: W/"54a-17a57f96500"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 13:33:20 GMT
server: cloudflare
age: 1847587
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0ddbeb54dbe-FRA

GET
H2 200 getVersions Show response
ws75.aptoide.com/api/7/app/ 14 KB
2 KB 201ms
142ms XHR
application/json 34.252.202.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws75.aptoide.com/api/7/app/getVersions?cdn=web&q=bXlDUFU9YXJtNjQtdjhhLGFybWVhYmktdjdhLGFybWVhYmkmbGVhbmJhY2s9MA&aab=1&mature=false&language=en_GB&country=DE&not_apk_tags=&limit=20&package_uname=sgx-mobile&store_name=aptoide-web

Requested by

Host: cdn-mobile.aptoide.com
URL: https://cdn-mobile.aptoide.com/_next/static/chunks/commons.a3582971b9d7446db178.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.202.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-202-225.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d0e5076f2ce005065cbfe89cd9cd24a5f4be66af21403de26fd12a6997d52aa2

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json, text/plain, */*
Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
vary: Origin
server: nginx
x-frame-options: ALLOWALL
content-type: application/json
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
cache-control: max-age=300, public
access-control-allow-headers: Cache-Control, Pragma

GET
H2 200 getPackages Show response
ws2-cache.aptoide.com/api/7/apps/ 4 KB
2 KB 332ms
291ms XHR
application/json 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws2-cache.aptoide.com/api/7/apps/getPackages?cdn=web&q=bXlDUFU9YXJtNjQtdjhhLGFybWVhYmktdjdhLGFybWVhYmkmbGVhbmJhY2s9MA&aab=1&mature=false&language=en_GB&not_apk_tags=&package_names[]=com.zhiliaoapp.musically&package_names[]=com.whatsapp&package_names[]=com.netflix.mediaclient&package_names[]=com.yy.hiyo&store_name=aptoide-web

Requested by

Host: cdn-mobile.aptoide.com
URL: https://cdn-mobile.aptoide.com/_next/static/chunks/commons.a3582971b9d7446db178.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f60f7b24fc67ff600ca5068516b51be8350f9e4a3b31f9344c54f0a6cbdba76c

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json, text/plain, */*
Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: ALLOWALL
content-type: application/json
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
cache-control: max-age=7200, public
cf-ray: 671fc0de38e22c56-FRA
access-control-allow-headers: Cache-Control, Pragma

GET
H2 200 get Show response
ws75.aptoide.com/api/7/user/action/item/cards/ 185 B
370 B 104ms
46ms XHR
application/json 34.252.202.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws75.aptoide.com/api/7/user/action/item/cards/get?cdn=web&q=bXlDUFU9YXJtNjQtdjhhLGFybWVhYmktdjdhLGFybWVhYmkmbGVhbmJhY2s9MA&aab=1&mature=false&language=en_GB&country=DE&not_apk_tags=&type=CURATION_1&offset=0&limit=1&aptoide_uid=&package_name=com.sgx.SGXandroid&store_name=aptoide-web

Requested by

Host: cdn-mobile.aptoide.com
URL: https://cdn-mobile.aptoide.com/_next/static/chunks/commons.a3582971b9d7446db178.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.202.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-202-225.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

bf77d064f6df19c318f0373e38923f0342aa3a06f72b685ff74eb3ff258a7aa0

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json, text/plain, */*
Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
server: nginx
x-frame-options: ALLOWALL
content-type: application/json
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
cache-control: no-cache
access-control-allow-headers: Cache-Control, Pragma

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 153 KB
36 KB 28ms
9ms XHR
application/json 2600:9000:2182:5000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=aptoide.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa984fa6eec211cd513fbb0eb4d9fcbda64ba23ba9c1cf964aafa79b12279399

Request headers

Accept: application/json, text/plain, */*
Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 03:00:32 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 71447
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 20 Jul 2021 03:00:27 GMT
server: AmazonS3
etag: W/"11c568249c14f10ccbfa7653d508e9e1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: rMPJYD5N8OHSsHv6FS5o9pip6wv5SvvB7KVk-YlmFv0EdihOqFAXVQ==

GET
H2 200 b9e6dc66aeeeae28db9469ee078c7941_screen.png
cdn6.aptoide.com/imgs/b/9/e/ 184 KB
178 KB 488ms
488ms Image
image/png 2606:4700:10::6816:b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn6.aptoide.com/imgs/b/9/e/b9e6dc66aeeeae28db9469ee078c7941_screen.png?h=500
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36ed99e35e45c5e5234f7c0d04138687a3421382b45b335a3008f3f6d9dc0cee

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-lb-source: lb12
date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 06 Apr 2020 08:31:34 GMT
server: cloudflare
etag: W/"5e8ae8e6-1a874"
x-cache-status: MISS
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
via: 1.1 varnish (Varnish/6.2)
cache-control: max-age=315360000, public
x-varnish: 746325041
cf-ray: 671fc0de2e4b1766-FRA

GET
H2 200 5ae403e7e7226f0932e71990eebe8ccf_screen.png
cdn6.aptoide.com/imgs/5/a/e/ 96 KB
93 KB 172ms
171ms Image
image/png 2606:4700:10::6816:b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn6.aptoide.com/imgs/5/a/e/5ae403e7e7226f0932e71990eebe8ccf_screen.png?h=500
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e398be6ea0aa154cc3d68c76a563ca3bc87c0cf8f0f54e52cca5d47932affd0a

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-lb-source: lb12
date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 06 Apr 2020 08:31:34 GMT
server: cloudflare
etag: W/"5e8ae8e6-18da0"
x-cache-status: MISS
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
via: 1.1 varnish (Varnish/6.2)
cache-control: max-age=315360000, public
x-varnish: 760517999
cf-ray: 671fc0de2e4c1766-FRA

GET
H2 200 94ba522ec54e448e977c1d48cdc5b71e_screen.png
cdn6.aptoide.com/imgs/9/4/b/ 78 KB
75 KB 278ms
277ms Image
image/png 2606:4700:10::6816:b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn6.aptoide.com/imgs/9/4/b/94ba522ec54e448e977c1d48cdc5b71e_screen.png?h=500
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e8ad11bf39dda69318afacda52a7867f768de0666adb21778e566e460e67846

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-lb-source: lb12
date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 06 Apr 2020 08:31:34 GMT
server: cloudflare
etag: W/"5e8ae8e6-108d8"
x-cache-status: MISS
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
via: 1.1 varnish (Varnish/6.2)
cache-control: max-age=315360000, public
x-varnish: 760320834
cf-ray: 671fc0de2e4f1766-FRA

GET
H2 200 33f5e9234c883bc0a2d4469aba789eb1_screen.png
cdn6.aptoide.com/imgs/3/3/f/ 80 KB
74 KB 69ms
69ms Image
image/png 2606:4700:10::6816:b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn6.aptoide.com/imgs/3/3/f/33f5e9234c883bc0a2d4469aba789eb1_screen.png?h=500
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be295ab2906d2e4319575562c12ec7ea500d33446bef30ff69e2b02f9d288e01

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-lb-source: lb12
date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 06 Apr 2020 08:31:34 GMT
server: cloudflare
etag: W/"5e8ae8e6-105a9"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
via: 1.1 varnish (Varnish/6.2)
cache-control: max-age=315360000, public
x-varnish: 758123398
cf-ray: 671fc0de2e501766-FRA

GET
H2 200 8f34a4913fd9d8241134dac56db077465fbf2dd7.5b7fa7e454f826e0f92d.js
cdn-mobile.aptoide.com/_next/static/chunks/ 0
5 KB 12ms
12ms Other
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/8f34a4913fd9d8241134dac56db077465fbf2dd7.5b7fa7e454f826e0f92d.js
Requested by: Host: cdn-mobile.aptoide.com
URL: https://cdn-mobile.aptoide.com/_next/static/chunks/commons.a3582971b9d7446db178.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
etag: W/"5b27-17ac4598518"
cf-cache-status: HIT
last-modified: Tue, 20 Jul 2021 14:37:19 GMT
server: cloudflare
age: 29465
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0de2f214dbe-FRA

GET
H2 200 versions-e3b58574ad12b5aaf071.js
cdn-mobile.aptoide.com/_next/static/chunks/pages/ 0
7 KB 14ms
13ms Other
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/pages/versions-e3b58574ad12b5aaf071.js
Requested by: Host: cdn-mobile.aptoide.com
URL: https://cdn-mobile.aptoide.com/_next/static/chunks/commons.a3582971b9d7446db178.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
etag: W/"51b8-17a57f96500"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 13:33:20 GMT
server: cloudflare
age: 1847598
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0de2f234dbe-FRA

GET
H2 200 icon-search-orange.svg
cdn-mobile.aptoide.com/static/imgs/ 1017 B
726 B 10ms
10ms Image
image/svg+xml 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-mobile.aptoide.com/static/imgs/icon-search-orange.svg
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9af9251a309b8212c668a6d5919f8c026517097da4f604542932a74489083c6d

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
etag: W/"3f9-1785a7eb2a0"
cf-cache-status: HIT
last-modified: Mon, 22 Mar 2021 15:12:36 GMT
server: cloudflare
age: 10372737
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0de6f744dbe-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 142 B
833 B 70ms
39ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

9a2b52c20806c9361b8d1e858f00bb8c7dd056318ef2973439c666acbd8291c7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 22:51:18 GMT
X-Proxy-Origin: 83.143.245.190; 83.143.245.190; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 391eaaa0-41fc-4255-97d9-47acacfd25a0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sgx-mobile.en.aptoide.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 2 KB
2 KB 89ms
73ms XHR
application/json 3.120.90.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.31.0&referrer=https%3A%2F%2Fsgx-mobile.en.aptoide.com%2Fapp&tmax=1000&gdpr=true&us_privacy=1---

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.90.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-90-149.eu-central-1.compute.amazonaws.com

Software

Resource Hash

48d5ec41b185578192b99e9c112ee1e940d7c4e9f7cf4972d92383b880775dae

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 1316
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
485 B 164ms
145ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edbd575c3004a&pos=8a969105017575db4f32dbd90a570058&cmd=bid&secure=1&gdpr=1&us_privacy=1---
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: e1fd01826b838762320ea4734226b5453aa217015d0091b87ed012631e1e0ea7

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 20 Jul 2021 22:51:18 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://sgx-mobile.en.aptoide.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H2 200 pixel;r=1846309329;source=choice;rf=0;a=p-Xn3-SSF37qUB6;url=https%3A%2F%2Fsgx-mobile.en.aptoide.com%2Fapp;uh=u;uht=u;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=1;gdpr_consent=;ref=;d=aptoi...
pixel.quantcount.com/ 35 B
210 B 9ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantcount.com/pixel;r=1846309329;source=choice;rf=0;a=p-Xn3-SSF37qUB6;url=https%3A%2F%2Fsgx-mobile.en.aptoide.com%2Fapp;uh=u;uht=u;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=1;gdpr_consent=;ref=;d=aptoide.com;je=0;sr=1600x1200x24;dst=1;et=1626821478121;tzo=-120;ogl=description.Download%20SGX%20Mobile%20for%20Android%20on%20Aptoide%20right%20now!%20No%20extra%20costs%252E%20User%20ratin%2Curl.https%3A%2F%2Fsgx-mobile%252Een%252Eaptoide%252Ecom%2Fapp%2Ctitle.SGX%20Mobile%203%252E7%252E5%20Download%20Android%20APK%2Cimage.https%3A%2F%2Fcdn6%252Eaptoide%252Ecom%2Fimgs%2F4%2F9%2Fc%2F49ce16533e864c7107ef5e9e5f361e56_fgraphic%252Ejp%2Cimage%3Awidth.1200%2Cimage%3Aheight.630

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:18 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sgx-mobile.en.aptoide.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sgx-mobile.en.aptoide.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
7 KB 614ms
614ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1122068097950254&correlator=126703836552061&output=ldjh&impl=fif&eid=31061736%2C31061805%2C31061813%2C21068031%2C31061181%2C20211866&vrg=2021071401&ptt=17&gdpr=1&us_privacy=1---&npa=1&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=5302%2CTD-desktop%2Captoide%2Captoide-en-Programpage%2CATF_Leaderboard_Sticky&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90&prev_scp=pos%3Dtop%26countryCluster%3DA4%26td-slot%3Dcustom-stickylb%26type%3Dtop_display_leaderboard&eri=1&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26compliant%3D1%26personalized%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1626821478&dt=1626821478256&dlt=1626821477646&idt=512&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=2431&adks=361479168&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsgx-mobile.en.aptoide.com%2Fapp&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=300929169.1626821478&ga_sid=1626821478&ga_hid=580475157&ga_fc=false&fws=516&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3f596ce0c4a6d1f5963bb6cc8ad72b1e94b7a250492154b46f8113448fc44be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7530
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 126E 6 KB
3 KB 47ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sgx-mobile.en.aptoide.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sgx-mobile.en.aptoide.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 22:51:18 GMT
expires: Wed, 20 Jul 2022 22:51:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
15 KB 845ms
843ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1122068097950254&correlator=517845095614834&output=ldjh&impl=fif&eid=31061736%2C31061805%2C31061813%2C21068031%2C31061181%2C20211866&vrg=2021071401&ptt=17&gdpr=1&us_privacy=1---&npa=1&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=5302%2CTD-desktop%2Captoide%2Captoide-en-Programpage%2CATF_OOP_Interstitial&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600%7C336x280%7C300x250&prev_scp=pos%3Dtop%26countryCluster%3DA4%26td-slot%3Dcustom-interstitial%26type%3DOOP_Display_Interstitial&eri=1&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26compliant%3D1%26personalized%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1626821478&dt=1626821478262&dlt=1626821477646&idt=512&frm=20&biw=1600&bih=1200&oid=3&adxs=650&adys=637&adks=3985611965&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsgx-mobile.en.aptoide.com%2Fapp&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=300929169.1626821478&ga_sid=1626821478&ga_hid=580475157&ga_fc=false&fws=516&ohw=348&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b506d8122bbc07b2c65b9c88d078bba41c87797bf24150bbe8d412dc93584eff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15727
x-xss-protection: 0
google-lineitem-id: 5257069669
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138300521762
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 versions-e3b58574ad12b5aaf071.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/pages/ 20 KB
7 KB 11ms
10ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/pages/versions-e3b58574ad12b5aaf071.js
Requested by: Host: cdn-mobile.aptoide.com
URL: https://cdn-mobile.aptoide.com/_next/static/chunks/commons.a3582971b9d7446db178.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5b49a759395857880e7d8b3fefce1eddd47f313ece8c49234dd237deb1bee224

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
etag: W/"51b8-17a57f96500"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 13:33:20 GMT
server: cloudflare
age: 1847598
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0df387a4dbe-FRA

GET
H2 200 get Show response
ws75.aptoide.com/api/7/reviews/ 185 B
390 B 82ms
81ms XHR
application/json 34.252.202.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws75.aptoide.com/api/7/reviews/get?cdn=web&q=bXlDUFU9YXJtNjQtdjhhLGFybWVhYmktdjdhLGFybWVhYmkmbGVhbmJhY2s9MA&aab=1&mature=false&language=en_GB&country=DE&not_apk_tags=&limit=10&package_name=com.sgx.SGXandroid&view=response&store_name=aptoide-web&review_groups=auto_highlighted,highlighted,store_owner,others&languages_filter_sort=en_GB

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.202.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-202-225.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7420c33175c8ba3edc479ef46d7ee5df0c42bf0b37f8ed2a9ee130957e8a7223

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json, text/plain, */*
Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
vary: Origin
server: nginx
x-frame-options: ALLOWALL
content-type: application/json
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
cache-control: max-age=120, public
access-control-allow-headers: Cache-Control, Pragma

GET
H2 200 27.1409ba016ba8f92b03b3.js Show response
cdn-mobile.aptoide.com/_next/static/chunks/ 1 KB
730 B 12ms
12ms Script
application/javascript 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-mobile.aptoide.com/_next/static/chunks/27.1409ba016ba8f92b03b3.js
Requested by: Host: cdn-mobile.aptoide.com
URL: https://cdn-mobile.aptoide.com/_next/static/chunks/webpack-0b9a40d72b0faba13bde.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6d2119d04c91c455c7212cdda97358466a8d00117a1b70f6bfdb9528cdd8ea1d

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
etag: W/"54a-17a57f96500"
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 13:33:20 GMT
server: cloudflare
age: 1847601
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 671fc0dfe9574dbe-FRA

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sgx-mobile.en.aptoide.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sgx-mobile.en.aptoide.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
14 KB 273ms
273ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1122068097950254&correlator=1709616196179927&output=ldjh&impl=fif&eid=31061736%2C31061805%2C31061813%2C21068031%2C31061181%2C20211866&vrg=2021071401&ptt=17&gdpr=1&us_privacy=1---&npa=1&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=5302%2CTD-desktop%2Captoide%2Captoide-en-Programpage%2CATF_Notificationbar&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50&fluid=height&prev_scp=pos%3Dtop%26countryCluster%3DA4%26td-slot%3Dtd-top-notificationbar-1%26type%3Dnative_notificationbar&eri=1&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26compliant%3D1%26personalized%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1626821478&dt=1626821478397&dlt=1626821477646&idt=512&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=0&adks=3708959949&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsgx-mobile.en.aptoide.com%2Fapp&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=300929169.1626821478&ga_sid=1626821478&ga_hid=580475157&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f77c1d1c66a0713a52c8765b18983533f07ffb4abd7d663634c5759abd46516c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14200
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
16 KB 426ms
425ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1122068097950254&correlator=4039939825793625&output=ldjh&impl=fif&eid=31061736%2C31061805%2C31061813%2C21068031%2C31061181%2C20211866&vrg=2021071401&ptt=17&gdpr=1&us_privacy=1---&npa=1&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=5302%2CTD-desktop%2Captoide%2Captoide-en-Programpage%2CATF_Leaderboard_First&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1%7C728x90%7C750x100%7C750x200%7C678x382&prev_scp=pos%3Dtop%26countryCluster%3DA4%26td-slot%3Dtd-top-leaderboard-1%26type%3Dtop_display_leaderboard%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D7898ba7b84fa86%26hb_bidder%3Dtriplelift&eri=1&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26compliant%3D1%26personalized%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1626821478&dt=1626821478411&dlt=1626821477646&idt=512&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=415&adks=59193704&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsgx-mobile.en.aptoide.com%2Fapp&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=300929169.1626821478&ga_sid=1626821478&ga_hid=580475157&ga_fc=false&fws=4&ohw=918&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3ada673bb73b66900677e6c5bee388dcc4c37f1faf9e5320acf367e0eed9e112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15881
x-xss-protection: 0
google-lineitem-id: 5384318093
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138333602668
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getPackages Show response
ws2-cache.aptoide.com/api/7/apps/ 2 KB
949 B 184ms
183ms XHR
application/json 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws2-cache.aptoide.com/api/7/apps/getPackages?cdn=web&q=bXlDUFU9YXJtNjQtdjhhLGFybWVhYmktdjdhLGFybWVhYmkmbGVhbmJhY2s9MA&aab=1&mature=false&language=en_GB&not_apk_tags=&package_names[]=com.igg.android.lordsmobile&package_names[]=com.tencent.ig&package_names[]=com.mobile.legends&package_names[]=com.dts.freefireth&store_name=aptoide-web

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f617f51373e75dde89b82a5183e42b65d42a79104682c563ccee214a5f9e975

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json, text/plain, */*
Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: ALLOWALL
content-type: application/json
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
cache-control: max-age=7200, public
cf-ray: 671fc0e01c552c56-FRA
access-control-allow-headers: Cache-Control, Pragma

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
485 B 130ms
130ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edbd575c3004a&pos=8a969520017575db52c1dbd90c60004c&cmd=bid&secure=1&gdpr=1&us_privacy=1---
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 6f852d7c2a7ceb0b5ca41b8f8ece25cd7414bda7278422fae1c9b852ab1ac77d

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 20 Jul 2021 22:51:18 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://sgx-mobile.en.aptoide.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
483 B 49ms
48ms XHR
application/json 3.120.90.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.31.0&referrer=https%3A%2F%2Fsgx-mobile.en.aptoide.com%2Fapp&tmax=1000&gdpr=true&us_privacy=1---

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.90.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-90-149.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:18 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
835 B 31ms
31ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1185acb790e75a13fb4576c85a3ccb50bd99c00efbd988db0e536284d4e8376c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 22:51:18 GMT
X-Proxy-Origin: 83.143.245.190; 83.143.245.190; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 394950f9-c8b4-4c79-85b9-84824c864b77
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sgx-mobile.en.aptoide.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sgx-mobile.en.aptoide.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sgx-mobile.en.aptoide.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
15 KB 504ms
504ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

45da22b43f9ad62cf82173845adb520138d12237bc8fb652cb0d76007821173f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15776
x-xss-protection: 0
google-lineitem-id: 5257782844
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138330708158
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getPackages Show response
ws2-cache.aptoide.com/api/7/apps/ 2 KB
948 B 140ms
140ms XHR
application/json 2606:4700:10::ac43:1dce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws2-cache.aptoide.com/api/7/apps/getPackages?cdn=web&q=bXlDUFU9YXJtNjQtdjhhLGFybWVhYmktdjdhLGFybWVhYmkmbGVhbmJhY2s9MA&aab=1&mature=false&language=en_GB&not_apk_tags=&package_names[]=com.tencent.ig&package_names[]=com.zhiliaoapp.musically&package_names[]=com.igg.android.lordsmobile&package_names[]=com.dts.freefireth&store_name=aptoide-web

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1dce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c07d26ea5a4e9e748015f75603b518630fd50261b7fb166030c4d372b52f9418

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json, text/plain, */*
Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: ALLOWALL
content-type: application/json
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
cache-control: max-age=7200, public
cf-ray: 671fc0e14dfd2c56-FRA
access-control-allow-headers: Cache-Control, Pragma

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107130206000/ Frame 3216 188 KB
54 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55160
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b724d3ee8cec1601"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 3216 13 KB
6 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4795
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "392d0f0d5f27c169"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 3216 87 KB
27 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27843
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f120bcb28bbafed0"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 3216 4 KB
2 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1658
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6fba3cabb8cd86f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 3216 40 KB
13 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/amphtml-china-available
date: Mon, 19 Jul 2021 17:08:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12840
x-xss-protection: 0
server: sffe
etag: "6d4edf2414c2591f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
DATA 200
OK truncated
/ Frame 3216 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8cfedaf6f48f6c35ca3e2f8ceec0072cf3c51bca5bdd2331a69454f077ee96a

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Vp3ei0uSxJWMR6tHZSj8DJXYyqXNvUZkpe4I9K_qOhxXK8eCl07Pdp1zdVhjZQpypzmD3nI8KTRT6fnlOO8YAV6pC1gE7mw=w1200-h1200-rj-pd-pc0x00e9e9e9
lh4.googleusercontent.com/proxy/ Frame 3216 93 KB
93 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/Vp3ei0uSxJWMR6tHZSj8DJXYyqXNvUZkpe4I9K_qOhxXK8eCl07Pdp1zdVhjZQpypzmD3nI8KTRT6fnlOO8YAV6pC1gE7mw=w1200-h1200-rj-pd-pc0x00e9e9e9

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

05d1e964be96fb35e4ee3cf41090f8b196cdfca7612089ab14999668dd5ac4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94881
x-xss-protection: 0
expires: Wed, 21 Jul 2021 22:51:18 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 3216 42 B
783 B 45ms
25ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cf7m7nfBdIWtjsL-lwL49lwWS31LrwhfuXET0NLfG4TySm7ZO-_oUVIf9pAQcAUXANMJXan7i9yc6ZW_y70TS3n-T643ofSxMmMBelvTgrYYGeQR6ybhAdLcc4AE9awuePTmxU8ZfgNIuDORm7YGYbI6ulmw&dbm_d=AKAmf-A8dcbTAMtqZhPat1p_MlPz8EgUB7aySxnHYYqa5frpigUWk_c5a7yatnjqfkDLa25rJdOcn4JBizpgp2Y1XdmLeJ0tfvMg2M2A073SQTwVUfmAJ_Av3_wgyUFsvGAaFAmGFno3fBp0sby1yAtgEM5Q9Tjt7t6pd3xrz766e2_tARL8dbk_e2NwG_uBXorP8Dq17CK8r-DR4x5ikvslwsb9U33LeZIbKOjBl0Jcx9i8uC3myZQrwe3AHVeP8HzFteXi1qe6ycDI8cI7bT3u-TErPT8FeRzvemHVWnfnTVa0UtQFH7934ueEm59S9Q6zU1ohGxz__3pJ12OOK2KFLlmvUEAUq-ro-NjT2h-GNQeI206UrdwaTQkcp4Dtd7LAdfQ0N1x5PbQbkeluwg6Z0HnAcfe0sv-1yF1khjAJbZYferuEcD2U_zc4SivF5ZSkYbZ_EXqljuMzpWy9acBIo7CkEtb5XNwnQZQr2jPMhszkHWrhAQVToowwRfdxWnb0a_cZtb4PMOaaVs4p_dD_d0jhHWiWtGKMx_wIVatCec3_O5c5pg5P7_50pE8pUDFjA1pz0ayjs_L8OYXvpxkuZb8GNGW6qt1bwZl1CO7SreGgXSTmcyPXKzoCA6QIC3nxa7aA0JtoDisPShzhr0mmRsBlHp6IqSGHZ9LbqmHgJqigCZpwKmuEtctzqGs_FaC6DAQxeRMy69WKcIrvAH4Xi6wUU35L2kJCGEVCvFu702C3mmEdE8yYEGbjiNbibvd9XesGTeDVmwFzUfSWTjaz7aMyAD7CAuDq1B2_WLneEPjrc9dScHJWJADwkfILuB3OEi0VDy_lRwDUE_vWLfNUyQrqauAqohxG-y5Vnwh9smgl3XXp9d1vah8V0efuSwXzcngSdnrnKXTg7GcVdXtstYgxGZ_vX38bSw1UO57-aL90LYkJ3GlBgEiA10jyfRsnozIF8vU8v_kPfGAlb8nK9aTeFBSnOpQre2AG7P6DVMFQkobp6JlD-veZS5qMURpqJ4KTn5mN7OPyE567fX7o5xVKXEZTpqqi47EAnrZ-AVxZjwJNW8slggqXzihFnh3FR2lt0IIyC7tPEioRIinpOeOG4OqgNrYgbjjhTiYutEnwwu6i8OdlPidpsCTCT5_itmwQS1JGR0K-eynQCmOQPN5dsoDV76lJzMqiUqqupReJ2hVUi66_ddeKbwQ4B26kWfEf8pOPhHNbb55drbm6heyRUDLXsQR2t_VXicb4sgTwgCCcFBarBtQoWiqATE8pX-m0HREAEZotEr4dusIESC1c2J6NiU-oEmR41qRpTITIhr_F4Q2h1xb861TCF00WdrbMvOLvmtn7TjHFhy8ezvBouaUHnYAZbOF_p9N2Un664L-6vVGf3wB6KSlVLQxILmL1CmhRFjqnCASD0xx6ZBg-xKfZwwvX4w6fd4AXlLDZpZcHYdJYVq-IgMzNHUJP4GmPaJpre5LmYvQOfzosO-81YSWXEeWhFUePgu45Xk4Seqjp34_N6mSYExbBYEKhHLGcFiIi9XOG8sZUEo5BAqTwJfrZDn40rOWLZrLVQp14Dg0Ht1-SLnCjiHJjLcmfc7OUNHCvb0djd6RcEDUYbqd7oFhHboZaHPgqnlPL5x7dDogCllYq0ruvBdEnQ2hlpuzbjErYPZGQrFo0XTNf-KiHYPQadKsqDvjPSYK2Ax3neFb_0Cv0E876KmLj9YDYRzrAH-aJVIQyv2a1PIqySuhR-svir2aYfKqiRHkeRR5R6Ud76rSfr6rTFaTdDl9nUa2UxInQhgKyvhu6fTmRweOeJZHsnr1mz8LTschTVUvW77zaGcfFidVqkCFPPRyfZaZTQ-y5uIbvQ6Ox0VYEjspTZ7PTeFhirqjOZfhAKOhkSHy8debmRjKiTetX8m-fPNw255OKC9AQD2L3RPjdqmR9FkB9_pa5tpCWm2yt_0IFp3PtcyH3kF_svSj-kSSmP33bOEMPlX450mYA2fKBOYU6RNe1P_nZH8UjfK6mozy-hBf86Ci5m87KCZ72nki1Cu5kEJtdsxA-OfKIR_lZzn2_95ztvsycLHPOvmwGU_8WrjKeZdiqqmHhKtOncGE3G6hTbaC_2CCi2VTQJl7KF9nZqf_b1VjJEGNHCsLt41RKiiXBzVNRinGIcqrstysaHGmUE-jH_Ptg87zIVfmoVBOQhkDcQBcYYgEdy-KxpgHKwfjvtzeBviAAuKvap1gbHCUrD0Njjd-ms_uZfDEjGe9r4vahIH5bOofobWdl2rn1t0GPBUhIi7nbm864JuZQJICkHnn7VoErVUeD26TfCEXG8ZRyg-_INJsiT6Gp4L3bP1NpkxvUCZocpOkhc8wAAIIlk23manVIWD1iQ7S2EGD4AX5EpwvT92Wx9WItTGIjpzs_z4MH0dvKt3DDtKOYp64MLQHPR9g4gyvp0cWV1aRfhS7GlkzXxUfhMx74mynfelSL3MQipsyeaj6VawW5HgTz9Higm0ktSGpOUISfWUNbSezOsHS0wyGih71G4ezjKMYzt9-ufD3Xc3BbZYwH4Nqm8noGavRItdpqXfFI87JIELtNAqlMoQXIml9vt__khsYdN3vOANS_K6kDRN-FdULIuY2z5Ata2svHYtAVt5xp3IKbktt206ry6ENh6oZ-ivoPBC8BOjAYhWPDBth_iu4z66ggDhtAQFw_EZOJkApAdwAeYTF_n9a8FWcpapXICf0snAkn8fFWRKEHoRc_b0BXlbtydSbMOIxNT7ebB-Ozoh6mS0s43kw_1PS0FLfXy2_I4pMVXr2gl0R-0-McuyiSVFx_Svhh9CIL1oJ3Z4yn_LnOMtG4qvwJDGzuSBWz-hkU1d6zkb8mop6RHSWWPjPfMr0rdiuHhpm9rM0ylC3BodI4SBuRaG1JDPdAnkwfdJ3SvR-xIzYuQRT2UHuSfAFlWzQYT3AltMkoHNJ-VlmQ5Jr7gaF24KP0ciLaFOPacBW1BML8ki_Q9IkyaRqJrBCTIEqKJCgTbSnZdTcya7qUwTGkIzmz0lnBAwAY6HeKnxUEjo1DYRLAh3jafaD4KC5326vp1SgLFacw7jAFmjSoN3r7yPjN8m2F7uuSTF_wdzWvYbhqcSUoEzeo4KZtJw1GRG1-kZCWt1HQgkW1cgH86gBj-1ZVI6R4UXMyyU8xYdQF3PMPNNcd3RBdTzeW1SX0EP-YRK4-SXo_KR5ntQlQiKxzoJiHbG0v3r1eajoRvZbQoobr3L7Sz-wmKlkiY9HZtqCupHylYjiJR1ebgXoFs0taTIFih8q88A0F8LOSYPoeLkYPqW6Wv0kTS-PYXEdy8r8ly4yPuiGSzYNX6ZpJXalUaArKbc4hO2Ul8ZSTaQwGwBA&cid=CAASPeRo61AyI3cv_wt6GX21kED8eUndCj6llhbMxuIzSor7chKPm1ka6l2KjyHeQBuNYEaXIT-OVGPzZmkCOjU

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3216 0
0 44ms
43ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuAizZlP3YOKIGsWS7_UP79eHqA2F_-jIY8GMoJ2BDsCNtwEQASCh1fkqYJXikIKgB6ABzJTivQHIAQaoAwHIAwqqBNgBT9DOb2teqWggn7jgf_9JZ6YW9f0doeMESXf-eSz8uszbFyThUzqWLPkynf8_v5RgPpZNV7mV1E6yK5FfzMLTyUB0bRZ6V7oPhRXgYG8wgRaBF-uIEgoUmYDRxA_dPOmXyIjU5rz7NrmOgQmUbqsXWD2QsS7ODhL7IPyJ68dnRQUQf92WgAvzwzRi9-1av3ikpd57uzFHNSRv6iB9at-fGq27fLuH_kjq2hPHdpfKCDsUv0NZ3-nUitX5CbwuzKSRXE3DYot-Ofnt1sKkGHfmwDCLpPtQv49MwAShvcuHxwPgBAOIBd3cvKcxkgUGCAMQARgBkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAec653CAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcB8gcKEJf8Bhi3lYyqAdIICQiI4YBwEAEYHfIIG2FkeC1zdWJzeW4tMzUzNzAzMzI5ODAzOTM1MYAKA8gLAbAT_Pr9C8gTtqjx3APQEwDYEw2IFAHYFAHQFQGAFwGyFxoKGAgAEhRwdWItODEzMjg0NDk0OTQyMTkzNg&sigh=YroNEhxr2gI&cid=CAQSPgCNIrLMMiUPPZtnsDq951vHaF9EchPfkrGa4BQeVi49OZOViio8sNpVmlC9DgIZ9u8YRkdapuAU7llGJvAu&template_id=509&vt=10
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3216 2 KB
3 KB 27ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 70320
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 21 Jul 2021 03:19:18 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3216 295 B
399 B 27ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 35017
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 21 Jul 2021 13:07:41 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 37ms
18ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071401&st=env

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f420f16ca3afa78346719ae84f58f45746316fb464f0339d182ee825129dd6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8457
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:18 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3216
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

27ms
14ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 20 Jul 2021 22:51:18 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 06AE 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sgx-mobile.en.aptoide.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sgx-mobile.en.aptoide.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 19:48:47 GMT
expires: Wed, 20 Jul 2022 19:48:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9E5B 783 B
533 B 16ms
16ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c4b17b92955d322d7f08bd448a4ce45fafa532cd9125f54fe8d9bff416aa1aa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/Pc45Xx2sROQmMjskrhHDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sgx-mobile.en.aptoide.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sgx-mobile.en.aptoide.com/

Response headers

expires: Tue, 20 Jul 2021 22:51:18 GMT
date: Tue, 20 Jul 2021 22:51:18 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-/Pc45Xx2sROQmMjskrhHDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1CCA 0
0 43ms
43ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssToPZ2ybCZ_7GTkvWwKz_2NJQyrE1sGZUjhcr30w9FAEvp_vI-u0N_4VjFgtytsEzvd0AGD6KNlPxaIZdyqD14Jrxgjt1bDJ4XwjSv0XA8bq1G-pNMdoCyI-3g8ttb-I7I1-mD02h2JvlrpwyqGYvLibp5E11cwPOUd7eWJXcGUGI80PUsOKsjIJSo4j-wGvQ3PjRUSc6MK8olh0RpYnc7y_jORjjeN9cQr6J7ZokMpN6V5WeJHuXCkDHtwLGO6PjljfFClXY7yOHGr6GQkbPDPLXEO8IrWNaAwAy45nLTRk0bQ569yxfFVRy98PGQhyz_bfIW0-hE-w51D0ES5xbt_t6P_FbRRbmIveRFQh9h7JAZFxFLVKely79iZ3cIenLpVg&sai=AMfl-YQ5vjb6OK_jpvEpGb14Bk-yUJkcKnGOr5rUyrF6555pYunNVzC4AyyHj69jVOlEhTzS5no0pXqemIqNl8QFsG4pApV4ntiQHyTY9J3aIFrxfu_SaHYCld5Ahz5OBKw&sig=Cg0ArKJSzG4YKj1uSZSbEAE&urlfix=1&adurl=

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1CCA 69 KB
24 KB 18ms
18ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

8b02c932a1571f099b28ac87a27785d47ed772c8b7b8d6953f3dbad43a07488b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "936 / 433 of 1000 / last-modified: 1626819085"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24203
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1CCA 124 KB
38 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736020213958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:18 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae2862c982de5ca8aa7d0b97b493a0561b30a04a6d7ae249ae8f758e7453842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736025986498"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28059
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:18 GMT

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 06AE 35 KB
13 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 15:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 15:24:02 GMT

GET
H3-29 200 pubads_impl_2021071401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1CCA 329 KB
115 KB 22ms
21ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Jul 2021 08:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117283
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:18 GMT

GET
H3-29 200 container.html Show response
f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A57A 6 KB
3 KB 19ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sgx-mobile.en.aptoide.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sgx-mobile.en.aptoide.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 22:51:18 GMT
expires: Wed, 20 Jul 2022 22:51:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1CCA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f01d879af3aeb8f3f03cb01f135beff506cbcb92b811542d7cfe04bc594cc7e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1CCA 0
0 43ms
43ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUOfO70BNnAaEzZo9aaIyAFSPE2qZ0yrLBGswjAQjTFuzh83-qos7Sb_qx7EHzjWHPljVC0lcWeI_RXOCe5zFoaL96f5cDfn3xuHfRuhbg_84IWlNrG4IQqPx8oYU_Vq7gqDdz18iUeCMPTZIWdz0-pHqGm600zUVqB1POPeswodRJuTlDCvLYWh0BGVkilJEBBsX7CvpGzHFmVOvmfsSEy0wCnDxX4huKt0_oxzDGGQ-u4A3BUpIqYH5IfKKqJcF2-_cLO2GRR42Re2JXMTJVoqkVsnf-BEE0v3DavZNv96O3MzEkzigduuwuecZZeocXrNcBL88xdQI-7l-VVZ5_FAXR5SD8L3yEbAMCedJQYTvJ_qxYZ-47x3LveX0tCi_P8pF_&sai=AMfl-YT-5ay2MYilj2TbJcawL9kYpAMdIpBuWAojXHqAkNI0CiNfYDQllh_aONSohAQ7AF5vjF9CTPj9pV1IcWbbvdOSgBUW_FzZoUwrrv8wEun20FUgnrgEDES8AQ3dCT0&sig=Cg0ArKJSzAIWa_8UddVREAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 22:51:19 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E34E 0
19 B 17ms
17ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIDKjAEQzcuzowIYy4ermwEwAQ&v=APEucNX7Jb9-14LbCHtlo6d0Wo8RjD2n7XH9oHTGOD-iXvhH0MDTmOtChiJ0hK9jSrcfX80U6IAe29nRY6sPWxR87IlTpYrOrg

Requested by

Host: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
URL: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CIDKjAEQzcuzowIYy4ermwEwAQ&v=APEucNX7Jb9-14LbCHtlo6d0Wo8RjD2n7XH9oHTGOD-iXvhH0MDTmOtChiJ0hK9jSrcfX80U6IAe29nRY6sPWxR87IlTpYrOrg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmMWUv8F4RRMp_TEYjG-Zq0HWU2bJJiyV9Qyy7ule-5zcuiPL8gJjXxb1SVNkg; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Jul 2021 22:51:19 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Jul 2021 22:51:19 GMT
cache-control: private

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A57A 45 KB
22 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYtY3HuCfqCVp5w4AlXfBOYOpYyRGzuFOr7eaM5J8ZPmZQ2LKfCwsGAn-Pe12D98pfKkbrpRfzZfIBW3AtfaUy3DQFORHHLAxWbjSuduVt8wHtrGH8-ZeKx57kEPMSaMYHgjzbd4aPxo0teqSn19dUjsYBHA&dbm_d=AKAmf-CsX9a6yMPfFzriiGiuXc0BJnPCiMifv0aVj1eTU_9K9wmNiBedVI_gPVlfHkRWnu_U-kiTnwHrJgmQYsCMF9Qc2xyAYk0MoKjr7oDbcIy9slKgrznsh9dMeKenbOBKP1EJF97TjqIdhMgpxgLDmc33mF2G-CC9YQc3OlaRVX9KfEWLS3Bj_1UCwCd7XPKi78ftLw_xGh9jyj7MxldsnL84VSPq-cMoQZDffEPldQ49NB_6iv5HGpAlUxCZ_ze4LoUtt9RZSptg2KESMyeELHCoVQ6HVeyTj86GGDaLsde1VWCc6TUEsza1xzPOhZlAEKFK86iCfavzbdMurS4WEeYNf5gBJl0gn_BFi5dD8EHzz2xTavxc18Uo9ZgmBiWPh7PdqHxG7i3SmVsmNg8duPwO_90kVHm1sAIOlyDuR5SjSrceRPhgjAtre_PWHP2t6EFjwXAihRS7WHIv71PXplhi2BH0khLJ8MJb_9OjWwf3bEb2ruE6hSc0rx0St4BeD-rQkE_cuFU25Xmy3aBnO0M8EbojUKiLwuTniqgtsRJ7wQGTyvmgSfxbgeNXiXV89yOCqzdXiB8dGfoYiXsKXSfkEGBpQsX9bEtG4qNEFP4I8Kr_8C6kLw4key2bxR25oXYgNDUhLxvDH4WXwp9DlWy8wGFAvx2KcNm8kjb_raZ-hh91uLVeqnq8kOxFr6rspYOjjliGR0jUHMWNnljwyKg06WjJ5jBHeFgPx2qwrdEZpD5jT21zWBaLljNFRpkTacxdIDn2Z8CBL5XZQg36roAEBwi1J5X_ccOmYdHiBnvsjPih0YZWaxm8Ui9mz9b9XDqCXvJcXQIN3tRfH9NslMsKRHGw786x7Y-9ztH7Y2CohJZpMtKykQGsTQRosDP4xfwtvjXthqt0fWq545GKdGe6iGX9q8BsNamhAzINwGOppLGic0xSco1gdgnvCHCLpLfzu_J2jxkFjubGPp9PcCKROQsc0VaSsyO6EpirIehD1p8Z0QAr_c070sNypZZXcRa4bEG8q-wi05TJD_J6Rm0W8IKWhGgC5n5JEGiqXXTbPn59wRMF-m40tGDKNGAxlVLsEz3fR3mX3gT5HuIPI53r64nbdLjmkSQUgCOaxEcRcYahWuqIGAD8CK17k1NmnV6tcsp9hEKxNsa5NeIkPch3RIUcHt7gShTek_d-wwd_yY_-CleU1wgyJG8Qjft6TE_nmvpMFGu2XP7r2di-1rkgTN9y_xM7skqfkeOfN8M_sYTxCjbI9U4UbdfCf9xu87bpvFvGxWZL7h8eyuG1l7xYE7L6WE54nQ_NgZkMVn29ENwPYB0kUkrpjFXnVRfqPSkne207O7rQPECjvEEPgJS19TStlLZ8aFzoNTaVa3HKt7c7UXF6HVqJ1fAaf8AVCM592OeUe6njODGnXUov0I4fz4W4MkYUgPDDW0pzLPkkMGaXdwV1xQDt4UVj2YX5tvIdvDKXKTfB-cZbf-UrmsFrEpPl47FemHB7-k7vIeEHdLqElFBY9gfZR7pEt4gclA3Q7WFDDUg-LS4c_74qOLLbga0MpIkqgAm3MIanol4i-GNv-C0VYXJPp3m-Le6KK62x1H2v1CcQ52W97eaQiIdn_Ujh4ajR5bgQyj_MTGO-9ekg9Y-2VWODqdyEvGpwt2leBiZ2UL7j38pRAV415Co5XKb0rpryurS6oTfDdmXf5swqmbIr41jtks1eqmSgcJFebaZ4N9ZTVw5gCmnghbqnf-8QO72hY7lJgzGnpStMFQYMVXh6Z9_ZGedN7ZaChRyAOnUsz1rTscVyU9Lbf8QW7hLF29y_FuQ9YeS3v2z9-tr3-pCMMWq_2bDxwMEorc8TvRyrBSL_Z37RnH4drTZs-5etY0qPvVqcXqWQqdUVI0JOUtGXfeTOmXN9vAjIlXUu4R2vGN3pzbHbJ1AYH6BwLmTW0MkXxLfdUZuK-fMwWUjOWWtQvQiRCp6CTpYTyjCGGFKs9Ljtt6gp40Dln4dRYdFsJJAyZweicwrwl6nYM_Ptbt8M_gjSlhkeDZ2nVdhti9eStScoVWFAqhdiaceltF5fxeo1U1O7cVNvbCjhf6xn9T3YiuXyf4Wk5lUXMKpVKkNpVHGF5ykoddxPvAR5-ggoAuSi9pr4t659oVzlVHhh8sNbbSZYXKl6W1t3pZdLTfpiDoHWaXuHKAwnu6syBhYwaXR10ttp16YyU0lwCRgBj8kIwq83_F0cmUK8nWroJrOq2UjcHKqaWMgOePfr4M3ScVhdsMg_0PsCQ0d64OiIgIOmPTLvs6MYPssQLtd-k2sDPQVtWKLvwVtNt4SRMFciix4-CYre8i92PK0lgF1kxXJRfoj-xZE6hFjQ9e-6fApvwyZalJ56CDXhS0hV6Kndm87z65cRGM5a_okX7jsTu6fe3kU5gkYYBBQR6FcFOnQP9XY3qVrW24j7emhuIHvUeXMb0Mjiy_JxC3HR78sDT8JNgZYEBpz3qrFf4ezVFH4_gVKxFZWoFMxYQafytpIE3mo4YrkAexIyjEVrL7zctx6ajUZoCtwzjieHh-fgCq4TtTzLkR7Hrg_nzkfZrKPm8FsJRNHuhgGXDkARJGDeBb6BNYXPyL9vuk-4frklFr93Kb9YwstWtOdzVTbm85d4VVS4uWRVRRpdLkCSWM3VnjzelJ3yBVSCtR56NSrm4odgqFE2JQ63klldVjlZdNTXj833NWHEJ7AN55wZlBgCYNFKEIOYOKQE17BTKhN8KldcBGTUdYNIS1f3atMCJguDaOooRSth7KtjJ7JJa3Ir8T54nqsQRNUDwePyZGCKwChYwccf35e1-fdz0LcFpwYWHbzpMB-w7UB3Uyv86-Sc4tmqrJMH5w0evzC2WoLaTlGmHvzADDOlV2TGC9Ue6lwtJD0Y9gTmXvBhnv0uooTb3eUYJPU3Y6lXUH2eERvGQo5N-qkvZ9pOXh1T2GCtz4tLGO7JgrDMwbBwA2dJtJWXgrpkTnhHhj5Jlsx_gJRjD0gbKc_RD9ePVjLut1uJCxYr6RHGqZ2ntfQ0wyRJozUuCcdh5D8PFHvHzRSSx1cAC2xXx15ymHodPy3d-znI8OE3dV_ZKXDJmUkSLS_eJpVoGRGPJzcte8_Gd2TLkb40WKayVCrzLUsyqmnQoGUG1ti9t9RLspCfFRuUO1XoUbxXlGpO-MBxemQ4YXUmoTTDAaMnghdyMgmd6ngSR8x09CQL2csaYpExkM6VtoW8bbErTfuL6028Dzg4x3POA3gaTQNRiffdDkURr3wYj3VgQmpANZ9rhLkafWErhYt4hZk_y7L7_AxctYEFbNoKlpd0aVyZWYUrASdrkRQzJ6v15Fiu_Q&cid=CAASPeRoTVEKAN5oZNE8KO2aCoHCcRPDrCr8jG9fPXUiHKMahjuAZ-hZzv6HJ_YGMV_JqinsczCmSLXW8f1CR78&rfl=1%2Chttps%253A%252F%252Fsgx-mobile.en.aptoide.com%252F%240

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c879ad77a297e36246d40fa78ca661dc831c4d0195c511bd507c2419cb51f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22536
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A57A 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A1UoYI6i8B-qIjjfkpTHS68KXyAOPG9RzuBxcDuuKpDG7apnUp7cCluqwuuCVTSw8lg7NC2whn9rnfYZA4UmFSxLK7kuxwOmf7u1NXTl2uRVyv62Y

Requested by

Host: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
URL: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210714/r20110914/client/ Frame A57A 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210714/r20110914/client/window_focus_fy2019.js

Requested by

Host: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
URL: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 22:51:17 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A57A 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
URL: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:19 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736020213958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:19 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210714/r20110914/client/ Frame A57A 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210714/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
URL: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 22:50:32 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame A57A 0
0 14ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaROhbe-OG5QxbzTFNhtnSDdpazMW3THXRIy70S2_xm_uCFiO8e3Rlni2nIQq7xvCqSHJixh
Requested by: Host: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
URL: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D6E1 0
0 42ms
42ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhiaPlvMySwuN_246aOWcuhxTtPkty488JjWC4Bw6sQxdQkiZWWWtCqRX156nWv86TlRgKq4i_EIzAsmUz2lgM6y6pEQlGek3nLkcKlMLuMx9mzsMx6FvqDGjundOx91zihbmqiBx8dcSdpl2_n0Tup2WalQYUQVDYwsK-vNhfaDJj4UDd5Ouh7QIGvOUoc2A4zjs__JsX_azO-ZY3dUdNdyqh4c0qyWTswMhdGQqaECdiqOPVqCi2a-9dROziftX_HgkwSZkaGAYI_SUveRGTMFjKJE2X2rtgXimqxgYMxJmQaXYnGmMa7V_7xunwk2msabNkDVt1ETfZX-Ghdo3Nedt9wlbSF4pqRB3NfuXnARWqLurjZ4mwELgH4oVgHQwKYA&sai=AMfl-YTsL7QMpDj_jBR1kyG4yUcbnYjVZUdXmoOF1PVC8xIcWlRO_ZkmQqRjKpLGHGb9BejhLcQ824k-jqT96nJ8HxpOiOJufLnK5soZOALshnoH5ruvguxIed-iocnbFfpH&sig=Cg0ArKJSzP1vjtSdIH0nEAE&urlfix=1&adurl=

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D6E1 69 KB
24 KB 15ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

8b02c932a1571f099b28ac87a27785d47ed772c8b7b8d6953f3dbad43a07488b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "936 / 465 of 1000 / last-modified: 1626819085"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24203
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:19 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D6E1 124 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:19 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736020213958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:19 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/ Frame A57A 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYtY3HuCfqCVp5w4AlXfBOYOpYyRGzuFOr7eaM5J8ZPmZQ2LKfCwsGAn-Pe12D98pfKkbrpRfzZfIBW3AtfaUy3DQFORHHLAxWbjSuduVt8wHtrGH8-ZeKx57kEPMSaMYHgjzbd4aPxo0teqSn19dUjsYBHA&dbm_d=AKAmf-CsX9a6yMPfFzriiGiuXc0BJnPCiMifv0aVj1eTU_9K9wmNiBedVI_gPVlfHkRWnu_U-kiTnwHrJgmQYsCMF9Qc2xyAYk0MoKjr7oDbcIy9slKgrznsh9dMeKenbOBKP1EJF97TjqIdhMgpxgLDmc33mF2G-CC9YQc3OlaRVX9KfEWLS3Bj_1UCwCd7XPKi78ftLw_xGh9jyj7MxldsnL84VSPq-cMoQZDffEPldQ49NB_6iv5HGpAlUxCZ_ze4LoUtt9RZSptg2KESMyeELHCoVQ6HVeyTj86GGDaLsde1VWCc6TUEsza1xzPOhZlAEKFK86iCfavzbdMurS4WEeYNf5gBJl0gn_BFi5dD8EHzz2xTavxc18Uo9ZgmBiWPh7PdqHxG7i3SmVsmNg8duPwO_90kVHm1sAIOlyDuR5SjSrceRPhgjAtre_PWHP2t6EFjwXAihRS7WHIv71PXplhi2BH0khLJ8MJb_9OjWwf3bEb2ruE6hSc0rx0St4BeD-rQkE_cuFU25Xmy3aBnO0M8EbojUKiLwuTniqgtsRJ7wQGTyvmgSfxbgeNXiXV89yOCqzdXiB8dGfoYiXsKXSfkEGBpQsX9bEtG4qNEFP4I8Kr_8C6kLw4key2bxR25oXYgNDUhLxvDH4WXwp9DlWy8wGFAvx2KcNm8kjb_raZ-hh91uLVeqnq8kOxFr6rspYOjjliGR0jUHMWNnljwyKg06WjJ5jBHeFgPx2qwrdEZpD5jT21zWBaLljNFRpkTacxdIDn2Z8CBL5XZQg36roAEBwi1J5X_ccOmYdHiBnvsjPih0YZWaxm8Ui9mz9b9XDqCXvJcXQIN3tRfH9NslMsKRHGw786x7Y-9ztH7Y2CohJZpMtKykQGsTQRosDP4xfwtvjXthqt0fWq545GKdGe6iGX9q8BsNamhAzINwGOppLGic0xSco1gdgnvCHCLpLfzu_J2jxkFjubGPp9PcCKROQsc0VaSsyO6EpirIehD1p8Z0QAr_c070sNypZZXcRa4bEG8q-wi05TJD_J6Rm0W8IKWhGgC5n5JEGiqXXTbPn59wRMF-m40tGDKNGAxlVLsEz3fR3mX3gT5HuIPI53r64nbdLjmkSQUgCOaxEcRcYahWuqIGAD8CK17k1NmnV6tcsp9hEKxNsa5NeIkPch3RIUcHt7gShTek_d-wwd_yY_-CleU1wgyJG8Qjft6TE_nmvpMFGu2XP7r2di-1rkgTN9y_xM7skqfkeOfN8M_sYTxCjbI9U4UbdfCf9xu87bpvFvGxWZL7h8eyuG1l7xYE7L6WE54nQ_NgZkMVn29ENwPYB0kUkrpjFXnVRfqPSkne207O7rQPECjvEEPgJS19TStlLZ8aFzoNTaVa3HKt7c7UXF6HVqJ1fAaf8AVCM592OeUe6njODGnXUov0I4fz4W4MkYUgPDDW0pzLPkkMGaXdwV1xQDt4UVj2YX5tvIdvDKXKTfB-cZbf-UrmsFrEpPl47FemHB7-k7vIeEHdLqElFBY9gfZR7pEt4gclA3Q7WFDDUg-LS4c_74qOLLbga0MpIkqgAm3MIanol4i-GNv-C0VYXJPp3m-Le6KK62x1H2v1CcQ52W97eaQiIdn_Ujh4ajR5bgQyj_MTGO-9ekg9Y-2VWODqdyEvGpwt2leBiZ2UL7j38pRAV415Co5XKb0rpryurS6oTfDdmXf5swqmbIr41jtks1eqmSgcJFebaZ4N9ZTVw5gCmnghbqnf-8QO72hY7lJgzGnpStMFQYMVXh6Z9_ZGedN7ZaChRyAOnUsz1rTscVyU9Lbf8QW7hLF29y_FuQ9YeS3v2z9-tr3-pCMMWq_2bDxwMEorc8TvRyrBSL_Z37RnH4drTZs-5etY0qPvVqcXqWQqdUVI0JOUtGXfeTOmXN9vAjIlXUu4R2vGN3pzbHbJ1AYH6BwLmTW0MkXxLfdUZuK-fMwWUjOWWtQvQiRCp6CTpYTyjCGGFKs9Ljtt6gp40Dln4dRYdFsJJAyZweicwrwl6nYM_Ptbt8M_gjSlhkeDZ2nVdhti9eStScoVWFAqhdiaceltF5fxeo1U1O7cVNvbCjhf6xn9T3YiuXyf4Wk5lUXMKpVKkNpVHGF5ykoddxPvAR5-ggoAuSi9pr4t659oVzlVHhh8sNbbSZYXKl6W1t3pZdLTfpiDoHWaXuHKAwnu6syBhYwaXR10ttp16YyU0lwCRgBj8kIwq83_F0cmUK8nWroJrOq2UjcHKqaWMgOePfr4M3ScVhdsMg_0PsCQ0d64OiIgIOmPTLvs6MYPssQLtd-k2sDPQVtWKLvwVtNt4SRMFciix4-CYre8i92PK0lgF1kxXJRfoj-xZE6hFjQ9e-6fApvwyZalJ56CDXhS0hV6Kndm87z65cRGM5a_okX7jsTu6fe3kU5gkYYBBQR6FcFOnQP9XY3qVrW24j7emhuIHvUeXMb0Mjiy_JxC3HR78sDT8JNgZYEBpz3qrFf4ezVFH4_gVKxFZWoFMxYQafytpIE3mo4YrkAexIyjEVrL7zctx6ajUZoCtwzjieHh-fgCq4TtTzLkR7Hrg_nzkfZrKPm8FsJRNHuhgGXDkARJGDeBb6BNYXPyL9vuk-4frklFr93Kb9YwstWtOdzVTbm85d4VVS4uWRVRRpdLkCSWM3VnjzelJ3yBVSCtR56NSrm4odgqFE2JQ63klldVjlZdNTXj833NWHEJ7AN55wZlBgCYNFKEIOYOKQE17BTKhN8KldcBGTUdYNIS1f3atMCJguDaOooRSth7KtjJ7JJa3Ir8T54nqsQRNUDwePyZGCKwChYwccf35e1-fdz0LcFpwYWHbzpMB-w7UB3Uyv86-Sc4tmqrJMH5w0evzC2WoLaTlGmHvzADDOlV2TGC9Ue6lwtJD0Y9gTmXvBhnv0uooTb3eUYJPU3Y6lXUH2eERvGQo5N-qkvZ9pOXh1T2GCtz4tLGO7JgrDMwbBwA2dJtJWXgrpkTnhHhj5Jlsx_gJRjD0gbKc_RD9ePVjLut1uJCxYr6RHGqZ2ntfQ0wyRJozUuCcdh5D8PFHvHzRSSx1cAC2xXx15ymHodPy3d-znI8OE3dV_ZKXDJmUkSLS_eJpVoGRGPJzcte8_Gd2TLkb40WKayVCrzLUsyqmnQoGUG1ti9t9RLspCfFRuUO1XoUbxXlGpO-MBxemQ4YXUmoTTDAaMnghdyMgmd6ngSR8x09CQL2csaYpExkM6VtoW8bbErTfuL6028Dzg4x3POA3gaTQNRiffdDkURr3wYj3VgQmpANZ9rhLkafWErhYt4hZk_y7L7_AxctYEFbNoKlpd0aVyZWYUrASdrkRQzJ6v15Fiu_Q&cid=CAASPeRoTVEKAN5oZNE8KO2aCoHCcRPDrCr8jG9fPXUiHKMahjuAZ-hZzv6HJ_YGMV_JqinsczCmSLXW8f1CR78&rfl=1%2Chttps%253A%252F%252Fsgx-mobile.en.aptoide.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9349
x-xss-protection: 0
server: cafe
etag: 11779355884012761328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 22:43:52 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/elements/html/ Frame A57A 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 22:38:16 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A57A 0
592 B 73ms
51ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOHt7lhK2TwmcCC8HnInb7t-75-J7dBDbSifEhumLeWBX7iSEny30u9C3SOP6L2ud-PUxtmA1QpZPp8_sR4x1a3fnb44lAFpybW8OOYCxdJYkZ9eE_yeukteeuD15_WZzZ7ztkB8Qr7bYA_CQJegFSOA4PS3Ontk9oF49CvHhMiGgD6r8tlQrKZT3UoD7HjpQ6zUr1nRwCWbROp8zeizsqRGMZErF82RZ6CcweKh8SjOhOxeXF4Ee2QuTjMjSiVbri7exI0rVL3TUYBibZ4OK9xxi8LCMgkMyTbqOm7Qy78Z2r6sIhRHug773C6tnSDI0HQLwYMjgvRHXU78Juia9f-KOkMKGr9J_lL-J0yqDor5GnFdf5kb7IkobPLKk030ljEdWJ3nuwSGDDGD7zRuUZrF9JLxg3uA9hn7rnSIyM2RyGykLyaCzcm6qIQN9zxXbt1M10Q05UVXu6Ti1_2S3-bgtCDPH8hCTiJiwwHlFzpLUOIr8WFWhC9SFtJMoM9G9Y3z5I-5I-9OP_Crt8DAo9nn1U71SXx93tiaq2q2XecvEqJNu2HhhJAVzGTwnr8_tBvT06wdj8Y3PL18OTd5cOtSHew0abQhpTbjoXD9EQrjhw7UDyD8FSfq359Y7BoiXZGnE-NdEbgtlXkvh6SuIzGGWCZENWYUVEwn55hhIBDx3GBJsCm15h_rqMW4BzzoOdkkEO-9tO8h0m9XFGAreYcnMDCKfLjf5ZBpoyES8Mmev4RowAww9eWB9_rkrdxjyIFtJt6fWRMPILWuXQ8do--FFnsIAAzTDzjQcnY0Zguepv5BD24DNB1O4r7WaKujZMqC-eOw-jzb-0VDvvtgnDMLmEMmHiGovZlIxP1oSmhIyl42ntNGRAfG8hWr0s-XBXM-KnZp4xrwg_om-zPKggtQHtttgQoFxbms75ti3NLbCurSkbqJ1nVwCYu8qv9heTqryUxh2iVu9gAg5wLR53yHkjrIUxIsNoxIM_E3pb0had7WJ6EMh-sWaYvhq_mVuasNJ19G1YN506T7Iz-RRUajIZYSmrfgNs3GS1v3rpowB9P9RNIVMZCPgkTFAzKLnr-hbPxmWvYTPWZzHg2T89_cRhczmne7Idap0L9n1rSH08yl8TnlaN42lLPp8eGEUTYguE7AVnU2vpv9A0eXTdx4ATxiQ7U8auZQTlTrGPd9gHQHYxuAjMgkXvgtDAs6319-1GozG1cVG-AuuLi1ZnQ4zw_ga9&sai=AMfl-YT9QNYaSFmqdxEN2Fg2MdqVlYdIXPDXZG2PSQkpEHQCQecNbvJhPBwbupoaSbvZRZLRrs8fLLLudCls2Ujm75EoM18r9ON5q7HF7A6_hOMNGKBBl9GBSRNlwS-YzWcG0oplhUdLDw8Z2aiVPIDa6ITXnGd5LDvjSXoK1mJKQUs0DCIRIvbFtyN9HUZJC3PA5z--E3sRx6aQDd0PWtGW-NIPabozMjnAABXKwGDLYg&sig=Cg0ArKJSzORkm5rxJ8F2EAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210714.06575&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 20 Jul 2021 22:51:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A57A 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 19:46:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11096
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 19:46:23 GMT

GET
H2 200 7602725280263994576
s0.2mdn.net/simgad/ Frame A57A 80 KB
80 KB 28ms
7ms Image
image/gif 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7602725280263994576

Requested by

Host: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
URL: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203faa4328f0bcf6453d89bddb8a13561eaec599ec4a6301f4018f24ab96da69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:25:43 GMT
x-content-type-options: nosniff
age: 473136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81785
x-xss-protection: 0
last-modified: Wed, 10 Feb 2021 17:12:37 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Jul 2022 11:25:43 GMT

GET
DATA 200
OK truncated
/ Frame A57A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce082a8bbbc305d93712cb78bc4747c437ba23befaba4f0d18945e4f1db9427e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 pubads_impl_2021071401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D6E1 329 KB
115 KB 15ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Jul 2021 08:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117283
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:19 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DE84 0
0 43ms
43ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUcLwy0LySAdmzCbL00QGfob3oWPrGdg31_KKGZUydoxzfob0sNQgC3SlpdxYXszDXWpfOSc4RqQinOAsvuu9vjD7wzTrU5iRqpFqXv-xvc2EtNEPgjBpMWeIbT7OgGt-5G8iHxfZXvKHRTF-kqZIG6TmxZaB6gPlTEYYVxnrXAPf5rOGyF9hyao3DZUe10688HyBmxGtWGrDDAznmQMtreYlSMeB0rj-43KP2jzgql_6t7henHsuIQi4LFcaJVq-5aetKSSfxqLZJXyQkwlZgRObtzVPkhjxscKcjHfMIH3l7Og9pMnXzlOZyUTKm5z7MrXKGsnlkBnluR6uYWsg5dmzVVMcype05ognC-n8v50P_UIxYSMYSKIllZppNTS06iw&sai=AMfl-YS_XWFWFCAharV0jRuFH29DhwxeXv-MqBBF6tqwaoBoeJ7Xzjh4hvPsKO9XigJC2Vhdn6H24ExJECgBUu927rgUu4SuKMDJEItS1CF6DzMQGLAIpN1StgowGTh3w46A&sig=Cg0ArKJSzCnVMEJ2oGNhEAE&urlfix=1&adurl=

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DE84 69 KB
24 KB 16ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

b72d02b125c22f5a242d08b1cfa4d06cb24af1012ecb71ff0a3f0409936df397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "936 / 592 of 1000 / last-modified: 1626819085"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24203
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:19 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE84 124 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:19 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736020213958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:19 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8418 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 20 Jul 2021 19:48:49 GMT
expires: Wed, 20 Jul 2022 19:48:49 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame A57A 0
23 B 58ms
43ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 pubads_impl_2021071401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DE84 329 KB
115 KB 14ms
14ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Jul 2021 08:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117283
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:19 GMT

GET
DATA 200
OK truncated
/ Frame D6E1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b75dc8654d374c9ceb4f437290a7bc13ce2e8a3689231694ebdfc36653db930

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D6E1 0
0 42ms
41ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0HqVvDw1p3XazEGO9QodHQG-WbpObJh0V6h4zVZc7SyM8Sqe-gvfezrO5RvX3W9edlr7NgwE_FOHivph0QOeC7JiQtpRUHVp2P_B30k0aw2SXLaMCey-SJ7NcvzgcfzpkzuRuMMsL13aPrpDprVgVBL9UcJTcMfB7WOmS1LFH1BAdOKyuJPkbOvVNlCSz2b_9hopEYzkUQ8ekcz8q7nJBL0imx78UK7Ny4hlf0E48jToQIcEusVyjmhxcx0yD3tdhtXM_PXzWG_HFh9jqTzJX7lBF1EcF8uLhHVwH2bmBVePDDGwEzEkvPSRkdHvvT_T-BcsmGcjaN0Jzadfa6ICZqHyhuJCvjIkyMYlC9usOUYJydk219gmaw7ZqNdzDWoGRNQol&sai=AMfl-YTXHzxFut4zSgBWjbFBlXanYLHJ2UUKgZje7Cmwdk-JClEPIdJA9HxmO8MDdb5zjYmkWByjhdCr-TzK5CUNYSbxHP1Rp5WWgNUP9xULYdmAdvHMEOmMLzeBcMKHX3zI&sig=Cg0ArKJSzB3SAN_1PEcbEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 22:51:19 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071401&jk=1122068097950254&bg=!ra6lrurNAAZjFomlYxY7ACkAdvg8WkoIJgpip_rl_uYpcRFMWTFUFtysD4tU70j5a4f6UH3x1GIOegIAAADgUgAAADVoAQcKANP5SJh4fKUTBp_kYGz2k7Eqs_211KhBpreNTKEY5jdBsfscGbhoTG9J5x1ziuQcvp75VbPLAJbBf0GGfyJTstRjRPM3xB3w5Muwnk81Z-V4K2NUOKLSAvmb9PFOArmK5LcieoQyAj63ffUX8ja_YVuh2ssq10F_l2OwkvIPadFrV66KIfvj7cRP-m808ZmZdtR_atioM8cOkot2lAFeetPw3wS10kW84Lq9L8yZCa2SfXh8Y-FqJbtyYw5VWV8r6KMcNM2Zfr4z2w7AUN7Qi62N5-NTmQKPBKFNkAu5zy3c-q8XAnvlRFxO6IDBELKwJMLXGsYguvK0ODM_-nsEHFWaQl8jY0nj_cpjYqxKVpU1odAfReoUQE8Lrx4F6T1qZDgYbbysZquY1BJjmRhXsNKHe0IwU1wMXJz9MDt4Y94oeFOFy9MEwqjdjKNcOPG-69IZbNdLqyQA7ok70X0a51z_8vCjSNE841OMJzgXI0LlqNXTTsbe9gClV8PfCyJTR-o0BQnKOSBGHAv6lbJq2Pa9ZPmEHVDRAD0T9HWAl4jJqCtWYsoyccIiWTY1LpOgKcKChtNgO5hpJAXHxPrFbNEiXrz4FVWdIwtkMuG5hWGHK8r2YoCT9wHpzX-Rn5nBTbbtUkLgmzu2jlqWzbVXaPdJro7DaoAvf_zRIB0AYfQ_B9K7hvvOH1RV2d5IKv-YkcTBoFvkyxO9EaADYNku-OaJVmsQxmBY4GsgU3Y_yRZjhMMcoTQXhzmoS6HBtG4M_YnnzTisjIWPUcNGc61U35CXTVhu-stbKTYUZ2LiwVnJiVl0jg3PS0HyAEa2u-vvtPb4YhihUuF-DA4HKRVGd6CtdlyyNlNRDMCnvYbo5rG6x_BZAFD1otJCY6eyE7iSCX-3O00TRXgsZsI9rFBTIzzh8y5pv6I7Iv2IJcUgdbxLpdL2HSRC7uL6TxnKh_SN40c9WVfWnpkBfX3pTpfhq0N7Bsj_ntqTSQeXxJrYQDYxY6e4omsVsOCF3CTbvKnPiCb1B7aUSLZJTZ0_OJoj4r5-NiD9Hf4vnNmj25gIjuglG-n0J8Z0b2DjzB41TsQ5uJjHXUOv9K2Il6LLi53illvF6vvbrpVeHfrtyzgJUzHSHTLNW44VDkLd2pO2CJBZq0CYbYjxWQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 8418 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 15:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 15:24:02 GMT

GET
DATA 200
OK truncated
/ Frame DE84 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2dec10f6804f2c0ca26ade79fc5dad521b272c6c39489dc6cfe137bd72bdf01

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DE84 0
0 43ms
43ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRTx9iJW1LvHzaRQXDAidI9hOrihYWDpCdebubt3MQuVxBQbKcRtjFR1jFipFhDBO32MtTojds-idSmG_vbzAyU6dV6LULl9JWfS-3HwJYfdnsK3CsKehjBdwxHlslw8_uZzUwc7WzCY30V8tYC7o8GkY8c-ekoFMTKrL7KzzCL76J1XUgxWPsjY8ogb1zrEGc-_4fAeo-7kK6lylKfGh0iJM1sGMSmqIODuO2MiB08Ln_U6_BhuYVVNMOMFqqJSNrkYlf52P_GC9QJZ5MS4CeuTJDMu3s6qzUhgYlvzIeVy7kIznXPVirHIHNm16SMvkZj1cL5e79Y3qvldM-K1RYQgmre9n0QT7CWSnlhDQ_mlKDsdQx1-MuujySq-9niSasE9J-&sai=AMfl-YQprYS9LKe3THPeirT3BQp3ub01Fh2MQ6NhiVsIZOivTTwOOPbxvUpzdnL29PKjr-2wwUJz8X8FA52vezYp8UUPB1Y84hBwQ5oj1_9FG2qwH7zEOCZAWxtTOW-0xLIr&sig=Cg0ArKJSzD_xVNdVbD2GEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 22:51:19 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8418 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0_NkZ1P3YIT9AYr53gPmla6oCwAAAAA4AeAEAg&bg=!UlGlURXNAAZjFomlYxY7ACkAdvg8Wr-bOUnyf3iAyLdashYOvxkmniHziho-w9DXrFP6fDejjBbU2gIAAABeUgAAAAloAQcKAIpIyoIVQpYbOQhoJFbzFsQq8bKtLcCYrg3v3OzOolMGL3_y27mphaneSH3RaaVUuqLrxjC9nsw5C-3xK3A7NoZmNd6LJx1BZ7YbPjf41XQXQQLzyNWAilavp63jJ4N2B8BgKpR-4iVmlJx_-x96CXjqPL68idX6zfv87bmHuRN7o1aG6Tkwj1EPV2aZAuRfkY2jnUvgpzUO0n9SlSGnVsfDsHmSGrAcLdncPE5uBCskk35q2k8Dv6OfWDoLih7WtYjnn2vWc8fYrRVm7wi1g0Yhu2KbaHzP6UAEkZt6KF44eBn3N_EI4bc4LoVnEzbLvDG1F5jSJXpBeG6xI1qC321MW90Uyjfy6fEuiXLx97OoKCGPBao0xmNhlZUuTQ83W0sMOnPhfshQTZ3ZAkumDvirKIH4ctvFHrnuOjx0lPhd91BaqcoULe576veTl9OI46wVBiFGsp6XQhtJiRWG7Re2BPlsLlam9Z0fgIhcDdx-EiVkAA3O7ds3gcTaMn4EVcEZ04XEF9hI6w44pZK6e1Z-zL8391Tc7PD01mKo_WMtX6R3WhnYg1QSfrKi2Sx1XjY7uT3-95so2bKv4hZAnEIPqceTb8KYk8sMLVzIpm_rYWoPSLRxUM1JvcWu2prgh4vYR9-WYIGQvUbgpEd5DPI52Y5HEGlIVvMhbnMY5CU1sywHypr8TGvOqxm-nLGtAfWoyOyE-qws4_jUXPFLgZGnd2eId3KcErWsErTswo9B875JrJB99deW3bNW1XrGPvWPc8G9pshtrwRMgCGHNcBi98Af-WlAXQPxNGr1l0nL4XL5RGVuBoX_xs3nqembf_7COiMm01KIwswYn1hTMPBBCZ625cTKQnTd93TigWh9UaLXNMv_cuq-eunTiopm7Vp4U8TK3pM1_XdLhcLUZEHS2kv2Rb-vr6M25ntXQbxly6ODXbo4YtVMd7HyGpdzTiHylVCB-_bh64II8bF55R3t3zhLoKEte9p1-kY4erjAnGrfYQDPTYw3VATFgv6clFXwfptVKZgMOKOJgWF91wxLFt0K-PHeO417AhC5J6Uv9YCgKU3IBSFA2DIWVdwIyN6IxK2qOHuWSJbK4hXNeH9s-GDJLpjVz5iGkZs8IGiSkNBItgTmanXvCdYN89XLS_MT3JN-v1xigC_n_ua7xmVh1Q

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3216 42 B
64 B 40ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoHTGviyMS2QDPcPoZvJO0TVet99EayT-aPlKUISrZ-cX7OxLNBQPS8jy6TtfwWeXfvRsqi_n8MMe-dM0-y-GWuJgfiJtLQT4vonLiEP6VHmpZ34oRHwggqHa6Eg&sai=AMfl-YQq1vJNjjUSkb7g_qQAZOURJvwGg8gFozvH0gTEx2zfikqtEH7O2joVZa0qa-4AAjMxDpEbxvzIdQPbz0-GOR-Vq2cdWFIEpniLR3-fglZ1reWnHWyHceye6UH9Rzo&sig=Cg0ArKJSzGEpxWllpN-MEAE&cid=CAASPeRo61AyI3cv_wt6GX21kED8eUndCj6llhbMxuIzSor7chKPm1ka6l2KjyHeQBuNYEaXIT-OVGPzZmkCOjU&id=ampim&o=0,16&d=1600,48&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=147&tls=1147&g=100&h=100&tt=1147&r=v&avms=ampa&adk=3708959949

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sgx-mobile.en.aptoide.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sgx-mobile.en.aptoide.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
24 KB 395ms
395ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1122068097950254&correlator=596202566745607&output=ldjh&impl=fif&eid=31061736%2C31061805%2C31061813%2C21068031%2C31061181%2C44714449%2C20211866&vrg=2021071401&ptt=17&gdpr=1&us_privacy=1---&npa=1&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=5302%2CTD-desktop%2Captoide%2Captoide-en-Programpage%2CATF_Leaderboard_First&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1%7C728x90%7C750x100%7C750x200%7C678x382&ris=2&rcs=1&prev_scp=pos%3Dtop%26countryCluster%3DA4%26td-slot%3Dtd-top-leaderboard-1%26type%3Dtop_display_leaderboard%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D7898ba7b84fa86%26hb_bidder%3Dtriplelift%26in2w_keynb%3D1%26in2w_key%3D71%26in2w_key2%3Dnope%2Coptimization%26in2w_key4%3D--1---%2C--1---%26in2w_key5%3Doptimization%26in2w_key6%3D--1h--qgz%26in2w_key7%3D420%26in2w_key8%3D71%252C72%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D5%26in2w_keypm%3Dtd-top-leaderboard-1__ad%26in2w_key9001%3D1&eri=1&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26compliant%3D1%26personalized%3D0&cookie=ID%3Dbbc7606e3b05cab2-2243dd2282c8004f%3AT%3D1626821478%3AS%3DALNI_MbHpDmnFMxtC5tS61qoFvOk6cBJoQ&bc=31&abxe=1&lmt=1626821479&dt=1626821479960&dlt=1626821477646&idt=512&frm=20&biw=1600&bih=1200&oid=3&adxs=425&adys=415&adks=59193704&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsgx-mobile.en.aptoide.com%2Fapp&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x100&msz=750x100&psts=AGkb-H9u-1TE6L6PmRUm4ueCBqIcAOAkYwIbB_EknA6J_qV3xhmik5YPdD61lx_cRhRLse5988QJoSrq8hsGQLOEErWESi-_8gcMGqdkfEgiWPs%2CAGkb-H_k67FJ1jQAsqFbwUwGm3AqWzvkPXytd3S9z-BDuC96okpllOktoKC1md3KSzm0dkTd062b-AijYWyCHfbdh8eRAblW4ySIccenLF2-g5A&ga_vid=300929169.1626821478&ga_sid=1626821478&ga_hid=580475157&ga_fc=false&fws=4&ohw=918&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d9c3073856dc3bfbc2e8e09d20e783983c111ddb72b89f6670311e3986e1e898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24471
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1CCA 42 B
64 B 54ms
40ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth87U6zitItcX8zvktIMaR3OIr6kv4ktz0draCWQf6LdfUnLtua5wCZ9qfjkBKWDR5FtN3QutgMQXPPGWnBeA4qBU0PSUvI9c_0jqfqcoSge3VwreW&sig=Cg0ArKJSzNOBGACBzQiMEAE&id=lidar2&mcvt=1000&p=415,425,515,1175&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210719&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=59193704&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626821478851&rpt=146&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sgx-mobile.en.aptoide.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sgx-mobile.en.aptoide.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads
securepubads.g.doubleclick.net/gampad/ 118 KB
15 KB 384ms
383ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1122068097950254&correlator=596202566745607&output=ldjh&impl=fif&eid=31061736%2C31061805%2C31061813%2C21068031%2C31061181%2C44714449%2C20211866&vrg=2021071401&ptt=17&gdpr=1&us_privacy=1---&npa=1&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=5302%2CTD-desktop%2Captoide%2Captoide-en-Programpage%2CBTF_Leaderboard_First&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1%7C728x90%7C750x100%7C750x200%7C678x382&ris=2&rcs=1&prev_scp=pos%3Dbottom%26countryCluster%3DB3%26td-slot%3Dtd-bottom-leaderboard-1%26type%3Dbottom_display_leaderboard%26in2w_keynb%3D1%26in2w_key%3D238%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx420%26in2w_key4%3D--1---%2C--1---%26in2w_key5%3Doptimization%26in2w_key6%3D--1h--qgz%26in2w_key7%3D420%26in2w_key8%3D238%252C239%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D4%26in2w_keypm%3Dtd-bottom-leaderboard-1__ad%26in2w_key9001%3D2&eri=1&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26compliant%3D1%26personalized%3D0&cookie=ID%3Dbbc7606e3b05cab2-2243dd2282c8004f%3AT%3D1626821478%3AS%3DALNI_MbHpDmnFMxtC5tS61qoFvOk6cBJoQ&bc=31&abxe=1&lmt=1626821480&dt=1626821480206&dlt=1626821477646&idt=512&frm=20&biw=1600&bih=1200&oid=3&adxs=425&adys=1817&adks=3002104125&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsgx-mobile.en.aptoide.com%2Fapp&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x100&msz=750x100&psts=AGkb-H9u-1TE6L6PmRUm4ueCBqIcAOAkYwIbB_EknA6J_qV3xhmik5YPdD61lx_cRhRLse5988QJoSrq8hsGQLOEErWESi-_8gcMGqdkfEgiWPs%2CAGkb-H8DYPropad4KkatEzrfcbnwJJaePvLB-sKcsdlZBWsokvv84AZg20hqQKch_SrnXNY1Ebn9CHXYqX0f_q58KjoKilV05oYQsOSSksP1eXE&ga_vid=300929169.1626821478&ga_sid=1626821478&ga_hid=580475157&ga_fc=false&fws=4&ohw=918&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15428
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sgx-mobile.en.aptoide.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sgx-mobile.en.aptoide.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads
securepubads.g.doubleclick.net/gampad/ 49 KB
11 KB 631ms
631ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1122068097950254&correlator=596202566745607&output=ldjh&impl=fif&eid=31061736%2C31061805%2C31061813%2C21068031%2C31061181%2C44714449%2C20211866&vrg=2021071401&ptt=17&gdpr=1&us_privacy=1---&npa=1&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=5302%2CTD-desktop%2Captoide%2Captoide-en-Programpage%2CATF_OOP_Interstitial&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600%7C336x280%7C300x250&ris=2&rcs=1&prev_scp=pos%3Dtop%26countryCluster%3DA4%26td-slot%3Dcustom-interstitial%26type%3DOOP_Display_Interstitial%26in2w_keynb%3D1%26in2w_key%3D25%26in2w_key2%3Dnope%2Coptimization%26in2w_key4%3D--1---%2C--1---%26in2w_key5%3Doptimization%26in2w_key6%3D--1h--qgz%26in2w_key7%3D420%26in2w_key8%3D25%252C26%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D9%26in2w_keypm%3Dcustom-interstitial%26in2w_key9001%3D3&eri=1&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26compliant%3D1%26personalized%3D0&cookie=ID%3Dbbc7606e3b05cab2-2243dd2282c8004f%3AT%3D1626821478%3AS%3DALNI_MbHpDmnFMxtC5tS61qoFvOk6cBJoQ&bc=31&abxe=1&lmt=1626821480&dt=1626821480254&dlt=1626821477646&idt=512&frm=20&biw=1600&bih=1200&oid=3&adxs=632&adys=497&adks=3985611965&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsgx-mobile.en.aptoide.com%2Fapp&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&psts=AGkb-H8DYPropad4KkatEzrfcbnwJJaePvLB-sKcsdlZBWsokvv84AZg20hqQKch_SrnXNY1Ebn9CHXYqX0f_q58KjoKilV05oYQsOSSksP1eXE%2CAGkb-H_k67FJ1jQAsqFbwUwGm3AqWzvkPXytd3S9z-BDuC96okpllOktoKC1md3KSzm0dkTd062b-AijYWyCHfbdh8eRAblW4ySIccenLF2-g5A&ga_vid=300929169.1626821478&ga_sid=1626821478&ga_hid=580475157&ga_fc=false&fws=516&ohw=384&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11559
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sgx-mobile.en.aptoide.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DE84 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoMk5kEQpiqI9OU_cbc-1MxdTENkJI0-Udyk8t2mtxPJiSlzD8h-p407OKhv2cwk_R6yOEej3rmtiOS9M8G1ZuGBo-n4i3h3FDqVoN9LgsGWtKRc5P&sig=Cg0ArKJSzJ18gJ9UyGCfEAE&id=lidar2&mcvt=1001&p=497,632,777,968&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210719&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3985611965&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626821479148&rpt=123&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 1CCA 0
0

GET
H3-29 200 container.html Show response
f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F23E 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sgx-mobile.en.aptoide.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sgx-mobile.en.aptoide.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 22:51:18 GMT
expires: Wed, 20 Jul 2022 22:51:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C85B 0
19 B 17ms
16ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPq54AEQlLq82AIY95XmrgEwAQ&v=APEucNXBQwzQebir8p-K8r582R5Pmowk4gVoNpn2pXCOd1qLKqK4HYFvUlaUgPB84v44Nlrwp_TRiIqOtxcAfWsd9wS54E-ayg

Requested by

Host: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
URL: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPq54AEQlLq82AIY95XmrgEwAQ&v=APEucNXBQwzQebir8p-K8r582R5Pmowk4gVoNpn2pXCOd1qLKqK4HYFvUlaUgPB84v44Nlrwp_TRiIqOtxcAfWsd9wS54E-ayg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmMWUv8F4RRMp_TEYjG-Zq0HWU2bJJiyV9Qyy7ule-5zcuiPL8gJjXxb1SVNkg; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Jul 2021 22:51:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Jul 2021 22:51:20 GMT
cache-control: private

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/ Frame F23E 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/abg_lite_fy2019.js

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 16178317465966918049
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 22:29:01 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/elements/html/ Frame F23E 6 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 21:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 21:18:53 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame F23E 0
24 B 50ms
50ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsud7UapFc6TRAz9VzxtaW1VoD52jzYrpC6VzUaoUsXzx7y6AhSSMDZUZiIpdfuZGAV-jqxy5_7lYYXQ3UYkSn9nJ49R2tjFP9hwDVjEcWaODt-gvYRNPJEWBNIaxkEHhzr5d5VJLhX7SMazgvrMHZq8BcDUUGVNzGW5o8pnznBruvlVE4uJ_GyAyGNiS-EwrL9vEM4QKBZ7WlHdp3x_1PmyMvdtIRO3R1iAuKF8FiDWdQQb745cEQBylNkkBOb7o7CNB4rKgFT2v7C3uSnGb5joyo9LCerfARXFgp3bVGuZXhBJT8LTPT0sk4-Qe4ZJe9wKqCt3FMdQCRqPnrMpKw1JkkDXfl56P2fjOXO8ofipY95G377QcsptoD-88xFiI6J4b_D8aFuiXymd-G8V7jmIQklc80w9U5eILmC2lVtI9wG89DWV9IxrBrNuCxOH-rVOdB36G1OLwTvFD2c6zUXwHALUmN2ZHiQaORx2zatLDSZGd_UOWLRZmZD1xiY6Lh_RS5dWjLOlxZpYIzwKSOhuUSQcth-XPEjbFB1Owi8lBq5U5Tb_pucJ1u1CFV1UEfXzOLUbYRWWOzv4LFd4WqZjKMXbVLI2ZgOoYJ6DIQY4ea9gQU_lmdv3V2bNlJ9NaGSWHG67WEkjLB8ieF-bhvuWNrfW_MZq86avW1SivkYg7tVwjBXs3zRtfLJT_wwtmzRcNVKNKQp-8Cwta3cUNHkkZuMgITffcWurypt5j_KuO7GRPvzYFDWJAcxZeVFlV7S7h3LgS9_yy1xTKsb_sHGti3kDWzYCl8dsPJu5t7mvZhFQHLSScdhNkr-qM1SmO31K3PLKj8LcbY12Exnj2_YSURaaVFe-t09hIfDLNdDeRSzdhwPL1GVoMC51ME-O4IAj-6fG0T8-AEvuiJAumWw6eIgNB_oVMGT4fJd2Lq1PzvlH6Mt5QKyzKTaUi04S2Q-wVu9-3HgSbW3WRNIJPy2BDP6hdBvesfqmQbgyp6QGa7Z-oBlUaU6NZ6w5NoA9YMdAfle-qh9KGjydGLKABHKAfWTgh9pbKEQA_Z4TyajvKlQ0H4iZCsWgz72xPoq7TnGaDYhXMpSdrM7M4jzQuCbUt9B6rL6l24LLeX73NrsJxfCCEepKf3pYucc95K-N56q4UzIAseCw9qpjrESdi64tSfQ5WKWSESlUO3jlUbH9tFRDSGKhB7JGPND_1PbX-H4hwaqzeUHhqW56tBZ9EH5uZCHEXcRmSMRtoi9JI_wsTYzJ4_vz5pOI82QbDVzB_SDHfVG55sfm1TT96xHH-pMuuqhrrGJ1AThRddOnT7GIdAnLl6GEvHZ2EdI&sai=AMfl-YQYJgx1oO8pIstP4eco577PeUkyC0dw704JNxK2coMbLkOD9Z1eK5kf5_jG6yCpImONXHqQQyxmUAkfynF26Uw4AoSmumQskA1yXcNkWZZyvIxa7udDpDUe7pNYjgiB8G0oyDA2PNVoRwH4fnRYDz4TJnQ41H-5p_f8SjQBkpKpyFQ3_MUl2zxrfwcy0WGN5GLQyvRAmU0zWA2V8QkB5qjgZr39VyDKSLIwg0qmGhnteu0vGO54SRfRwtE1lKaT8fEwsBO6jj78KjLdJpNespuvrCNxb1U&sig=Cg0ArKJSzNFeaH8A8-l5EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210714.64486&adurl=

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 20 Jul 2021 22:51:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F23E 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 19:46:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11097
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 19:46:23 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F23E 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5kv41u7ANpQAxKB-irzghIfK3SmruhRIkAzaZeUGWOv0HmZ0j5MdCq_uOnbdoSaGsz_nWUNCce7RTuVFoktfYe6J1IQA2g0Nq3T8OMR8Pe8tP3W0

Requested by

Host: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
URL: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210714/r20110914/client/ Frame F23E 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210714/r20110914/client/window_focus_fy2019.js

Requested by

Host: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
URL: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 22:51:17 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F23E 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
URL: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:20 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736020213958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 22:51:20 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210714/r20110914/client/ Frame F23E 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210714/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
URL: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 22:50:32 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F23E 0
0 15ms
14ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1P2IpXV4jK3g2Wr5R1yRcw1ZfeCRCyZljGEogTGkrTNgkRoOewFg6JDatsbESKCMr76_R
Requested by: Host: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
URL: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 16563154192280072087
s0.2mdn.net/simgad/ Frame F23E 30 KB
30 KB 21ms
7ms Image
image/gif 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16563154192280072087

Requested by

Host: f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
URL: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac63cfda9558273539c971aca5236a144b8955f66a8272811aa95f5a01e3a4ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:24:01 GMT
x-content-type-options: nosniff
age: 88039
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30751
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 09:49:24 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:24:01 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D90E 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 20 Jul 2021 19:48:49 GMT
expires: Wed, 20 Jul 2022 19:48:49 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F23E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c89074e9be42faaac743bf88454ee4b3e50aeb9543d44d980b97f9c9ee6fab42

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame F23E 0
23 B 45ms
44ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 22:51:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js Show response
pagead2.googlesyndication.com/bg/ Frame D90E 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3e384e3a727917185428a38afcce19eac731bcf1599e2c6ea693bda664c3f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 17:06:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13247
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 17:06:20 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D90E 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVfF2Z1P3YLjfPI2D7_UPub-n2AQAAAAAOAHgBAI&bg=!ODulO3_NAAZjFomlYxY7ACkAdvg8Wl28qRr4Gh5AlQ_LBTm8u9-iGBJUXFB44cFMJJZ5UUXRz67JiAIAAABiUgAAAAtoAQcKAIYJKIt0BDjRR5yYP3nqbiaDmnBMs7H9dGxjm17ffkGmuR4w-hIXtoIOHUS16AngOwWVI3oeEPvaOBz6sg0_VCmWCdCEhwhQuqsbe8BsSf3CPGPJ77113GyLO6T6gvUQz6OamXMNZIkynVDvjpsl-kDGhhjxvsX6Vd0pJpSPB2Pcv0GJQtf2nJkCxhEBP3oAh3I1kbgIkdC4MzT5C4GnH3iWIyCEPLhlwCkhugkCKf4pCqXQrPYQwA7gRwbYNWFQZWFZmuF6YktvsH0nmNFVAaLv8ttr465VClf2n5QNCeZ8ynCZ-kS9xNcKGEJqNUmj2-jUUucqvQkpURRzXvSvovfR-2o1NvaYyjtJG_I_Edl6sIbKv8f9j_htJV0hXEytrsmRqM8rddPYLqUkOGErkB9nRXKjyiV3ihk0_F43uf9DjmKODcdUqg4FgtWXCCk5HkU1tsiu_mSoG2ecmYyDGPWscOYnkuIikKVq47gwlQUepfbmxxtLx0uhsM8c41nenwJkELNTPQdYOtT2u7MszIsh1maDBIKXRsj8Hdw51vycNm74okvVI3G7WgNgWVKX1jiWZll5eE6mRMyppIzcvDT9WP3gFfz0CTvCEpctdc6HUtJk4UkxJ2J2x5Fi92ex_12GtALjnG4LcGrMj8BKQTEVTKWZz2hr7jMA0wG9lPAQ9YVCRMa-W7uJifZ7aEI3rnqAMGpDBmaC3gYE7_apSub5ekpDq_8KyeTVKThV8FIQIbE5QL1ud2EYhb0QyRQ6kEfDB5XXoJxpXlUujs4NMGgF8zMXr4Byigd34UB1amGlpYXJOA6UMsaKX040xkf7LUNwAtoX0Gz-sX4FMyhsxPPc4Yrc7enah3iqglDpwZHmQyd8UP__xVvlOvtqiRVBZX2qFY1d0mgEJqM8hLzWk5Ds4m3iOXzflW3gaShdpZhXK3uOY01Bi55DrAAMq_VzgHPVGtKi-cG8rEJIv72B0dZusda7MaVkJd9sj5-5_PEITM7rXjlfNI707Xh8txVnTNS3oWacM9lynHogpPkOgUmxiW8uqBNbzVUk4ZyvN3CKRNbVn5UA1GhWxkv95UEPsnCK11bT35bLO2KVlRSIr1mdC50kFYFVikS1Tsn1JW9T

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame D6E1 0
0

GET
H3-29 200 amp4ads-v0.mjs
cdn.ampproject.org/rtv/012107130206000/ Frame 733B 188 KB
54 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55160
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b724d3ee8cec1601"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 733B 13 KB
5 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4795
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "392d0f0d5f27c169"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 733B 87 KB
27 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27843
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f120bcb28bbafed0"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 733B 71 KB
16 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16734
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b05480813bd9b7e9"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 733B 4 KB
2 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1658
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6fba3cabb8cd86f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-form-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 733B 40 KB
13 KB 28ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/amphtml-china-available
date: Mon, 19 Jul 2021 17:08:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12840
x-xss-protection: 0
server: sffe
etag: "6d4edf2414c2591f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 733B 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 70322
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 21 Jul 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 733B 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 35019
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 21 Jul 2021 13:07:41 GMT

GET
DATA 200
OK truncated
/ Frame 733B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 733B 0
0 14ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQoCjJHQ-8tUPpwXd0ENpA6l3OCVXwOnsrksOIXyDozO-qOiE09IxDdnYGmaqnhla2jQ5Li
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 733B 0
0 43ms
42ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGoWXaFP3YJu9FMHl7_UP3beLuAqaw96EYcKxwvegDY2XrZjwIxABIKHV-SpgleKQgqAHoAGz7t3lA8gBCakCfB8N2gvEsz7gAgCoAwHIAwiqBOoBT9A64NI4U_3dp3i521Tej6grN6ZCpTzuucQ2TFeVXzEBC4y9LMnGvMNfCDSpMO9QXOTKPCLWmXAHmYBoZJiqG-GCBEhxkyioCXg56W5sXBelDA8wAEl-UFUkM7MnZZz8u9gKcwAwrXpVTAC64P5vpKLvfKnVALksKxX8O5EHm3vZWod2bxJ35AJrwsnPCPqDL0Qqj4ZTu1ob7n-tUeb8W2sONJLD_zbXlIpTE33PoQkKEnHhYG-e23i7XcOL-IQbC-A3yfO8UpDK7_QoIapEMR4Tjl4ag3Zj_uYEEtLdiL9qOqWKoyPLjKinwATz85vLygPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtZGiGqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCH0E_SCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTM1MzcwMzMyOTgwMzkzNTGACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItODEzMjg0NDk0OTQyMTkzNg&sigh=x8KRLP0d5Pk&template_id=419
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 Afterbuy_Primary_Logo_2.png
tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/ Frame 733B 77 KB
77 KB 11ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/Afterbuy_Primary_Logo_2.png

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:13:16 GMT
x-content-type-options: nosniff
age: 59884
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78417
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 03:26:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:13:16 GMT

GET
H3-29 200 slide-warenwirtschaft.png
tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/ Frame 733B 14 KB
14 KB 8ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/slide-warenwirtschaft.png

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:20:03 GMT
x-content-type-options: nosniff
age: 37877
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14183
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 03:26:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:20:03 GMT

GET
H3-29 200 slide-multi-channel-vertrieb.png
tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/ Frame 733B 9 KB
9 KB 11ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/slide-multi-channel-vertrieb.png

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:20:03 GMT
x-content-type-options: nosniff
age: 37877
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8748
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 03:26:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:20:03 GMT

GET
H3-29 200 slider-versand-logistik.png
tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/ Frame 733B 5 KB
5 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/slider-versand-logistik.png

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:06:45 GMT
x-content-type-options: nosniff
age: 31475
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5075
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 03:26:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:06:45 GMT

GET
H3-29 200 slide-retouren-management.png
tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/ Frame 733B 5 KB
5 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/slide-retouren-management.png

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:13:16 GMT
x-content-type-options: nosniff
age: 59884
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5120
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 03:26:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:13:16 GMT

GET
H3-29 200 slide-weitere-funktionen.png
tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/ Frame 733B 7 KB
7 KB 12ms
11ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/slide-weitere-funktionen.png

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:13:16 GMT
x-content-type-options: nosniff
age: 59884
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7613
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 03:26:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:13:16 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 733B 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 70322
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 21 Jul 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 733B 295 B
319 B 12ms
11ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 35019
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 21 Jul 2021 13:07:41 GMT

GET
H3-29 200 Afterbuy_Primary_Logo_2.png
tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/ Frame 733B 77 KB
77 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/Afterbuy_Primary_Logo_2.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:13:16 GMT
x-content-type-options: nosniff
age: 59884
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78417
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 03:26:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:13:16 GMT

GET
H3-29 200 slide-warenwirtschaft.png
tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/ Frame 733B 14 KB
14 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/slide-warenwirtschaft.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:20:03 GMT
x-content-type-options: nosniff
age: 37877
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14183
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 03:26:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:20:03 GMT

GET
H3-29 200 slide-multi-channel-vertrieb.png
tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/ Frame 733B 9 KB
9 KB 10ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/slide-multi-channel-vertrieb.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:20:03 GMT
x-content-type-options: nosniff
age: 37877
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8748
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 03:26:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:20:03 GMT

GET
H3-29 200 slider-versand-logistik.png
tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/ Frame 733B 5 KB
5 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/slider-versand-logistik.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:06:45 GMT
x-content-type-options: nosniff
age: 31475
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5075
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 03:26:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:06:45 GMT

GET
H3-29 200 slide-retouren-management.png
tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/ Frame 733B 5 KB
5 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/slide-retouren-management.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:13:16 GMT
x-content-type-options: nosniff
age: 59884
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5120
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 03:26:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:13:16 GMT

GET
H3-29 200 slide-weitere-funktionen.png
tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/ Frame 733B 7 KB
7 KB 10ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15659924771497681193/728x90-v2/img/slide-weitere-funktionen.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:13:16 GMT
x-content-type-options: nosniff
age: 59884
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7613
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 03:26:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:13:16 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame DE84 0
0

GET
H3-29 200 amp4ads-v0.mjs
cdn.ampproject.org/rtv/012107130206000/ Frame 27FE 188 KB
54 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55160
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b724d3ee8cec1601"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 27FE 13 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4795
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "392d0f0d5f27c169"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 27FE 87 KB
27 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27843
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f120bcb28bbafed0"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 27FE 4 KB
2 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1658
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6fba3cabb8cd86f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp-form-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 27FE 40 KB
13 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/amphtml-china-available
date: Mon, 19 Jul 2021 17:08:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12840
x-xss-protection: 0
server: sffe
etag: "6d4edf2414c2591f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 27FE 6 KB
742 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,700&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 22:51:20 GMT
server: ESF
date: Tue, 20 Jul 2021 22:51:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jul 2021 22:51:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 27FE 4 KB
714 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 21:21:10 GMT
server: ESF
date: Tue, 20 Jul 2021 22:51:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jul 2021 22:51:20 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 27FE 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 70322
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 21 Jul 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 27FE 295 B
319 B 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 35019
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 21 Jul 2021 13:07:41 GMT

GET
DATA 200
OK truncated
/ Frame 27FE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1237441875426500638/ Frame 27FE 17 KB
17 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1237441875426500638/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqgI4nAFFAACAPw&rs=AOga4qk8l-lLJGYkS_IVWI1ArKvIfEpIzg

Requested by

Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:20 GMT
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 14:36:48 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17270
x-xss-protection: 0
expires: Wed, 20 Jul 2022 22:51:20 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 27FE 0
0 43ms
42ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CtwdbaFP3YInRIr7K7_UPi96V-A3_15utY7HEttKVDs3G_d8FEAEgodX5KmCV4pCCoAegAZeulqQDyAEGqQJ8Hw3aC8SzPuACAKgDAcgDCqoE6gFP0NZ9OlrvllZ_oyoz_TBgN8dM18i_24hh3FZ04yal3Q-9N_t0w-BluNrqBbTkh6PeqDLCyui3JIcw18yfeD7P1PSstkDF9Ja1jZvgKeby1L951qSsU7z-sT24LeH7B4vAd2dA0pYRK4V0BYprdmIB2O3CeLQlGf2hOddC0CwIpRnNt3vy5aKUlizzlT5S6A3UivY8vyevJwOhRN9dkWxISy_2qvjEzUiixWeooLZqLF3HNr_f2uhp_XwbjEhIsmDBg4ma98iWOtcUhh3K8qHoDMs2uOJ9AVrsHQK_oroU2JiT3g4nCHu79yPABKWDi9a8A-AEAZIFBAgEGAGSBQQIBRgEoAY3gAfR0elbqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcFEOK6lwLSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTM1MzcwMzMyOTgwMzkzNTGACgPICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItODEzMjg0NDk0OTQyMTkzNg&sigh=_vDV8gQRhbA&template_id=492
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 27FE 0
0 14ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTAZDskPQQEG5L3UCuO_ncMxx5R3S5C3hTIh5ckbp7mscJCPdOWg9oibus7UOtdkhUrXkW9
Requested by: Host: sgx-mobile.en.aptoide.com
URL: https://sgx-mobile.en.aptoide.com/app
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 27FE 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,700&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sgx-mobile.en.aptoide.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 102296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 18:26:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 27FE 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,700&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sgx-mobile.en.aptoide.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 39079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:00:01 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A57A 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0nS_AJoR3Tu_8tSkW3FP9ZiOw2MevrkkduoQlog6nPK3f62PRiELFRw1F_ePmwcXaMHjmdL3-qAZxbWb9gjQat4FAj9-lCA_y-SRr150JeU7wGVjPkNu25n70wQ&sai=AMfl-YSDQTtsgqtBfpS6tCBAMijtWHYjwCHswW7cEPsJ_yabmbB2QX7VVoRaEVVA9kqcuwiRWoeftbIPeAeofJ_Kz0_vQ9hn3oJftWOk-i78Uh0yIpCLUcnFerVdZLQF1eQ&sig=Cg0ArKJSzORFCC_el9UREAE&cid=CAASPeRoTVEKAN5oZNE8KO2aCoHCcRPDrCr8jG9fPXUiHKMahjuAZ-hZzv6HJ_YGMV_JqinsczCmSLXW8f1CR78&id=lidar2&mcvt=1006&p=1110,436,1204,1164&mtos=0,890,1006,1051,1140&tos=0,890,116,45,89&v=20210719&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=361479168&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626821478893&dlt=51&rpt=29&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame CF44 52 KB
17 KB 25ms
6ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/prebid/aptoide/prebid-client.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sgx-mobile.en.aptoide.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sgx-mobile.en.aptoide.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sat, 17 Jul 2021 04:42:48 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 20 Jul 2021 22:51:21 GMT
Age: 65307
X-Served-By: cache-lga21920-LGA, cache-fra19129-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 418017
X-Timer: S1626821481.252422,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync
eb2.3lift.com/ Frame 1CC4 1 KB
1 KB 26ms
8ms Document
text/html 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/prebid/aptoide/prebid-client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?gdpr=true&us_privacy=1---&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sgx-mobile.en.aptoide.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=9810367919307234194
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sgx-mobile.en.aptoide.com/

Response headers

date: Tue, 20 Jul 2021 22:51:21 GMT
content-type: text/html; charset=utf-8
content-length: 479
set-cookie: sync=CgoIgQIQoKb3sKwvCgoIkQIQoKb3sKwvCgoI4gEQoKb3sKwvCgoIkgIQoKb3sKwvCgoI5gEQoKb3sKwvCgoIhwIQoKb3sKwvCgkIOhCgpvewrC8KCQgLEKCm97CsLwoJCF8QoKb3sKwvCgkIHxCgpvewrC8=; Max-Age=7776000; Expires=Mon, 18 Oct 2021 22:51:21 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=9810367919307234194; Max-Age=7776000; Expires=Mon, 18 Oct 2021 22:51:21 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 sync
eb2.3lift.com/ Frame 3BFB 1 KB
1 KB 24ms
7ms Document
text/html 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/prebid/aptoide/prebid-client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?gdpr=true&us_privacy=1---&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sgx-mobile.en.aptoide.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=9810367919307234194
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sgx-mobile.en.aptoide.com/

Response headers

date: Tue, 20 Jul 2021 22:51:21 GMT
content-type: text/html; charset=utf-8
content-length: 479
set-cookie: sync=CgoIgQIQpab3sKwvCgoIkQIQpab3sKwvCgoI4gEQpab3sKwvCgoIkgIQpab3sKwvCgoI5gEQpab3sKwvCgoIhwIQpab3sKwvCgkIOhClpvewrC8KCQgLEKWm97CsLwoJCF8Qpab3sKwvCgkIHxClpvewrC8=; Max-Age=7776000; Expires=Mon, 18 Oct 2021 22:51:21 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=9810367919307234194; Max-Age=7776000; Expires=Mon, 18 Oct 2021 22:51:21 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 7AF1 52 KB
17 KB 24ms
8ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/prebid/aptoide/prebid-client.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sgx-mobile.en.aptoide.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sgx-mobile.en.aptoide.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sat, 17 Jul 2021 04:42:48 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 20 Jul 2021 22:51:21 GMT
Age: 65307
X-Served-By: cache-lga21920-LGA, cache-fra19173-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 419831
X-Timer: S1626821481.253091,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1CC4 70 B
265 B 96ms
31ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 1CC4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENxHbePJgLPUba95S7C3kUY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENxHbePJgLPUba95S7C3kUY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENxHbePJgLPUba95S7C3kUY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1CC4
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTgxMDM2NzkxOTMwNzIzNDE5NA%3D%3D

170 B
523 B

28ms
16ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTgxMDM2NzkxOTMwNzIzNDE5NA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTgxMDM2NzkxOTMwNzIzNDE5NA%3D%3D
date: Tue, 20 Jul 2021 22:51:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 c.gif
c.bing.com/ Frame 1CC4 42 B
256 B 47ms
29ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=9810367919307234194&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:20 GMT
etag: "9d284f105d6fd71:0"
last-modified: Fri, 02 Jul 2021 16:12:32 GMT
x-msedge-ref: Ref A: 49487F99351D4D9E8C4CF6D570F3F9BB Ref B: FRAEDGE1317 Ref C: 2021-07-20T22:51:21Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 1CC4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/9810367919307234194?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-7wXrGItE2oSfTzwWCf5RF0p5H7SsiJHAMJtPyeL4.Q--~A&dongle=0883

37 B
352 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-7wXrGItE2oSfTzwWCf5RF0p5H7SsiJHAMJtPyeL4.Q--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Tue, 20 Jul 2021 22:51:21 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-7wXrGItE2oSfTzwWCf5RF0p5H7SsiJHAMJtPyeL4.Q--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 1CC4
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=3335&xuid=1691616540957548057&dongle=4d58&gdpr=1&gdpr_consent=

37 B
352 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=1691616540957548057&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 22:51:21 GMT
X-Proxy-Origin: 83.143.245.190; 83.143.245.190; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 05dc4741-4e19-4fbe-a1b4-3247d607a0c8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=1691616540957548057&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 1CC4
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9810367919307234194
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9810367919307234194&dcc=t

0
0

106ms
106ms

Image
text/html

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9810367919307234194&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 22:51:21 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GVTZG5VYBCM99S315RX4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9810367919307234194&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 1CC4
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

8ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Tue, 20 Jul 2021 22:51:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 1CC4 0
0 40ms
13ms Image
text/html 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=9810367919307234194
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 1CC4 0
0 43ms
14ms Image
text/html 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=9810367919307234194
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3BFB 70 B
264 B 95ms
31ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 3BFB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENxHbePJgLPUba95S7C3kUY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

9ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENxHbePJgLPUba95S7C3kUY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENxHbePJgLPUba95S7C3kUY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3BFB
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTgxMDM2NzkxOTMwNzIzNDE5NA%3D%3D

170 B
232 B

28ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTgxMDM2NzkxOTMwNzIzNDE5NA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTgxMDM2NzkxOTMwNzIzNDE5NA%3D%3D
date: Tue, 20 Jul 2021 22:51:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 c.gif
c.bing.com/ Frame 3BFB 42 B
465 B 45ms
29ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=9810367919307234194&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:20 GMT
etag: "9d284f105d6fd71:0"
last-modified: Fri, 02 Jul 2021 16:12:32 GMT
x-msedge-ref: Ref A: 90B344A4DD334432B25A54C24AD2E424 Ref B: FRAEDGE1317 Ref C: 2021-07-20T22:51:21Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 3BFB
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/9810367919307234194?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-jxvAfBtE2oQ7d6dyXPbgOVwGyKLzxon9AuFI79PTwQ--~A&dongle=0883

37 B
352 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-jxvAfBtE2oQ7d6dyXPbgOVwGyKLzxon9AuFI79PTwQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Tue, 20 Jul 2021 22:51:21 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-jxvAfBtE2oQ7d6dyXPbgOVwGyKLzxon9AuFI79PTwQ--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3BFB
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=3335&xuid=3184320003953986613&dongle=4d58&gdpr=1&gdpr_consent=

37 B
352 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=3184320003953986613&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 22:51:21 GMT
X-Proxy-Origin: 83.143.245.190; 83.143.245.190; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 29cb8df3-4e6e-477c-84ba-63d7ef0f21f5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=3184320003953986613&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 3BFB
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9810367919307234194
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9810367919307234194&dcc=t

0
0

106ms
106ms

Image
text/html

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9810367919307234194&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 22:51:21 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: E51ZGAGKVFQZ3NVMNW7P
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9810367919307234194&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3BFB
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

8ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:51:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Tue, 20 Jul 2021 22:51:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 3BFB 0
0 41ms
13ms Image
text/html 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=9810367919307234194
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 3BFB 0
0 129ms
101ms Image
text/html 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=9810367919307234194
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F23E 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTjB3O4AvtMlVTY3rNdbVslzx4sboT8Eggt6zNvZWYYaIwciCyC9_XErslZcE8QOiNOo5MJj0FXk9pSzCen-2EM_SB5FyO4IP5AciEyrZe4i9bCywNKMLEMsqb-A&sai=AMfl-YRSNyuSCFm5pESr2HrvZnRdjoJ4mpXJnAnDBNRVrvlbB1z1ZCB9YlXJTYJE4Ob-nHZPfDy-KnKJCk7MflOU-gZ--YsR-dqLXtYYw0cGCSUAXLmgttSqZSLZOcOH&sig=Cg0ArKJSzE7H8cZtjaH_EAE&cid=CAASPeRon2qBrzBoDBHz102KNQ__Z4TlPqxEoWKnGTzMTYj-oLfbCxvAZBApuOpHXq_Z4qmOgccMp9y1RxLlYM8&id=lidar2&mcvt=1000&p=415,436,509,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210719&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=59193704&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626821480373&dlt=8&rpt=1&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 27FE 42 B
64 B 41ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVzCmaoAun4usCziQZc-zliVAKxLG56Zlwvt5an8JnJ6j48p8XX8SLsYMTXeXvjYBWl_pvqWYMmbC3JlCHJUNK9xJu-Q0SeiZhxxjUzsWkMU5lK24r7MRlenkDEw&sai=AMfl-YRq-H5OEu0LrSm3bEZAZ39SekA_Z8PmI1LVPblj4FsbytXHWgMoaTCSxYXACRDp5f3VBoIVk7WPcbhEAopu6QoFRJUKzDZNWriOjxLBxAbFDNuKYTyCDVBNaLwg&sig=Cg0ArKJSzAUsyrHJaBojEAE&cid=CAASPeRoUrEHl3151WN_9NuA4PBxfE03mm3_v-O0eKnmVtz5W9raABz2dGUT3j1ysbjZoRCwEdBjbodtfta23kM&id=ampim&o=650,512&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=31&tls=1031&g=100&h=100&tt=1031&r=v&avms=ampa&adk=3985611965

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sgx-mobile.en.aptoide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 22:51:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth87U6zitItcX8zvktIMaR3OIr6kv4ktz0draCWQf6LdfUnLtua5wCZ9qfjkBKWDR5FtN3QutgMQXPPGWnBeA4qBU0PSUvI9c_0jqfqcoSge3VwreW&sig=Cg0ArKJSzNOBGACBzQiMEAE&id=lidartos&mcvt=1352&p=415,425,515,1175&mtos=1352,1352,1352,1352,1352&tos=1352,0,0,0,0&v=20210719&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=59193704&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosc=1&eosm=0&rst=1626821478851&rpt=146&isd=0&msd=0&esd=0&r=u&ec=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrW5q8dQYI_IEPpcaAeVmAMtGa2CV13CBoUXoISARQkWTAfPPRXoPgn5Y0Cbj5p5NuIHf60TWv8h4YarOqKFLDopMMhZC4MMra8cjOHQTrE-Ve6jgx&sig=Cg0ArKJSzMAtGROSZuFzEAE&id=lidartos&mcvt=0&p=1817,425,1917,1175&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210719&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=3002104125&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=3&eosm=0&rst=1626821479085&rpt=137&isd=0&msd=0&esd=0&r=u&ec=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoMk5kEQpiqI9OU_cbc-1MxdTENkJI0-Udyk8t2mtxPJiSlzD8h-p407OKhv2cwk_R6yOEej3rmtiOS9M8G1ZuGBo-n4i3h3FDqVoN9LgsGWtKRc5P&sig=Cg0ArKJSzJ18gJ9UyGCfEAE&id=lidartos&mcvt=1616&p=497,632,777,968&mtos=1616,1616,1616,1616,1616&tos=1616,0,0,0,0&v=20210719&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3985611965&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosc=1&eosm=0&rst=1626821479148&rpt=123&isd=0&msd=0&esd=0&r=u&ec=0

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.aptoide.com/	1970-01-20 05:15:17	Name: __gads Value: ID=5284ed6fb806ee69-22f5f22182c800ea:T=1626821478:S=ALNI_MaGAmbDzhu5RcE0IA_LeN8WBDbbfQ
sgx-mobile.en.aptoide.com/	1970-01-19 19:53:42	Name: _dd_s Value: rum=0&expire=1626822378127
sgx-mobile.en.aptoide.com/	1970-01-19 20:36:53	Name: _pbjs_userid_consent_data Value: 6115677930566742
sgx-mobile.en.aptoide.com/	1970-01-20 04:39:17	Name: next-i18next Value: en_GB

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://spn-v1.revampcdn.com/publishers/aptoide.js?modern=1&v=2(Line 1) Message: %cREV%cAMP%c [INFO]: %cRev·Amp v.1.627.0 %cloaded - https://revamp.softonic.com/ border: 1px solid #f4f4f4; background: #f4f4f4; color: #52A3D3; padding: 1px 0 1px 2px; font-weight: 600; border-top-left-radius: 3px; border-bottom-left-radius: 3px border: 1px solid #f4f4f4; background: #f4f4f4; color: #54B377; padding: 1px 2px 1px 0; font-weight: 600; border-top-right-radius: 3px; border-bottom-right-radius: 3px font-weight: 600; color: blue font-weight: 600;
console-api	error	URL: https://www.datadoghq-browser-agent.com/datadog-rum.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	info	URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107130206000 https://sgx-mobile.en.aptoide.com/app
console-api	info	URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107130206000 https://sgx-mobile.en.aptoide.com/app
console-api	info	URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107130206000 https://sgx-mobile.en.aptoide.com/app

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adservice.google.com
adservice.google.de
b1sync.zemanta.com
c.bing.com
c2shb.ssp.yahoo.com
cdn-mobile.aptoide.com
cdn.ampproject.org
cdn6.aptoide.com
cm.g.doubleclick.net
eb2.3lift.com
en.aptoide.com
f3522545ae947c67ce082a912e5b32d4.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
lh4.googleusercontent.com
match.adsrvr.org
pagead2.googlesyndication.com
pixel.quantcount.com
pr-bh.ybp.yahoo.com
quantcast.mgr.consensu.org
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
sgx-mobile.en.aptoide.com
spn-v1.revampcdn.com
tlx.3lift.com
tpc.googlesyndication.com
ws2-cache.aptoide.com
ws75.aptoide.com
www.datadoghq-browser-agent.com
www.google.com
www.googletagservices.com
pagead2.googlesyndication.com
13.226.159.94
13.248.242.197
142.250.181.226
142.250.184.226
142.250.186.130
151.101.13.108
151.101.194.133
185.33.220.242
209.54.178.82
2600:9000:2182:5000:9:46dc:4700:93a1
2600:9000:2182:e200:6:44e3:f8c0:93a1
2606:4700:10::6816:b53
2606:4700:10::ac43:1dce
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:803::2006
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2004
2a00:1450:4001:812::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
3.120.90.149
34.248.244.124
34.252.202.225
35.157.246.167
70.42.32.127
76.223.111.18
02a82799c7d2de2262fd6a36822fa78acb7cb270aa9518563cda217127482070
02e4bd571ba9300735158c4f5bf44ee497384d4c9bd266145f19b9d8df8e21de
037f690e471548f1c5c67a00d3f0548872a4850eb1175ba553ef743ad3ede9b6
03d2cc7a5a8780975285e5ee1989c0bd28e625b60ee4c538e9b10bafd44f6e08
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05d1e964be96fb35e4ee3cf41090f8b196cdfca7612089ab14999668dd5ac4da
0980b963368db3fb0dc4100bb9cfae882c4317a5099e5ec024930c27bf51c393
1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1
1185acb790e75a13fb4576c85a3ccb50bd99c00efbd988db0e536284d4e8376c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12cef8b6c193cf70b48f5f6df479f0d4d9ae6053175146942eed0de34fd872eb
17c7ffc28045f7e907defc18f67ac8a61ddd2ba0e3539027f91bbbaede2b252e
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
1b75dc8654d374c9ceb4f437290a7bc13ce2e8a3689231694ebdfc36653db930
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
1ef38348b68e110da0e46ab69b3ce8b37ad587e549356028a49efc04fcaefc44
1f351d9aa5077a0e7812134a06fd2b1233ee4b8bedfe67bd048c7f597cd1da00
203faa4328f0bcf6453d89bddb8a13561eaec599ec4a6301f4018f24ab96da69
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
2a9ff588bdc579b68f2d84698105b68dea46e6c07049c0931b581c1b7c514909
2b6eaf2fde7666a1de9463a3ae28505685a338cb38dc4c24a120c708d2bf576f
2e8ad11bf39dda69318afacda52a7867f768de0666adb21778e566e460e67846
2f01d879af3aeb8f3f03cb01f135beff506cbcb92b811542d7cfe04bc594cc7e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36ed99e35e45c5e5234f7c0d04138687a3421382b45b335a3008f3f6d9dc0cee
39ce1bc1e83864ebf947f3f606dfd962d3b6015ff71cae7c90d71a66d14ca885
3ada673bb73b66900677e6c5bee388dcc4c37f1faf9e5320acf367e0eed9e112
3c4b17b92955d322d7f08bd448a4ce45fafa532cd9125f54fe8d9bff416aa1aa
3e9b4a3424a162eb57d6ea30a206d9d9aaaf100c2afd079a0a52af2010c8da07
3f596ce0c4a6d1f5963bb6cc8ad72b1e94b7a250492154b46f8113448fc44be8
408d657fd771d14d5e0c7e375b737aa8d822dfa0250366f9c310f04d7adcc614
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4488274aef364da49cfc0ddeb0c8d8012c40dc14113e4c11f29341a8d168a807
45da22b43f9ad62cf82173845adb520138d12237bc8fb652cb0d76007821173f
48d5ec41b185578192b99e9c112ee1e940d7c4e9f7cf4972d92383b880775dae
4da1f126ab83f7589f5352d5acaf134c518e6906cdcc9ad066775c9e3b4b5b7e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c
55ab04de22cc1d08b0a69cf2c7410134ef9670257375f54232545f7a15b174c1
55fb1cdb93b86b3df6aee83ed794d99d34d5bc70756b58dcd55cb2756885a189
5b49a759395857880e7d8b3fefce1eddd47f313ece8c49234dd237deb1bee224
5fc5a89fa041f4fcaa3437a45d8c4f11057dd62a86128dd219e6b3d91a765c70
6482769d91f6fb74c7d49b9d6dc713da62e0db7796f47bc419a543ccdd454e01
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
6cb2264c758feefc1b2075c289f556db8439a3f2c21b4f3f1b22551ad6336cd2
6d2119d04c91c455c7212cdda97358466a8d00117a1b70f6bfdb9528cdd8ea1d
6f852d7c2a7ceb0b5ca41b8f8ece25cd7414bda7278422fae1c9b852ab1ac77d
736ee6c386bdfb2bcc0dfb0ba1cd9db58b80e507f629749cd401b1a29b18fe33
7420c33175c8ba3edc479ef46d7ee5df0c42bf0b37f8ed2a9ee130957e8a7223
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
74c10b0085d4650eac8b4da7bdb7508fa512c6789ee7431048c31b27032c8c23
7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79
7c879ad77a297e36246d40fa78ca661dc831c4d0195c511bd507c2419cb51f1c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
88cf662e4776fe07a91356a61a49fdeec695474f7556bd95ddc75139345d5536
8b02c932a1571f099b28ac87a27785d47ed772c8b7b8d6953f3dbad43a07488b
94645447c61aeebebc618e1e62bfb1d9c7d7e7cfb142e92d2e4a291fc07fa36f
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9a2b52c20806c9361b8d1e858f00bb8c7dd056318ef2973439c666acbd8291c7
9ae2862c982de5ca8aa7d0b97b493a0561b30a04a6d7ae249ae8f758e7453842
9af9251a309b8212c668a6d5919f8c026517097da4f604542932a74489083c6d
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
9f617f51373e75dde89b82a5183e42b65d42a79104682c563ccee214a5f9e975
a0556bc61d9fd0cd6753683a1399d807fcf41d15f1a80e9d76f1fcb7b75a8a60
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7247f0b138febf529e5a01ff4d0758c2bd9b8cfe75191de411f47f49be2697d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac63cfda9558273539c971aca5236a144b8955f66a8272811aa95f5a01e3a4ef
b1e129093f05154f3111a93aa7c2536931dd907ad3cc21d2794fc369cda74830
b3e384e3a727917185428a38afcce19eac731bcf1599e2c6ea693bda664c3f28
b506d8122bbc07b2c65b9c88d078bba41c87797bf24150bbe8d412dc93584eff
b53039eaac3d0b84b115e14f7280c70257d5fe0dce4e51e8dc9d0b945aa35cd1
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b72d02b125c22f5a242d08b1cfa4d06cb24af1012ecb71ff0a3f0409936df397
b751bdca92335b3a0174b7ff195094e63ba6d715bfd24f217bda0b60172c7733
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bc568441741bd618115f078ac040fc4fae6a0436ecfaa7d6b1daef6723b23f75
be295ab2906d2e4319575562c12ec7ea500d33446bef30ff69e2b02f9d288e01
be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f
bf77d064f6df19c318f0373e38923f0342aa3a06f72b685ff74eb3ff258a7aa0
c0179da6f742dcb9b460ce9c8afd2020e884dd537bc027a68139ac52c907915c
c07d26ea5a4e9e748015f75603b518630fd50261b7fb166030c4d372b52f9418
c2808594f40e059b0c545d2f838773aa46b84aeb11a41a3f8208ac5b91c90c6b
c327a92f0230ab1472aa4b55e23464e501f632c3e6184efcc23f905a185db021
c3ab3f54f8ac601cf0d0e4d0468031abcc28a64d3d1a55e99b66cdeee7b17ffd
c44f7ab63e5e7860889203b61a9f52c026c1e82413f28e36c2b1cba08329dba6
c5f1e0cc8798bef8941a67d7c93bd94512c3a848ff95d209fc6a9c17b70cb332
c6216961bfca9041ee146a693403a41fb2e752b3198cfe99557465c70213024e
c7f0b23a0cf806135e9b2e8e7779351b37a9688d91e21aa62b3f5184716cf502
c89074e9be42faaac743bf88454ee4b3e50aeb9543d44d980b97f9c9ee6fab42
ca172c383463271945d7cf96f76295a9e5da9b6b1fecdb5e0758569cc6b2ca3e
cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652
ce082a8bbbc305d93712cb78bc4747c437ba23befaba4f0d18945e4f1db9427e
d0e5076f2ce005065cbfe89cd9cd24a5f4be66af21403de26fd12a6997d52aa2
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
d5af3bf2f46a33c2e6953188d57efbb50e6649dfadef145a95c118fed77c552e
d8cfedaf6f48f6c35ca3e2f8ceec0072cf3c51bca5bdd2331a69454f077ee96a
d9c3073856dc3bfbc2e8e09d20e783983c111ddb72b89f6670311e3986e1e898
daf3f13813a7bfb3f66f83ecbce5a62d9892b95de165346b7ab0075dc5f6cc03
ddc383ef6590a17f19fec824f11042ade740dded7bbee8bfaae98ebe7a85fba4
e1fd01826b838762320ea4734226b5453aa217015d0091b87ed012631e1e0ea7
e27e409be4f1a02f34fee2137fa249267120d43d6184444b80ae9403693ed7dd
e29c112752b027fed633aacf19f4611fce7f1bdea02f3d12bdad48a8389c9f97
e2dec10f6804f2c0ca26ade79fc5dad521b272c6c39489dc6cfe137bd72bdf01
e398be6ea0aa154cc3d68c76a563ca3bc87c0cf8f0f54e52cca5d47932affd0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e596dcc13b8c026690ca9b55bfc9606714445001e32c5ee2764c86788e1ddb87
e6d0591e3b03d4913436bb01fadef2f838b8b99cd7ed07813d6e0428ca4fde67
ebc3a4015f3fef42c2f627291b0f3f199c7b9ded57a0a8dc262b13156de8494f
ee7e4a24daafdb8c937da249dc9bf3786eb966f53cbcb436a950e49298e8da75
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35296326b64eaddc8782d403e21a60670f548dec801948dbd90365088691f10
f420f16ca3afa78346719ae84f58f45746316fb464f0339d182ee825129dd6eb
f474ee525d15c55776e2963c3524185e29a4ac22f6ba9b786904876308db9977
f4a4d8e0e571845383def3c32dc0d974d326f743ead85ce1a8ca0701d8f925cf
f52770e73b1db0888c877b4e673b4868de7fd8ad5db068c72fe0ec0f42515bf9
f60f7b24fc67ff600ca5068516b51be8350f9e4a3b31f9344c54f0a6cbdba76c
f77c1d1c66a0713a52c8765b18983533f07ffb4abd7d663634c5759abd46516c
f9318326f128931f430b3f098ec05d4ce7c2cc4f73f64135f083e3743294d52a
f982ab0b978be4ab9ff3a3019798442b18d89205ebcbc206a56da3bf12bb1e9c
fa984fa6eec211cd513fbb0eb4d9fcbda64ba23ba9c1cf964aafa79b12279399
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
fb87abb154857308f8b72bc50ab7ab2e75863c2fcbfdb12ed21c3281812e11eb
fecff18752325a5ba077d5459e8e289d3d6597f3e6477630154c418e45bad991

sgx-mobile.en.aptoide.com Open in urlscan Pro 34.248.244.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

248 Requests

99 %HTTPS

56 %IPv6

23 Domains

38 Subdomains

32 IPs

4 Countries

3134 kBTransfer

7460 kBSize

4 Cookies

6 Outgoing links

Page URL History

Redirected requests

248 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sgx-mobile.en.aptoide.com Open in urlscan Pro
34.248.244.124 Public Scan

Screenshot
Live screenshot

Full Image

248
Requests

99 %
HTTPS

56 %
IPv6

23
Domains

38
Subdomains

32
IPs

4
Countries

3134 kB
Transfer

7460 kB
Size

4
Cookies

248 HTTP transactions
9 data transactions